top of page
Search
seolisrobira
Aug 15, 20237 min read

Windows 7 Disable Libraries Group Policy



Enabling this setting prevents users at your organization from being able to use B2B Sync. After the setting is enabled (value 1) on a computer, the sync app does not sync libraries and folders shared from other organizations. Modify the setting to the disabled state (value 0) to restore B2B Sync capability for your users.


If you disable this setting, team site libraries that you've specified aren't automatically synced for new users. Existing users can choose to stop syncing the libraries, but the libraries won't stop syncing automatically.




windows 7 disable libraries group policy




I realize that this is a year old thread, but I have recently deployed windows 7 desktops and my users are having issues with the libraries feature and I needed to find a way to disable it across the domain with group policy. Long story short is that all of which I tried from forum advice did not work, although it led me in the right direction. I just want to pass along the very simple solution to get the libraries feature to stop showing up in the explorer window.


While its easy to do this from the desktop, and its easy to disable libraries appearing in explorer, how can I add or remove locations from a library location (e.g. remove c:\users\public\documents from the user's documents library)?


I have two Windows 2012 R2 Domain Controllers and will be implementing 7 Windows 2008 R2 remote desktop servers once their setup and testing is complete (I have one built now that is my test server). I've set up a group policy that redirects the users' My Documents, Music, Pictures, Videos, and Downloads folders to a file server I've built running Windows 2012. The problem I'm having is removing access to the Public Libraries - C:\users\public\documents, music, downloads, etc. - as I don't want anybody to have the ability to save to the local machine. With my test user I know that I can right click My Documents, select the public folder, then click remove for each of the five public folders I don't want them to have access to but I'm looking for a better solution as I don't want to have to remove all 5 folders for all 150+ users manually.


I've looked through the GPOs and searched Google and Server Fault and this doesn't appear to be anything that I can do via group policy. I've started looking into logon scripts but I'm not sure where to begin and I've seen some complaints that the logon scripts simply hide the folders from the navigation panel while leaving them as a usable save location.


The Internet Explorer Maintenance settings in group policy (User Configuration > Windows Settings > Internet Explorer Maintenance) have been removed in Internet Explorer 10 and Windows Server 2012.


If you run group policy editor on Windows Server 2008 R2 and try to add an Internet Settings object using Group Policy Preferences, notice there is no option to configure Internet Settings for Internet Explorer 9 or Internet Explorer 10.


There is a group policy setting at User Config Policies Administrative Templates Windows Components Internet Explorer Internet Control Panel Security Page Site to Zone Assignment List that can be used to put Internet sites in Internet Explorer security zones. However, users cannot add their own sites (the user interface in Internet Explorer is grayed out).


Hi Carl, yes we have the shared computer activation enabled via xml policy when we installed office onto the VDA image; we have uninstalled and registry wiped it and reloaded it a few times as per Microsoft as they keep pointing it as a Citrix issue. We also have the group policy on in GPO.


I think Windows 2008 R2 will let you change registry keys under HKCU to specify a default browser. Google search for instructions. Something like -how-to-set-google-chrome-as-the-default-browser-in-group-policy


AnyConnect uninstalls itself despite that the keep installed option is selected on the Adaptive Security Device Manager (ASDM). In order to resolve this issue, configure the svc keep-installer installed command under group-policy.


This occurs when the headend is configured for split-tunneling with a very large split-tunnel list (approximately 180-200 entries) and one or more other client attributes are configured in the group-policy, such as dns-server.


With search highlights, Microsoft is giving users of Windows 10 and 11 another function of dubious benefit, the purpose of which is primarily to market its Bing services. In professional contexts, this might be considered a distraction.Subscribe to 4sysops newsletter!In centrally managed environments, the feature can be disabled via group policies. These already contain several settings just for the search to disable such questionable innovations.


