Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
EG-PO-WIN-C-CTX LOOPBACK Computer Restrictions and Hardening
Data collected on: 2-9-2025 10:54:40
General
Details
Domainemea.tpg.ads
OwnerS-1-5-21-513466819-3096973226-347852806-503948
Created29-7-2022 18:55:16
Modified9-2-2023 16:33:10
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions19 (AD), 19 (SYSVOL)
Unique ID{164bb578-42f6-4b69-bca6-e3b60d0e9750}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
CitrixNoEnabledemea.tpg.ads/EG/Systems/Citrix
TestingNoEnabledemea.tpg.ads/EG/Systems/Citrix/Testing

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\Domain ComputersReadNo
EMEA\EG-G-ORG-OU AdminsEdit settings, delete, modify securityNo
EMEA\EMEA-G-ORG-CEMEA VEUC infra TeamEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
S-1-5-21-513466819-3096973226-347852806-503948Edit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit directory service accessSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess, Failure
Audit system eventsSuccess, Failure
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Accounts: Rename administrator account"Apollo"
Devices
PolicySetting
Devices: Prevent users from installing printer driversDisabled
Interactive Logon
PolicySetting
Interactive logon: Don't display last signed-inEnabled
Shutdown
PolicySetting
Shutdown: Clear virtual memory pagefileEnabled
Event Log
PolicySetting
Maximum application log size3000000 kilobytes
Maximum security log size3000000 kilobytes
Maximum system log size3000000 kilobytes
Retain security log90 days
Retention method for application logAs needed
Retention method for security logBy days
Retention method for system logAs needed
System Services
Browser (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Registry (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Task Scheduler (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Shell Hardware Detection (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Image Acquisition (WIA) (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Telephony (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
File System
%ProgramFiles%\Common Files\microsoft shared\VGX\VGX.dll
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Public Key Policies/Certificate Path Validation Settings/Network Retrieval
PolicySetting
Default URL retrieval timeout in seconds15
Default path validation cumulative timeout in seconds20
Allow issuer certificate retrieval during path validationEnabled
Default cross-certificate download interval in hours168
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy versionNot Configured
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNo
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Connection Security Settings
Advanced Audit Configuration
Account Logon
PolicySetting
Audit Other Account Logon EventsSuccess, Failure
Account Management
PolicySetting
Audit Application Group ManagementSuccess, Failure
Audit Computer Account ManagementSuccess, Failure
Audit Security Group ManagementSuccess, Failure
Audit User Account ManagementSuccess, Failure
Detailed Tracking
PolicySetting
Audit Process CreationSuccess, Failure
Audit Process TerminationSuccess, Failure
Logon/Logoff
PolicySetting
Audit Account LockoutSuccess, Failure
Audit LogoffSuccess, Failure
Audit LogonSuccess, Failure
Audit Special LogonSuccess, Failure
Policy Change
PolicySetting
Audit Audit Policy ChangeSuccess, Failure
Audit Authentication Policy ChangeSuccess, Failure
System
PolicySetting
Audit Security State ChangeSuccess, Failure
Audit System IntegritySuccess, Failure
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Workspace Environment Management/Agent Host Configuration
PolicySettingComment
Agent service portEnabled
Agent service port :8286
PolicySettingComment
Cache synchronization portEnabled
Cache synchronization port :8285
PolicySettingComment
Infrastructure serverEnabled
Infrastructure server :10.231.100.7
Google/Google Chrome
PolicySettingComment
Browser sign in settingsDisabled
Enable AutoFill for addressesDisabled
