| EG-PO-WIN-ADM-C-Workstation Policies SF | |
| Data collected on: 2-9-2025 09:20:06 | |
| Domain | emea.tpg.ads |
| Owner | EMEA\ygalal.5 |
| Created | 15-11-2018 14:24:48 |
| Modified | 26-8-2025 13:50:14 |
| User Revisions | 1 (AD), 1 (SYSVOL) |
| Computer Revisions | 47 (AD), 47 (SYSVOL) |
| Unique ID | {9b5198e4-546f-4e2a-80c3-91d940db8115} |
| GPO Status | Enabled |
| Location | Enforced | Link Status | Path |
|---|---|---|---|
| Clients | No | Enabled | emea.tpg.ads/EG/Systems/Clients |
| Name |
|---|
| None |
| Name | Allowed Permissions | Inherited |
|---|---|---|
| EMEA\EGCAIDT8778$ | Custom | No |
| Name | Parameters |
|---|---|
| \\EGCAIFS01\EGCAIDepartments$\IT\Policies\Patches\Bios Boot and PW.bat | |
| CairoEMEA.bat |
| Policy | Setting |
|---|---|
| Enforce password history | 24 passwords remembered |
| Maximum password age | 30 days |
| Minimum password age | 1 days |
| Minimum password length | 8 characters |
| Password must meet complexity requirements | Enabled |
| Store passwords using reversible encryption | Disabled |
| Policy | Setting |
|---|---|
| Account lockout duration | 60 minutes |
| Account lockout threshold | 5 invalid logon attempts |
| Reset account lockout counter after | 60 minutes |
| Policy | Setting |
|---|---|
| Enforce user logon restrictions | Enabled |
| Maximum lifetime for service ticket | 600 minutes |
| Maximum lifetime for user ticket | 10 hours |
| Maximum lifetime for user ticket renewal | 7 days |
| Maximum tolerance for computer clock synchronization | 5 minutes |
| Policy | Setting |
|---|---|
| Audit account logon events | Success, Failure |
| Audit account management | Success, Failure |
| Audit directory service access | Success, Failure |
| Audit logon events | Success, Failure |
| Audit object access | Success, Failure |
| Audit policy change | Success, Failure |
| Audit privilege use | Success, Failure |
| Audit process tracking | Success, Failure |
| Audit system events | Success, Failure |
| Policy | Setting |
|---|---|
| Access this computer from the network | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Allow log on locally | BUILTIN\Users, EMEA\Domain Users, BUILTIN\Administrators |
| Back up files and directories | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Change the system time | BUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins |
| Change the time zone | BUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins |
| Create global objects | NT AUTHORITY\SERVICE, NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\LOCAL SERVICE, BUILTIN\Administrators |
| Create permanent shared objects | |
| Debug programs | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Deny access to this computer from the network | TPUser, TPladmin |
| Deny log on as a batch job | TPUser |
| Deny log on as a service | TPUser |
| Deny log on locally | TPUser, EMEA\EG-G-ORG-ServiceAccounts, EMEA\EG-G-ORG-OU Admins |
| Deny log on through Terminal Services | TPUser, TPLadmin, EMEA\EG-G-ORG-ServiceAccounts, EMEA\EG-G-ORG-OU Admins |
| Enable computer and user accounts to be trusted for delegation | |
| Force shutdown from a remote system | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Generate security audits | NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\LOCAL SERVICE |
| Impersonate a client after authentication | NT AUTHORITY\SERVICE, NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\LOCAL SERVICE, BUILTIN\Administrators |
| Increase scheduling priority | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Load and unload device drivers | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Lock pages in memory | |
| Log on as a batch job | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Manage auditing and security log | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Modify an object label | |
| Modify firmware environment values | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Perform volume maintenance tasks | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Profile single process | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Profile system performance | NT SERVICE\WdiServiceHost, EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Replace a process level token | NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\LOCAL SERVICE |
| Restore files and directories | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Shut down the system | BUILTIN\Users, EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\Domain Users, BUILTIN\Administrators |
