Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GC-PO-WIN-C-Service Account Policy
Data collected on: 2-9-2025 11:22:56
General
Details
Domainemea.tpg.ads
OwnerS-1-5-21-513466819-3096973226-347852806-1233267
Created7-7-2023 15:37:30
Modified25-6-2025 19:29:52
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions45 (AD), 45 (SYSVOL)
Unique ID{952087db-ecfe-4881-941d-2dfaea7d2e25}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
ClientsNoEnabledemea.tpg.ads/Special-Services/GC/Systems/Clients

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\GC-G-ORG-ServerAdminEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
S-1-5-21-513466819-3096973226-347852806-1233267Edit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Account Policies/Password Policy
PolicySetting
Enforce password history24 passwords remembered
Maximum password age60 days
Minimum password age1 days
Minimum password length14 characters
Password must meet complexity requirementsEnabled
Store passwords using reversible encryptionDisabled
Account Policies/Account Lockout Policy
PolicySetting
Account lockout duration30 minutes
Account lockout threshold6 invalid logon attempts
Reset account lockout counter after30 minutes
Account Policies/Kerberos Policy
PolicySetting
Enforce user logon restrictionsEnabled
Maximum lifetime for service ticket600 minutes
Maximum lifetime for user ticket10 hours
Maximum lifetime for user ticket renewal10 days
Maximum tolerance for computer clock synchronization5 minutes
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsFailure
Audit account managementFailure
Audit logon eventsFailure
Audit object accessFailure
Audit policy changeSuccess, Failure
Audit privilege useSuccess, Failure
Audit system eventsFailure
Local Policies/User Rights Assignment
PolicySetting
Access this computer from the networkBUILTIN\Administrators
Back up files and directoriesBUILTIN\Administrators, BUILTIN\Backup Operators, BUILTIN\Users
Change the system timeBUILTIN\Administrators
Create a pagefileBUILTIN\Administrators
Create a token object
Create global objectsBUILTIN\Administrators
Deny access to this computer from the networkBUILTIN\Guests
Force shutdown from a remote systemBUILTIN\Administrators
Load and unload device driversBUILTIN\Administrators
Lock pages in memory
Log on as a batch jobBUILTIN\Administrators
Manage auditing and security logBUILTIN\Administrators
Modify firmware environment valuesBUILTIN\Administrators
Perform volume maintenance tasksBUILTIN\Administrators
Profile single processBUILTIN\Administrators
Restore files and directoriesBUILTIN\Administrators, BUILTIN\Backup Operators
Shut down the systemBUILTIN\Users, BUILTIN\Backup Operators, BUILTIN\Administrators
Take ownership of files or other objectsBUILTIN\Administrators
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Administrator account statusEnabled
Accounts: Guest account statusDisabled
Accounts: Limit local account use of blank passwords to console logon onlyEnabled
Accounts: Rename guest account"!NoUseGuest!"
Audit
PolicySetting
Audit: Audit the access of global system objectsDisabled
Devices
PolicySetting
Devices: Allowed to format and eject removable mediaAdministrators
Restricted Groups
GroupMembersMember of
S-1-5-21-1834872485-4048471868-719754967-1363BUILTIN\Administrators
System Services
Internet Connection Sharing (ICS) (Startup Mode: Disabled)
Permissions
TypeNamePermission
AllowBUILTIN\AdministratorsFull Control
AllowNT AUTHORITY\SYSTEMFull Control
AllowNT AUTHORITY\INTERACTIVERead
Auditing
TypeNameAccess
FailureEveryoneFull Control
Windows Time (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Search (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy versionNot Configured
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOn
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Network Connections/Windows Defender Firewall/Domain Profile
PolicySettingComment
Windows Defender Firewall: Protect all network connectionsEnabled
Network/Network Connections/Windows Defender Firewall/Standard Profile
PolicySettingComment
Windows Defender Firewall: Protect all network connectionsEnabled
System/Logon
PolicySettingComment
Hide entry points for Fast User SwitchingEnabled
Windows Components/Data Collection and Preview Builds
PolicySettingComment
Do not show feedback notificationsEnabled
Windows Components/Portable Operating System
PolicySettingComment
Windows To Go Default Startup OptionsDisabled
Preferences
Windows Settings
Registry
EnableLUA (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Value nameEnableLUA
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
MaxAllowedPhaseOffset (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\W32Time\Config
Value nameMaxAllowedPhaseOffset
Value typeREG_DWORD
Value data0x5 (5)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Type (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\W32Time\Parameters
Value nameType
Value typeREG_SZ
Value dataNT5DS
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.