Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
EG-PO-WIN-ADM-C-Workstation Policies
Data collected on: 2-9-2025 09:05:08
General
Details
Domainemea.tpg.ads
OwnerEMEA\ygalal.5
Created21-8-2017 12:23:42
Modified31-8-2025 09:57:46
User Revisions22 (AD), 22 (SYSVOL)
Computer Revisions1208 (AD), 1208 (SYSVOL)
Unique ID{1658a1d1-e776-44e6-82d4-c0bd3ca45601}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
ClientsNoEnabledemea.tpg.ads/EG/Systems/Clients

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\EGCAIDGM0SPRG4$CustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Not configured
NameParameters
\\EGCAIFS01\EGCAIDepartments$\IT\Policies\Patches\Bios Boot and PW.bat
Security Settings
Account Policies/Password Policy
PolicySetting
Enforce password history24 passwords remembered
Maximum password age60 days
Minimum password age1 days
Minimum password length12 characters
Password must meet complexity requirementsEnabled
Store passwords using reversible encryptionDisabled
Account Policies/Account Lockout Policy
PolicySetting
Account lockout duration30 minutes
Account lockout threshold6 invalid logon attempts
Reset account lockout counter after30 minutes
Account Policies/Kerberos Policy
PolicySetting
Enforce user logon restrictionsEnabled
Maximum lifetime for service ticket600 minutes
Maximum lifetime for user ticket10 hours
Maximum lifetime for user ticket renewal7 days
Maximum tolerance for computer clock synchronization5 minutes
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit directory service accessSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess, Failure
Audit privilege useSuccess, Failure
Audit process trackingSuccess, Failure
Audit system eventsSuccess, Failure
Local Policies/User Rights Assignment
PolicySetting
Access this computer from the networkBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Allow log on locallyBUILTIN\Administrators, EMEA\Domain Users, BUILTIN\Users
Back up files and directoriesBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Change the system timeEMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators
Change the time zoneEMEA\EG-G-ORG-OU Admins, EMEA\EG-G-ORG-Helpdesk Admins, BUILTIN\Administrators
Create global objectsBUILTIN\Administrators, NT AUTHORITY\LOCAL SERVICE, NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\SERVICE
Create permanent shared objects
Debug programsBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Deny access to this computer from the networkTPladmin, TPUser
Deny log on as a batch jobTPUser
Deny log on as a serviceTPUser
Deny log on locallyTPUser, EMEA\EG-G-ORG-ServiceAccounts, EMEA\EG-G-ORG-OU Admins
Deny log on through Terminal ServicesTPUser, TPLadmin, EMEA\EG-G-ORG-ServiceAccounts, EMEA\EG-G-ORG-OU Admins
Enable computer and user accounts to be trusted for delegation
Force shutdown from a remote systemBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Generate security auditsNT AUTHORITY\LOCAL SERVICE, NT AUTHORITY\NETWORK SERVICE
Impersonate a client after authenticationBUILTIN\Administrators, NT AUTHORITY\LOCAL SERVICE, NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\SERVICE
Increase scheduling priorityBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Load and unload device driversBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Lock pages in memory
Log on as a batch jobBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Manage auditing and security logBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Modify an object label
Modify firmware environment valuesBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Perform volume maintenance tasksBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Profile single processBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Profile system performanceBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins, NT SERVICE\WdiServiceHost
Replace a process level tokenNT AUTHORITY\LOCAL SERVICE, NT AUTHORITY\NETWORK SERVICE
Restore files and directoriesBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Shut down the systemBUILTIN\Administrators, EMEA\Domain Users, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins, BUILTIN\Users
Take ownership of files or other objectsBUILTIN\Administrators, EMEA\EG-G-ORG-Helpdesk Admins, EMEA\EG-G-ORG-OU Admins
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Administrator account statusEnabled
Accounts: Guest account statusDisabled
Accounts: Limit local account use of blank passwords to console logon onlyEnabled
Accounts: Rename administrator account"TPLAdmin"
Accounts: Rename guest account"TPUser"
Audit
PolicySetting
Audit: Shut down system immediately if unable to log security auditsDisabled
Devices
PolicySetting
Devices: Allow undock without having to log onEnabled
Devices: Prevent users from installing printer driversEnabled
Domain Member
PolicySetting
