Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
BNL-PO-WIN-ADM-C-Laptop Restrictions and Hardening Unrestricted
Data collected on: 2-9-2025 10:24:33
General
Details
Domainemea.tpg.ads
OwnerEMEA\langras.5-adm
Created3-5-2022 14:30:48
Modified28-7-2025 15:32:24
User Revisions11 (AD), 11 (SYSVOL)
Computer Revisions233 (AD), 233 (SYSVOL)
Unique ID{9f56a343-b8be-44ab-8473-e33986aa6df4}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
BENoEnabledemea.tpg.ads/BE
LaptopsNoEnabledemea.tpg.ads/BE/Systems/Clients/Laptops
NLNoEnabledemea.tpg.ads/NL
LaptopsNoEnabledemea.tpg.ads/NL/Systems/Clients/Laptops
SRNoEnabledemea.tpg.ads/SR
LaptopsNoEnabledemea.tpg.ads/SR/Systems/Clients/Laptops

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\BNL-L-SEC-Laptop Restrictions and Hardening Unrestricted
EMEA\SR-L-SEC-Laptop Restrictions and Hardening Unrestricted
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\BNL-L-SEC-Laptop Restrictions and Hardening UnrestrictedRead (from Security Filtering)No
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\langras.5-admEdit settings, delete, modify securityNo
EMEA\NL-L-SEC-Delegation Modify Group Policy Settings AccessEdit settings, delete, modify securityNo
EMEA\SR-L-SEC-Laptop Restrictions and Hardening UnrestrictedRead (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit directory service accessSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess, Failure
Audit privilege useSuccess, Failure
Audit process trackingSuccess, Failure
Audit system eventsSuccess, Failure
Local Policies/User Rights Assignment
PolicySetting
Deny log on locallyEMEA\SR-L-SEC-Service Accounts Restrictions, S-1-5-21-513466819-3096973226-347852806-570527, EMEA\NL-L-SEC-Service Accounts Restrictions, EMEA\NL-L-SEC-Deny Local Logon ADM accounts, EMEA\BE-L-SEC-Service Accounts Restrictions, EMEA\BE-L-SEC-Deny local Logon ADM accounts
Deny log on through Terminal ServicesS-1-5-21-513466819-3096973226-347852806-570527, EMEA\NL-L-SEC-Deny Local Logon ADM accounts, EMEA\BE-L-SEC-Deny local Logon ADM accounts
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Accounts: Rename administrator account"Apollo"
Devices
PolicySetting
Devices: Prevent users from installing printer driversDisabled
Interactive Logon
PolicySetting
Interactive logon: Don't display last signed-inEnabled
Interactive logon: Message text for users attempting to log onThis computer system (including all hardware, software, and peripheral equipment) is the property of Teleperformance unless you have brought your own device (BYOD). In case of BYOD the work-related software and peripheral equipment is the property of Teleperformance. Use of the computer system and in case of BYOD the work-related software and peripheral equipment is restricted to official Teleperformance business. Teleperformance reserves the right to monitor use of the computer system and in case of BYOD the work-related software and peripheral equipment at any time. Use of the equipment/system constitutes consent to such monitoring. Any unauthorized access use, or modification of the computer system and in case of BYOD the work-related software and peripheral equipment can result in civil liability and/or criminal penalties
Interactive logon: Message title for users attempting to log on"Important notice to Users"
Network Security
PolicySetting
Network security: LAN Manager authentication levelSend NTLMv2 response only. Refuse LM & NTLM
Shutdown
PolicySetting
Shutdown: Clear virtual memory pagefileEnabled
User Account Control
PolicySetting
User Account Control: Behavior of the elevation prompt for standard usersPrompt for credentials
Event Log
PolicySetting
Maximum application log size3000000 kilobytes
Maximum security log size3000000 kilobytes
Maximum system log size3000000 kilobytes
Retain security log90 days
Retention method for application logAs needed
Retention method for security logBy days
Retention method for system logAs needed
System Services
Browser (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Registry (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Task Scheduler (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Shell Hardware Detection (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Image Acquisition (WIA) (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Telephony (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
File System
%ProgramFiles% (x86)\Kobo
