Skip to content

Desktop Policies

The Desktop Policy feature in HyWorks allows administrators to create and manage desktop policies. These policies enable the configuration of user and computer settings for remote desktop connections.

Here, we outline the steps and configuration needed to set up the desktop policies through the HyWorks Controller’s management console.

Prerequisites

  1. HyWorks Controller v3.4 SP2 and onwards.

  2. Dot Net 4.5 or above for policy plus application

  3. PolicyPlus application: This open-source utility is required to export the necessary group policy. To download it, visit the PolicyPlus page on GitHub and scroll down to find the link to the latest downloadable version.

Limitations and Scope

  1. The Desktop Policy feature is only supported in “Shared Hosted Desktops” and not in Personal Desktops.

  2. To apply desktop policy, the admin must have group policies exported in the ".pol" file extension type only.

  3. Using the Desktop Policy, both HKLM and HKCU registries can be managed for the user or computer.

  4. SHD should have internet when the desktop policy of one kind is first applied.

Configurations

The configurations are done in two sections:

  1. PolicyPlus: Generating a .pol file

  2. Configurations in HyWorks Controller

PolicyPlus: Generating a .pol file

This configuration is to be done on the PolicyPlus.

  1. Open the PolicyPlus application.

  2. Navigate to File > Open Policy Resources. Select a location, assign a name to the file with a “.pol” extension, and click OK.

  3. All modified policies will be saved in the “.pol” file created in the previous step.

  4. Modify the required group policies.

  5. After setting all the required policies for the respective changes, navigate to Files and select Save Policies.

  6. The same files will be used when applying for the Desktop Policy feature.

Configurations in the HyWorks Controller

The following configuration must be done on the HyWorks Controller’s management console.

Configuring Desktop Policies

Field Specifications

Find the list of fields and their descriptions below.

  1. Policy Name (Required): Enter the policy's unique name, limited to a maximum of 99 characters.

  2. Description (Optional): Provide a short policy description in 1000 characters.

  3. User Policy: Select the checkbox to enable or disable user policy settings in the “.pol” file.

  4. Computer Policy: Select the checkbox to enable or disable computer policy settings in the .pol file.

  5. Log out user session if the policy is not applied: Select the checkbox to enable or disable user logout if the policy has not been applied.

  6. Save: The desktop policy is created after it has been validated.

Steps to Create a Desktop Policy

  1. Log in to the HyWorks Management Console.

  2. Navigate to Policies > Profiles > Desktop Policy and click Add.

  3. Give the profile name and description.

  4. Select the user or computer policy as per the requirement. If the computer policy must be applied, provide input on whether that will be applied in HKLM or HKCU.

Note

HKLM and HKCU are two critical directories in the Windows registry. Changes to HKLM affect the entire machine, whereas modifications to HKCU only affect the currently logged-in user.

  1. If the SHD environment must be kept only with the applied desktop policies, select “Log out user session if the policy is not applied” so that if the policy is not applied at the start of the session, it will terminate after notifying the user.

  2. Select Save, and the Policy Details tab will be closed.

Configuring Connection Profile

Administrators can have multiple connection profiles and desktop policies in their environment. Therefore, assigning a desktop policy to the appropriate connection profile is essential.

  1. Log in to the HyWorks Management Console.

  2. Navigate to Policies > Profiles > Connection profile.

  3. Select the connection profile used for the group policy-controlled environment, and then click Edit.

  4. Under Additional settings > Desktop policy profile, provide the desktop policy created for this connection profile.

This completes the configuration for the Desktop Policy.

Flow for Desktop Policy

The flow of the Desktop Policy is as follows.

  1. The Controller admin creates a desktop policy with a “.pol” file.

  2. Launch the SHD session using the Accops Workspace client.

  3. Inside the SHD, a folder named policy containing all the “.pol” files that are to be applied using desktop policy will be present in the local disk, path:
    c: > Program Files 86 > Accops > HyWorks Desktop Agent > Policy.

  4. Open the policy file. The registry directory of all the policies pushed will be present and can be verified with the registry.

  5. The desktop agent will maintain a log if a policy is pushed, indicating whether an HKLM or HKCU type of policy is applied during the session.

  6. The communication between the SHD Agent and Controller is given below.

    image-20241121181131795