Domain member: Digitally encrypt or sign secure channel data (always)Disabled
Domain member: Digitally encrypt secure channel data (when possible)Enabled
Domain member: Digitally sign secure channel data (when possible)Enabled
Domain member: Disable machine account password changesDisabled
Domain member: Maximum machine account password age30 days
Domain member: Require strong (Windows 2000 or later) session keyEnabled
Interactive Logon
PolicySetting
Interactive logon: Do not require CTRL+ALT+DELDisabled
Interactive logon: Don't display last signed-inEnabled
Interactive logon: Message text for users attempting to log onThis computer system (including all hardware, software, and peripheral equipment) is the property of Teleperformance. Use of this computer system is restricted to official Teleperformance business. Teleperformance reserves the right to monitor use of the computer system at any time. Use of this system constitutes consent to such monitoring. Any unauthorized access, use, or modification of the computer system can result in civil liability and/or criminal penalties
Interactive logon: Message title for users attempting to log on"Warning Banner"
Interactive logon: Number of previous logons to cache (in case domain controller is not available)4 logons
Interactive logon: Prompt user to change password before expiration5 days
Interactive logon: Require Domain Controller authentication to unlock workstationEnabled
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (always)Enabled
Microsoft network client: Digitally sign communications (if server agrees)Enabled
Microsoft network client: Send unencrypted password to third-party SMB serversDisabled
Microsoft Network Server
PolicySetting
Microsoft network server: Amount of idle time required before suspending session15 minutes
Microsoft network server: Digitally sign communications (always)Enabled
Microsoft network server: Digitally sign communications (if client agrees)Enabled
Network Access
PolicySetting
Network access: Allow anonymous SID/Name translationDisabled
Network access: Do not allow anonymous enumeration of SAM accountsEnabled
Network access: Do not allow anonymous enumeration of SAM accounts and sharesDisabled
Network access: Do not allow storage of passwords and credentials for network authenticationEnabled
Network access: Let Everyone permissions apply to anonymous usersDisabled
Network access: Named Pipes that can be accessed anonymously
Network access: Restrict anonymous access to Named Pipes and SharesEnabled
Network access: Shares that can be accessed anonymously
Network access: Sharing and security model for local accountsClassic - local users authenticate as themselves
Network Security
PolicySetting
Network security: Do not store LAN Manager hash value on next password changeEnabled
Network security: LAN Manager authentication levelSend NTLMv2 response only. Refuse LM & NTLM
Network security: LDAP client signing requirementsRequire signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsEnabled
Require NTLMv2 session securityDisabled
Require 128-bit encryptionEnabled
Network security: Minimum session security for NTLM SSP based (including secure RPC) serversEnabled
Require NTLMv2 session securityDisabled
Require 128-bit encryptionEnabled
Shutdown
PolicySetting
Shutdown: Clear virtual memory pagefileEnabled
System Cryptography
PolicySetting
System cryptography: Force strong key protection for user keys stored on the computerUser is prompted when the key is first used
System Objects
PolicySetting
System objects: Require case insensitivity for non-Windows subsystemsEnabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)Enabled
User Account Control
PolicySetting
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktopDisabled
User Account Control: Detect application installations and prompt for elevationEnabled
User Account Control: Only elevate UIAccess applications that are installed in secure locationsEnabled
User Account Control: Run all administrators in Admin Approval ModeEnabled
User Account Control: Switch to the secure desktop when prompting for elevationEnabled
User Account Control: Virtualize file and registry write failures to per-user locationsEnabled
Other
PolicySetting
Accounts: Block Microsoft accountsUsers can't add or log on with Microsoft accounts
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settingsEnabled
Interactive logon: Machine inactivity limit300 seconds
Network security: Allow Local System to use computer identity for NTLMEnabled
Network security: Allow LocalSystem NULL session fallbackDisabled
Network security: Allow PKU2U authentication requests to this computer to use online identities. Disabled
Network security: Configure encryption types allowed for KerberosEnabled
DES_CBC_CRCEnabled
DES_CBC_MD5Enabled
RC4_HMAC_MD5Enabled
AES128_HMAC_SHA1Enabled
AES256_HMAC_SHA1Enabled