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowS-1-5-21-513466819-3096973226-347852806-474671Full ControlThis folder, subfolders and files
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%ProgramFiles%\Common Files\microsoft shared\VGX\VGX.dll
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Registry
CLASSES_ROOT\CLSID\{031E4825-7B94-4dc3-B131-E946B44C8DD5}\ShellFolder
Configure this key then: Propagate inheritable permissions to all subkeys
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESReadThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowBUILTIN\UsersFull controlThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
CLASSES_ROOT\CLSID\{323CA680-C24D-4099-B94D-446DD2D7249E}\ShellFolder
Configure this key then: Propagate inheritable permissions to all subkeys
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESReadThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowBUILTIN\UsersFull controlThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
CLASSES_ROOT\Wow6432Node\CLSID\{031E4825-7B94-4dc3-B131-E946B44C8DD5}\ShellFolder
Configure this key then: Propagate inheritable permissions to all subkeys
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESReadThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowBUILTIN\UsersFull controlThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
CLASSES_ROOT\Wow6432Node\CLSID\{323CA680-C24D-4099-B94D-446DD2D7249E}\ShellFolder
Configure this key then: Propagate inheritable permissions to all subkeys
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESReadThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowBUILTIN\UsersFull controlThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Public Key Policies/Certificate Path Validation Settings/Network Retrieval
PolicySetting
Default URL retrieval timeout in seconds15
Default path validation cumulative timeout in seconds20
Allow issuer certificate retrieval during path validationEnabled
Default cross-certificate download interval in hours168
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
IISBV Root CA v3IISBV Root CA v39-6-2036 11:13:31<All>
IKEA Issuing CA V3IISBV Root CA v35-7-2026 15:55:00<All>

For additional information about individual settings, launch the Local Group Policy Object Editor.
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy versionNot Configured
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNo
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Connection Security Settings
Advanced Audit Configuration
Account Logon
PolicySetting
Audit Other Account Logon EventsSuccess, Failure
Account Management
PolicySetting
Audit Application Group ManagementSuccess, Failure
Audit Computer Account ManagementSuccess, Failure
Audit Security Group ManagementSuccess, Failure
Audit User Account ManagementSuccess, Failure
Detailed Tracking
PolicySetting
Audit Process CreationSuccess, Failure
Audit Process TerminationSuccess, Failure
Logon/Logoff
PolicySetting
Audit Account LockoutSuccess, Failure
Audit LogoffSuccess, Failure
Audit LogonSuccess, Failure
Audit Special LogonSuccess, Failure
Policy Change
PolicySetting
Audit Audit Policy ChangeSuccess, Failure
Audit Authentication Policy ChangeSuccess, Failure
System
PolicySetting
Audit Security State ChangeSuccess, Failure
Audit System IntegritySuccess, Failure
Policy-based QoS
QoS Policies
Policy NameDSCP ValueThrottle Rate (KBps) Policy Conditions
screenagent0150Protocol: TCP
Application: %ProgramFiles (x86)\Nice Systems\ScreenAgent\SASession.exe
Source IP: Any
Destination IP: Any
Source Port: Any
Destination Port: Any

Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
LAPS
PolicySettingComment
Do not allow password expiration time longer than required by policyEnabled
Enable local admin password managementEnabled
Password SettingsEnabled
Password ComplexityLarge letters + small letters + numbers + specials
Password Length14
Password Age (Days)30
Network/Network Connections/Windows Defender Firewall/Domain Profile
PolicySettingComment
Windows Defender Firewall: Prohibit notificationsEnabled
Windows Defender Firewall: Protect all network connectionsDisabled
Printers
PolicySettingComment
Point and Print RestrictionsEnabled
Users can only point and print to these servers:Disabled
Enter fully qualified server names separated by semicolons
Users can only point and print to machines in their forestDisabled
Security Prompts:
When installing drivers for a new connection:Do not show warning or elevation prompt
When updating drivers for an existing connection:Do not show warning or elevation prompt
