One challenge that IT always faces is ensuring the robust operation of commons computers (Infokiosks, internet cafe, educational workshops, etc.).
Incorrect or malicious manipulations, deletion of files without approval, installation of unnecessary programs, changes in system settings, etc. are common.
Creating a user profile with disabilities, combined with security policies that restrict access to Control Panel components and the processing of important components of the operating system, is partly a solution that does not work in cases where the user must have permissions. software installation / full access to the local disk for creating / deleting files etc, for example in a computer lab.
UWF is a feature found in the Enterprise versions of Windows and provides the solution to all of the above.
Enabling it ensures system reset after every rebootmovement of, undoing any change made by the user, whatever group he belongs to (administrators, power users, etc.).
Applies only to the local drive (HDD / SSD / M2 etc) of the system in which the operating system is installed.
Unlike third-party software such as the well-known Deep Freeze, as a component of the operating system does not present incompatibilities.
It also does not involve System Restore, which undoes changes from software (software) or device drivers (drivers) and not the total reset of the system.
Installation:
All steps are done as Local Administrator
1 Way:
Πίνακα Ελέγχου (Control Panel) → Προγράμματα και δυνατότητες/ Ενεργοποίηση ή απενεργοποίηση των capabilities of Windows (Windows Features / Turn Windows Features On or off).
From the list select Device Lockdown → Unified filter enrollments (Unified Write Filter).
Shows us a progress bar and when done: Close.
2 Way:
Open a CMD window with administrator privileges (press Windows start, type CMD and holding down Shift + Ctrl click on it or select Run with administrator privileges from the left of the menu)
We give the order:
DISM.exe / Online / enable-Feature / FeatureName: client-UnifiedWriteFilter / all
Activation:
Open the cmd command window and give the command:
uwfmgr filter enable
We restart the computer.
Με το enter και την επανεκκίνηση διαγράφεται η εικονική μνήμη (virtual memory) , απενεργοποιείται η επαναφορά συστήματος (restore system), το Superfetch, η υπηρεσία ευρετηρίου (File indexing), fast boot, υπηρεσία ανασυγκρότησης (defragmentation) και στις ρυθμίσεις BCD η πολιτική bootstatuspolicy μπαίνει σε λειτουργία Ignoreallfailures. Ουσιαστικά οποιαδήποτε υπηρεσία κάνει χρήση του disk disabled (temporarily)
Since (as usual) the operating system is in partition C, we give the command from cmd:
uwfmgr.exe volume protect C:
and returns a message that it will be activated after rebooting the system.
To confirm that we have activated the filter and to get information about it, type
uwfmgr.exe get-config
in addition to whether it was activated, we see in our system if there are exceptions, ie directories that will not be protected.
An example of activating it with the information we get:
Exceptions:
We can define some folders in which we do not want to undo the changes.
H Microsoft δεν προτείνει να εξαιρέσουμε οτιδήποτε κάτω από τον κατάλογο (φάκελο) Windows και EFI, Boot, Paging Files και εννοείται δεν έχει νόημα να εξαιρέσουμε τον τόμο (Volume) στον οποίο εφαρμόσαμε εξαρχής την protection.
The command to do this is:
uwfmgr.exe file add-exclusion path
uwfmgr.exe file add-exclusion path
Examples:
Disable UWF:
We order:
uwfmgr filter disable
After the reboot we check if it was successfully deactivated with the command
uwfmgr.exe get-config
_______________________________
There is a case, despite the deactivation, we get an error in the addition and subtraction of a program.
Then we follow the route:
Control Panel Control Programs and Features / Enable or Disable Windows Features (Windows Features / Turn Windows Features On or off)
and uninstall the feature by restarting.