Hiding the Q drive on SoftGrid clients

So finally you have gone through the work of getting a SoftGrid server up and running, configuring your clients, sequencing your packages, ... to get a zero footprint of applications on your workstations. And right at that moment it turns out that the SoftGrid client leaves a very visible trace on the client computer: the Q drive is plainly visible there. And what is even worse, inside your bubbles, the end user has full write access on that Q drive (or at least, within the application's asset directory). Are you really ready to become your helpdesk team's new nightmare when all the calls come in, whining about documents saved to Q gone missing? ;)

I think not. So we simply hide the Q drive from the end-users who want to store their documents everywhere but their home drive!

• First, we must hide the Q drive from the user's desktop. Thanks to the isolation, users cannot access the Q drive (unless they are in a bubble), so hiding the Q drive from the desktop is purely for aesthetic reasons. Edit your domain policy and set the Hide these specified drives in My Computer group policy to hide the Q drive. Since the default options do not include a "Q drive" option, you will need to edit your system.adm file to include such an option; all the details are in Microsoft Knowledgebase article 231289, but basically you should modify the system.adm file as follows:
  

  
  POLICY !!NoDrives
    EXPLAIN !!NoDrives_Help
       PART !!NoDrivesDropdown          DROPDOWNLIST NOSORT REQUIRED
          VALUENAME "NoDrives"
           ITEMLIST
                 NAME !!QOnly           VALUE NUMERIC 10000
                  ;low 26 bits on (1 bit per drive)
                 NAME !!RestNoDrives     VALUE NUMERIC 0 (Default)
           END ITEMLIST
      END PART              
    END POLICY
  
  [strings]
  QOnly="Restrict Q drive only"
  RestNoDrives="Do not restrict drives"
  

  Of course, you can create a separate SoftGrid.adm file that includes this registry change...
  
  You can also use a registry file along the lines of
  

  
  Windows Registry Editor Version 5.00
  
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
  "NoDrives"=dword:00010000
  "NoViewOnDrive"=dword:00010000
  

  in the login script to prevent the user from seeing the Q drive.
  
  Note: The value 0x00010000 displayed above is the value that hides ONLY the Q drive. If you want to hide another drive, or multiple drives, you need to recalculate the value there as described in the knowledgebase article!
  
  
  
• We also want to hide the Q drive inside the bubble to avoid that a clever user overrides the OS registry values that we just defined, or that a sequencer accidently overwrites these values due to bad packaging. So, we must also include the above registry setting in the virtual registry! Microsoft knowledgebase article 931626 discusses three ways of doing this, but without doubt the cleanest way is to modify your OSD file and add a REGISTRY entry in the between the VIRTUALENV tags:
  

  
  <VIRTUALENV>
   <REGISTRY>
     <REGKEY HIVE="HKCU" KEY="Software\Microsoft\Windows\CurrentVersion\Policies\Explorer">
       <REGVALUE REGTYPE="REG_DWORD" NAME="NoDrives">10000</REGVALUE>
       <REGVALUE REGTYPE="REG_DWORD" NAME="NoViewOnDrive">10000</REGVALUE>
     </REGKEY>
   </REGISTRY>
  </VIRTUALENV>
  

  
  This does not pollute the user's virtual registry.
  
  Note: The virtual registry overwrites values from the underlying OS. If your group policy hides other drives than Q, they will reappear if you blindly use the "0x00010000" value shown above as an example!
  

Of course, this does not prevent the innovative user of accessing the Q drive from within bubbles (after all, it's only hidden). But if they really insist on saving their data on the Q drive, at least now you have a valid reason for applying all your voodoo on them :).