Future encryption typesEnabled
Event Log
PolicySetting
Prevent local guests group from accessing application logEnabled
Prevent local guests group from accessing security logEnabled
Prevent local guests group from accessing system logEnabled
Retention method for application logAs needed
Retention method for security logAs needed
Retention method for system logAs needed
System Services
BluetoothUserService_b04bebb (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Bluetooth Audio Gateway Service (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Bluetooth Support Service (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
TypeNameAccess
FailureEveryoneFull Control
Print Spooler (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
File System
%ProgramFiles% (x86)\Windows Media Player\wmplayer.exe
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\EGCAI-G-ORG-Etihad AgentFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%ProgramFiles%\Avaya\Avaya IP Softphone
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowEMEA\Domain UsersModifyThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%ProgramFiles%\Windows Media Player\wmplayer.exe
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
DenyBUILTIN\UsersFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemDrive%\Users\Public
Do not allow permissions on this file or folder to be replaced
%SystemRoot%\HelpPane.exe
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\System32\stikynot
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowEMEA\EG-L-SEC-Allow StickyNotesFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\System32\stikynot.exe
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowEMEA\EG-L-SEC-Allow StickyNotesFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\System32\UIRibbon.dll
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowEMEA\Domain UsersRead and ExecuteThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\System32\winevt
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowEveryoneFull ControlThis folder, subfolders and files
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\EGCAI-G-ORG-Etihad SupervisorFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%UserProfile%\AppData\Local\Google\Chrome\User Data\Default\Extensions
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\Domain UsersFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Registry
MACHINE\SOFTWARE\Avaya
Configure this key then: Propagate inheritable permissions to all subkeys
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESReadThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowEMEA\Domain UsersFull controlThis key and subkeys
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowBUILTIN\UsersReadThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
AAA Certificate ServicesAAA Certificate Services1-1-2029 00:59:59<All>
ISRG Root X1ISRG Root X14-6-2035 13:04:38<All>
Sectigo RSA Domain Validation Secure Server CAUSERTrust RSA Certification Authority1-1-2031 00:59:59Server Authentication, Client Authentication
USERTrust RSA Certification AuthorityUSERTrust RSA Certification Authority19-1-2038 00:59:59<All>

For additional information about individual settings, launch the Local Group Policy Object Editor.
Advanced Audit Configuration
Account Logon
PolicySetting
Audit Credential ValidationSuccess, Failure
Audit Kerberos Authentication ServiceSuccess, Failure
Audit Kerberos Service Ticket OperationsSuccess, Failure
Audit Other Account Logon EventsSuccess, Failure
Account Management
PolicySetting
Audit Application Group ManagementSuccess, Failure
Audit Computer Account ManagementSuccess, Failure
Audit Other Account Management EventsSuccess, Failure
Audit Security Group ManagementSuccess, Failure
Audit User Account ManagementSuccess, Failure
Detailed Tracking
PolicySetting
Audit DPAPI ActivitySuccess, Failure
Audit PNP ActivitySuccess, Failure
Audit Process CreationSuccess, Failure
Audit Process TerminationSuccess, Failure
Logon/Logoff
PolicySetting
Audit Account LockoutSuccess, Failure
Audit LogoffSuccess
Audit LogonSuccess, Failure
Audit Other Logon/Logoff EventsSuccess, Failure
Audit Special LogonSuccess, Failure
Object Access
PolicySetting
Audit File ShareSuccess, Failure
Audit Other Object Access EventsSuccess, Failure
Audit Removable StorageSuccess, Failure
Policy Change
PolicySetting
Audit Audit Policy ChangeSuccess, Failure
Audit Authentication Policy ChangeSuccess, Failure
Audit Authorization Policy ChangeSuccess
Audit MPSSVC Rule-Level Policy ChangeSuccess
Privilege Use
PolicySetting
Audit Sensitive Privilege UseSuccess, Failure
System
PolicySetting
Audit IPsec DriverSuccess, Failure
Audit Other System EventsSuccess, Failure
Audit Security State ChangeSuccess, Failure
Audit Security System ExtensionSuccess, Failure
Audit System IntegritySuccess, Failure
