Windows Registry and Policy Keys

I have a Samba network providing an NT domain to my network. My machines are Windows 7, however. Here I share a few links to make this configuration nicer to work with. Yes, probably, it would be best to migrate my Samba setup to a proper Active Directory domain. But that I leave for some other time. As always, it is your responsibility to verify the information given below. I am not responsible for any damages independently of whether any information contained herein looks reasonable or not. Please, be aware that any mistakes in the commands below may render your system unusable.

Windows Updates

Independently of whether we are running in a domain or not, the most annoying thing is this insistence of Windows to reboot the computer after installing almost any update in the system. Worst of all, if the system is left unattended for some time, this may be done while we have some unsaved files open in a program that does not create auto-save files to recover from. Really irritating.

Fortunately, in the group policy (run gpedit.msc from the Start menu’s run dialog), this feature(?) can be turned off by navigating to Computer Configuration, Administrative Templates, Windows Components, Windows Update and enabling the No auto-restart with logged on users for scheduled automatic updates installations policy (see also this technet article).

Logging on to a Windows NT Domain

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Parameters]
"DomainCompatibilityMode"=dword:00000001
"DNSNameResolutionRequired"=dword:00000000

These two keys are required for the Windows 7 machines to be able to join the NT domain.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"RunLogonScriptSync"=dword:00000001

If changes need to be done to the user’s profile, we want to run any logon script synchronously. That is first, the scripts are run and afterwards the user is logged in. Otherwise, the two operations are performed synchronously.

Location of the User Libraries (My Documents, etc)

When we connect to a domain, typically, we want users to be able to store their private files on the domain controller. This can be accomplished with roaming profiles, or by redirecting the library folders. The former has the advantage that all files are stored locally and that programs won’t run into problems when the server is unreachable. On the downside, it requires on each machine from which the user decides to logon a disk that can store the entire profile (Documents, Videos, etc) of the user.

The latter has the advantage that users are logged in more quickly because the profile does not have to be synchronized. On the other hand if the server cannot be reached some programs may run into problems, possibly crashing and taking all your work with them. Anyway, I decided to use this version in my network which is small and stable enough.

The first approach was to use the registry using the keys below. A similar set of keys also exists in Shell Folders.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Desktop"="H:\Desktop"
"Favorites"="H:\Favorites"
"My Music"="H:\Music"
"My Pictures"="H:\Pictures"
"My Video"="H:\Videos"
"Personal"="H:\Documents"

However, these did not quite work the way I wanted (don’t recall the details) and I eventually decided to change this manually using the library feature of Windows. When clicking on the Documents folder in the Libraries section in the file explorer, Windows shows a label such as “Includes: n locations” below the title. By clicking on locations, we can change the locations that are to be included in that Windows library. The problem with my setup is that I am using Samba as my domain server and Samba does not provide the Windows Search Protocol and hence cannot create an index for any of its network shares. Windows, by default, however, only allows folders that have been indexed to be added to a library such that it can provide “advanced” search features. So far, however, I never used them. Maybe because whenever I was looking for some files I preferred using find and grep from Linux box. Of course, grep probably cannot deal as well with any Word or Powerpoint files. Still I decided to switch off that feature.

In the group policy, the features relying on a file indexing can be turned off by navigating to User Configuration, Administrative Templates, Windows Components, Windows Explorer and enabling the Turn off Windows Library features that rely on indexed file data policy (see also this technet article). Now in theory, we can add folders to the library that do not have an index, except that the file explorer does not take this policy into consideration and still insists on the presence of that feature as explained in this blog post.

Ryan’s solution is to simply add a dummy folder (e.g., c:\temp) to the library and then copy the file describing the library from C:\Users\$USERNAME\AppData\Roaming\Microsoft\Windows\Libraries ($USERNAME needs to be replaced with your username) to the desktop. Next open it with notepad and change the pathname to the desired network pathname as well as delete the line containing the <serialized> and </serialized> tags. Windows will recomputed it. Once you have edited the file it can be copied back to its original location. Note that the file cannot be directly edited at its original location. Now we have added a non-indexed location. The next time you use the library, you will see

Instead of adding the dummy directory, however, I prefer to directly add the proper section to the library file. You still ned to copy the file but instead of adding a dummy file, you add the following where the keywords marked with $ need to be replaced appropriately:

    <searchConnectorDescription>
      <isDefaultSaveLocation>true</isDefaultSaveLocation>
      <isSupported>false</isSupported>
      <simpleLocation>
        <url>\\$SERVER\$SHARENAME</url>
      </simpleLocation>
    </searchConnectorDescription>

However, make sure that at leats one other location is contained in the library to see whether new fields have been added. As before the serialized data need not be provided. The isDefaultSaveLocation should only be included for a single entry.

With this method you can also add right away the following line to the propertyStore section to suppress the silly warning:

<property name="ShowNonIndexedLocationsInfoBar" type="boolean"><![CDATA[false]]></property>
This entry was posted in Technology, Uncategorized, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.