Applies to: Nerdio For Azure (NFA). Does not apply to Nerdio Private Cloud (NPC)
Every Nerdio For Azure (NFA) account is provisioned with a series of group policies as detailed below. While you may change the default GPOs, we strongly recommend you contact support to discuss implications of doing so.
Policy | Settings |
Default Domain Policy Type: Computer |
1. Password policy 2. Account Lockout policy 3. Kerberos policy 4. Security options 5. Public key policy\Encrypting file system |
WS Computer GPO Type: Computer |
1. Disable Adobe Acrobat Reader DC Protected Mode 2. Disable java update notifications |
Default Domain Controllers Policy Type: Computer |
Default DC policies |
Folder redirection Type: User |
1. Also redirects Favorites to FS01\Users 2. Redirects Chrome disk cache to D:\TEMP (local SSD on Azure VMs for better performance) 3. Only applied to Nerdio managed VMs in Azure (important in Hybrid AD environments) |
IE settings Type: User |
1. Common Microsoft 365 URLs added to trusted sites. 2. Add rdweb.nerdio.net to local intranet. |
LetWindowsMng DefaultPrinter Type: User |
HCU registry - LegacyDefaultPrinterMode set to '0'. Enables "Let Windows Manage Default Printer" on Windows 10. Is set to "Apply once and do not reapply". |
Office 2016 Type: User |
1. Do not use graphics acceleration - Enabled 2. Trust Center settings (five items) 3. Subscription activation with federated credentials 6. HCU Registry - ArchiveIgnoreLastModifiedTime |
RDS SSO Configuration Type: User |
Default connection URL. Points remoteapp to rdweb.nerdio.net. |
ScreenSvr Type: User |
Set screen saver timeout to 1,200 seconds. |
SetNumLock Type: User |
Run numlock.vbs on user login. Enables Num Lock on login. |
Adobe Acrobat Reader DC |
Disable Adobe Acrobat Reader DC Protected Mode (this is added in two locations to cover both normal & Hybrid AD environments) |
Comments (0 comments)