This setting only applies to:
Windows Vista and later
System/Group Policy
PolicySettingComment
Configure folder redirection policy processingEnabled
Allow processing across a slow network connectionDisabled
Process even if the Group Policy objects have not changedEnabled
PolicySettingComment
Configure Internet Explorer Maintenance policy processingEnabled
Allow processing across a slow network connectionDisabled
Do not apply during periodic background processingDisabled
Process even if the Group Policy objects have not changedEnabled
PolicySettingComment
Continue experiences on this deviceDisabled
System/Internet Communication Management/Internet Communication settings
PolicySettingComment
Turn off Automatic Root Certificates UpdateDisabled
System/Power Management
PolicySettingComment
Select an active power planEnabled
Active Power Plan:High Performance
System/Power Management/Button Settings
PolicySettingComment
Select the lid switch action (plugged in)Enabled
Lid Switch ActionTake no action
System/Power Management/Hard Disk Settings
PolicySettingComment
Turn Off the hard disk (on battery)Enabled
Turn Off the Hard Disk (seconds):0
PolicySettingComment
Turn Off the hard disk (plugged in)Enabled
Turn Off the Hard Disk (seconds):0
System/Power Management/Power Throttling Settings
PolicySettingComment
Turn off Power ThrottlingEnabled
System/Power Management/Sleep Settings
PolicySettingComment
Allow network connectivity during connected-standby (on battery)Enabled
Allow network connectivity during connected-standby (plugged in)Enabled
Specify the system hibernate timeout (on battery)Enabled
System Hibernate Timeout (seconds):0
PolicySettingComment
Specify the system hibernate timeout (plugged in)Enabled
System Hibernate Timeout (seconds):0
PolicySettingComment
Specify the system sleep timeout (on battery)Enabled
System Sleep Timeout (seconds):0
PolicySettingComment
Specify the system sleep timeout (plugged in)Enabled
System Sleep Timeout (seconds):0
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
emea.tpg.ads\NL-G-ORG-User Service Desk Users
emea.tpg.ads\BE-G-ORG-User Service Desk Users
emea.tpg.ads\NL-G-ORG-OU Admins
emea.tpg.ads\NL-L-SEC-Remote Assistance Helpers
PolicySettingComment
Configure Solicited Remote AssistanceDisabled
System/Removable Storage Access
PolicySettingComment
Removable Disks: Deny execute accessEnabled
Removable Disks: Deny read accessEnabled
Removable Disks: Deny write accessEnabled
System/User Profiles
PolicySettingComment
Add the Administrators security group to roaming user profilesEnabled
Delete cached copies of roaming profilesEnabled
Delete user profiles older than a specified number of days on system restartEnabled
Delete user profiles older than (days)30
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/Connect
PolicySettingComment
Don't allow this PC to be projected toEnabled
Windows Components/Event Log Service/Application
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/Event Log Service/System
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/News and interests
PolicySettingComment
Enable news and interests on the taskbarDisabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
PolicySettingComment
Allow users to connect remotely by using Remote Desktop ServicesEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Security
PolicySettingComment
Require use of specific security layer for remote (RDP) connectionsEnabledPCI Plugin 18405
Security LayerSSL
Choose the security layer from the drop-down list.
PolicySettingComment
Require user authentication for remote connections by using Network Level AuthenticationEnabledPCI plugin 58453 and 18405
Set client connection encryption levelEnabledpci plugin 57690 Terminal Service Encryption
Encryption LevelHigh Level
Choose the encryption level from the drop-down list.
Windows Components/Search
PolicySettingComment
Allow CortanaDisabled
Windows Components/Widgets
PolicySettingComment
Allow widgetsDisabled
Windows Components/Windows Media Player
PolicySettingComment
Do Not Show First Use Dialog BoxesEnabled
Prevent Automatic UpdatesEnabled
Prevent Media SharingEnabled
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Mozilla\lockPref\network.dns.disableIPv61
Preferences
Windows Settings
Environment Variables
Environment Variable (Variable: JAVA_TOOL_OPTIONS)
JAVA_TOOL_OPTIONS (Order: 1)
General
ActionUpdate
Properties
ContextSystem
VariableJAVA_TOOL_OPTIONS
Value-Djava.vendor="Sun Microsystems Inc."
