Configure the behavior of the sudo command

Supported OS tags: Windows11

This policy setting controls use of the sudo.exe command line tool. If you enable this policy setting, then you may set a maximum allowed mode to run sudo in. This restricts the ways in which users may interact with command-line applications run with sudo. You may pick one of the following modes to allow sudo to run in: "Disabled": sudo is entirely disabled on this machine. When the user tries to run sudo, sudo will print an error message and exit. "Force new window": When sudo launches a command line application, it will launch that app in a new console window. "Disable input": When sudo launches a command line application, it will launch the app in the current console window, but the user will not be able to type input to the command line app. The user may also choose to run sudo in "Force new window" mode. "Normal": When sudo launches a command line application, it will launch the app in the current console window. The user may also choose to run sudo in "Force new window" or "Disable input" mode. If you disable this policy or do not configure it, the user will be able to run sudo.exe normally (after enabling the setting in the Settings app).

• Computer
  Activate Shutdown Event Tracker System State Data feature

  Windows Server 2003 only
• Computer
  Allow Distributed Link Tracking clients to use domain resources

  Windows Server 2003, Windows XP, and Windows 2000 only
• User
  Century interpretation for Year 2000

  At least Windows 2000
• User
  Custom User Interface

  At least Windows 2000
• Computer
  Display highly detailed status messages

  At least Windows 2000
• Computer
  Display Shutdown Event Tracker

  At least Windows Server 2003 operating systems or Windows XP Professional
• Computer
  Do not automatically encrypt files moved to encrypted folders

  At least Windows 2000