Enable AutoFill for credit cardsDisabled
Hide the web store from the New Tab Page and app launcherEnabled
Google/Google Chrome/Extensions
PolicySettingComment
Configure extension installation allow listEnabled
Extension IDs to exempt from the blocklist
jahbgfelgdkpjhbcggnkfglaldkhodmi
PolicySettingComment
Configure the list of force-installed apps and extensionsEnabled
Extension/App IDs and update URLs to be silently installed
hdppkjifljbdpckfajcmlblbchhledln; https://clients2.google.com/service/update2/crx
Google/Google Chrome/Google Cast
PolicySettingComment
Enable Google CastDisabled
Show the Google Cast toolbar iconDisabled
Google/Google Chrome/Password manager
PolicySettingComment
Enable saving passwords to the password managerDisabled
Google/Google Chrome/Removed policies
PolicySettingComment
Allow background tabs freezeEnabled
Configure extension installation allowlistEnabled
Extension IDs to exempt from the blocklist
hdppkjifljbdpckfajcmlblbchhledln
PolicySettingComment
Configure extension installation blocklistEnabled
Extension IDs the user should be prevented from installing (or * for all)
*
LAPS
PolicySettingComment
Do not allow password expiration time longer than required by policyEnabled
Enable local admin password managementEnabled
Password SettingsEnabled
Password ComplexityLarge letters + small letters + numbers + specials
Password Length14
Password Age (Days)30
Microsoft Edge
PolicySettingComment
Allow freezing of background tabs (obsolete)Enabled
Allow user feedbackDisabled
Browser sign-in settingsDisabled
Configure Internet Explorer integrationEnabled
Configure Internet Explorer integrationInternet Explorer mode
PolicySettingComment
Configure the Enterprise Mode Site ListEnabled
Configure the Enterprise Mode Site ListC:\GPO\IE11Mode\IE11_Sitelist.xml
PolicySettingComment
Enable AutoFill for addressesDisabled
Enable AutoFill for payment instrumentsDisabled
Hide the First-run experience and splash screenEnabled
Restrict which accounts can be used to sign in to Microsoft EdgeEnabled
Restrict which accounts can be used to sign in to Microsoft Edge.*@dfjsklfjdsklfdsjfdfsdfdsfsdl.com
Microsoft Edge/Cast
PolicySettingComment
Enable Google CastDisabled
Show the cast icon in the toolbarDisabled
Microsoft Edge/Default search provider
PolicySettingComment
Default search provider nameEnabled
Default search provider nameGoogle
PolicySettingComment
Default search provider search URLEnabled
Default search provider search URL{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}ie={inputEncoding}
PolicySettingComment
Default search provider URL for suggestionsEnabled
Default search provider URL for suggestions{google:baseURL}complete/search?output=chrome&q={searchTerms}
PolicySettingComment
Enable the default search providerEnabled
Parameters for an image URL that uses POSTEnabled
Parameters for an image URL that uses POSTencoded_image={google:imageThumbnail},image_url={google:imageURL},sbisrc={google:imageSearchSource},original_width={google:imageOriginalWidth},original_height={google:imageOriginalHeight}
PolicySettingComment
Specifies the search-by-image feature for the default search providerEnabled
Specifies the search-by-image feature for the default search provider{google:baseURL}searchbyimage/upload
Microsoft Edge/Extensions
PolicySettingComment
Allow specific extensions to be installedEnabled
Extension IDs to exempt from the block list
ggjhpefgjjfobnfoldnjipclpcfbgbhl
hdppkjifljbdpckfajcmlblbchhledln
folaiffmfcgfagbjdccaokekdohcgman
PolicySettingComment
Control which extensions are installed silentlyEnabled
Extension/App IDs and update URLs to be silently installed
hdppkjifljbdpckfajcmlblbchhledln; https://clients2.google.com/service/update2/crx
PolicySettingComment
Control which extensions cannot be installedEnabled
Extension IDs the user should be prevented from installing (or * for all)
*
Microsoft Edge/Password manager and protection
PolicySettingComment
Enable saving passwords to the password managerDisabled
Network/Network Connections/Windows Defender Firewall/Domain Profile
PolicySettingComment