You can also disable Tamper Protection through the registry. To do this, you need to create a DWORD parameter named TamperProtection with a value of 0 under the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features. But before that, you must first take ownership of the Features registry key. Check That the Microsoft Defender in Enabled in Group PolicyOpen the local Group Policy Editor (gpedit.msc) and verify that Microsoft Defender is not disabled via Group Policy. To do this, go to the section Computer Configuration -> Administrator Templates -> Windows Components -> Windows Defender Antivirus. Verify that the Turn off Microsoft Defender Antivirus policy is Not configured or Disabled.


To enable Bing integration again, simply disable the group policy or edit the Registry and delete the DisableSearchBoxSuggestions value under the HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\Explorer Registry key.


  • There's been a Group Policy setting to sync Team/SharePoint libraries for a while although last time I looked at it the functionality didn't actually work yet - I think it was meant to be available from Windows 10 1909 but didn't quite make it. Besides the fact that the setting didn't do anything, all the documentation claimed it could take "up to 8 hours" for the library to appear in the user's sync client/Explorer - clearly this is no use especially if you're in an environment where people hot desk and share machines. I've had another look at it to see if it's any better now. Using the GPO SettingFirst of all we need to have the OneDrive policy templates. You can find these on a Windows 10 PC running the sync client in %localappdata%\Microsoft\OneDrive\version\adm. Copy OneDrive.admx into your central policy definitions store, or if you don't have one into c:\windows\policydefinitions, and put Onedrive.adml into your language folder within the policy store.Now open a Group Policy Object in the editor and go to User Configuration > Policies > Administrative Templates > OneDrive. The setting you need to find is Configure team site libraries to sync automatically.This will want you to provide the library name and library ID. To get the ID, go to the library you want to sync in SharePoint (so if it's in a Team, open the Team's files in SharePoint). Press Sync, then cancel the "Open in OneDrive" prompt, then click Copy library ID. The chances of this screen actually appearing seem to be notoriously hit or miss, but if you are logged in as a global or SharePoint admin it should appear. I'm logged in as a global admin and using Edge and it worked fine.You should now have a library ID on your clipboard which looks something like "tenantId=xxx&siteId=xxx&webId=xxx&listId=xxx&webUrl=httpsxxx&version=1". It's got some URL encoded characters that we need to remove before we can feed this into the GPO so open PowerShell and run the following:[uri]::UnescapeDataString("paste-in-the-library-ID-string-here")Copy the unescaped string and paste it into the GPO editor in the Value column, and put the library name in the Value name column.Enter a friendly name for the site in the first column, and paste the unescaped library ID string into the Value columnSo does it work? Well, there's still an "up to 8 hour" wait so it's still only really suitable for a 1:1 device deployment where it's always the same person logged on and they can put up with a delay on their first logon. An alternative way to add librariesIf you have a look in the registry at what happens when you click the Sync button in the browser, you'll notice it launches the grvopen: or odopen: protocols, which in turn run "onedrive.exe /url:%1". If you replace OneDrive.exe with a program which just echos out the arguments passed to it, you'll notice this format:Copyodopen://sync/?userId=xxxxxxxx%2Dxxxx%2Dxxxx%2Dxxxx%2Dxxxxxxxxxxxx&userEmail=katy%40xxxxxxxxxxxxx%2Exx&isSiteAdmin=1&siteId=%7Bxxxxxxxx%2Dxxxx%2Dxxxx%2Dxxxx%2Dxxxxxxxxxxxx%7D&webId=%7Bxxxxxxxx%2Dxxxx%2Dxxxx%2Dxxxx%2Dxxxxxxxxxxxx%7D&webTitle=xxxxxxxxxxxxxxxx&webTemplate=64&webLogoUrl=%5Flayouts%2F15%2Fimages%2Fsiteicon%2Epng&webUrl=https%3A%2F%2Fxxxxxxxxxxxxx%2Esharepoint%2Ecom%2Fsites%2Fxxxxxxxxxxxxx&onPrem=0&libraryType=3&listId=%7Bxxxxxxxx%2Dxxxx%2Dxxxx%2Dxxxx%2Dxxxxxxxxxxxx%7D&listTitle=Documents&folderId=xxxxxxxx%2Dxxxx%2Dxxxx%2Dxxxx%2Dxxxxxxxxxxxx&folderName=General&folderUrl=https%3A%2F%2Fxxxxxxxxxxxxx%2Esharepoint%2Ecom%2Fsites%2Fxxxxxxxxxxxxx%2FShared%20Documents%2FGeneral&scope=OPENFOLDERhljs.highlightElement(document.getElementById('63e5ee3f26ec8'));We can then run on logon "onedrive.exe /url:" and the above URL to have the sync client add the library, no waiting around for "up to 8 hours". Most of the URL will be static but there's a user-specific bit we need to work out how to obtain. A lot of the parameters are optional - as a minimum we need to obtain the following: userEmail. We can look up the current user's UserPrincipalName in PowerShell

