Applies to: Nerdio Private Cloud (NPC). Does not apply to Nerdio for Azure (NFA)
Every Nerdio Private Cloud (NPC) account is provisioned with a series of group policies as detailed below. While you may change the default GPOs, we strongly recommend you contact support to discuss implications of doing so.
Policy | Settings |
Default Domain Policy Type: Computer |
1. Password policy 2. Account Lockout policy 3. Kerberos policy 4. Security options 5. Public key policy\Encrypting file system |
WS Computer GPO Type: Computer |
1. Startup script - DisableEjectDevices.ps1. Prevents ejecting VMWare NICs. PCoIP Session Variables (not override-able): 2.1 Configure SSL protocols TLS1.0,1.1,1.2. Required for VMWare compatibility. 2.2 Turn off Build-to-Lossless feature. Turn off feature to improve image quality (consumes more bandwidth). PCoIP Session Variables (override-able): 3.1 Configure clipboard redirection. Copy/paste enabled in both directions (agent <-> client). 3.2 Turn off Build-to-Lossless feature - enabled. Turn off feature to improve image quality (consumes more bandwidth) |
Default Domain Controllers Policy Type: Computer |
Default DC policies |
Folder redirection Type: User |
Desktop and Documents folder redirection. Redirect desktop and documents to FS01. |
IE settings Type: User |
1. Common Microsoft 365 URLs added to trusted sites. 2. Add rdweb.nerdio.net to local intranet. Helps with SSO among other things. |
LetWindowsMng DefaultPrinter Type: User |
HCU registry - LegacyDefaultPrinterMode set to '0'. Enables "Let Windows Manage Default Printer" on Windows 10. Is set to "Apply once and do not reapply". |
Office 2016 Type: User |
1. Do not use graphics acceleration - Enabled 2. Trust Center settings (five items) 3. Subscription activation with federated credentials Outlook 4.1 Automatically configure profile based on AD's primary SMTP 4.2 Cached Exchange enabled (new profiles) - full items 4.3 Sync One year 4.4 Cache Exchange Mode for new and existing profiles 5. Delegates: Disable shared mail folder caching 6. HCU Registry - ArchiveIgnoreLastModifiedTime |
RDS SSO Configuration Type: User |
Default connection URL. Points remoteapp to rdweb.nerdio.net. |
ScreenSvr Type: User |
Set screen saver timeout to 1,200 seconds. |
SetNumLock Type: User |
Run numlock.vbs on user login. Enables Num Lock on login. |
Comments (0 comments)