| AE-PO-ADM-C Windows 10 Policies | |
| Data collected on: 2-9-2025 09:24:41 | |
| Domain | emea.tpg.ads |
| Owner | S-1-5-21-513466819-3096973226-347852806-283361 |
| Created | 18-3-2019 08:19:32 |
| Modified | 9-2-2023 14:48:36 |
| User Revisions | 1 (AD), 1 (SYSVOL) |
| Computer Revisions | 44 (AD), 44 (SYSVOL) |
| Unique ID | {dda11a6c-93ad-4f48-81a8-7d5b6b55d940} |
| GPO Status | Enabled |
| Location | Enforced | Link Status | Path |
|---|---|---|---|
| DXB | No | Enabled | emea.tpg.ads/AE/Systems/Clients/DXB |
| Clients | No | Enabled | emea.tpg.ads/EG/Systems/Clients |
| Name |
|---|
| EMEA\AE-L-SEC-Windows 10 Policies Computer Settings |
| Name | Allowed Permissions | Inherited |
|---|---|---|
| EMEA\AE-L-SEC-Windows 10 Policies Computer Settings | Read (from Security Filtering) | No |
| EMEA\Domain Admins | Edit settings, delete, modify security | No |
| EMEA\Domain Computers | Read | No |
| NT AUTHORITY\Authenticated Users | Read | No |
| NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS | Read | No |
| NT AUTHORITY\SYSTEM | Edit settings, delete, modify security | No |
| ROOT\Enterprise Admins | Edit settings, delete, modify security | No |
| S-1-5-21-513466819-3096973226-347852806-283361 | Edit settings, delete, modify security | No |
| S-1-5-21-513466819-3096973226-347852806-367117 | Edit settings, delete, modify security | No |
| Policy | Setting |
|---|---|
| Deny log on locally | EMEA\AE-G-ORG-ServiceAccounts |
| Policy | Setting |
|---|---|
| Maximum security log size | 4000000 kilobytes |
| Retain security log | 90 days |
| Retention method for security log | By days |
| Owner | EMEA\Domain Users |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | BUILTIN\Administrators | Full Control | This folder, subfolders and files |
| Allow | CREATOR OWNER | Full Control | Subfolders and files only |
| Allow | NT AUTHORITY\SYSTEM | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Users | Read and Execute | This folder, subfolders and files |
| Allow | APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES | Read and Execute | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | NT AUTHORITY\SYSTEM | Full Control | This folder, subfolders and files |
| Allow | EMEA\Domain Users | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Administrators | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Users | Read and Execute | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Policy Name | New Wireless Network Policy |
| Policy Description | Sample Description |
| Policy Type | Windows Vista and Later Releases |
| Use Windows wireless LAN network services for clients | Enabled |
| Shared user credentials for network authentication | Enabled |
| Hosted networks | Enabled |
| Allow user to view denied networks | Enabled |
| Allow everyone to create all user profiles | Enabled |
| Only use Group Policy profiles for allowed networks | Disabled |
| Prevent connection to infrastructure networks | Disabled |
| Prevent connection to adhoc networks | Disabled |
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Settings Page Visibility | Enabled | |||
| ||||
| Policy | Setting | Comment | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Force a specific default lock screen and logon image | Enabled | |||||||||||
| ||||||||||||
| Policy | Setting | Comment | ||||||||||
| Prevent changing lock screen and logon image | Enabled | |||||||||||
| Policy | Setting | Comment |
|---|---|---|
| Prohibit use of Internet Connection Sharing on your DNS domain network | Enabled |
| Policy | Setting | Comment |
|---|---|---|
| Prevent the usage of OneDrive for file storage | Enabled |
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Allow Windows Ink Workspace | Enabled | |||
| ||||
| Action | Delete |
| Path | C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3 |
| Delete this folder (if emptied) | Enabled |
| Recursively delete all subfolders (if emptied) | Enabled |
| Delete all files in the folder(s) | Enabled |
| Allow deletion of read-only files/folders | Enabled |
| Ignore errors for files/folders that cannot be deleted | Enabled |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Path | C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2 |
| Delete this folder (if emptied) | Enabled |
| Recursively delete all subfolders (if emptied) | Enabled |
| Delete all files in the folder(s) | Enabled |
| Allow deletion of read-only files/folders | Enabled |
| Ignore errors for files/folders that cannot be deleted | Enabled |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Path | C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.2.0_neutral_~_8wekyb3d8bbwe |
| Delete this folder (if emptied) | Enabled |
| Recursively delete all subfolders (if emptied) | Enabled |
| Delete all files in the folder(s) | Enabled |
| Allow deletion of read-only files/folders | Enabled |
| Ignore errors for files/folders that cannot be deleted | Enabled |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Path | C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.2.0_x64__8wekyb3d8bbwe |
| Delete this folder (if emptied) | Enabled |
| Recursively delete all subfolders (if emptied) | Enabled |
| Delete all files in the folder(s) | Enabled |
| Allow deletion of read-only files/folders | Enabled |
| Ignore errors for files/folders that cannot be deleted | Enabled |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Path | C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.2.0_neutral_split.scale-100_8wekyb3d8bbwe |
| Delete this folder (if emptied) | Enabled |
| Recursively delete all subfolders (if emptied) | Enabled |
| Delete all files in the folder(s) | Enabled |
| Allow deletion of read-only files/folders | Enabled |
| Ignore errors for files/folders that cannot be deleted | Enabled |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Create |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\Policies\Microsoft\WindowsInkWorkspace |
| Value name | AllowWindowsInkWorkspace |
| Value type | REG_DWORD |
| Value data | 0x0 (0) |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Service name | MSASCuiL.exe |
| Action | Stop service |
| Startup type: | Disabled |
| Wait timeout if service is locked: | 30 seconds |
| Log on service as: | No change |
| First failure: | Take no action |
| Second failure: | Take no action |
| Subsequent failures: | Take no action |
| Reset fail count after: | 0 days |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |