Tuesday, February 05, 2013 12:53 PM
With System Center Configuration Manager 2012 SP1, the user has access to the following option on the client (all the users are local administrator of the computer) :
How to update the policy in order to disable this option for the users as the screenshoot below ?
Thank's for your help and feel free to ask if some information are missing.
Tuesday, February 05, 2013 2:33 PM
Try setting the following registry value:
DWORD - DisableRoutinelyTakingAction = 0
There doesn't seem to be a way to set this through editing the policy, but placing it in this area of the registry will cause it to apply like a policy. You could probably set it automatically through a Compliance setting (formerly DCM)
Tuesday, February 05, 2013 3:15 PM
Tuesday, February 05, 2013 4:19 PM
It doesn't look like it can be set through the SCEP policy. However, you should be able to set it automatically with a Compliance setting. Check out Kent's blog for a good example of how to do this with a registry setting:
and the admin template files available here
Tuesday, February 05, 2013 9:14 PM
After trying to use a compliance setting to set the reg value, I found that it doesn't work as expected on a 64-bit system. When it remediates the registry value, it sets a REG_QWORD value instead of REG_DWORD. SCEP doesn't recognize the QWORD, only the DWORD. After some more searching I found a thread describing a similar problem and the poster found that the only way to successfully set the value was to use a script remediation action instead of a direct registry remediation action:
- Marked As Answer by Lionel LEPERLIERMVP Wednesday, February 06, 2013 4:14 PM
Monday, March 04, 2013 10:27 AM