These steps show how to set a group policy so that all users logging on to the network will run the same screen saver and prevent the user from adding/changing the screen saver. This is particularly useful in a retail environment because you could set all of the computers to run a screen saver that doubles as an advertisement.
The following points are assumed to be true:
The screen saver file (*.scr) is installed on the computer. A mapped network drive may also work but a UNC path will not.
You have administrative access to the computer/domain.
To begin, open the Group Policy editor for the domain. If you want to do this on just a few computers, or computers not on a Windows 200x domain, you can go to Start -> Run and type gpedit.msc (click OK) to open the local GP editor. Once you have the GP editor open:
In the pane on the left, expand Administrative Templates under User Configuration
Expand Control Panel
Click on the folder for Display
In the pane on the right:
Double-click Hide Screen Saver tab and set it to Enabled. Click the Next Setting button*.
This is only necessary if you do not want users to have any access to the Screen Saver tab in the display properties.
Set Screen Saver to Enabled. Click the Next Setting button.
This setting will disable the screen saver drop down and settings in the display properties. Users will not be able to change or configure the screen saver but they can change the energy settings. This will only be valid if you set the Screen Saver executable name and Screen Saver timeout.
Set Screen Saver executable name to Enabled and provide the name of the screen saver file you wish to use. Click the Click the Next Setting button.
If the screen saver file (*.scr) is in the %Systemroot%\System32 folder, you only have to provide the file name. If the file is elsewhere, you must provide the full path (i.e. C:\Company\screen.scr).
If you do not set this value, users will be able to change the screen saver via the drop menu on the Screen Saver tab in the display properties (if the screen saver tab isn’t hidden).
If you wish to password protect the computer (lock the system) when the screen saver starts, enable Password protect the screen saver. Click the Next Setting button.
Set Screen Saver timeout to Enabled and set the timeout (in seconds). By default, it is set to 900 seconds (15 minutes). Click Apply and then OK to close the setting property box.
If this is not set, users will be able to set the timeout time (if the screen saver tab isn’t hidden).
Close the GP editor
This setting takes effect immediately if you are doing this via the local computer GP editor. If you are on a domain, you will either have to wait for the policy to replicate or go to the command line and run:
Windows 2000 domain:
secedit /refreshpolicy user_policy /enforce
Windows 2003 domain:
gpupdate /target:user /force
You do not need to use the /logoff or /boot switches because the screen saver policies do not require a system logoff/reboot.
*The Next Setting button is a shortcut that applies the change and moves to the next setting. You can just click Apply -> OK and then double-click the next setting.
No comments:
Post a Comment