Windows Defender Firewall: Prohibit notificationsEnabled
Windows Defender Firewall: Protect all network connectionsDisabled
Printers
PolicySettingComment
Point and Print RestrictionsEnabled
Users can only point and print to these servers:Disabled
Enter fully qualified server names separated by semicolons
Users can only point and print to machines in their forestDisabled
Security Prompts:
When installing drivers for a new connection:Do not show warning or elevation prompt
When updating drivers for an existing connection:Do not show warning or elevation prompt
This setting only applies to:
Windows Vista and later
System/Group Policy
PolicySettingComment
Configure folder redirection policy processingEnabled
Allow processing across a slow network connectionDisabled
Process even if the Group Policy objects have not changedEnabled
PolicySettingComment
Configure Internet Explorer Maintenance policy processingEnabled
Allow processing across a slow network connectionDisabled
Do not apply during periodic background processingDisabled
Process even if the Group Policy objects have not changedEnabled
System/Internet Communication Management/Internet Communication settings
PolicySettingComment
Turn off Automatic Root Certificates UpdateDisabled
System/Power Management/Hard Disk Settings
PolicySettingComment
Turn Off the hard disk (on battery)Enabled
Turn Off the Hard Disk (seconds):0
PolicySettingComment
Turn Off the hard disk (plugged in)Enabled
Turn Off the Hard Disk (seconds):0
System/Power Management/Sleep Settings
PolicySettingComment
Specify the system hibernate timeout (on battery)Enabled
System Hibernate Timeout (seconds):0
PolicySettingComment
Specify the system hibernate timeout (plugged in)Enabled
System Hibernate Timeout (seconds):0
PolicySettingComment
Specify the system sleep timeout (on battery)Enabled
System Sleep Timeout (seconds):0
PolicySettingComment
Specify the system sleep timeout (plugged in)Enabled
System Sleep Timeout (seconds):0
System/Removable Storage Access
PolicySettingComment
Removable Disks: Deny execute accessEnabled
Removable Disks: Deny read accessEnabled
Removable Disks: Deny write accessEnabled
System/User Profiles
PolicySettingComment
Add the Administrators security group to roaming user profilesEnabled
Delete cached copies of roaming profilesEnabled
Delete user profiles older than a specified number of days on system restartEnabled
Delete user profiles older than (days)30
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/Event Log Service/Application
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/Event Log Service/System
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/Microsoft Edge
PolicySettingComment
Allow extended telemetry for the Books tabDisabled
Configure AutofillDisabled
Configure Password ManagerDisabled
Prevent the First Run webpage from opening on Microsoft EdgeEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
PolicySettingComment
Allow users to connect remotely by using Remote Desktop ServicesEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Security
PolicySettingComment
Require use of specific security layer for remote (RDP) connectionsEnabledPCI Plugin 18405
Security LayerSSL
Choose the security layer from the drop-down list.
PolicySettingComment
Require user authentication for remote connections by using Network Level AuthenticationEnabledPCI plugin 58453 and 18405
Set client connection encryption levelEnabledpci plugin 57690 Terminal Service Encryption
Encryption LevelHigh Level
Choose the encryption level from the drop-down list.
Windows Components/Search
PolicySettingComment
Allow CortanaDisabled
Windows Components/Store
PolicySettingComment
Disable all apps from Microsoft Store Enabled
Turn off the Store applicationEnabled
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Mozilla\lockPref\network.dns.disableIPv61
Preferences
Windows Settings
Environment Variables
Environment Variable (Variable: JAVA_TOOL_OPTIONS)
JAVA_TOOL_OPTIONS (Order: 1)
General
ActionUpdate
Properties
ContextSystem
VariableJAVA_TOOL_OPTIONS
Value-Djava.vendor="Sun Microsystems Inc."
