Online Help > Support/Resources > Knowledge Base

Applying Policies



Administrative Templates facilitates the management of registry-based policy settings that can be applied on the computer and/or the user configuration. Group policy (GPO) is a tool for organizations to enforce settings on their computers, it will allow you to harden Password Vault Manager security.



The Administrative Templates are simply registry settings that are enforced by domains. They contain registry keys that can also be set on computers that are not joined to domains. Proper Access Control Lists (ACL) must be put in place to prevent users from modifying registry settings in this case. Refer to the tables below to find the registry key for each policy setting.


To learn more on how to deploy the Password Vault Manager Administrative Templates on your domain please refer to the Microsoft Online Help.


The admx file is distributed with Password Vault Manager, you will find it in a Policies sub-folder.  By default the path is C:\Program Files (x86)\Devolutions\Password Vault Manager\Policies.




Password Vault Manager includes an Administrative templates file (.admx), which describes the policies that are offered.




In the console tree, click the folder under Administrative Templates that contains the policy settings you want to configure.






Policy Name

Registry Key (please see Note 1)

Disable the application automatic update check


Disable the Help - Check Version button


Disable the x64 edition of the application


Disable the x86 of the application





Policy Name

Registry Key (please see Note 1)

Force the user to always be prompted for the passphrase while connecting to a data source that is protected by a Passphrase Security Provider


Force the user to always be prompted for his credentials when opening the application





Policy Name

Registry Key (please see Note 1)

Disable the add-on creation and the Add-on Manager


Disable the custom image edition in the session configuration


Disable the reveal password command



User Interface


Policy Name

Registry Key (please see Note 1)

Disable all the local application tools like the Event Viewer or IIS


Disable the Devolutions Cloud usage


Disable the menu File - Data Sources


Disable the menu File - Options


Disable the My Personal Credential feature


Disable the menu Help - About


Disable the import and the export of the Configuration File in File - Options


Disable the possibility to drag and drop sessions


Force the Merge credential list with sessions option





%Root% can either be HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER depending on how you want to enforce the policy.  Please refer to Microsoft's documentation to make the best choice for your situation.