Group Policy settings available in Reflection Desktop 16

  • 7024743
  • 21-Jul-2020
  • 24-Jul-2020

Environment

Reflection Desktop (including Pro, for X, for IBM or for UNIX and OpenVMS) 16.0 or higher

Situation

This technical note describes the Reflection Group Policy file for Reflection Desktop 16.

Resolution

Reflection Group Policy settings:

Computer Configuration section:

Reflection Settings

    Client Metering
      Configure Client Metering
      - If this policy is enabled, Reflection will attempt to contact the Reflection metering server at the specified URL. If Reflection cannot contact the metering server and 'Require connection to metering server' is checked, Reflection will exit after issuing an error message.
        Additional setting: "Metering web server:"
        Additional setting: "Require connection to metering server"

User configuration section:

Reflection Settings

    When Reflection Exits
      Prompt if connected when user exits Reflection
      - If the user has an active host connection when the user exits Reflection, this policy specifies whether a confirmation prompt is displayed.

      Prompt when exiting all Reflection sessions
      - If the user chooses to exit all Reflection sessions, this policy specifies whether a confirmation prompt is displayed.

      If there are unsaved changes
      - This policy specifies what to do if there are unsaved changes when the user exits Reflection. This policy does not apply to the Reflection FTP client.

    Application Programming Interfaces
      Allow Reflection to run Visual Basic for Applications macros
      - If this policy is disabled, Reflection will not run Visual Basic for Applications macros.

      Allow scripts and macros on the startup command line
      - If this policy is disabled, Reflection will not run scripts, macros or commands specified on the startup command line.

      Allow Reflection to process DDE requests
      - If this policy is disabled, Reflection will not process DDE requests from other applications.

      Allow other applications to use Reflection's DLL API
      - If this policy is disabled, Reflection will not allow other applications to use Reflection's DLL API. This policy applies only to Reflection for IBM.

      Allow other applications to use Reflection's HLLAPI interface
      - If this policy is disabled, Reflection will not allow other applications to use Reflection's HLLAPI interface. This policy applies only to Reflection for IBM.

      Allow other applications to use Reflection's OLE Automation interface
      - If this policy is disabled, Reflection will not allow other applications to use Reflection's OLE Automation interface.

      Allow Reflection to run Reflection Basic scripts
      - If this policy is disabled, Reflection will not run Reflection Basic scripts. Host initiated scripting is only available when Reflection is emulating a VT or HP terminal.
        Additional setting: "Allow host programs to download and run Reflection Basic scripts"

      Allow Reflection to run RCL scripts
      - If this policy is disabled, Reflection will not run RCL (Reflection Command Language) scripts. This policy applies only to Reflection for HP UNIX & OpenVMS.
        Additional setting: "Allow host programs to download and run RCL scripts"

      Allow Reflection FTP Client Scripting
      - If this policy is disabled, the Reflection FTP client will not run RFS scripts.

    Allow Start Screen
    - If this policy is disabled, no picture will be shown when Reflection starts. This policy does not affect the display of the about box at startup.

    Allow Reflection to save passwords
    - If this policy is disabled, Reflection will not allow users to save passwords in scripts, macros or settings files.

    Allow files to be sent to host computers
    - If this policy is disabled, Reflection will not allow files to be sent to host computers.

    Allow files to be received from host computers
    - If this policy is disabled, Reflection will not allow files to be received from host computers.

    Allow Sessions without Settings Files
    - If this policy is disabled, Reflection will require that every session be associated with a settings file. Therefore users will not be able to create untitled sessions.  Disabling this policy will terminate untitled sessions that were created prior to the policy change.

    Language Override
    - When multiple user interface languages are installed, this policy will override the way Reflection normally chooses which one to use. This may be helpful if none of the installed languages matches the language of Windows. This policy has no effect if only one user interface language is installed.
      Additional setting: LanguageEnglish="English"
      Additional setting: LanguageFrench="French"
      Additional setting: LanguageGerman="German"
      Additional setting: LanguageJapanese="Japanese"

    Allow tracing for troubleshooting
    - If this policy is disabled, Reflection will not allow tracing for troubleshooting. Use this policy if there is a significant concern that sensitive information could be revealed in traces. Using this policy may impede product support. This policy has no effect on FTP logging.