| Take ownership of files or other objects | EMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators |
| Policy | Setting |
|---|---|
| Accounts: Administrator account status | Enabled |
| Accounts: Guest account status | Disabled |
| Accounts: Rename administrator account | "TPLAdmin" |
| Accounts: Rename guest account | "TPUser" |
| Policy | Setting |
|---|---|
| Audit: Shut down system immediately if unable to log security audits | Disabled |
| Policy | Setting |
|---|---|
| Devices: Allow undock without having to log on | Enabled |
| Devices: Prevent users from installing printer drivers | Disabled |
| Policy | Setting |
|---|---|
| Domain member: Digitally encrypt or sign secure channel data (always) | Disabled |
| Domain member: Digitally encrypt secure channel data (when possible) | Enabled |
| Domain member: Digitally sign secure channel data (when possible) | Enabled |
| Domain member: Disable machine account password changes | Disabled |
| Domain member: Maximum machine account password age | 30 days |
| Domain member: Require strong (Windows 2000 or later) session key | Enabled |
| Policy | Setting |
|---|---|
| Interactive logon: Do not require CTRL+ALT+DEL | Disabled |
| Interactive logon: Don't display last signed-in | Enabled |
| Interactive logon: Message text for users attempting to log on | This computer system (including all hardware, software, and peripheral equipment) is the property of Teleperformance. Use of this computer system is restricted to official Teleperformance business. Teleperformance reserves the right to monitor use of the computer system at any time. Use of this system constitutes consent to such monitoring. Any unauthorized access, use, or modification of the computer system can result in civil liability and/or criminal penalties |
| Interactive logon: Message title for users attempting to log on | "Warning Banner" |
| Interactive logon: Number of previous logons to cache (in case domain controller is not available) | 4 logons |
| Interactive logon: Prompt user to change password before expiration | 5 days |
| Policy | Setting |
|---|---|
| Microsoft network client: Digitally sign communications (always) | Enabled |
| Microsoft network client: Digitally sign communications (if server agrees) | Enabled |
| Microsoft network client: Send unencrypted password to third-party SMB servers | Disabled |
| Policy | Setting |
|---|---|
| Microsoft network server: Amount of idle time required before suspending session | 15 minutes |
| Microsoft network server: Digitally sign communications (always) | Enabled |
| Microsoft network server: Digitally sign communications (if client agrees) | Enabled |
| Policy | Setting |
|---|---|
| Network access: Allow anonymous SID/Name translation | Disabled |
| Network access: Do not allow anonymous enumeration of SAM accounts | Enabled |
| Network access: Do not allow anonymous enumeration of SAM accounts and shares | Disabled |
| Network access: Do not allow storage of passwords and credentials for network authentication | Enabled |
| Network access: Let Everyone permissions apply to anonymous users | Disabled |
| Network access: Named Pipes that can be accessed anonymously | |
| Network access: Restrict anonymous access to Named Pipes and Shares | Enabled |
| Network access: Shares that can be accessed anonymously | |
| Network access: Sharing and security model for local accounts | Classic - local users authenticate as themselves |
| Policy | Setting | ||||
|---|---|---|---|---|---|
| Network security: Do not store LAN Manager hash value on next password change | Enabled | ||||
| Network security: LAN Manager authentication level | Send NTLMv2 response only. Refuse LM & NTLM | ||||
| Network security: LDAP client signing requirements | Negotiate signing | ||||
| Network security: Minimum session security for NTLM SSP based (including secure RPC) clients | Enabled | ||||
| |||||
| Network security: Minimum session security for NTLM SSP based (including secure RPC) servers | Enabled | ||||
| |||||
| Policy | Setting |
|---|---|
| Shutdown: Clear virtual memory pagefile | Enabled |
| Policy | Setting |
|---|---|
| System cryptography: Force strong key protection for user keys stored on the computer | User is prompted when the key is first used |
| Policy | Setting |
|---|---|
| System objects: Require case insensitivity for non-Windows subsystems | Enabled |
| System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) | Enabled |
| Policy | Setting |
|---|---|
