Change in Security Policy not applied to current users 1

[Airforce1]

I changed the domain wide security policy for users by enabling the following policy:

"Removes the Folder Options item from all Windows Explorer menus and removes the Folder Options item from Control Panel. As a result, users cannot use the Folder Options dialog box.The Folder Options dialog box lets users set many properties of Windows Explorer, such as Active Desktop, Web view, Offline Files, hidden system files, and file types."

I did this so users could not change their folder options to view hidden folders/files. However, if a user has already enabled viewing of hidden files, this just stops them from changing it now. He can still view hidden files.

How can I stop users from viewing hidden files if they previously have enabled this capability?

 

[donnie4564]

secedit /refreshpolicy user_policy /enforce
or
secedit /refreshpolicy machine_policy /enforce

The Secedit.exe command line tool, when called from a batch file or automatic task scheduler, can be used to automatically create and apply policy to a many systems.

This is useful when you have multiple computers on which security must be set.

 

[Airforce1]

Thanks a lot; I didn't know that even existed. Do you know if it will work for Citrix desktops? Also, are you suggesting that I just need to add it to the logon script? If so, is there any reason I wouldn't want to leave it in the login script permanently?