Hacked By AnonymousFox

Current Path : C:/Windows/PolicyDefinitions/en-US/
Upload File :
Current File : C:/Windows/PolicyDefinitions/en-US/LanmanWorkstation.adml

<?xml version="1.0" encoding="utf-8"?>
<!--  (c) 2006 Microsoft Corporation  -->
<policyDefinitionResources xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" revision="1.0" schemaVersion="1.0" xmlns="http://schemas.microsoft.com/GroupPolicy/2006/07/PolicyDefinitions">
  <displayName>enter display name here</displayName>
  <description>enter description here</description>
  <resources>
    <stringTable>
      <string id="Cat_LanmanWorkstation">Lanman Workstation</string>
      <string id="Pol_CipherSuiteOrder_Name">Cipher suite order</string>
      <string id="Pol_CipherSuiteOrder_Help">This policy setting determines the cipher suites used by the SMB client.

If you enable this policy setting, cipher suites are prioritized in the order specified.

If you enable this policy setting and do not specify at least one supported cipher suite, or if you disable or do not configure this policy setting, the default cipher suite order is used.

SMB 3.11 cipher suites:

AES_128_GCM
AES_128_CCM

SMB 3.0 and 3.02 cipher suites:

AES_128_CCM

How to modify this setting:

Arrange the desired cipher suites in the edit box, one cipher suite per line, in order from most to least preferred, with the most preferred cipher suite at the top. Remove any cipher suites you don't want to use.

Note: When configuring this security setting, changes will not take effect until you restart Windows.</string>
      <string id="Pol_EnableInsecureGuestLogons_Name">Enable insecure guest logons</string>
      <string id="Pol_EnableInsecureGuestLogons_Help">This policy setting determines if the SMB client will allow insecure guest logons to an SMB server.

If you enable this policy setting or if you do not configure this policy setting, the SMB client will allow insecure guest logons.

If you disable this policy setting, the SMB client will reject insecure guest logons.

Insecure guest logons are used by file servers to allow unauthenticated access to shared folders. While uncommon in an enterprise environment, insecure guest logons are frequently used by consumer Network Attached Storage (NAS) appliances acting as file servers. Windows file servers require authentication and do not use insecure guest logons by default. Since insecure guest logons are unauthenticated, important security features such as SMB Signing and SMB Encryption are disabled. As a result, clients that allow insecure guest logons are vulnerable to a variety of man-in-the-middle attacks that can result in data loss, data corruption, and exposure to malware. Additionally, any data written to a file server using an insecure guest logon is potentially accessible to anyone on the network. Microsoft recommends disabling insecure guest logons and configuring file servers to require authenticated access."
      </string>

      <string id="Pol_EnableCSCforCAShares_Name">Offline Files Availability on Continuous Availability Shares</string>
      <string id="Pol_EnableCSCforCAShares_Help">
        This policy setting determines the behavior of Offline Files on clients connecting to an SMB share where the Continuous Availability (CA) flag is enabled.

        If you enable this policy setting, the "Always Available offline" option will appear in the File Explorer menu on a Windows computer when connecting to a CA-enabled share. Pinning of files on CA-enabled shares using client-side caching will also be possible.

        If you disable or do not configure this policy setting, Windows will prevent use of Offline Files with CA-enabled shares.

        Note: Microsoft does not recommend enabling this group policy. Use of CA with Offline Files will lead to very long transition times between the online and offline states.
      </string>

      <string id="Pol_EnableHandleCachingForCAFiles_Name">Handle Caching on Continuous Availability Shares</string>
      <string id="Pol_EnableHandleCachingForCAFiles_Help">
        This policy setting determines the behavior of SMB handle caching for clients connecting to an SMB share where the Continuous Availability (CA) flag is enabled.

        If you enable this policy setting, the SMB client will allow cached handles to files on CA shares. This may lead to better performance when repeatedly accessing a large number of unstructured data files on CA shares running in Microsoft Azure Files.

        If you disable or do not configure this policy setting, Windows will prevent use of cached handles to files opened through CA shares.

        Note: This policy has no effect when connecting Scale-out File Server shares provided by a Windows Server. Microsoft does not recommend enabling this policy for clients that routinely connect to files hosted on a Windows Failover Cluster with the File Server for General Use role, as it can lead to adverse failover times and increased memory and CPU usage.
      </string>
    </stringTable>
    <presentationTable>
      <presentation id="Pol_CipherSuiteOrder">
        <text>Cipher suites:</text>
        <multiTextBox refId="MultiText_CipherSuiteOrder"/>
      </presentation>
    </presentationTable>
  </resources>
</policyDefinitionResources>

Hacked By AnonymousFox1.0, Coded By AnonymousFox