| User Account Control: Admin Approval Mode for the Built-in Administrator account | Enabled |
| User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop | Disabled |
| User Account Control: Detect application installations and prompt for elevation | Enabled |
| User Account Control: Only elevate UIAccess applications that are installed in secure locations | Enabled |
| User Account Control: Run all administrators in Admin Approval Mode | Enabled |
| User Account Control: Switch to the secure desktop when prompting for elevation | Enabled |
| User Account Control: Virtualize file and registry write failures to per-user locations | Enabled |
| Policy | Setting | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Accounts: Block Microsoft accounts | Users can't add or log on with Microsoft accounts | ||||||||||||
| Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings | Enabled | ||||||||||||
| Interactive logon: Machine inactivity limit | 300 seconds | ||||||||||||
| Network security: Allow Local System to use computer identity for NTLM | Enabled | ||||||||||||
| Network security: Allow LocalSystem NULL session fallback | Disabled | ||||||||||||
| Network security: Allow PKU2U authentication requests to this computer to use online identities. | Disabled | ||||||||||||
| Network security: Configure encryption types allowed for Kerberos | Enabled | ||||||||||||
| |||||||||||||
| Policy | Setting |
|---|---|
| Prevent local guests group from accessing application log | Enabled |
| Prevent local guests group from accessing security log | Enabled |
| Prevent local guests group from accessing system log | Enabled |
| Retention method for application log | As needed |
| Retention method for security log | As needed |
| Retention method for system log | As needed |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | CREATOR OWNER | Full Control | Subfolders and files only |
| Allow | NT AUTHORITY\SYSTEM | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Administrators | Full Control | This folder, subfolders and files |
| Allow | EMEA\Domain Users | Modify | This folder, subfolders and files |
| Allow | BUILTIN\Users | Read and Execute | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES | Read and Execute | This folder, subfolders and files |
| Allow | CREATOR OWNER | Full Control | Subfolders and files only |
| Allow | NT AUTHORITY\SYSTEM | Full Control | This folder, subfolders and files |
| Allow | EMEA\Domain Users | Read and Execute | This folder, subfolders and files |
| Allow | BUILTIN\Administrators | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Users | Read and Execute | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | BUILTIN\Administrators | Full Control | This folder, subfolders and files |
| Allow | CREATOR OWNER | Full Control | Subfolders and files only |
| Allow | NT AUTHORITY\SYSTEM | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Users | Read and Execute | This folder, subfolders and files |
| Allow | APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES | Read and Execute | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | NT AUTHORITY\SYSTEM | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Administrators | Full Control | This folder, subfolders and files |
| Allow | EMEA\EG-L-SEC-Allow StickyNotes | Full Control | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | NT AUTHORITY\SYSTEM | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Administrators | Full Control | This folder, subfolders and files |
| Allow | EMEA\EG-L-SEC-Allow StickyNotes | Full Control | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | NT AUTHORITY\SYSTEM | Full Control | This folder, subfolders and files |
| Allow | EMEA\Domain Users | Read and Execute | This folder, subfolders and files |
| Allow | BUILTIN\Administrators | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Users | Read and Execute | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES | Read and Execute | This folder, subfolders and files |
| Allow | CREATOR OWNER | Full Control | Subfolders and files only |
| Allow | Everyone | Full Control | This folder, subfolders and files |
| Allow | NT AUTHORITY\SYSTEM | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Administrators | Full Control | This folder, subfolders and files |
| Allow | BUILTIN\Users | Read and Execute | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Deny | EMEA\Domain Users | Full Control | This folder, subfolders and files |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Owner |
