Remove users' ability to invoke machine policy refresh

Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2003, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista, WindowsXP

This policy setting allows you to control a user's ability to invoke a computer policy refresh. If you enable this policy setting, users are not able to invoke a refresh of computer policy. Computer policy will still be applied at startup or when an official policy refresh occurs. If you disable or do not configure this policy setting, the default behavior applies. By default, computer policy is applied when the computer starts up. It also applies at a specified refresh interval or when manually invoked by the user. Note: This policy setting applies only to non-administrators. Administrators can still invoke a refresh of computer policy at any time, no matter how this policy setting is configured. Also, see the "Set Group Policy refresh interval for computers" policy setting to change the policy refresh interval. Note: If you make changes to this policy setting, you must restart your computer for it to take effect.

This policy has no additional user input fields.

• Computer
  Allow cross-forest user policy and roaming user profiles

  At least Windows Server 2003
• Computer
  Always use local ADM files for Group Policy Object Editor

  Windows Server 2003 and Windows XP only
• Computer
  Change Group Policy processing to run asynchronously when a slow network connection is detected.

  At least Windows Vista
• Computer
  Configure Direct Access connections as a fast network connection

  At least Windows Server 2012, Windows 8 or Windows RT
• Computer
  Configure disk quota policy processing

  At least Windows 2000
• Computer
  Configure EFS recovery policy processing

  At least Windows 2000
• Computer
  Configure folder redirection policy processing

  At least Windows 2000