Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption

171

172

173

174

175

176

177

178

179

180

Manage Policies

168

information required for computer boot includes HKLM/SYSTEM

and all sub-keys.

This policy value is automatically set to Selected if SDE is

enabled.

More...

A reboot is required when a change to this policy is

delivered. To control this reboot, configure the following

policies: Force Reboot on Update, Length of Each Reboot Delay

and Number of Reboot Delays Allowed.

Block

Unmanaged

Access to

Domain

Credentials

Selected

This policy prevents unmanaged applications from accessing the

Windows domain credentials when a user is logged in.

Secure Windows

Hibernation

File

Not Selected

When enabled, the hibernation file is encrypted only when the

compute

r enters hibernation. The Encryption client disengages

protection when the computer comes out of hibernation,

providing protection without impacting users or applications

while the computer is in use.

Prevent

Unsecured

Hibernation

Not Selected

When enabled, the Encryption client does not allow computer

hibernation if the client is unable to encrypt

the hibernation

data.

Workstation

Scan Priority

Lowest

Highest, High, Normal, Low, Lowest

Specifies the relative Windows priority of encrypted folder

scanning. High and Highest prioritize scanning speed over

computer responsiveness, Low and Lowest prioritize computer

responsiveness over scanning speed and favor other resource-

intensive activities, and Normal balances the two.

The client checks for a changed Workstation Scan Priority

before processing the next file.

The scan priority levels are used in two different ways.

1. These values correspond with the values used by the

Microsoft SDK to set thread execution priority.

2. The client uses these values to introduce a delay in

the encryption sweep after every single file is

processed.

The values translate to the following millisecond

delay ranges, where the encryption thread will sit

idle and then return full control to the operating

system:

Highest=0 ms / Lowest=100 ms

Policy Proxy

Connections

String

String - maximum of 1500 characters

List fully qualified Poli

cy Proxy hostnames, or IP addresses,

separated by carriage returns. Ports cannot be specified in

this policy.

More...

Once a valid entry is found, the remainder of the Policy

Proxies listed are ignored.

Entries are processed in the following order:

1. GKConnections Override (this registry entry overrides all

other entries)

2. GKConnections (this

registry entry is set automatically by

the client, based on the this policy)

3. GK

To override this policy and specify ports via the registry

key, set HKLM\Software\Microsoft\WindowsNT\CurrentVersion\

Winlogon\CMGShield\GKConnectionsOverride.

The client communicates with Policy Proxies using the GKPORT

(the default is 8000).

If necessary, change that port via the registry key

HKLM\SOFTWARE\Microsoft\WindowsNT\Current

Version\Winlogon\CMGShield\GKPort.

Inherited values for this policy accumulate.