Archiv

Posts Tagged ‘group policies’

OneDrive: new Group Policies and Definitions 19.152.0801.0004

26. August 2019 Hinterlasse einen Kommentar

OneDrive Group Policies

With the insider Version of the 19.152.0801.0004 Microsoft published a new Version of the OneDrive Group Policies

You find the Group Policies here (adml and admx)

%localappdata%\Microsoft\OneDrive\BuildNumber\adm\

and also the localicied versions in 17 languages

And here is the history of my blogs

Date  
05/18/19 OneDrive: new Group Policies and Definitions 19.103.0527.0002
02/11/19 OneDrive: New Group Policies and definitions 19.002.0107.0008

User Configuration

Group Policy name Special
Allow users to choose how to handle Office file sync conflicts  
Coauthor and share in Office desktop apps  
Configure team site libraries to sync automatically new from Computer Configuration
Continue syncing on metered networks  
Continue syncing when devices have battery saver mode turned on  
Disable the tutorial that appears at the end of OneDrive Setup  
Limit the sync client download speed to a fixed rate  
Limit the sync client upload speed to a fixed rate  
Prevent users from changing the location of their OneDrive folder  
Prevent users from syncing personal OneDrive accounts  
Receive OneDrive sync client updates on the Enterprise ring

New name: Set the sync client Update ring
moved to Computer configuration
Set the default location for the OneDrive folder  

Computer Configuration

Group Policy name Special
Allow OneDrive to disable Windows permission inheritance in folders synced read-only *
Allow syncing OneDrive accounts for only specific organizations  
Block file downloads when users are low on disk space **
Block syncing OneDrive accounts for specific organizations  
Configure team site libraries to sync automatically Please use GPO in the User Configuration
Convert synced team site files to online-only files  
Enable Automatic upload bandwidth management for OneDrive ****
Limit the sync client upload rate to a percentage of throughput  
Prevent the sync client from generating network traffic until users sign in  
Prevent users from fetching files remotely  
Prevent users from moving their Windows known folders to OneDrive  
Prevent users from redirecting their Windows known folders to their PC  
Prevent users from syncing libraries and folders shared from other organizations *
Prompt users to move Windows known folders to OneDrive  
Require users to confirm large delete operations **
Set the maximum size of a user’s OneDrive that can download automatically  
Set the sync client update ring ***
Silently move Windows known folders to OneDrive  
Silently sign in users to the OneDrive sync client with their Windows credentials  
Specify SharePoint Server URL and organization name ****
Specify the OneDrive location in a hybrid environment ****
Use OneDrive Files On-Demand  
Warn users who are low on diskspace ***

 

* Allow OneDrive to disable permission inheritance in folders synced read-only
This setting lets the OneDrive sync client remove all inherited permissions within read-only folders syncing on a user’s PC.

If you enable this setting, the OneDrive sync client can disable permission inheritance in read-only folders to improve sync speed.

If you disable or do not configure this setting, the OneDrive sync client will preserve permission inheritance in read-only folders. Sync speed may be significantly slower.


 

** Block file downloads when users are low on disk space
This setting lets you specify a minimum amount of available disk space and block the OneDrive sync client (OneDrive.exe) from downloading files when users have less than this amount.

Users will be prompted with options to help free up space.

Minimal available Diskspace: 0 to 10 TB

[08/28/19] Tehre is a bug, because the highest number is 9999. Microsoft is informed


***
Warn users who are low on diskspace

This setting lets you specify a minimum amount of available disk space and warn users when the OneDrive sync client (OneDrive.exe) downloads a file that causes them to have less than this amount.

Users will be prompted with options to help free up space.

In the Value field, enter the amount of available disk space below which users will receive warning. If you use this policy together with “Block file downloads when users are low on disk space”, the value for this setting should be greater than the value for the blocking downloads

Valid values are from 0 through 10 TB

[08/28/19] Tehre is a bug, because the highest number is 9999. Microsoft is informed


 

****  Enable Automatic upload bandwidth management for OneDrive

This setting lets the OneDrive sync client (OneDrive.exe) upload data in the background only when unused bandwidth is available. It prevents the sync client from interfering with other apps that are using the network. This setting is powered by the Windows LEDBAT (Low Extra Delay Background Transport) protocol. When LEDBAT detects increased latency that indicates other TCP connections are consuming bandwidth, the sync client will reduce its own consumption to prevent interference. When network latency decreases again and bandwidth is freed up, the sync client will increase the upload rate and consume the unused bandwidth.

If you enable this setting, the sync client upload rate will be set to "Adjust automatically" based on bandwidth availability and users won’t be able to change it.

