Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
CZ-PO-SEC-C-Default Systems Policy
Data collected on: 2-9-2025 09:20:55
General
Details
Domainemea.tpg.ads
OwnerS-1-5-21-513466819-3096973226-347852806-473619
Created3-12-2018 11:18:46
Modified20-1-2025 09:52:04
User Revisions6 (AD), 6 (SYSVOL)
Computer Revisions277 (AD), 277 (SYSVOL)
Unique ID{e92e23e2-263a-42e9-b10e-3e5e1fef2b3d}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
SystemsNoEnabledemea.tpg.ads/CZ/Systems

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\CZ-L-SEC-GPO Computer No Logon MessageCustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit directory service accessSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess, Failure
Audit privilege useSuccess, Failure
Audit process trackingSuccess, Failure
Audit system eventsSuccess, Failure
Local Policies/User Rights Assignment
PolicySetting
Deny log on locallyEMEA\CZ-L-SEC-GPO Deny interactive logon
Deny log on through Terminal ServicesEMEA\CZ-L-SEC-GPO Deny interactive logon
Log on as a batch jobEMEA\CZ-L-SEC-GPO Deny interactive logon, BUILTIN\Administrators
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Audit
PolicySetting
Audit: Audit the access of global system objectsDisabled
Audit: Audit the use of Backup and Restore privilegeDisabled
Audit: Shut down system immediately if unable to log security auditsDisabled
Interactive Logon
PolicySetting
Interactive logon: Do not require CTRL+ALT+DELDisabled
Interactive logon: Don't display last signed-inEnabled
Interactive logon: Message text for users attempting to log onTento počítačový systém (včetně veškerého hardware, software a periferních zařízení) je majetkem Teleperformance. Užívání počítačového systému je omezeno výhradně na oficiální záležitosti Teleperformance. Teleperformance si ponechává právo kdykoliv sledovat užívání počítačového systému. Užíváním tohoto počítače se sledováním souhlasíte. Jakýkoliv neoprávněný přístup, užívání či změny počítačového systému můžou vést k občanskoprávní odpovědnosti a/nebo trestním postihům., This computer system (including all hardware, software, and peripheral, equipment) is the property of Teleperformance. Usage of this computer, system is restricted to official Teleperformance business., Teleperformance reserves the right to monitor usage of this computer, system at any time. Usage of this system constitutes consent to such, monitoring. Any unauthorized access, usage, or modification of this, computer system can result in civil liability and/or criminal penalties.
Interactive logon: Message title for users attempting to log on"Upozornění / Warning"
Interactive logon: Number of previous logons to cache (in case domain controller is not available)50 logons
Interactive logon: Prompt user to change password before expiration5 days
Event Log
PolicySetting
Retain application log90 days
Retain security log90 days
Retain system log90 days
Retention method for application logBy days
Retention method for security logBy days
Retention method for system logBy days
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVisual Basic Source File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.26
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Private Profile Settings
PolicySetting
Firewall stateOn
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Public Profile Settings
PolicySetting
Firewall stateOn
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Inbound Rules
NameDescription
Remote Desktop - Shadow (TCP-In)Inbound rule for the Remote Desktop service to allow shadowing of an existing Remote Desktop session. (TCP-In)
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\RdpSa.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalTrue
GroupRemote Desktop
Remote Desktop - User Mode (UDP-In)Inbound rule for the Remote Desktop service to allow RDP traffic. [UDP 3389]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol17
Local port3389
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicetermservice
Allow edge traversalFalse
GroupRemote Desktop
Remote Desktop - User Mode (TCP-In)Inbound rule for the Remote Desktop service to allow RDP traffic. [TCP 3389]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port3389
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicetermservice
Allow edge traversalFalse
GroupRemote Desktop
Allow ICMPv4
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol1
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
NAGIOS
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port5666, 12489
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
CATI
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramC:\Program Files (x86)\MyForce\CATI\cati.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
ProtocolAny
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
CATI CZ
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramC:\Program Files (x86)\MyForce\CATI\catiCZ.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
ProtocolAny
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group
Outbound Rules
NameDescription
ICMPv4
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Protocol1
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Group
Connection Security Settings
Advanced Audit Configuration
Account Logon
PolicySetting
Audit Credential ValidationSuccess, Failure
Audit Kerberos Authentication ServiceNo Auditing
Audit Kerberos Service Ticket OperationsNo Auditing
Audit Other Account Logon EventsSuccess, Failure
Account Management
PolicySetting
Audit Application Group ManagementSuccess, Failure
Audit Computer Account ManagementSuccess, Failure
Audit Distribution Group ManagementSuccess, Failure
