So this is definitely a policy setting that give IT admins something they have been asking for a long time. I also mentioned this feature in my What’s new in Windows 8 Part #2 post however in all my test I CANNOT get this setting to work. As far as I know the policy setting called “Prohibit connection to non-domain networks when connected to domain authenticated network” prevents users from connecting a second internet connection to a computer if it is already connected to a Domain Network connection. Very handy if the setting worked…
I assume for now the setting is just broken (or i am just to dumb to make it work), If i get this setting to actually work in my tests I will update this post, but as this is a setting is going to be really popular I thought I would just give you a heads up that this setting is there even if it is broken…
As you can see when this policy setting the Public Network connected that is connected to the Internet clearly says “Internet access”…
If you do get the setting to work please tell me how you did it…
As you know along with Windows 8 Consumer Preview and Windows Server 8 Beta has been released and of course I have taken a look at the list of new Group Policy setting that apply to Windows 8. From the list of new Windows 8 Consumer Previews settings I have selected some policy setting that talk about features that look really interesting.
The list of new Windows 8 Consumer Preview settings is very long so below is a list of just computer based setting, I will make another blog post soon about the user specific settings.
Note: I have not had a chance to implement any of these setting yet so I am using a bit of interpretation of the help details about these setting.
The next two settings are obviously really important if you want to implement a standard Corporate UI look and feel.
So unless you have been under a rock for the past 24 hours then you would have missed the public release of Windows 8 Consumer Preview and Windows Server 8 Beta. I have only been running less than 24 hours and I am finding heaps of new exciting Group Policy settings that I will blog about soon but one really stands out. The “Do not show the Start Menu when the user logs in” policy allows you to boot the OS into the more familiar desktop and not the Metro start menu. Interesting to note that booting into the desktop is also the default behaviour for Windows Server 8 so you can also use this setting on your server if you want to start them into Metro (but you prob don’t want to).
This setting can be found under User Configuration > Policies > Administrative Templates > Start Menu and Taskbar and of course only work on Windows 8 Consumer Preview.
Update: I have tested this policy setting and it appears it does not work on the Windows 8 Consumer Preview. I suspect this is a bug as the Supported On statement clearly says “Windows 8 Consumer Preview”.
Update #2 / Rant: OMG! In closer look at the help of the setting it says “this group policy only applies to the Windows Server 8 Beta” meaning that Microsoft are deliberately forcing people to launch the start menu. The fact that this is NOT something that can be controlled is VERY frustrating a reeks of an Apple like attitude of telling us that is not something we want. I get that the default is to launch into the metro start menu and I even think it is a better menu than the traditional start menu. But taking away people’s choice to go straight to the desktop is going to anger a lot people like myself especially when we know it is a Server OS option.
INI Files are one of those things that most administrators probably still need to mange in your environment due to one of those (crapy) apps that still not made the jump to registry keys. This is were there INI feature of Group Policy Preferences can be a great help in managing these files. What is really great about this option is that it also allows you to modify existing files without losing any existing custom modification.
Below I show you just a few examples of how you can use the GPP INI option when working with these files.
In my example I already have a file created called C:\test.ini with the following values.
TIP: If the INI file is a global configuration file you will probably need to make this change as a computer policy as standard users probably won’t need have the permission to make changes to the file.
Select the “Update” action and fill out the fields as you need. I have circled the related fields in the same colour to show how they values match up.
Note: See that the existing information in the file is preserved.
Its also really easy to setup a new section by just specifying a different “Section Name”.
If you want to remove a Property from the INI file simply select the “Delete” action and the name of the property.
Tip: If you want to delete the entire INI file use the GPP File Extensions option.
If you have a lot of GPO’s in your environment then you know that the process of comparing GPO’s can be enormously time-consuming and difficult. Well fellow Group Policy MVP Darren Mar-Elia (a.k.a. GPOGUY) and CTO & Founder of SDM Software has just released a new version of the GPO Compare tool. This is a super cool tool allows you to quickly compare up to 4 Group Policy Object. The thing I really like about this tool is that it allow you to compare multiple LIVE GPO’s!!! Which is great for tracking changes of live GPO’s against a baseline settings.
For a tour of the product then take a look at the video below:
So this is definitely a policy setting that give IT admins something they have been asking for a long time. I also mentioned this feature in my What’s new in Windows 8 Part #2 post however in all my test I CANNOT get this setting to work. As far as I know the policy setting called “Prohibit connection to non-domain networks when connected to domain authenticated network” prevents users from connecting a second internet connection to a computer if it is already connected to a Domain Network connection. Very handy if the setting worked… 