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Settings Page VisibilityEnabled
Settings Page Visibility:showonly:sound;display;windowsupdate
Google/Google Chrome
PolicySettingComment
Allow user feedbackDisabled
Clear Browsing Data on ExitEnabled
Clear Browsing Data on Exit
browsing_history
PolicySettingComment
Disable synchronization of data with GoogleEnabled
Enable ending processes in Task ManagerDisabled
Enable guest mode in browserDisabled
Enable High Efficiency ModeDisabled
Import bookmarks from default browser on first runDisabled
Restrict which Google accounts are allowed to be set as browser primary accounts in Google ChromeEnabled
Restrict which Google accounts are allowed to be set as browser primary accounts in Google Chromeyoyoyassergalal@gmail.com
Google/Google Chrome/Extensions
PolicySettingComment
Configure extension installation blocklistEnabled
Extension IDs the user should be prevented from installing (or * for all)
*
Google/Google Chrome/Google Cast
PolicySettingComment
Enable Google CastDisabled
Show the Google Cast toolbar iconDisabled
Google/Google Chrome/Password manager
PolicySettingComment
Enable saving passwords to the password managerDisabled
Google/Google Chrome/Removed policies
PolicySettingComment
Control how Chrome Cleanup reports data to GoogleDisabled
Microsoft Edge
PolicySettingComment
Allow importing of autofill form dataDisabled
Allow importing of favoritesDisabled
Allow importing of payment infoDisabled
Allow importing of saved passwordsDisabled
Browser sign-in settingsEnabled
Browser sign-in settingsDisable browser sign-in
PolicySettingComment
Clear browsing data when Microsoft Edge closesEnabled
Clear cached images and files when Microsoft Edge closesEnabled
Configure the Enterprise Mode Site ListEnabled
Configure the Enterprise Mode Site Listhttp://10.10.10.10/hermes_net_v5/
PolicySettingComment
Control where developer tools can be usedEnabled
Control where developer tools can be usedDon't allow using the developer tools
PolicySettingComment
Enable AutoFill for addressesDisabled
Enable AutoFill for payment instrumentsDisabled
Enable ending processes in the Browser task managerDisabled
Enable guest modeDisabled
Enable the Collections featureDisabled
Save and fill membershipsDisabled
Microsoft Edge/Cast
PolicySettingComment
Enable Google CastDisabled
Show the cast icon in the toolbarDisabled
Microsoft Edge/Extensions
PolicySettingComment
Configure allowed extension typesDisabled
Control which extensions cannot be installedEnabled
Extension IDs the user should be prevented from installing (or * for all)
*
Microsoft Edge/Password manager and protection
PolicySettingComment
Enable saving passwords to the password managerDisabled
Network/Network Connections
PolicySettingComment
Prohibit use of Internet Connection Sharing on your DNS domain networkEnabled
Network/Offline Files
PolicySettingComment
Prevent use of Offline Files folderEnabled
Prohibit user configuration of Offline FilesEnabled
Prevents users from changing any cache configuration settings.
PolicySettingComment
Remove "Make Available Offline" commandEnabled
System/Group Policy
PolicySettingComment
Continue experiences on this deviceDisabled
System/Logon
PolicySettingComment
Always wait for the network at computer startup and logonEnabled
System/Removable Storage Access
PolicySettingComment
All Removable Storage classes: Deny all accessEnabled
All Removable Storage: Allow direct access in remote sessionsDisabled
CD and DVD: Deny execute accessEnabled
CD and DVD: Deny read accessEnabled
CD and DVD: Deny write accessEnabled
Floppy Drives: Deny execute accessEnabled
Floppy Drives: Deny read accessEnabled
Floppy Drives: Deny write accessEnabled
Removable Disks: Deny execute accessEnabled
Removable Disks: Deny read accessEnabled
Removable Disks: Deny write accessEnabled
Tape Drives: Deny execute accessEnabled
Tape Drives: Deny read accessEnabled
Tape Drives: Deny write accessEnabled
WPD Devices: Deny read accessEnabled
WPD Devices: Deny write accessEnabled
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/BitLocker Drive Encryption
PolicySettingComment
Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later)Enabled
Select the encryption method for operating system drives:XTS-AES 256-bit
Select the encryption method for fixed data drives:XTS-AES 256-bit
Select the encryption method for removable data drives:XTS-AES 256-bit
PolicySettingComment
Choose drive encryption method and cipher strength (Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10 [Version 1507])Enabled
Select the encryption method:AES 256-bit
PolicySettingComment
Choose drive encryption method and cipher strength (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)Enabled
Select the encryption method:AES 256-bit
Windows Components/Data Collection and Preview Builds
PolicySettingComment
Do not show feedback notificationsEnabled