Audit Other Account Management EventsSuccess, Failure
Audit Security Group ManagementSuccess, Failure
Audit User Account ManagementSuccess, Failure
Detailed Tracking
PolicySetting
Audit DPAPI ActivityNo Auditing
Audit PNP ActivityNo Auditing
Audit Process CreationSuccess, Failure
Audit Process TerminationSuccess, Failure
Audit RPC EventsNo Auditing
Audit Token Right AdjustedNo Auditing
DS Access
PolicySetting
Audit Directory Service AccessSuccess, Failure
Audit Directory Service ChangesSuccess, Failure
Logon/Logoff
PolicySetting
Audit Account LockoutSuccess, Failure
Audit LogoffSuccess, Failure
Audit LogonSuccess, Failure
Audit Network Policy ServerSuccess, Failure
Audit Other Logon/Logoff EventsSuccess, Failure
Audit Special LogonSuccess, Failure
Object Access
PolicySetting
Audit Detailed File ShareNo Auditing
Audit File ShareFailure
Audit Filtering Platform ConnectionFailure
Audit Filtering Platform Packet DropFailure
Audit Removable StorageSuccess, Failure
Policy Change
PolicySetting
Audit Audit Policy ChangeSuccess, Failure
Audit Authentication Policy ChangeSuccess
Audit Authorization Policy ChangeSuccess
Privilege Use
PolicySetting
Audit Sensitive Privilege UseSuccess, Failure
System
PolicySetting
Audit IPsec DriverSuccess, Failure
Audit Other System EventsSuccess, Failure
Audit Security State ChangeSuccess, Failure
Audit Security System ExtensionSuccess, Failure
Audit System IntegritySuccess, Failure
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Microsoft Edge
PolicySettingComment
Clear browsing data when Microsoft Edge closesDisabled
Clear cached images and files when Microsoft Edge closesDisabled
System/Group Policy
PolicySettingComment
Configure registry policy processingEnabled
Do not apply during periodic background processingDisabled
Process even if the Group Policy objects have not changedEnabled
PolicySettingComment
Specify startup policy processing wait timeEnabled
Amount of time to wait (in seconds):60
PolicySettingComment
Specify workplace connectivity wait time for policy processingEnabled
Amount of time to wait (in seconds):60
System/Internet Communication Management
PolicySettingComment
Restrict Internet communicationEnabled
System/Internet Communication Management/Internet Communication settings
PolicySettingComment
Turn off handwriting personalization data sharingEnabled
Turn off handwriting recognition error reportingEnabled
Turn off Internet Connection Wizard if URL connection is referring to Microsoft.comEnabled
Turn off Internet File Association serviceEnabled
Turn off printing over HTTPEnabled
Turn off Registration if URL connection is referring to Microsoft.comEnabled
Turn off Search Companion content file updatesEnabled
Turn off the "Order Prints" picture taskEnabled
Turn off the "Publish to Web" task for files and foldersEnabled
Turn off the Windows Messenger Customer Experience Improvement ProgramEnabled
Turn off Windows Customer Experience Improvement ProgramEnabled
Turn off Windows Error ReportingEnabled
System/Logon
PolicySettingComment
Always wait for the network at computer startup and logonEnabled
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceDisabled
Configure Solicited Remote AssistanceDisabled
System/User Profiles
PolicySettingComment
Delete cached copies of roaming profilesEnabled
Do not log users on with temporary profilesEnabled
System/Windows Time Service/Time Providers
PolicySettingComment
Enable Windows NTP ClientEnabled
Windows Components/AutoPlay Policies
PolicySettingComment
Disallow Autoplay for non-volume devicesEnabled
Set the default behavior for AutoRunEnabled
Default AutoRun BehaviorDo not execute any autorun commands
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/Credential User Interface
PolicySettingComment
Do not display the password reveal buttonEnabled
Windows Components/Internet Explorer/Compatibility View
PolicySettingComment
Use Policy List of Internet Explorer 7 sitesEnabled
List of sites
tesco.org
Windows Components/Internet Explorer/Internet Control Panel/Advanced Page
PolicySettingComment
Turn off encryption supportEnabled
Secure Protocol combinationsUse TLS 1.0, TLS 1.1, and TLS 1.2
Windows Components/Microsoft Defender Antivirus/MAPS
PolicySettingComment
Join Microsoft MAPSDisabled
Windows Components/OneDrive
PolicySettingComment
Prevent the usage of OneDrive for file storageDisabled
Windows Components/Windows Error Reporting
PolicySettingComment
Disable Windows Error ReportingEnabled
Preferences
Windows Settings
Registry
Enabled (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Collection: Registry Wizard Values/HKEY_USERS/.DEFAULT/Control Panel/Keyboard
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry item: InitialKeyboardIndicators
General
ActionUpdate
Properties
HiveHKEY_USERS
Key path.DEFAULT\Control Panel\Keyboard
Value nameInitialKeyboardIndicators
Value typeREG_SZ
Value data2
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Collection: Registry Wizard Values/HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/system_a.exe
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry item: system_a.exe
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system_a.exe
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Registry item: (Default)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system_a.exe
Value name(Default)
Value typeREG_SZ
Value data
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Registry item: Debugger
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system_a.exe
Value nameDebugger
Value typeREG_SZ
Value data"c:\windows\system32\systray.exe" /z
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.