Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
GR-PO-ADM-C-SeriouSAM HiveNightmare vulnerability
Data collected on: 2-9-2025 10:00:39
General
Details
Domainemea.tpg.ads
OwnerEMEA\tentolouris.5-adm
Created13-8-2021 15:34:34
Modified9-2-2023 15:06:22
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions8 (AD), 8 (SYSVOL)
Unique ID{0c38f899-a90f-4e4d-8f46-eb4e59aa9f1b}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
ClientsNoEnabledemea.tpg.ads/GR/Systems/Clients

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\GR-L-SEC-Vuln SeriousSam Hive
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\Domain ComputersReadNo
EMEA\GR-G-ORG-OU AdminsEdit settings, delete, modify securityNo
EMEA\GR-L-SEC-Vuln SeriousSam HiveRead (from Security Filtering)No
EMEA\tentolouris.5-admEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Preferences
Control Panel Settings
Scheduled Tasks
Scheduled Task (At least Windows 7) (Name: SeriouSAM HiveNightmare vulnerability)
SeriouSAM HiveNightmare vulnerability (Order: 1)
General
ActionUpdate
Task
Name SeriouSAM HiveNightmare vulnerability
Author EMEA\tentolouris.5-adm
Description
Run only when user is logged on
GroupId NT AUTHORITY\SYSTEM
Run with highest privileges LeastPrivilege
Hidden No
Configure for 1.2
Enabled Yes
Triggers
1. At startup
Enabled Yes
Actions
1. Start a program
Program/script C:\Windows\System32\cmd.exe
Arguments /c IF NOT EXIST C:\TPSTUFF\MARK-SeriousSAMHiveNightmareRemediation.txt icacls %windir%\system32\config\*.* /inheritance:e>>"C:\TPSTUFF\MARK-SeriousSAMHiveNightmareRemediation.txt"
Settings
Stop if the computer ceases to be idle No
Restart if the idle state resumes No
Start the task only if the computer is on AC power No
Stop if the computer switches to battery power No
Allow task to be run on demand No
Stop task if it runs longer than Immediately
If the running task does not end when requested, force it to stop No
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.