Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
AL-PO-WIN-U-CTX LOOPBACK User Restrictions and Hardening
Data collected on: 2-9-2025 10:42:35
General
Details
Domainemea.tpg.ads
OwnerEMEA\Laboti.6-adm
Created1-9-2022 09:54:34
Modified9-2-2023 15:51:18
User Revisions63 (AD), 63 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{9636ba9d-63e1-4b73-9f79-c901649454eb}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
CitrixNoEnabledemea.tpg.ads/AL/Systems/Citrix

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\AL-G-ORG-OU AdminsEdit settings, delete, modify securityNo
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\EMEA-G-ORG-CEMEA VEUC infra TeamEdit settingsNo
EMEA\Laboti.6-admEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Security Settings
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVisual Basic Source File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified25-11-2022 15:15:24
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified25-11-2022 15:15:24
C:\Windows\System32\schtasks.exe
Security LevelDisallowed
Description
Date last modified8-12-2022 12:05:17
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Security LevelDisallowed
Description
Date last modified25-11-2022 15:17:16
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy
Security LevelDisallowed
Description
Date last modified12-12-2022 15:47:55
Folder Redirection
Start Menu
Setting: Advanced (Specify locations for various user groups)
GroupPath
EMEA\NLAMS-L-SEC-Folder Redirection Start Menu ALL\\emea.tpg.ads\NL\Amsterdam\Settings\FRD
Options
Grant user exclusive rights to Start MenuDisabled
Move the contents of Start Menu to the new locationDisabled
Also apply redirection policy to Windows 2000, Windows 2000 server, Windows XP, and Windows Server 2003 operating systemsEnabled
Policy Removal BehaviorLeave contents
Configuration ControlGroup Policy
Primary Computer EvaluationNot evaluated because primary computer policy is not enabled
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Settings Page VisibilityEnabled
Settings Page Visibility:showonly:about
Google/Google Chrome
PolicySettingComment
Allow user feedbackDisabled
Block access to a list of URLsEnabled
Block access to a list of URLs
chrome://flags
chrome://system
chrome://net-internals
chrome://net-export
chrome://inspect
Google/Google Chrome/Deprecated policies
PolicySettingComment
Disable Developer ToolsEnabled
Start Menu and Taskbar
PolicySettingComment
Disable context menus in the Start MenuEnabled
Do not search programs and Control Panel itemsEnabled
Remove Search link from Start MenuEnabled
Windows Components/File Explorer
PolicySettingComment
Prevent access to drives from My ComputerEnabled
Pick one of the following combinationsRestrict A, B, C and D drives only
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins
PolicySettingComment
Computer ManagementDisabled
Disk ManagementDisabled
Event ViewerDisabled
Event Viewer (Windows Vista)Disabled
ServicesDisabled
Windows Components/Task Scheduler
PolicySettingComment
Hide Property PagesEnabled
Prevent Task Run or EndEnabled
Prohibit BrowseEnabled
Prohibit New Task CreationEnabled
Prohibit Task DeletionEnabled
Preferences
Windows Settings
Registry
com.squirrel.Teams.Teams (Order: 1)
General
ActionDelete
Properties
HiveHKEY_CURRENT_USER
Key path\Software\Microsoft\Windows\CurrentVersion\Run
Value namecom.squirrel.Teams.Teams
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Shortcuts
Shortcut (Path: %NetPlacesDir%\Amsterdam - Zalando AL Staging)
Amsterdam - Zalando AL Staging (Order: 1)
General
ActionReplace
Attributes
Target typeFile system object
Shortcut path%NetPlacesDir%\Amsterdam - Zalando AL Staging
Target path\\emea.tpg.ads\NL\Amsterdam\CEMEA CTX\AL\Zalando\Staging
Shortcut keyNone
RunNormal window
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedYes
Item-level targeting: Security Group
AttributeValue
boolAND
not0
nameEMEA\NLAMS-L-SEC-Filesystem CemeaCTX AL Zalando Staging RW
sidS-1-5-21-513466819-3096973226-347852806-1103834
userContext1
primaryGroup0
localGroup0