    Migration of settings from F-Secure to Reflection
    - This policy determines whether Reflection migrates (imports) F-secure settings when a Reflection session starts. The migration is only performed once. You can also specify that the migration is performed silently.
      Additional setting: "Migrate settings if the F-secure product is detected"
      Additional setting: "Perform the migration without prompting the user"

    Automatic Tracing
    - When this setting is enabled and the checkbox is checked, Reflection will automatically start tracing in a new trace file each time a session starts. The trace file will be created in the specified folder with the specified name. Variables such as %PersonalFolder%, %UserName% and %ProductAbbreviation% can be used in folder and file names.
      Additional setting: "Start tracing automatically when session starts"
      Additional setting: "Folder for traces"
      Additional setting: "Filename:"

    Allow Unencrypted Connections- If this policy is disabled, users will be required to use encryption for all host connections and FTP transfers. Reflection X client connections will also require encryption unless the client is running locally on the same computer as Reflection X.

    Allow non-FIPS mode
    - If this policy is disabled, all Reflection products will run in FIPS mode.

    Allow non-DoDPKI mode
    - If this policy is disabled, all Reflection products will run in DoD PKI mode.

    Folder for the default Auto Update file
    - This policy controls whether and how Reflection looks for settings.rsu, settings.r1u, settings.r2u or settings.r4u.
    If enabled, you can specify the folder where Reflection should look for this file. If you leave the folder name empty, Reflection will not look for the settings.r?u file.
    If disabled or not configured, Reflection will look for this file in the Reflection User Folder. This policy is ignored, and settings.r?u is ignored if a settings file has specified a value for the "Auto Update File" setting.
    You can use environment variables as in the following examples: %personalfolder%\Attachmate\Reflection\ %programfiles%\Attachmate\Reflection
      Additional setting: "Folder"

    Folder for the Shared Macros Settings File
    - This policy controls whether and how Reflection looks for SharedMacros.rsf, SharedMacros.r1w, SharedMacros.r2w or SharedMacros.r4w.
    If enabled, you can specify the folder where Reflection should look for SharedMacros.* files. If you leave the folder name empty, Reflection will not look for the SharedMacros.* files.
    If disabled, Reflection will look for SharedMacros.* in the Reflection User Folder.
    If not configured, Reflection will look for SharedMacros.* in the folder specified by the SharedMacrosFolder property.
    If the SharedMacrosFolder property is not set, Reflection will look for SharedMacros.* in the Reflection User Folder.
    Changes to this policy will not affect Reflection sessions that are already started.
    You can use environment variables as in the following examples: %personalfolder%\Attachmate\Reflection\ %programfiles%\Attachmate\Reflection
      Additional setting: "Folder"

    Settings only in these Folders
    - This policy prevents Reflection from opening settings files in folders not listed here. You can use environment variables such as %PersonalFolder% to specify folders whose path specification may vary from user to user. There is no setting corresponding to this policy in the profiler or anywhere else - it can only be configured as a policy. This policy currently does not affect Reflection X settings files. Disabling this policy is equivalent to leaving it not configured.
      Additional setting: "Folders allowed"

Download the ReflectionPolicy.adm file:

Download and unzip the Reflection policy template:

    1. From the Download Library, download ReflectionPolicy.zip


    2. Unzip the file to \%systemroot%\inf folder, such as C:\Windows\inf\.

You will see ReflectionPolicy.adm.


Install the Reflection Group Policy:

To use this policy, the Reflection policy template must first be added to your Windows Group Policy editor by adding the ReflectionPolicy.adm file to the editor.

    1. Open the Group Policy Editor: Run Gpedit.msc from the command line.

Or, open the properties for an Organizational Unit in the Active Directory Users and Computers console, click the Group Policy tab, and edit or create a new policy object.


    2. Under Computer Configuration, right-click Administrative Templates, and select Add/Remove Templates.


    3. Click Add and browse to the \%systemroot%\inf folder, where you downloaded ReflectionPolicy.adm.


    4. Select ReflectionPolicy.adm and click Open. When ReflectionPolicy.adm is in the list, close the Add/Remove Templates dialog.

Keep this editor open.


Configure a Group Policy Setting:

    1. Under User Configuration, expand the Administrative Templates section.


    2. Click on Classic Administrative Templates (ADM) and expand this section.


    3. Expand the Reflection Settings section.


    4. In the right panel, double-click on the setting to be changed.


    5. Change the appropriate value to be Enabled or Disabled.
        Modify additional settings as necessary.


    6. Press OK and exit the Group Policy Editor.


    7. The Group Policy needs to take effect before this updated value can be used. There are a number of ways to "force" a Group Policy update:


      a) Reboot the PC.


      b) Wait for Microsoft Windows to eventually make the policy effective on it own.


      c) Open a Command Prompt (as Administrator) and use the "gpupdate /force" option to force a Group Policy update to occur.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.