CALS Identity Finder Client Config for MSI and Server Policies
Note - on server HKLM maps to "System" policies and HKCU maps to "User" policies.  The registry key names and policy wording are identical.
 

Base Properties

  • Install the Endpoint Service - Property/INSTALLIDFSERVICE=1
  • Turn off automatically launching after install - Property/LAUNCHPRODUCT=0
  • Automatically agree to license agreement - Property/IAgree

Registry Keys in HKLM\Software\Identity Finder\Client (not user modifiable)

  • Turn off the registration page: Software\Identity Finder\Client\Initialization\ShowRegistrationPage=0
  • Turn off Customer Experience page: Software\Identity Finder\Client\Initialization\ShowCustomerExperiencePage=0 
  • Enable sending of data to the console: Software\Identity Finder\Client\Console\enable=1
  • Provide encryption key for the console: Software\Identity Finder\Client\Console\encKey=<encryption key>
  • Set the polling interval for every 4 hours: Software\Identity Finder\Client\Console\pollingInterval=14400 (default is every 5 minutes)
  • Do not send match text to server:Software\Identity Finder\Client\Console\ sendMatch=0
  • Connect to server: Software\Identity Finder\Client\Console\serverUrl= http://fill-in-your-server.cornell.edu/services (encrypts all communications with the client regardless of whether SSL is used)
  • Send only info about SSNs and CCs to server: Software\Identity Finder\Client\Console\matchTypes=10001,10002
  • Disable guest login: Software\Identity Finder\Client\Profile\RequireProfileLogin=1
  • Set password strength to Stronger: Software\Identity Finder\Client\Profile\PasswordStrength=2
  • Enable the password strength capability: Software\Identity Finder\Client\Profile\EnablePasswordStrength=1
  • Disable ability to change attributes of read-only files: Software\Identity Finder\Client\Settings\Actions\Disable\disableChangeReadOnly=1
  • Disable ability to change attributes of hidden files: Software\Identity Finder\Client\Settings\Actions\Disable\disableChangeHidden=1
  • Allow user to doubleclick on .idf files and open them in IDF: Software\Identity Finder\Client\Settings\Explorer\FileAssociation_idf=1
  • Exclude all non-local drives from the search: Software\Identity Finder\Client\Settings\Locations\Files\OnlySearchLocalDrivesWhenSearchingMyComputer=1
  • Set type of files to search to be "Custom": Software\Identity Finder\Client\Settings\Locations\Files\FileTypeSearchOption=2
  • Set the file extension list to be the exclude list: Software\Identity Finder\Client\Settings\Locations\Files\FileExtensions\FileExtensionListIsExcludeList=1
  • Set the custom folder exclude list to exclude Thunderbird files (messages are still scanned) and system directories (replace "!" with "~" in the following text): Software\Identity Finder\Client\Profile\Admin\CustomFolderExcludeList=<ExcludeFolders>[!]  <Entry>[!]    <FileName>%ProgramFiles%</FileName>[!]  </Entry>[!]  <Entry>[!]    <FileName>%AppData%\Thunderbird\Profiles</FileName>[!]  </Entry>[!]  <Entry>[!]    <FileName>%windir%</FileName>[!]  </Entry>[!]</ExcludeFolders>  
  • Turn off Quarantine action
  • Turn off Secure action

Registry Keys in HKCU\Software\Identity Finder\Client (user modifiable)

Note - email settings may move to HKLM in the future

  • Uncheck client experience checkbox: Software\Identity Finder\Client\Initialization\enable=0
  • Set file location to be "My Computer" instead of "My Documents": Software\Identity Finder\Client\Settings\Locations\Files\FileLocations=1
  • Set maximum file size to search to 96mb: Software\Identity Finder\Client\Settings\Performance\MaxFileSize=100663296 (note - IDF says to generally keep this under 128mb for performance)
  • Turn off searching for passwords: Software\Identity Finder\Client\Settings\Identities\Password\EnableAnyFind=0
  • Turn on MBOX searching for Eudora: Software\Identity Finder\Client\Settings\Locations\Email\MBOX\EnableSearchByExtension=1
  • Identify MBX as an MBOX file: Software\Identity Finder\Client\Settings\Locations\Email\MBOX\MBOXFileExtensionList=mbx
  • Search remote mail folders: Software\Identity Finder\Client\Settings\Locations\Email\Microsoft\SearchRemoteMailFolders=1
  • Search detached PST files: Software\Identity Finder\Client\Settings\Locations\Email\Microsoft\SearchDetachedPST=1
  • Enable inclusion of Outlook Express or Windows Mail in the search: Software\Identity Finder\Client\Settings\Locations\Email\Microsoft\IncludeWinMailInEmailSearch=1
  • Include Thunderbird in search: Software\Identity Finder\Client\Settings\Locations\Email\Thunderbird\IncludeThunderbirdInEmailSearch=1
  • Disable balloon tips on the taskbar: Software\Identity Finder\Client\Settings\UserInterface\ShowBalloonTips=0
  • Set file extensions to skip (replace "!" with "~" in the following text): Software\Identity Finder\Client\Settings\Locations\Files\FileExtensions\FileExtensionList="aac;1[!]acs;1[!]adc;1[!]..." 
  • Turn off the startup wizard: Software\Identity Finder\Client\Settings\Wizards\UseStartupWizard=0
  • Turn off auto-update: Software\Identity Finder\Client\Settings\Updates\EnableCheckForUpdates=0
  • No labels