If you disable or do not configure this setting, users can choose to limit the upload rate to a fixed value (in KB/second), or set it to "Adjust automatically".

Important

If you enable or disable this setting, and then change it back to Not Configured, the last configuration will remain in effect. We recommend enabling this setting instead of "Limit the sync client upload speed to a fixed rate." You should not enable both settings at the same time. This setting will override "Limit the sync client upload rate to a percentage of throughput" if both are enabled on the same device.


 

* Prevent users from syncing libraries and folders shared from other organizations
This GPO allow/disallow Tenant 2 Tenant Synchronization. Microsoft has named this Synchronization B2B Sync.


 

** Require users to confirm large delete operations
Unfortunately Microsoft has not announced the numbers, by which the function will trigger.The Threshold is 200.

to push another number you must do it manually. Read here


 

*** Set the sync client update ring
This GPO is moved from User to the Computer-Configuration.


 

**** Specify SharePoint Server URL and organization name AND Specify the OneDrive location in a hybrid environment

The only way, to sync files with OneDrive to the OnPremise SharePoint is SharePoint Server 2019. Toy sync to and from older Versions of SharePoint (SharePoint Server 2016, 2013, 2010 and  2007) you must use the old sync client called Groove.exe

OneDrive: Neue Gruppenrichtlinien u. Definitionen 19.002.0107.0008

11. Februar 2019 3 Kommentare

OneDrive Gruppenrichtlinien

Microsoft hat mit der neuen OneDrive Version 19.002.0107.0008 neue Gruppenrichtlinien veröffentlicht, aber auch bestehende mit neuem Namen versehen und damit die Definitionen neu erstellt.

User Configuration

Neuer Name Alter Name
Coauthor and share in Office desktop apps CoAuthoring and in-app sharing for Office Files
Receive OneDrive sync client updates on the Enterprise ring

Delay updating OneDrive.exe until the second release wave

Prevent users from syncing personal OneDrive files

Prevent users from synchronizing personal OneDrive Accounts

Allow users can choose how to handle Office files sync conflicts

Users can choose how to handle Office files in conflict
Limit the sync client upload speed to a fixed rate Set the maximum upload throughput that OneDrive.exe uses
Limit the sync client download speed to a fixed rate Set the maximum download throughput that OneDrive.exe uses

Disable the tutorial that appears at the end of OneDrive Setup

Prevent Users from seeing the tutorial in the OneDrive Sign in Experience

Computer Configuration

Neur Name AlterName
Limit the sync client upload rate to a percentage of throughput Set the maximum percentage of upload throughput for OneDrive.exe

Prevent users from fetching files remotely

Prevent users from using the remote file fetch feature to access files on the computer
Silently sign in users to the OneDrive sync client with their Windows credentials Silently configure OneDrive using Windows 10 or domain credentials

Set the maximum size of a user’s OneDrive that can download automatically

Configure the maximum OneDrive size for downloading all files automatically

Use OneDrive Files On Demand

Enable OneDrive Files On Demand

Convert synced team site files to online-only files

Migrate pre-existing team site with OneDrive Files on Demand

Prevent the sync client from generating network traffic until the user signs in

Prevent OneDrive from generating network traffic until the user signs in to OneDrive

Wenn Sie Ihre Gruppenrichtlinie nicht finden, dann wurde der Name nicht geändert.

Neue Computer Configuration Richtlinien

Set the sync client Update ring
Specify SharePoint Server URL and organization name
Specify the OneDrive location in a hybrid environment

Und hier finden Sie die Beschreibungen in deutscher oder englischer Sprache

OneDrive: New Group Policies and definitions 19.002.0107.0008

11. Februar 2019 3 Kommentare

OneDrive Group Policies

Microsoft has published with OneDrive Version 19.002.0107.0008 new policies and also changed the policy definitions of many existing Policies for OneDrive

User Configuration

New Name Old Name
Coauthor and share in Office desktop apps CoAuthoring and in-app sharing for Office Files
Receive OneDrive sync client updates on the Enterprise ring

Delay updating OneDrive.exe until the second release wave

Prevent users from syncing personal OneDrive files

Prevent users from synchronizing personal OneDrive Accounts

Allow users can choose how to handle Office files sync conflicts

Users can choose how to handle Office files in conflict
Limit the sync client upload speed to a fixed rate Set the maximum upload throughput that OneDrive.exe uses
Limit the sync client download speed to a fixed rate Set the maximum download throughput that OneDrive.exe uses

Disable the tutorial that appears at the end of OneDrive Setup

Prevent Users from seeing the tutorial in the OneDrive Sign in Experience

Computer Configuration

New Name Old Name
Limit the sync client upload rate to a percentage of throughput Set the maximum percentage of upload throughput for OneDrive.exe

