This article contains technical configurations that will limit the actions that can be taken on the Windows device that is broadcasting the ITESLIVE display.
AVAILable with: |
Windows Player: Starter, Pro, Premium |
In the event that you wish to fully dedicate a computer to the use of the ITESLIVE display, there are optional configurations that can be added to your display computer. These configurations are much more restrictive on the operating system than those completed using the ITESLIVE installer. These configurations are also more technical and will most likely require the assistance of your IT department.
Required firewall modifications
Note: The following is an example of the format in which the modifications are presented.
Rule to be created in the firewall
Details of the impact the rule will have on Windows
- advfirewall firewall add rule name=""Windows Updates"" dir=out action=allow service=""wuauserv"" enable=yes
advfirewall firewall add rule name=""Windows Updates"" dir=in action=allow service=""wuauserv"" enable=yes
These configurations ensure that the Windows updates are authorized in the firewall. - advfirewall firewall add rule name=""Open Port 443"" dir=out action=allow protocol=TCP remoteport=443
This rule will allow outbound HTTPS communications to pass through the firewall. - advfirewall firewall add rule name=""Block Port 135"" dir=in action=block protocol=TCP localport=135 profile=public
Blocks all inbound TCP communications that use port 135. - advfirewall firewall add rule name=""ntp"" dir=out action=allow protocol=UDP remoteport=123 - A retirer (fait)
Allows outbound UPD communications that use port 123. - advfirewall firewall add rule name=""dns udp"" dir=out action=allow protocol=UDP remoteport=53
Allows outbound UDP communications that use port 53. - advfirewall firewall add rule name=""dns tcp"" dir=out action=allow protocol=TCP remoteport=53
Allows outbound TCP communications that use port 53. - advfirewall set publicprofile firewallpolicy BlockInbound,BlockOutbound
Blocks all communications from a network connected to the computer that is using the « Public » network profile. - advfirewall set privateprofile firewallpolicy BlockInbound,BlockOutbound
Blocks all communications from a network connected to the computer that is using the « Private » network profile. - advfirewall set domainprofile firewallpolicy BlockInbound,BlockOutbound
Blocks all communications from a network connected to the computer that is using the « Domain » network profile. - advfirewall set allprofiles state on
Activates all of the « Windows Defender Firewall » profiles.
Required Windows registry modifications
Note: The following is an example of the format in which the modifications are presented.
Path to the location that needs to be modified
Modification - Impact on Windows
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HideIcons = 1 - Hides all of the desktop icons.
EnableBalloonTips = 0 - Hides the notification pop-ups in the notification zone. - HKEY_CURRENT_USER\Software\Policies\Microsoft\TabletPC
TurnOffPenFeedback = 1 - Disables the contextual bubbles shown when the computer receives a touch input from an interactive monitor.
PreventFlicks = 1 - Makes all « Pen and touch » shortcuts and any associated features unavailable. - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
fDenyTSConnections = 1 - Disables the « Remote Desktop » connections. - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl
AutoReboot = 1 - Activates the automatic restart of the computer should a Windows blue screen occur. - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoDriveTypeAutoRun = FF - Disables the « AutoRun » pop-up for all drive types (USB, hard drives, etc.). - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update
AUOptions = 4 - Activates the automatic download and installation for Windows updates. This configuration is only valid if there are existing values for « ScheduledInstallDay » and « ScheduledInstallTime ».
ScheduledInstallDay = 2 - Specifies that the « Windows updates » will be installed every Monday.
ScheduledInstallTime = 2 - Specifies that the « Windows updates » will be installed at 2 AM. - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Start_ShowMyPics = 0 - Hides the « My Pictures » entry in the « Start menu ».
Start_ShowMyMusic = 0 - Hides the « My Music » entry in the « Start menu ».Start_ShowPrinters = 0 - Hides the « Printers » entry in the « Start menu ».
Start_MinMFU = 0 - Hides all recently used program entries in the « Start menu ».
Start_JumpListItems = 0 - Hides all « Jump list » entries in the « Start menu ».Start_ShowMyDocs = 0 - Hides the « My Documents » entry in the « Start menu ».
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\DateTime\Servers
0 = 0.ca.pool.ntp.org - Configures ntp 0.ca.pool.ntp.org as the time-server in the Windows configurations.
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
shutdownwithoutlogon = 0 - Disables the « Shutdown » button in the Windows login screen. - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
NoClose = 1 - Deletes and blocks access to the « Shutdown », « Restart », « Sleep » buttons.