| Type | Name | Permission | Apply To |
|---|---|---|---|
| Allow | APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES | Read | This key and subkeys |
| Allow | CREATOR OWNER | Full control | Subkeys only |
| Allow | EMEA\Domain Users | Full control | This key and subkeys |
| Allow | NT AUTHORITY\SYSTEM | Full control | This key and subkeys |
| Allow | BUILTIN\Administrators | Full control | This key and subkeys |
| Allow | BUILTIN\Users | Read | This key and subkeys |
| Allow inheritable permissions from the parent to propagate to this object and all child objects | Disabled |
| Issued To | Issued By | Expiration Date | Intended Purposes |
|---|---|---|---|
| TPEGY | TPEGY | 12-2-2023 20:28:28 | <All> |
| Policy | Setting |
|---|---|
| Audit Credential Validation | Success, Failure |
| Audit Kerberos Authentication Service | Success, Failure |
| Audit Kerberos Service Ticket Operations | Success, Failure |
| Audit Other Account Logon Events | Success, Failure |
| Policy | Setting |
|---|---|
| Audit Application Group Management | Success, Failure |
| Audit Computer Account Management | Success, Failure |
| Audit Other Account Management Events | Success, Failure |
| Audit Security Group Management | Success, Failure |
| Audit User Account Management | Success, Failure |
| Policy | Setting |
|---|---|
| Audit DPAPI Activity | Success, Failure |
| Audit PNP Activity | Success, Failure |
| Audit Process Creation | Success, Failure |
| Audit Process Termination | Success, Failure |
| Policy | Setting |
|---|---|
| Audit Account Lockout | Success, Failure |
| Audit Logoff | Success |
| Audit Logon | Success, Failure |
| Audit Other Logon/Logoff Events | Success, Failure |
| Audit Special Logon | Success, Failure |
| Policy | Setting |
|---|---|
| Audit File Share | Success, Failure |
| Audit Other Object Access Events | Success, Failure |
| Audit Removable Storage | Success, Failure |
| Policy | Setting |
|---|---|
| Audit Audit Policy Change | Success, Failure |
| Audit Authentication Policy Change | Success, Failure |
| Audit Authorization Policy Change | Success |
| Audit MPSSVC Rule-Level Policy Change | Success |
| Policy | Setting |
|---|---|
| Audit Sensitive Privilege Use | Success, Failure |
| Policy | Setting |
|---|---|
| Audit IPsec Driver | Success, Failure |
| Audit Other System Events | Success, Failure |
| Audit Security State Change | Success, Failure |
| Audit Security System Extension | Success, Failure |
| Audit System Integrity | Success, Failure |
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Disable synchronization of data with Google | Enabled | |||
| Restrict which Google accounts are allowed to be set as browser primary accounts in Google Chrome | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Prevent use of Offline Files folder | Enabled | |||
| Prohibit user configuration of Offline Files | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
| Remove "Make Available Offline" command | Enabled | |||
| Policy | Setting | Comment |
|---|---|---|
| All Removable Storage classes: Deny all access | Enabled | |
| All Removable Storage: Allow direct access in remote sessions | Disabled | |
| CD and DVD: Deny execute access | Enabled | |
| CD and DVD: Deny read access | Enabled | |
| CD and DVD: Deny write access | Enabled | |
| Floppy Drives: Deny execute access | Enabled | |
| Floppy Drives: Deny read access | Enabled | |
| Floppy Drives: Deny write access | Enabled | |
| Removable Disks: Deny execute access | Enabled | |
| Removable Disks: Deny read access | Enabled | |
| Removable Disks: Deny write access | Enabled | |
| Tape Drives: Deny execute access | Enabled | |
| Tape Drives: Deny read access | Enabled | |
| Tape Drives: Deny write access | Enabled | |
| WPD Devices: Deny read access | Enabled | |
| WPD Devices: Deny write access | Enabled |
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Turn off Autoplay | Enabled | |||
| ||||
| Policy | Setting | Comment | ||||||
|---|---|---|---|---|---|---|---|---|
| Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) | Enabled | |||||||
| ||||||||
| Policy | Setting | Comment | ||||||
| Choose drive encryption method and cipher strength (Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10 [Version 1507]) | Enabled | |||||||
| ||||||||
| Policy | Setting | Comment | ||||||
| Choose drive encryption method and cipher strength (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2) | Enabled | |||||||
| ||||||||