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Registry
InitialKeyboardIndicators (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_USERS
Key path.DEFAULT\Control Panel\Keyboard
Value nameInitialKeyboardIndicators
Value typeREG_SZ
Value data2
Common
Options
Stop processing items on this extension if an error occurs on this itemYes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Enable num-lock on startup
BlockNetFramework451 (Order: 2)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\NET Framework Setup\NDP
Value nameBlockNetFramework451
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
UserFeedbackAllowed (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge
Value nameUserFeedbackAllowed
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
enablesecuritysignature (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanServer\Parameters
Value nameenablesecuritysignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Signing PCI 57608
requiresecuresignature (Order: 5)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanServer\Parameters
Value namerequiresecuresignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Signing PCI 57608
RequireSecuritySignature (Order: 6)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters
Value nameRequireSecuritySignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Signing PCI 57608
EnableSecuritySignature (Order: 7)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters
Value nameEnableSecuritySignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Siging PCI 57608
TurnOffSidebar (Order: 8)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar
Value nameTurnOffSidebar
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
PCI Plugin 59915
CachedLogonsCount (Order: 9)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Value nameCachedLogonsCount
Value typeREG_SZ
Value data0
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Plugin ID 11457
LmCompatibilityLevel (Order: 10)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Lsa
Value nameLmCompatibilityLevel
Value typeREG_DWORD
Value data0x3 (3)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CachedLogonsCount (Order: 11)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Value nameCachedLogonsCount
Value typeREG_SZ
Value data0
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Plugin ID 11457
Enabled (Order: 12)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSystem\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 13)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSystem\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexeplore.exe (Order: 14)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX
Value nameiexeplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexplore.exe (Order: 15)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX
Value nameiexplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexplore.exe (Order: 16)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING
Value nameiexplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexplore.exe (Order: 17)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING
Value nameiexplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CWDIllegalInDllSearch (Order: 18)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager
Value nameCWDIllegalInDllSearch
Value typeREG_DWORD
Value data0x2 (2)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
FeatureSettingsOverride (Order: 19)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
Value nameFeatureSettingsOverride
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Nessus Plugin 111689
FeatureSettingsOverrideMask (Order: 20)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
Value nameFeatureSettingsOverrideMask
Value typeREG_DWORD
Value data0x3 (3)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Nessus Plugin 111689
EnableActiveProbing (Order: 21)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet
Value nameEnableActiveProbing
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
RestrictDriverInstallationToAdministrators (Order: 22)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
Value nameRestrictDriverInstallationToAdministrators
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AllocateCDRoms (Order: 23)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Value nameAllocateCDRoms
Value typeREG_SZ
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NoDriveTypeAutoRun (Order: 24)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value nameNoDriveTypeAutoRun
Value typeREG_DWORD
Value data0xFF (255)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NtfsDisable8dot3NameCreation (Order: 25)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\FileSystem
Value nameNtfsDisable8dot3NameCreation
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Optional (Order: 26)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\SubSystems
Value nameOptional
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Enabled (Order: 27)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 28)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NoNewAppAlert (Order: 29)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\Explorer
Value nameNoNewAppAlert
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DelayedDesktopSwitchTimeout (Order: 30)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
Value nameDelayedDesktopSwitchTimeout
Value typeREG_DWORD
Value data0x5 (5)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Installed Components (Order: 31)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Active Setup\Installed Components
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Installed Components (Order: 32)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
RestoreConnection (Order: 33)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\NetworkProvider
Value nameRestoreConnection
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Local Users and Groups
User (Name: Administrator (built-in))
Administrator (built-in) (Order: 2)
Local User
ActionUpdate
Properties
User nameAdministrator (built-in)
Rename toApollo
User cannot change passwordFalse
Password never expiresTrue
Account is disabledFalse
Account expiresNever
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Group (Name: Remote Desktop Users (built-in))
Remote Desktop Users (built-in) (Order: 1)
Local Group
ActionUpdate
Properties
Group nameRemote Desktop Users (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
EMEA\NL-L-SEC-Remote Desktop Access UsersS-1-5-21-513466819-3096973226-347852806-433231
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Group (Name: Administrators (built-in))
Administrators (built-in) (Order: 3)
Local Group
ActionUpdate
Properties
Group nameAdministrators (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
EMEA\NL-L-SEC-Delegation Local Administration Rights Client SystemsS-1-5-21-513466819-3096973226-347852806-2181
EMEA\emeanessus.1S-1-5-21-513466819-3096973226-347852806-32532
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Services
Service (Name: wmiApSrv)
wmiApSrv (Order: 1)
General
Service namewmiApSrv
ActionStart service
Startup type:Automatic
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.