Windows Components/Event Log Service/Application
PolicySettingComment
Back up log automatically when fullEnabled
Control Event Log behavior when the log file reaches its maximum sizeEnabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)3145728
Windows Components/Event Log Service/Security
PolicySettingComment
Back up log automatically when fullEnabled
Control Event Log behavior when the log file reaches its maximum sizeEnabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)3145728
Windows Components/Event Log Service/Setup
PolicySettingComment
Back up log automatically when fullEnabled
Control Event Log behavior when the log file reaches its maximum sizeEnabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)3145728
Windows Components/Event Log Service/System
PolicySettingComment
Back up log automatically when fullEnabled
Control Event Log behavior when the log file reaches its maximum sizeEnabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)3145728
Windows Components/Microsoft Edge
PolicySettingComment
Allow Developer ToolsDisabled
Allow ExtensionsDisabled
Allow InPrivate browsingDisabled
Allow Saving HistoryDisabled
Windows Components/OneDrive
PolicySettingComment
Prevent the usage of OneDrive for file storageEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
PolicySettingComment
Allow users to connect remotely by using Remote Desktop ServicesDisabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
PolicySettingComment
Remove Windows Security item from Start menuEnabled
Windows Components/Sync your settings
PolicySettingComment
Do not syncEnabled
Allow users to turn syncing on.Disabled
PolicySettingComment
Do not sync app settingsEnabled
Allow users to turn "app settings" syncing on.Disabled
PolicySettingComment
Do not sync AppsEnabled
Allow users to turn "AppSync" syncing on.Disabled
PolicySettingComment
Do not sync browser settingsEnabled
Allow users to turn "browser" syncing on.Disabled
PolicySettingComment
Do not sync desktop personalizationEnabled
Allow users to turn "desktop personalization" syncing on.Disabled
PolicySettingComment
Do not sync on metered connectionsEnabled
Do not sync other Windows settingsEnabled
Allow users to turn "other Windows settings" syncing on.Disabled
PolicySettingComment
Do not sync passwordsEnabled
Allow users to turn "passwords" syncing on.Disabled
PolicySettingComment
Do not sync personalizeEnabled
Allow users to turn "personalize" syncing on.Disabled
PolicySettingComment
Do not sync start settingsEnabled
Allow users to turn "start layout" syncing on.Disabled
Windows Components/Windows Ink Workspace
PolicySettingComment
Allow Windows Ink WorkspaceDisabled
Windows Components/Windows PowerShell
PolicySettingComment
Turn on Script ExecutionEnabled
Execution PolicyAllow all scripts
Windows Components/Windows Security/Family options
PolicySettingComment
Hide the Family options areaEnabled
Preferences
Windows Settings
Files
File (Target Path: C:\Windows\HelpPane.exe)
HelpPane.exe (Order: 1)
General
ActionDelete
Properties
Destination fileC:\Windows\HelpPane.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: %programfiles%\Mozilla Thunderbird\isp\eg.teleperformance.com.xml)
eg.teleperformance.com.xml (Order: 2)
General
ActionCreate
Properties
Source file(s)\\10.124.101.60\mcafee\Mail\eg.teleperformance.com.xml
Destination file%programfiles%\Mozilla Thunderbird\isp\eg.teleperformance.com.xml
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
File (Target Path: %programfiles(x86)%\Mozilla Thunderbird\isp\eg.teleperformance.com.xml)
eg.teleperformance.com.xml (Order: 3)
General
ActionCreate
Properties
Source file(s)\\10.124.101.60\mcafee\Mail\eg.teleperformance.com.xml
Destination file%programfiles(x86)%\Mozilla Thunderbird\isp\eg.teleperformance.com.xml
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
File (Target Path: %USERPROFILE%\appdata\local\Mozilla firefox\firefox.exe)
firefox.exe (Order: 4)
General
ActionDelete
Properties
Destination file%USERPROFILE%\appdata\local\Mozilla firefox\firefox.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: %USERPROFILE%\APPDATA\Local\BraveSoftware\Brave-Browser\Application\brave.exe)
brave.exe (Order: 5)
General
ActionDelete
Properties
Destination file%USERPROFILE%\APPDATA\Local\BraveSoftware\Brave-Browser\Application\brave.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\PowerToys\WinUI3Apps\Microsoft.Xaml.Interactions.dll)
Microsoft.Xaml.Interactions.dll (Order: 6)
General
ActionDelete
Properties
Destination fileC:\Program Files\PowerToys\WinUI3Apps\Microsoft.Xaml.Interactions.dll
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_22406.1401.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe)
WinStore.App.exe (Order: 8)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\Microsoft.WindowsStore_22406.1401.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