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Back up log automatically when full | Enabled | |||
| Control Event Log behavior when the log file reaches its maximum size | Enabled | |||
| Specify the maximum log file size (KB) | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Back up log automatically when full | Enabled | |||
| Control Event Log behavior when the log file reaches its maximum size | Enabled | |||
| Specify the maximum log file size (KB) | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Back up log automatically when full | Enabled | |||
| Control Event Log behavior when the log file reaches its maximum size | Enabled | |||
| Specify the maximum log file size (KB) | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Back up log automatically when full | Enabled | |||
| Control Event Log behavior when the log file reaches its maximum size | Enabled | |||
| Specify the maximum log file size (KB) | Enabled | |||
| ||||
| Policy | Setting | Comment |
|---|---|---|
| Prevent the usage of OneDrive for file storage | Enabled |
| Policy | Setting | Comment |
|---|---|---|
| Allow users to connect remotely by using Remote Desktop Services | Disabled |
| Policy | Setting | Comment |
|---|---|---|
| Turn off the Store application | Enabled |
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Do not sync | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
| Do not sync app settings | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
| Do not sync Apps | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
| Do not sync browser settings | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
| Do not sync desktop personalization | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
| Do not sync on metered connections | Enabled | |||
| Do not sync other Windows settings | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
| Do not sync passwords | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
| Do not sync personalize | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
| Do not sync start settings | Enabled | |||
| ||||
| Policy | Setting | Comment |
|---|---|---|
| Allow Windows Ink Workspace | Disabled |
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Turn on Script Execution | Enabled | |||
| ||||
| Policy | Setting | Comment |
|---|---|---|
| Configure Automatic Updates | Disabled |
| Action | Create |
| Source file(s) | \\emea.tpg.ads\sysvol\emea.tpg.ads\Policies\{3E37B931-7978-40C4-BCB9-8EA5BE51E9D6}\Machine\UIRibbon.dll |
| Destination file | c:\windows\system32\UIRibbon.dll |
| Read-only | Disabled |
| Hidden | Disabled |
| Archive | Enabled |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Create |
| Source file(s) | \\emea.tpg.ads\sysvol\emea.tpg.ads\Policies\{3E37B931-7978-40C4-BCB9-8EA5BE51E9D6}\Machine\UIRibbonRes.dll |
| Destination file | c:\windows\system32\UIRibbonRes.dll |
| Read-only | Disabled |
| Hidden | Disabled |
| Archive | Enabled |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Destination file | %USERPROFILE%\APPDATA\Local\BraveSoftware\Brave-Browser\Application\brave.exe |
| Suppress errors on individual file actions | Disabled |
| Read-only | Disabled |
| Hidden | Disabled |
| Archive | Enabled |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Path | C:\Windows\Help |
| Delete this folder (if emptied) | Enabled |
| Recursively delete all subfolders (if emptied) | Disabled |
| Delete all files in the folder(s) | Enabled |
| Allow deletion of read-only files/folders | Disabled |
| Ignore errors for files/folders that cannot be deleted | Disabled |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Create |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\Policies\Skype\Phone |
| Value name | DisableFileTransfer |
| Value type | REG_DWORD |
| Value data | 0x1 (1) |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Update |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\Policies\Skype\Phone |
| Value name | DisableFileTransfer |
| Value type | REG_DWORD |
| Value data | 0x1 (1) |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Create |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum |
| Value name | {F02C1A0D-BE21-4350-88B0-7367FC96EF3C} |
| Value type | REG_DWORD |
| Value data | 0x1 (1) |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Create |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system_a.exe |
| Value name | Debugger |
| Value type | REG_SZ |
| Value data | "c:\windows\system32\systray.exe" /z |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |