When you double-click the Default Computer icon in System Policy Editor, a list of system policy options for settings that apply to the computer appears. This section describes these options.
This category of options includes system policy settings for the following:
These system policies are applied for the computer and are stored in SYSTEM.DAT. The following table describes the system policies you can set within this category.
Computer Policies Restricting Access to Network Settings
Option | Description | |
Access Control | ||
User-Level Access Control | When checked, enables user-level security on the local computer using pass-through logon validation by a Windows NT or a NetWare server. You must specify the server and the type of authenticator for validation. | |
Logon | ||
Logon Banner | When checked, allows you to specify text for a caption and other text to be displayed in a logon banner. | |
Require Validation By Network For Windows Access | When you check this option, each logon must be validated by a server before access to Windows is allowed. This policy has no effect on a portable computer after it is undocked. | |
Microsoft Client for NetWare Networks | ||
Preferred Server | When checked, allows you to specify the name of the NetWare network server used by this computer as the first server logged on to. | |
Support Long Filenames | When checked, allows support for long filenames. The values are 0 (no support for long filenames on NetWare servers), 1 (support on NetWare servers version 3.12 and greater), and 2 (support if the NetWare server supports long filenames). | |
Search Mode | Sets NetWare search mode (the value is 0 – 7). | |
Disable Automatic NetWare Login | Specifies that Windows 95 should not first silently use the user's name and password to attempt to connect to a NetWare server, which is the default behavior. | |
Microsoft Client for Windows Networks | ||
Log On To Windows NT | When checked, specifies that this computer can participate in a Windows NT domain. Type the name of the domain. If this option is checked, the next two options are also available. | |
Display Domain Logon Validation | When checked, displays a message when the domain controller has validated user logon. | |
Disable Caching Of Domain Password | When checked, specifies that no caching is used for the network password. | |
Workgroup | When checked, specifies that this computer can participate in a workgroup. Type the name of the workgroup. | |
Alternative Workgroup | Specifies that an alternate workgroup must be defined to see Microsoft peer servers in other workgroups if your workgroup does not have any computers running File and Printer Sharing for Microsoft Networks (that is, they all run File and Printer Sharing for NetWare), but the computer runs a Microsoft network client. The workgroup specified should include at least one computer running File and Printer Sharing for Microsoft Networks. | |
Passwords | ||
Hide Share Passwords With Asterisks | Replaces characters with asterisks when users type passwords to access a shared resource. Applies to share-level security only; this setting is on by default. | |
Disable Password Caching | Prevents saving passwords. (Notice that the user cannot successfully use the Quick Logon feature for Microsoft networks if password caching is disabled.) | |
Require Alphanumeric Windows Password | Requires that the Windows password contain a combination of letters and numbers. | |
Minimum Windows Password Length | Requires that the Windows logon password has at least the specified number of characters. | |
Dial-Up Networking | ||
Disable Dial-In | Prevents dial-in connections to the computer. | |
Sharing | ||
Disable File Sharing | Prevents file sharing over a network. | |
Disable Print Sharing | Prevents printer sharing over a network. | |
SNMP | ||
Communities | Specifies one or more groups of hosts to which this computer belongs for purposes of SNMP administration. These are the communities that are allowed to query the SNMP agent. | |
Permitted Managers | Specifies IP or IPX addresses allowed to obtain information from an SNMP agent. If this policy is not checked, any SNMP console can query the agent. | |
Traps For Public Community | Specifies trap destinations, or IP or IPX addresses of hosts in the public community to which you want the SNMP service to send traps. For information about sending traps to other communities, see Chapter 16, "Remote Administration." | |
Internet MIB | Allows you to specify the contact name and location if you are using Internet MIB. | |
Update | ||
Remote Update | Defines how system policies will be updated. When checked, the following options appear. | |
Update Mode | Determines whether system policies are downloaded automatically (the default) or manually. | |
Path For Manual Update | Specifies the UNC path and filename for manual downloading of system policies. | |
Display Error Message | When a user logs on, if the system policy file is not available, displays an error message. | |
Load-Balance | For Windows NT networks, allows Windows 95 to look for policy files on that server. |
This category of options includes system policy settings for the network path for setup and user profiles. The following table describes the system policies you can set within this category.
Computer Policies for System Settings
Option | Description |
Enable User Profiles | When checked, this setting enables user profiles. |
Network Path For Windows Setup | Defines the network location of the Windows 95 Setup program and files. You must also type a UNC path for the setup directory. |
Run | Defines applications and utilities to run when the user logs on. Click Show to specify items to run. |
Run Once1TT | Defines applications and utilities to run once when the user logs on. Click Show to specify items to run. |
Run Services | Defines services to run at system startup. Click Show to specify items to run. |
1 Run Once is a Registry key that allows any executable file to be run just once after a user logs on to the computer. After the related program is started, its name is removed automatically from the Registry so that it does not run again. You can set the Run Once system policy to set values in the Run Once Registry key. However, if you leave this option checked in the policy file, then each time the user logs on, that executable name will be placed in the Run Once Registry key to be run again. To ensure that the executable runs only once, the policy must be checked only long enough to be downloaded once into the user's Registry. Then the policy must be cleared or changed so that the same Run Once entry will not run the next time the user logs on.