Configure group policies for a domain deployment
Applies To: Windows MultiPoint Server 2012
To ensure that your domain deployment of MultiPoint Server works properly, apply the following group policy settings to the WMSshell user account on a MultiPoint Server system.
Important
Some group policy settings can prevent required configuration settings from being applied to MultiPoint Server. Be sure that you understand and define your group policy settings so that they work correctly on MultiPoint Server. For example, a Group Policy setting that prevents Autologon could present problems with MultiPoint Server logon behavior.
Update group policies for the WMSshell user account
Note
To find out how to update group policies, see Local Group Policy Editor [Blue] (https://technet.microsoft.com/library/dn265982.aspx).
POLICY: User Configuration > Administrative templates > Control Panel > Personalization
Assign the following values:
| Setting | Values |
|---|---|
| Enable screen saver | Disabled |
| Screen saver timeout | Disabled Seconds: xxx |
| Password protect the screen saver | Disabled |
POLICY: Computer Configuration >Windows Settings >Security Settings >Local Policies >User Rights Assignment > Allow log on locally
| Setting | Values |
|---|---|
| Allow log on locally | Ensure that the list of accounts includes the WMSshell account. Note: By default, the WMSshell account is a member of the Users group. If the Users group is in the list, and WMSshell is a member of the Users group, you do not need to add the WMSshell account to the list. |
Important
When you set any group policies, make sure that the policies do not interfere with automatic updates and error Windows error reporting on the MultiPoint Server computer. These are set by the Install updates automatically and Automatic Windows Error Reporting settings that were selected during Windows MultiPoint Server installation, configured in MultiPoint Manager using Edit server settings, or configured in scheduled updates for Disk Protection.
Update the Registry
For a domain deployment of Windows MultiPoint Server 2012, you should update the following registry subkeys.
Important
Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.
To update Registry subkeys for a domain deployment of Windows MultiPoint Server 2012
Open Registry editor. (At a command prompt, type regedit.exe, and press ENTER.)
In the left pane, locate and then select the following registry subkey:
HKEY_USERS\<SIDofWMSshell>\Software\Policies\Microsoft\Windows\Control Panel\Desktopwhere
<SIDofWMSshell>is the security identifier (SID) for the WMSshell account. To find out how to identify the SID, see How to Associate a Username with a Security Identifier (SID) (https://support.microsoft.com/kb/154599).In the list on the right, update the following subkeys.
Subkey Value name Value data ScreenSaveActive REG_SZ 0 (zero) ScreenSaveTimeout REG_SZ 120 ScreenSaverIsSecure REG_SZ 0 (zero) To update a Registry subkey:
With the Registry key selected in the left pane, right-click the subkey in the right pane, and then click Modify.
In the Edit String dialog box, type a new value in Value data, and then click OK.
After you finish updating Registry subkeys, restart the computer to activate the changes.