docs: add Windows administrative template #10721
Conversation
|
This seems to be fully functional but in the group policy editor, if I filter by supported product, there's a Tailscale checkbox in the filter options but if I select it, nothing is shown and if I edit the filter options it is not checked. I'm not sure what I'm doing wrong, but it's probably related to the I had multiple versions specified at first but after looking at the granularity in Microsoft's list, that did not seem to be the usual procedure so I took that out. I kept the supported version number information because that seems useful. |
|
fyi if anyone is interested in taking a peek @clairew @dblohm7 @nickoneill @agottardo |
|
Policy editor screenshots
|
There was a problem hiding this comment.
Overall, it looks good to me! I believe the names and help texts can be improved for clarity, style and unambiguity, and in certain cases we might want to indicate that the policy value, such as an Exit Node ID, is required.
But the only critical update is to fix the namespace attribute value to remove the colon.
| If you enable this policy, then Allow Incoming Connections is always enabled and the menu option is hidden. | ||
| If you disable this policy, then Allow Incoming Connections is always disabled and the menu option is hidden. | ||
| If you do not configure this policy, then Allow Incoming Connections depends on what is selected in the Preferences submenu.]]></string> | ||
| <string id="UnattendedMode">Enable Run Unattended</string> |
There was a problem hiding this comment.
nit: As a general rule, we should use more descriptive policy names as the help text might be unavailable in certain contexts. An example would be a group policy report that looks like this:
To make policy names less ambiguous and emphasize that these policies actually change the Tailscale client behavior rather than just enable certain option or capability, we might want to rename them to something like this:
- Run Tailscale in Unattended Mode
- Run Tailscale as an Exit Node
Similarly, we might want to rename "Require Exit Node" to "Use the specified Exit Node" or something similar to emphasize not only that an exit node is required but also that the policy configures which exit node to use, etc.
There was a problem hiding this comment.
I only changed the items that didn't have a clear directive. Does this look better?
To make setting Windows policies easier, this adds ADMX policy descriptions. Fixes #6495 Updates ENG-2515 Change-Id: If4613c9d8ec734afec8bd781575e24b4aef9bb73 Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
sailorfrag
force-pushed
the
adrian/admx
branch
from
d987f84
to
11805c8
Compare
To make setting Windows policies easier, this adds ADMX policy descriptions.
Fixes #6495
Updates ENG-2515
Change-Id: If4613c9d8ec734afec8bd781575e24b4aef9bb73