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Files
File (Target Path: C:\Program Files\NICE\WFM\7.3\TP-DENLPLAC\wfm\configuration\config.ini)
config.ini (Order: 1)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\nl\Amsterdam\Settings\Pushfiles\IEX 7.3\Amsterdam\config.ini
Destination fileC:\Program Files\NICE\WFM\7.3\TP-DENLPLAC\wfm\configuration\config.ini
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
File (Target Path: C:\GPO\IE11Mode\IE11_Sitelist.xml)
IE11_Sitelist.xml (Order: 2)
General
ActionUpdate
Properties
Source file(s)\\emea.tpg.ads\nl\Amsterdam\Settings\Pushfiles\IE11Mode\IE11_Sitelist.xml
Destination fileC:\GPO\IE11Mode\IE11_Sitelist.xml
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Site
AttributeValue
boolAND
not1
nameSR-PAR
File (Target Path: C:\GPO\DefaultAssoc\default.xml)
default.xml (Order: 4)
General
ActionUpdate
Properties
Source file(s)\\emea.tpg.ads\SR\Paramaribo\Settings\Pushfiles\Comp_Rest_Hard_Pol\default.xml
Destination fileC:\GPO\DefaultAssoc\default.xml
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Site
AttributeValue
boolAND
not0
nameSR-PAR
default.xml (Order: 3)
General
ActionUpdate
Properties
Source file(s)\\emea.tpg.ads\NL\Amsterdam\Settings\Pushfiles\Comp_Rest_Hard_Pol\default.xml
Destination fileC:\GPO\DefaultAssoc\default.xml
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Site
AttributeValue
boolAND
not0
nameNL-AMS
Registry
InitialKeyboardIndicators (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_USERS
Key path.DEFAULT\Control Panel\Keyboard
Value nameInitialKeyboardIndicators
Value typeREG_SZ
Value data2
Common
Options
Stop processing items on this extension if an error occurs on this itemYes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Enable num-lock on startup
BlockNetFramework451 (Order: 2)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\NET Framework Setup\NDP
Value nameBlockNetFramework451
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
UserFeedbackAllowed (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge
Value nameUserFeedbackAllowed
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
enablesecuritysignature (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanServer\Parameters
Value nameenablesecuritysignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Signing PCI 57608
RequireSecuritySignature (Order: 5)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanServer\Parameters
Value nameRequireSecuritySignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Signing PCI 57608
RequireSecuritySignature (Order: 6)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters
Value nameRequireSecuritySignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Signing PCI 57608
EnableSecuritySignature (Order: 7)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters
Value nameEnableSecuritySignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Siging PCI 57608
TurnOffSidebar (Order: 8)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar
Value nameTurnOffSidebar
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
PCI Plugin 59915
CachedLogonsCount (Order: 9)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Value nameCachedLogonsCount
Value typeREG_SZ
Value data10
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Plugin ID 11457
LmCompatibilityLevel (Order: 10)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Lsa
Value nameLmCompatibilityLevel
Value typeREG_DWORD
Value data0x3 (3)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CachedLogonsCount (Order: 11)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Value nameCachedLogonsCount
Value typeREG_SZ
Value data10
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Plugin ID 11457
Enabled (Order: 12)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSystem\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 13)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSystem\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexeplore.exe (Order: 14)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX
Value nameiexeplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexplore.exe (Order: 15)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX
Value nameiexplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexplore.exe (Order: 16)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING
Value nameiexplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexplore.exe (Order: 17)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING
Value nameiexplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CWDIllegalInDllSearch (Order: 18)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager
Value nameCWDIllegalInDllSearch
Value typeREG_DWORD
Value data0x2 (2)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
FeatureSettingsOverride (Order: 19)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
Value nameFeatureSettingsOverride
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Nessus Plugin 111689
FeatureSettingsOverrideMask (Order: 20)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
Value nameFeatureSettingsOverrideMask
Value typeREG_DWORD
Value data0x3 (3)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Nessus Plugin 111689
EnableActiveProbing (Order: 21)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet
Value nameEnableActiveProbing
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
RestrictDriverInstallationToAdministrators (Order: 22)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
Value nameRestrictDriverInstallationToAdministrators
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AllocateCDRoms (Order: 23)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Value nameAllocateCDRoms
Value typeREG_SZ
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NoDriveTypeAutoRun (Order: 24)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value nameNoDriveTypeAutoRun
Value typeREG_DWORD
Value data0xFF (255)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NtfsDisable8dot3NameCreation (Order: 25)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\FileSystem
