<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic HKLM - how to deal with apps that write there ? in Dynamic Environment Manager</title>
    <link>https://communities.vmware.com/t5/Dynamic-Environment-Manager/HKLM-how-to-deal-with-apps-that-write-there/m-p/505384#M1024</link>
    <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;So i thought Google Drive File Stream was working great.&amp;nbsp; After about 7 reboots of working fine and auto-loggin in the person -&amp;nbsp; it fails to start on boot up and the user has to re-login .&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;So it is correct that UEM will not being over HKLM reg entries ?&amp;nbsp; We looked at the GDFS keys and USER has been given access to the HKLM keys .&amp;nbsp; So in theory it should work ?&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;GDFS Keeps the user logged in for about 5 reboots.. and some the user is logged out and has to re log in.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;We have GDFS installed on the GI.. not using an app stack.&amp;nbsp; We are using writables / UEM and app volumes / Instant clones .&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;If an app is writing to HKLM .. how does one bring that into UEM ?&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;If 'user' has rights to those HKLM keys is that good enough ?..&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Can i use the Privlege Elevation part of UEM ?.. Do i grant the GDFS app the Elevated rights ?... Anyone know of any good walkthroughs on the "Privilege Elevation' part of UEM ?&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;I just find it Odd that GDFS works part of the time and not others. Kinda wish it would just pick one :smileysilly: .&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;thanks .&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
    <pubDate>Tue, 14 May 2019 22:38:28 GMT</pubDate>
    <dc:creator>Douglas42Adams</dc:creator>
    <dc:date>2019-05-14T22:38:28Z</dc:date>
    <item>
      <title>HKLM - how to deal with apps that write there ?</title>
      <link>https://communities.vmware.com/t5/Dynamic-Environment-Manager/HKLM-how-to-deal-with-apps-that-write-there/m-p/505384#M1024</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;So i thought Google Drive File Stream was working great.&amp;nbsp; After about 7 reboots of working fine and auto-loggin in the person -&amp;nbsp; it fails to start on boot up and the user has to re-login .&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;So it is correct that UEM will not being over HKLM reg entries ?&amp;nbsp; We looked at the GDFS keys and USER has been given access to the HKLM keys .&amp;nbsp; So in theory it should work ?&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;GDFS Keeps the user logged in for about 5 reboots.. and some the user is logged out and has to re log in.&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;We have GDFS installed on the GI.. not using an app stack.&amp;nbsp; We are using writables / UEM and app volumes / Instant clones .&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;If an app is writing to HKLM .. how does one bring that into UEM ?&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;If 'user' has rights to those HKLM keys is that good enough ?..&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Can i use the Privlege Elevation part of UEM ?.. Do i grant the GDFS app the Elevated rights ?... Anyone know of any good walkthroughs on the "Privilege Elevation' part of UEM ?&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;I just find it Odd that GDFS works part of the time and not others. Kinda wish it would just pick one :smileysilly: .&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;thanks .&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Tue, 14 May 2019 22:38:28 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/Dynamic-Environment-Manager/HKLM-how-to-deal-with-apps-that-write-there/m-p/505384#M1024</guid>
      <dc:creator>Douglas42Adams</dc:creator>
      <dc:date>2019-05-14T22:38:28Z</dc:date>
    </item>
    <item>
      <title>Re: HKLM - how to deal with apps that write there ?</title>
      <link>https://communities.vmware.com/t5/Dynamic-Environment-Manager/HKLM-how-to-deal-with-apps-that-write-there/m-p/505385#M1025</link>
      <description>&lt;HTML&gt;&lt;HEAD&gt;&lt;/HEAD&gt;&lt;BODY&gt;&lt;P&gt;Hi &lt;B&gt;Douglas42Adams&lt;/B&gt;,&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;Although UEM is meant to work with user profile settings (i.e. HKCU), as long as the user has &lt;EM&gt;modify&lt;/EM&gt; permissions to the relevant HKLM keys, this should work fine. By default, non-admin users won't have that permission, though, so it would be up to you to tweak that. (In other words, what &lt;B&gt;ijdemes&lt;/B&gt; said in &lt;A href="https://communities.vmware.com/message/2857983"&gt;the original Google Drive File Stream thread&lt;/A&gt; &lt;img class="lia-deferred-image lia-image-emoji" src="https://communities.vmware.com/html/@3CBC42A1E7848F607FD419D398107BF9/emoticons/1f642.png" alt=":slightly_smiling_face:" title=":slightly_smiling_face:" /&gt;&lt;/P&gt;&lt;P&gt;&lt;/P&gt;&lt;P&gt;However, looking at that &lt;A href="https://support.google.com/a/answer/7644837?hl=en" title="https://support.google.com/a/answer/7644837?hl=en"&gt;Configure Drive File Stream - G Suite Admin Help&lt;/A&gt;​ link you provided in that thread, I get the impression that those three locations (&lt;STRONG style="font-family: 'courier new', courier; font-size: 13.3333px;"&gt;HKCU&lt;/STRONG&gt;, &lt;STRONG style="font-family: 'courier new', courier; font-size: 13.3333px;"&gt;HKLM&lt;/STRONG&gt;, &lt;STRONG style="font-family: 'courier new', courier; font-size: 13.3333px;"&gt;HKLM\...\Policies&lt;/STRONG&gt;) are just three ways for an admin to provide configuration, where one overrides the other(s). If you look into the exported &lt;STRONG style="font-family: 'courier new', courier; font-size: 13.3333px;"&gt;.REG&lt;/STRONG&gt; file from a session where everything is working fine (i.e. the user did not have to re-login), do you see anything that looks like credentials or a token?&lt;/P&gt;&lt;/BODY&gt;&lt;/HTML&gt;</description>
      <pubDate>Wed, 15 May 2019 08:52:10 GMT</pubDate>
      <guid>https://communities.vmware.com/t5/Dynamic-Environment-Manager/HKLM-how-to-deal-with-apps-that-write-there/m-p/505385#M1025</guid>
      <dc:creator>DEMdev</dc:creator>
      <dc:date>2019-05-15T08:52:10Z</dc:date>
    </item>
  </channel>
</rss>