Prevent users from fetching files remotely

Prevent users from using the remote file fetch feature to access files on the computer
Silently sign in users to the OneDrive sync client with their Windows credentials Silently configure OneDrive using Windows 10 or domain credentials

Set the maximum size of a user’s OneDrive that can download automatically

Configure the maximum OneDrive size for downloading all files automatically

Use OneDrive Files On Demand

Enable OneDrive Files On Demand

Convert synced team site files to online-only files

Migrate pre-existing team site with OneDrive Files on Demand

Prevent the sync client from generating network traffic until the user signs in

Prevent OneDrive from generating network traffic until the user signs in to OneDrive

If you do not find your Group Policy, then the name is not changed

New Computer Configuration Policies

Set the sync client Update ring
Specify SharePoint Server URL and organization name
Specify the OneDrive location in a hybrid environment

And here you will find the descriptions

OneDrive – Next Generation Sync Client |Group Policies

4. Oktober 2016 2 Kommentare

Next Generation Sync Client: Group policies

Administrators of companies want to automate and control the behavior of OneDrive and OneDrive for Business. Sometimes their want to disable the usage of OneDrive (Personal). Or They want to say, where the user has to save their documents. And these administrators may do that with group policies. First, they have to download the OneDrive Deployment Package. You will find the following files:

Files in the OneDrive Deployment package

ADMx/ADMl Templates are stored in  %systemroot%\PolicyDefinitions folder. The language File has to be stored in the corresponding language folder. If you later open the Group policy editor, they will be opened and checked.

admx storage on the Server

No you open the Group Management console on the Server

Create a new GPO You should create a new GPO and give it a name like “OneDrive”.

Edit the GPO Now you may edit the entries.

different entries in the GPO Editor for OneDrive

Just a reminder: The Next Generation Sync Client is running in a context of a user.Therefore you have to open the User configuration, admin templates and here OneDrive:

Coauthoring and in-app sharing for Office files
Configure OneDrive.exe to receive updates after consumer production
Prevent users from changing the location of their OneDrive folder
Prevent users from configuring personal OneDrive accounts
Set the default location for the OneDrive folder
Users can choose how to handle Office files in conflict

There are two more policies, which are on a different place: (Computer configuration, admin templates and the OneDrive

Prevent users from using the remote file fetch feature to access files on the computer
Set the maximum percentage of upload bandwidth that OneDrive.exe uses

you find all these descriptions and more here.

And here is another Link about “Use Group Policy in Windows 2012 R2 to disable OneDrive functionality in Windows 8.1 clients”

Often I hear the question : Is it possible, to automate install of the Next Generation Sync Client? The answer is yes and I will describe that in another blog post.

Summary

Group Policy is the ideal tool to provide different user groups have different preferences to OneDrive and OneDrive for Business with the Next Generation Sync Client.

Microsoft SharePoint Workspace 2010 und Gruppenrichtlinien

18. Dezember 2010 1 Kommentar

Über Gruppenrichtlinien können nachstehende Richtlinien zu SharePoint Workspace 2010 eingestellt werden:

SharePoint Workspace 2010

Richtlinie Erklärung
Groove Server Manager-Sicherheit für gültige Links Diese Einstellung bestimmt, ob die automatische Konfiguration von SharePoint Workspace-Konten fortgesetzt werden darf, wenn das SSL-Zertifikat von Groove Server Manager ungültig ist. Bei aktivierter Option muss das vorgelegte SSL-Zertifikat von Groove Server Manager gültig sein, damit die Kommunikation zwischen SharePoint Workspace und Manager fortgesetzt werden kann.
Groove-Arbeitsbereiche und freigegebene Ordner verhindern Ermöglicht Benutzern nur das Erstellen von SharePoint-Arbeitsbereichen.
IPv4 bevorzugen Regelt die Verwendung von IPv4-Adressen durch SharePoint Workspace: Wenn aktiviert, werden zuerst IPv4-Adressen ausprobiert, bevor IPv6 verwendet wird.
IPv6 aktivieren Regelt die Verwendung von IPv6-Adressen durch SharePoint Workspace: Wenn aktiviert, werden IPv6-Adressen verwendet, wenn 0 oder nicht ausgefüllt, werden IPv6-Adressen ignoriert.
Liste blockierter Groove-Relayserver

Diese Richtlinieneinstellung hindert den SharePoint Workspace-Client an der Initiierung von Verbindungen mit den aufgelisteten SharePoint Workspace-Relayservern.
Wenn Sie diese Richtlinieneinstellung aktivieren, initiiert der SharePoint Workspace-Client keine Verbindungen mit den aufgelisteten Groove-Relayservern. Sie können eine durch Trennzeichen getrennte Liste vollqualifizierter Domänennamen von Groove-Relayservern eingeben. Platzhalter werden in den Namen unterstützt. Das "?" ersetzt ein einzelnes Zeichen, und "*" ersetzt Domänenteile (Beispiels: relay1.contoso.com, *.contoso.com, relay?.contoso.com).
Wenn Sie diese Richtlinieneinstellung deaktivieren oder nicht konfigurieren, kann der SharePoint Workspace-Client mit allen Relayservern kommunizieren.