WinStore.App.exe (Order: 7)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\Microsoft.WindowsStore_22406.1401.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe)
WinStore.App.exe (Order: 9)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe)
HxCalendarAppImm.exe (Order: 10)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_22407.1401.5.0_x64__8wekyb3d8bbwe)
Microsoft.WindowsStore_22407.1401.5.0_x64__8wekyb3d8bbwe (Order: 11)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\Microsoft.WindowsStore_22407.1401.5.0_x64__8wekyb3d8bbwe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_22408.1401.8.0_x64__8wekyb3d8bbwe \WinStore.App.exe)
WinStore.App.exe (Order: 12)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\Microsoft.WindowsStore_22408.1401.8.0_x64__8wekyb3d8bbwe \WinStore.App.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_22408.1401.9.0_x64__8wekyb3d8bbwe \WinStore.App.exe)
WinStore.App.exe (Order: 13)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\Microsoft.WindowsStore_22408.1401.9.0_x64__8wekyb3d8bbwe \WinStore.App.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_22409.1401.5.0_x64__8wekyb3d8bbwe \WinStore.App.exe)
WinStore.App.exe (Order: 14)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\Microsoft.WindowsStore_22409.1401.5.0_x64__8wekyb3d8bbwe \WinStore.App.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_22410.1401.2.0_x64__8wekyb3d8bbwe \WinStore.App.exe)
WinStore.App.exe (Order: 15)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\Microsoft.WindowsStore_22410.1401.2.0_x64__8wekyb3d8bbwe \WinStore.App.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_22410.1401.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe)
WinStore.App.exe (Order: 16)
General
ActionDelete
Properties
Destination fileC:\Program Files\WindowsApps\Microsoft.WindowsStore_22410.1401.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\tick.ps1)
tick.ps1 (Order: 17)
General
ActionCreate
Properties
Source file(s)\\emea.tpg.ads\SysVol\emea.tpg.ads\Policies\{6FC12019-14D1-4DB0-B563-D76ECF4DDE1B}\User\Scripts\Logon\tick.ps1
Destination fileC:\tick.ps1
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Folders
Folder (Path: C:\Windows\Help)
Help (Order: 1)
General
ActionDelete
Attributes
PathC:\Windows\Help
Delete this folder (if emptied)Enabled
Recursively delete all subfolders (if emptied)Disabled
Delete all files in the folder(s)Enabled
Allow deletion of read-only files/foldersDisabled
Ignore errors for files/folders that cannot be deletedDisabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Folder (Path: C:\Program Files\WindowsApps\Microsoft.ScreenSketch*)
Microsoft.ScreenSketch* (Order: 2)
General
ActionDelete
Attributes
PathC:\Program Files\WindowsApps\Microsoft.ScreenSketch*
Delete this folder (if emptied)Enabled
Recursively delete all subfolders (if emptied)Disabled
Delete all files in the folder(s)Enabled
Allow deletion of read-only files/foldersDisabled
Ignore errors for files/folders that cannot be deletedDisabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Folder (Path: %USERPROFILE%\Appdata\Loacl\BraveSoftware)
BraveSoftware (Order: 3)
General
ActionDelete
Attributes
Path%USERPROFILE%\Appdata\Loacl\BraveSoftware
Delete this folder (if emptied)Enabled
Recursively delete all subfolders (if emptied)Enabled
Delete all files in the folder(s)Enabled
Allow deletion of read-only files/foldersDisabled
Ignore errors for files/folders that cannot be deletedDisabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Folder (Path: "C:\Program Files\WindowsApps\Stollenwerk.FastInternetBrowser_2.0.6.0_x64__0p6hs1rbf3jn6)
Stollenwerk.FastInternetBrowser_2.0.6.0_x64__0p6hs1rbf3jn6 (Order: 4)
General
ActionDelete
Attributes
Path"C:\Program Files\WindowsApps\Stollenwerk.FastInternetBrowser_2.0.6.0_x64__0p6hs1rbf3jn6
Delete this folder (if emptied)Enabled
Recursively delete all subfolders (if emptied)Enabled
Delete all files in the folder(s)Enabled
Allow deletion of read-only files/foldersDisabled
Ignore errors for files/folders that cannot be deletedDisabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry
DisableFileTransfer (Order: 1)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Skype\Phone
Value nameDisableFileTransfer
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisableFileTransfer (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Skype\Phone
Value nameDisableFileTransfer
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} (Order: 3)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
Value name{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Debugger (Order: 4)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\system_a.exe
Value nameDebugger
Value typeREG_SZ
Value data"c:\windows\system32\systray.exe" /z
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisableFsquirt (Order: 5)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\BTHPORT\Parameters
