Developing and supporting a desktop infrastructure for a University brings with it challenges that you may not normally face in a more corporate environment, specifically about 2500 PCs in labs and open-access areas that can potentially be used by our thousands of student users and trying to a maintain the balance between usability and security/supportability. One such challenge is making sure that once a student has finished using a PC they can’t (easily) leave it an unusable state for the next user by either locking the workstation or putting it into a sleep or hibernated state.
To prevent a user from locking their workstation is simply a case of using group policy and setting the following in User Configuration:
There are already GPO settings to prevent users from initiating sleep states but they seem to be an all-or-nothing kind of solution:
I think the above is probably designed for kiosk-type machines or maybe those running some kind of display that you would not want to shutdown, and is certainly not ideal for some of our labs that are configured to dual-boot (although it would do a good job of preventing our students from getting any where near the Linux build 
All our student PCs are desktops so when we start making notebooks available the setting for machines running on battery will also need to be configured. The next task was to disable hibernation. From an elevated command prompt you would simply run:
powercfg –h off
..but there isn’t an equivalent GPO setting, To achieve the same result I just used a GPO Preference setting to make the necessary change in the registry:
Setting the value to 1 re-enables hibernation.
I may end up making the registry change during build time by adding it to a MDT task sequence just so that it’s already present and one less GPO setting for the client to process.
Posts
This is a great post for this certain topic.
ReplyDeleteThe failure of details often directs an end user to some feeling of discouragement.
However for the simplicity of end users, Specialists designed a a solution for data damage problems.
Just in case of deletion of data condition, an end user need to have an understanding of appropriate personal information recovery tool.
microsoft inbox
Thanks for sharing your view..
ReplyDeleteHow to save you PC Life From Virus!
Shutdown Scheduler
download Shutdown Scheduler