  • siteID: Go to _api/site/id and it'll tell you the site ID. This is a GUID enclosed in curly braces

  • webID: Go to _api/web/id and it'll tell you the web ID, another GUID in braces.

  • webTitle: The name of the Team/SharePoint site, used when the client builds the folder structure.

  • webUrl: The URL to the site. You can see this at _api/web/url however it's usually just

  • listId: The SharePoint library's ID. Open the library in a web browser, click on the Settings button near the top right, then pick Library Settings. The List ID will be at the end of the URL of the Settings page - a GUID in braces.

  • listTitle: The document library name.

  • webTitle and listTitle are optional, and they do not have to match the actual names on SharePoint. The sync client will create a folder named after the tenancy, and within that will be a folder named webTitle - listTitle, which contains the synced library. If you don't include these at all it will just call it Documents.Putting all this together, I've written a PowerShell script which can be used as a logon script which will map a library if it isn't already mapped. For this to work you'll need to have already configured the OneDrive sync client to automatically log in and sync the user's OneDrive.Copy$userEmail = $(whoami /upn Out-String).Trim()$siteID = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"$tenantName = "KatysTechBlog"$webID = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"$webTitle = "Tech Blog"$webUrl = " "$listId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"$listTitle = "Library"if (-not ((Test-Path -Path "HKCU:\SOFTWARE\Microsoft\OneDrive\Accounts\Business1\Tenants\$tenantName") -and (Get-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\OneDrive\Accounts\Business1\Tenants\$tenantName" -Name "$env:USERPROFILE\$tenantName\$webTitle - $listTitle"))) $URL = "odopen://sync/?userEmail=" + [uri]::EscapeDataString($userEmail) + "&siteId=" + [uri]::EscapeDataString($siteID) + "&webId=" + [uri]::EscapeDataString($webID) + "&webTitle="+ [uri]::EscapeDataString($webTitle) + "&webUrl="+ [uri]::EscapeDataString($webUrl) + "&listId="+ [uri]::EscapeDataString($listId) + "&listTitle="+ [uri]::EscapeDataString($listTitle) Start-Process "$env:LOCALAPPDATA\Microsoft\OneDrive\Onedrive.exe" -ArgumentList "/url:$URL"hljs.highlightElement(document.getElementById('63e5ee3f26fba'));This script will grab the current user's UserPrincipalName and put together all the different parameters into an URL, and then runs onedrive if the library isn't already synced. If you've got multiple libraries you want to sync, with different combinations for different users, I'd probably recommend just having multiple scripts - one per library - and then linking the appropriate scripts to the appropriate GPO.Updated 16 March 2022: Changed the way the UPN is detected to one which works with Azure AD joined devices. Further Reading Use Group Policy to control OneDrive sync settings - OneDrive Microsoft Docs

  • Deploy OneDrive apps using Microsoft Endpoint Configuration Manager - OneDrive Microsoft Docs

In this postIntroduction Using the GPO Setting An alternative way to add libraries Further ReadingSupport My WorkI hope you find my content useful. Please consider tipping to support the running costs of hosting, licensing etc on my Ko-fi page. 2ff7e9595c


2 views0 comments

Recent Posts

See All

[SEO Starter Guide: The Basics](^3^)

julia parton sex scene Les séances de préparation à la naissance avira antivirus free download 2009 Sharepod 4 Serial Keygen Crackl ...

0 comments

ความคิดเห็น

bottom of page