Value nameDisableFsquirt
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisableFsquirt (Order: 6)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\BTHPORT\Parameters
Value nameDisableFsquirt
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Scancode Map (Order: 7)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Keyboard Layout
Value nameScancode Map
Value typeREG_BINARY
Value data00000000000000000400000000002AE0000037E00000540000000000
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
EdgeCollectionsDisabled (Order: 8)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Policies\Microsoft\Edge
Value nameEdgeCollectionsEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
1 (Order: 9)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge\URLBlocklist
Value name1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
2 (Order: 10)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge\URLBlocklist
Value name2
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
3 (Order: 11)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge\URLBlocklist
Value name3
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
4 (Order: 12)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge\URLBlocklist
Value name4
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
5 (Order: 13)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge\URLBlocklist
Value name5
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
BrowserSignin (Order: 14)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge
Value nameBrowserSignin
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
WebCaptureEnabled (Order: 15)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge
Value nameWebCaptureEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
WebCaptureEnabled (Order: 16)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge
Value nameWebCaptureEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Start (Order: 17)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\DoSvc
Value nameStart
Value typeREG_DWORD
Value data0x4 (4)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Start (Order: 18)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\DoSvc
Value nameStart
Value typeREG_DWORD
Value data0x4 (4)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
HubsSidebarEnabled (Order: 19)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge
Value nameHubsSidebarEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
HubsSidebarEnabled (Order: 20)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge
Value nameHubsSidebarEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
HubMode (Order: 21)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
Value nameHubMode
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
HubMode (Order: 22)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
Value nameHubMode
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
EnableSkypeForBusiness (Order: 23)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Office\16.0\Lync
Value nameEnableSkypeForBusiness
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
EnableSkypeForBusiness (Order: 24)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Office\16.0\Lync
Value nameEnableSkypeForBusiness
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 25)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 26)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
TaskbarNoPinndList (Order: 27)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Explo‌​rer
Value nameTaskbarNoPinndList
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Collection: Registry Wizard Values/HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Keyboard Layout
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry item: Scancode Map
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Keyboard Layout
Value nameScancode Map
Value typeREG_BINARY
Value data00000000000000000400000000002AE0000037E00000540000000000
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
Policies
Windows Settings
Security Settings
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVisual Basic Source File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified19-11-2018 12:56:46
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified19-11-2018 12:56:46
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Google/Google Chrome/Removed policies
PolicySettingComment
Allow access to a list of URLsEnabled
Allow access to a list of URLs
\\EGAGZFS01.emea.tpg.ads\EGAGZClients$\Oppo\Agent\*
PolicySettingComment
Block access to a list of URLsEnabled
Block access to a list of URLs
file://*
file
file://
Preferences
Windows Settings
Registry
EnableSkypeForBusiness (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Office\16.0\Lync
Value nameEnableSkypeForBusiness
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo