Creates a new SystoLOCK policy.
New-SystoLockPolicy [-Name] <String> [-Type <PolicyType>] [-AuthType <NtdsAuthType>] [-DomainController <String>]
[<CommonParameters>]
The New-SystoLockPolicy cmdlet creates new policy, initially disabled and without policy settings defined.
New-SystoLockPolicy 'My new policy'
Creates a new policy with 'My new policy' name.
New-SystoLockPolicy 'My new policy' | Enable-SystoLockPolicy
Creates a new policy and enables it.
New-SystoLockPolicy 'My new policy' | Enable-SystoLockPolicy | Set-SystoLockPolicyProperty -Properties @{ SelectAsDefaultTile = $true; EnableQRCodeOnlyLogin = $true }
Creates a new policy, enables it and define some settings.
Specifies authentication method to use with domain controller (optional).
The acceptable values for this parameter are: Kerberos and Negotiate.
The default method is Kerberos.
Possible values: Kerberos, Negotiate
Type: NtdsAuthType
Parameter Sets: (All)
Aliases:
Accepted values: Kerberos, Negotiate
Required: False
Position: Named
Default value: Kerberos
Accept pipeline input: False
Accept wildcard characters: False
Specifies domain controller name (optional).
Accepts a domain name, a fully qualified domain name or an IP address of the domain controller.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Specifies SystoLOCK policy name or DN.
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False
Specifies SystoLOCK policy type.
Possible values: RoamingDevice, ClientStation
Type: PolicyType
Parameter Sets: (All)
Aliases:
Accepted values: RoamingDevice, ClientStation
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Specifies SystoLOCK policy name or DN.
Contains SystoLOCK users policy information:
DisplayName: the display name of the policy.
GroupPolicyDN: the Distinguished Name (DN) of the associated group policy.
IsDefault: indicates whether this policy is the default one (typically true if it is).
HideOtherWellKnownProviders: if value set to $true indicating whether to hide other well-known policy providers; otherwise $false.
HidePasswordProvider: if value set to $true indicates whether to hide to provider that uses passwords for authentication; otherwise $false.
HidePasswordProviderUnlessConsole: if value set to $true indicates whether to hide the password provider unless accessed via the console; otherwise $false.
HideSmartCardProvider: if value set to $true indicates whether to hide smart card provider; otherwise $false.
HideSmartCardProviderUnlessConsole: if value set to $true indicates whether to hide the smart card provider unless accessed via the console; otherwise $false.
HideSmartCardProviderUnlessSmartCardInserted: if value set to $true indicates whether to hide smart card provider unless smart card insert; otherwise $false.
HideOtherWellKnownProvidersUac: if value set to $true indicates whether to hide other known providers on; otherwise $false.
HidePasswordProviderUac: if value set to $true indicates whether to hide password provider in UAC contexts; otherwise $false.
HidePasswordProviderUnlessConsoleUac: if value set to $true indicates whether to hide password provider unless accessed via the console; otherwise $false.
HideSmartCardProviderUac: if value set to $true indicates whether to hide smart card provider in UAC contexts; otherwise $false.
HideSmartCardProviderUnlessConsoleUac: if value set to $true indicates whether to hide password provider unless accessed via the console; otherwise $false.
HideSmartCardProviderUnlessSmartCardInsertedUac: if value set to $true indicates whether smart card provider disabled the when User Account Control (UAC) settings are considered; otherwise $false.
DisableLocalCredUI: if value set to $true indicates whether the local credential disabled; otherwise $false.
DisableLocalCredUIUac: if value set to $true indicates whether the local credential in UAC contexts; otherwise $false.
DisableLocalLogin: if value set to $true indicates whether the local login disabled; otherwise $false.
DisablePreAuthScreen: if value set to $true indicates whether the pre-authentication screen disabled; otherwise $false.
DisableRemoteCredUI: if value set to $true indicates whether the remote credential disabled; otherwise $false.
DisableRemoteCredUIUac: if value set to $true indicates whether the remote credential in UAC contexts disabled; otherwise $false.
DisableRemoteLogin: if value set to $true indicates whether the remote login disabled; otherwise $false.
DisableArrowsInSessionCode: if value set to $true indicates whether the use of arrow characters in session codes disabled; otherwise $false.
DisableFastLogin: if value set to $true indicates whether the fast login is disabled; otherwise $false.
EnableQRCodeOnlyLogin: if value set to $true indicates whether the login exclusively via QR code enabled; otherwise $false.
UseDingbatInSessionCode: if value set to $true indicates whether the use of dingbat symbols in the session code enabled; otherwise $false.
AlwaysRunRdpKeepAlive: if value set to $true indicates whether the the RDP (Remote Desktop Protocol) keep-alive mechanism is always running; ; otherwise $false.
DisableBluetooth: if value set to $true indicates whether the bluetooth is disabled; otherwise $false.
DisableSelfProvisioning: if value set to $true indicates whether the self provisioning is disabled; otherwise $false.
SelectAsDefaultTile: if value set to $true indicates whether the SystoLOCK tile is default; otherwise $false.
UseKspInCredUI: if value set to $true indicates whether the Key Storage Provider (KSP) use in the credential user interface; otherwise $false.
IsEnabled: indicates whether the policy is active.
Name: the name of the policy.
CreationTime: the timestamp when the policy was created.
DN: Distinguished Name (DN) of the policy.
Id: the unique GUID identifier of the policy.
ModificationTime: the timestamp of the last modification to the policy.
Objects: a collection or reference to objects associated with the policy.
IsNew: a flag indicating whether the policy is newly created.
ObjectCount: number of objects or elements associated with the policy.