Maximale Anzahl von Proxyverbindungsfehlern festlegen

Diese Richtlinieneinstellung legt den Grenzwert für die Anzahl fehlgeschlagener Proxyverbindungsversuche mit einem Groove-Relayserver durch den SharePoint Workspace-Client fest. Wenn der Grenzwert erreicht wird, werden keine weiteren Proxyverbindungsversuche mit dem Groove-Relayserver unternommen.
Wenn Sie diese Richtlinieneinstellung aktivieren, wird der SharePoint Workspace-Client auf die festgelegte Anzahl von fehlgeschlagenen Proxyverbindungsversuchen mit dem Relayserver eingeschränkt.
Wenn Sie diese Richtlinieneinstellung deaktivieren oder nicht konfigurieren, wird der SharePoint Workspace-Client auf einen fehlgeschlagenen Proxyverbindungsversuch mit dem Relayserver eingeschränkt.

SharePoint Workspace-Kontokonfigurationscode erforderlich Beim Erstellen eines Kontos werden den Benutzern Optionen angezeigt, um Kontokonfigurationscodes zum Erstellen ihrer Konten zu verwenden bzw. nicht zu verwenden. (Diese Codes stellen den Benutzern letztlich verwaltete Identitäten bereit.) Durch Anwenden dieser Richtlinie wird die Option "Kein Code" in der Benutzeroberfläche des Groove-Clients deaktiviert.

Pfad für Einstellungen:
Benutzerkonfiguration/Administrative Vorlagen/Microsoft SharePoint Workspace 2010.

Standardmäßig sind alle Richtlinien deaktiviert.

Sie brauchen mindestens Windows Vista oder höher zum Anwenden dieser Gruppenrichtlinien.

 

 

Und dann gibt es noch eine Richtlinie von SharePoint Workspace 2010 in Verbindung mit Groove Server 2010 Manager

SharePoint Workspace 2010und  Groove Server 2010 Manager

 

Richtlinie Erklärung
Groove Server Manager-Name

Diese Richtlinieneinstellung ermöglicht SharePoint Workspace die Kontaktaufnahme mit dem angegebenen Groove Server Manager sowie das automatische Herunterladen einer verwalteten Identität, wenn SharePoint Workspace von einem Benutzer geöffnet wird. Die verwaltete Identität wird nur gesendet, wenn die verwaltete Identität des Benutzers zurzeit nicht auf dessen Computer vorhanden ist. Dies erfordert eine Onsiteinstallation von Groove Server Manager, die für die Verwendung der Verzeichnisintegration mit Active Directory konfiguriert ist und nicht mit Microsoft Groove Enterprise Services funktioniert. Ferner wird die verwaltete Identität des Benutzers nur auf dessen Computer heruntergeladen, wenn eine neu installierte Version von SharePoint Workspace vom Benutzer gestartet wird und aktuell keine SharePoint Workspace-Konten auf dem Computer vorhanden sind.
Wenn Sie diese Richtlinieneinstellung aktivieren, stellt SharePoint Workspace eine Verbindung mit dem angegebenen Groove Server Manager her und lädt automatisch die verwaltete Identität herunter, wenn SharePoint Workspace von einem Benutzer geöffnet wird und sich die verwaltete SharePoint Workspace-Identität des Benutzers sich zurzeit nicht auf dessen Computer befindet.
Wenn diese Richtlinieneinstellung deaktiviert oder nicht konfiguriert wird, stellt SharePoint Workspace keine Verbindung mit Groove Server Manager her.

Pfad für Einstellungen:
Benutzerkonfiguration/Administrative Vorlagen/Microsoft SharePoint Workspace 2010/Groove Server Manager

Standardmäßig sind alle Richtlinien deaktiviert.

Sie brauchen mindestens Windows Vista oder höher zum Anwenden dieser Gruppenrichtlinien.

 

Näheres zu Gruppenrichtlinien finden Sie bei gruppenrichtlinien.de, eine komplette Liste der Office 2010 Einstellungen finden Sie ebenfalls dort.

%d Bloggern gefällt das: