Windows 10 How to make File Explorer open in ‘This PC’ view

I’ve been playing further with Windows 10 and working on little tricks to get it working how we want it. Many people have been complaining that they now have to click on ‘This PC’ to access network drives etc. So I decided to find a way to make File Explorer open with ‘This PC’ as the default view. Luckily I didn’t have to look to far until I came across this great blog post.

http://libsyn.net/how-to-open-file-explorer-to-this-pc-by-default-in-windows-10/

I have used method 3 with a replace command for a user registry setting in the Domain Group Policy. Now when ever users logon this policy is set and the registry is altered to make File Explorer open in ‘This PC’ view by default. More happy customers and another job ticked off the list!

Managing Google Chrome via Group Policy and creating a Chromebook style Windows Laptop

Over the last few days I’ve been working at turning an old laptop into a Chromebook style laptop. Obviously its not a 100% chrome OS but I feel I’ve managed to achieve the best of both worlds. So here is a brief description of what I’ve done.

First I installed a fresh copy of Windows 8.1 onto the laptop and connected it up to my Domain. I then put the laptop into a new org unit on my Domain for testing and created a new group policy object in the org unit. Before I can use the group policy with Chrome I had to install the Chrome group policy templates. These are available from the site below along with a list, description and examples of all the policies you can set.

https://www.chromium.org/administrators/policy-list-3

After I’d installed the policies I opened up the group policy and set up the computer configuration to install Chrome via MSI (available here) and then setup my computer policy. How you set the policy depends on how you want it to work but I included things like

  • start up pages
  • enforcing safe modes
  • preventing developer tools
  • setting Ephemeral profile (forces chrome to log out on browser close)
  • hiding the web store
  • preventing incognito mode
  • restrict chrome to only my google apps domain users
  • forcing extension installs (more help on gathering update url for this here)

I then created a new user and a group policy for the user where I set the user configuration to lock down the windows laptop including preventing access to control panel, locking taskbars etc.

Finally I setup the laptop to auto logon as the new domain user and told chrome to automatically start on logon.

Now I have a laptop which is locked down, loads up quickly, auto loads chrome, sets chrome restrictions and then when a user has finished using Chrome they are auto logged out upon browser close. This can also be further enhanced by using Google Apps and setting the Chrome User Settings for different org units within your Google Apps Domain. Then each user will receive their own apps upon logon to chrome and access to their own Drive, Email etc etc.

Although this is only a brief explanation I hope it gives you an idea and points you in the direction of turning old laptops into chromebook style machines in your environment.

Please help to support my blog by sharing, following and liking.

Thanks

Simple Guide to Installing Microsoft Office 2013 via Group Policy (GPO)

Today I decided to update our Office from 2010 to 2013. Rather than going round lots of computers to install it though I decided to do a quick ‘Google’ to find a script and I came across this fab site so I thought I’d share it. Enjoy

Deploy Office 2013 with GPO – the simple way

Sysvol not replicating across domain controllers causing group policy to fail. How to fix it.

Today I had a strange issue. My sysvol was not being replicated across all of my Domain Controllers and this was causing Group Policy issues.

My first clue to the problem was that some computers where not applying the group policy settings. I drilled down into the event viewer for these machines and found that I was getting errors with certain policies and files not being found. I checked the main domain controller and everything was there. Strange I thought. So I then checked the other Domain controllers to find that the policies had not arrived in the sysvol folder. So the next step was to run dcdiag in an elevated command prompt. It returned an error with the File Replication Services or FRSEvent error. Event viewer on this domain controller was my next step to have a look at the file replication services log and in there I found an issue with it being replicated. I tried restarting a few services like DNS, net Logon and file replication but still no joy.

So the next step was to check the main domain controller and make sure it was allowing the other controller access. First I ran dcdiag and everything was clear, then I checked the event viewer for the file replication services. Here I found a new error referencing the JRNL_WRAP_ERROR. I googled this to find out this is in fact an outdated message and the steps to fix this have changed. Basically I had to restart the service in a recovery mode. To do this I needed to change a registry setting located here.

HKLM/System/CurrentControlSet/services/NtFrs/Parameters/Backup\Restore/Process at Statup

I needed to change the BurFlags key to D4. I then restarted the service and everything rebuilt, the other domain controllers connected and everything was happy again.

For more information check out this Microsoft Support Article.
support.microsoft.com/KB/290762