Value nameNtfsDisable8dot3NameCreation
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Optional (Order: 26)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\SubSystems
Value nameOptional
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Enabled (Order: 27)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 28)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Attributes (Order: 29)
General
ActionUpdate
Properties
HiveHKEY_CLASSES_ROOT
Key pathCLSID\{031E4825-7B94-4dc3-B131-E946B44C8DD5}\ShellFolder
Value nameAttributes
Value typeREG_DWORD
Value data0xB09001 (11571201)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Attributes (Order: 30)
General
ActionUpdate
Properties
HiveHKEY_CLASSES_ROOT
Key pathWow6432Node\CLSID\{031E4825-7B94-4dc3-B131-E946B44C8DD5}\ShellFolder
Value nameAttributes
Value typeREG_DWORD
Value data0xB09001 (11571201)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Attributes (Order: 31)
General
ActionUpdate
Properties
HiveHKEY_CLASSES_ROOT
Key pathCLSID\{323CA680-C24D-4099-B94D-446DD2D7249E}\ShellFolder
Value nameAttributes
Value typeREG_DWORD
Value data0xA94001 (11091969)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Attributes (Order: 32)
General
ActionUpdate
Properties
HiveHKEY_CLASSES_ROOT
Key pathWow6432Node\CLSID\{323CA680-C24D-4099-B94D-446DD2D7249E}\ShellFolder
Value nameAttributes
Value typeREG_DWORD
Value data0xA94001 (11091969)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
EnableFeeds (Order: 33)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\Windows Feeds
Value nameEnableFeeds
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeValue (Order: 34)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Value nameAttributeValue
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ImpliedSelectionModel (Order: 35)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Value nameImpliedSelectionModel
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeValue (Order: 36)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.connectNetworkDrive
Value nameAttributeValue
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ImpliedSelectionModel (Order: 37)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.connectNetworkDrive
Value nameImpliedSelectionModel
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeValue (Order: 38)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.MapNetworkDrive
Value nameAttributeValue
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ImpliedSelectionModel (Order: 39)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.MapNetworkDrive
Value nameImpliedSelectionModel
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Scancode Map (Order: 40)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Keyboard Layout
Value nameScancode Map
Value typeREG_BINARY
Value data00000000000000000400000000002AE0000037E00000540000000000
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeMask (Order: 41)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Value nameAttributeMask
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeValue (Order: 42)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Value nameAttributeValue
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ImpliedSelectionModel (Order: 43)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Value nameImpliedSelectionModel
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
HiberbootEnabled (Order: 44)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\Power
Value nameHiberbootEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
AllowDomainPINLogon (Order: 45)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\System
Value nameAllowDomainPINLogon
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
HideRecommendedSection (Order: 46)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\Explorer
Value nameHideRecommendedSection
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
HiberbootEnabled (Order: 47)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\Power
Value nameHiberbootEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
Control Panel Settings
Local Users and Groups
User (Name: Administrator (built-in))
Administrator (built-in) (Order: 2)
Local User
ActionUpdate
Properties
User nameAdministrator (built-in)
User cannot change passwordTrue
Password never expiresTrue
Account is disabledFalse
Account expiresNever
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Group (Name: Remote Desktop Users (built-in))
Remote Desktop Users (built-in) (Order: 1)
Local Group
ActionUpdate
Properties
Group nameRemote Desktop Users (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
EMEA\NL-L-SEC-Remote Desktop Access UsersS-1-5-21-513466819-3096973226-347852806-433231
EMEA\BE-L-SEC-Remote Desktop Access UsersS-1-5-21-513466819-3096973226-347852806-1105742
EMEA\SR-L-SEC-Remote Desktop Access UsersS-1-5-21-513466819-3096973226-347852806-1331907
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Group (Name: Administrators (built-in))
Administrators (built-in) (Order: 3)
Local Group
ActionUpdate
Properties
Group nameAdministrators (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
EMEA\NL-L-SEC-Delegation Local Administration Rights Client SystemsS-1-5-21-513466819-3096973226-347852806-2181
EMEA\emeanessus.1S-1-5-21-513466819-3096973226-347852806-32532
EMEA\BE-L-SEC-Delegation Local Administration Rights Client SystemsS-1-5-21-513466819-3096973226-347852806-2178
EMEA\SR-L-SEC-Delegation Local Administration Rights Client SystemsS-1-5-21-513466819-3096973226-347852806-160787
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Services
Service (Name: wmiApSrv)
wmiApSrv (Order: 1)
General
Service namewmiApSrv
ActionStart service
Startup type:Automatic
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Service (Name: WMPNetworkSvc)
WMPNetworkSvc (Order: 2)
General
Service nameWMPNetworkSvc
ActionStop service
Startup type:Disabled
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.