| GR-PO-WIN-C-Facebook PC Settings | |
| Data collected on: 2-9-2025 09:15:32 | |
| Domain | emea.tpg.ads |
| Owner | EMEA\tentolouris.5 |
| Created | 30-7-2018 10:11:46 |
| Modified | 23-10-2024 13:51:06 |
| User Revisions | 4 (AD), 4 (SYSVOL) |
| Computer Revisions | 223 (AD), 223 (SYSVOL) |
| Unique ID | {b76f29e9-781f-41ff-a2cb-8996cf318a9f} |
| GPO Status | Enabled |
| Location | Enforced | Link Status | Path |
|---|---|---|---|
| Clients | Yes | Enabled | emea.tpg.ads/GR/Systems/Clients |
| Name |
|---|
| EMEA\GR-L-SEC-Systems Clients Facebook Computers |
| Name | Allowed Permissions | Inherited |
|---|---|---|
| EMEA\Domain Admins | Edit settings, delete, modify security | No |
| EMEA\Domain Computers | Read | No |
| EMEA\GR-G-ORG-OU Admins | Edit settings, delete, modify security | No |
| EMEA\GR-L-SEC-Systems Clients Facebook Computers | Read (from Security Filtering) | No |
| EMEA\tentolouris.5 | Edit settings, delete, modify security | No |
| NT AUTHORITY\Authenticated Users | Read | No |
| NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS | Read | No |
| NT AUTHORITY\SYSTEM | Edit settings, delete, modify security | No |
| ROOT\Enterprise Admins | Edit settings, delete, modify security | No |
| Name | Parameters |
|---|---|
| \\grkalfs01.emea.tpg.ads\netconfigfiles\Facebook\Regional\Regional.bat | |
| \\grkalfs01.emea.tpg.ads\netconfigfiles\Facebook\Regional\Regionalreg.vbs | |
| \\grkalfs01.emea.tpg.ads\netconfigfiles\Facebook\NetCacheFormatDatabase.bat | |
| \\grkalfs01\netconfigfiles\Facebook\NetCacheFormatDatabase.bat |
| Name | Parameters |
|---|---|
| \\grkalfs01.emea.tpg.ads\netconfigfiles\Facebook\NetCacheFormatDatabase.bat | |
| \\grkalfs01\netconfigfiles\Facebook\NetCacheFormatDatabase.bat |
| Policy | Setting |
|---|---|
| Maximum password age | 60 days |
| Minimum password age | 3 days |
| Minimum password length | 12 characters |
| Policy | Setting | Comment |
|---|---|---|
| Use hardware acceleration when available | Disabled |
| Policy | Setting | Comment | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Let Windows apps access the camera | Enabled | |||||||||||||||
| ||||||||||||||||
| Policy | Setting | Comment | ||||||||||||||
| Let Windows apps access the microphone | Enabled | |||||||||||||||
| ||||||||||||||||
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Set a default associations configuration file | Enabled | |||
| ||||
| Policy | Setting | Comment | ||
|---|---|---|---|---|
| Enable client-side targeting | Enabled | |||
| ||||
| Action | Delete |
| Hive | HKEY_CLASSES_ROOT |
| Key path | ms-msdt |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Update |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\TP\Hardening |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\TP\Hardening |
| Value name | Version_Q4_2019 |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\TP\Hardening |
| Value name | Ticket_285411 |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\TP\Hardening |
| Value name | Reviewed_by_Stavropoulos Nikos |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\TP\Hardening |
| Value name | Performed_by_Pisogiannakis Konstantinos |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\TP\Hardening |
| Value name | File_name_Facebook_Master_Image_Q4_2019 |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Hive | HKEY_LOCAL_MACHINE |
| Key path | SOFTWARE\TP\Hardening |
| Value name | Creation_Date_31_10_2019 |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Update |
| Group name | Users (built-in) |
| Delete all member users | Disabled |
| Delete all member groups | Enabled |
| EMEA\GR-G-ORG-Remote Admin Users | S-1-5-21-513466819-3096973226-347852806-613115 |
| tpadmin | |
| EMEA\GR-G-ORG-USERS Facebook SLAM Access | S-1-5-21-513466819-3096973226-347852806-1318105 |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Update |
| Group name | Administrators (built-in) |
| Delete all member users | Disabled |
| Delete all member groups | Enabled |
| EMEA\GR-G-ORG-Remote Admin Users | S-1-5-21-513466819-3096973226-347852806-613115 |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Update |
| Name | Remove all profile | |||
| Author | EMEA\lewke.7 | |||
| Description | Remove all profile | |||
| Run only when user is logged on | InteractiveToken | |||
| UserId | NT AUTHORITY\System | |||
| Run with highest privileges | HighestAvailable | |||
| Hidden | No | |||
| Configure for | 1.2 | |||
| Enabled | Yes |
| 1. Run at user logon | ||||
| Enabled | Yes | |||
| 1. Start a program | ||||
| Program/script | Powershell.exe | |||
| Arguments | -ExecutionPolicy Bypass \\grkalfs01\netconfigfiles\Facebook\RemoveUserAccount.ps1 | |||
| 2. Start a program | ||||
| Program/script | \\grkalfs01.emea.tpg.ads\netconfigfiles\Facebook\NetCacheFormatDatabase.bat | |||
| 3. Start a program | ||||
| Program/script | \\grkalfs01\netconfigfiles\Facebook\NetCacheFormatDatabase.bat |
| Stop if the computer ceases to be idle | No | |||
| Restart if the idle state resumes | No | |||
| Start the task only if the computer is on AC power | No | |||
| Stop if the computer switches to battery power | No | |||
| Allow task to be run on demand | Yes | |||
| Run task as soon as possible after a scheduled start is missed | Yes | |||
| Stop task if it runs longer than | Immediately | |||
| If the running task does not end when requested, force it to stop | No | |||
| If the task is already running, then the following rule applies | IgnoreNew |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Name | CiscoCert | |||
| Author | EMEA\tentolouris.5 | |||
| Description | ||||
| Run only when user is logged on | ||||
| GroupId | NT AUTHORITY\SYSTEM | |||
| Run with highest privileges | HighestAvailable | |||
| Hidden | Yes | |||
| Configure for | 1.3 | |||
| Enabled | Yes |
| 1. Start a program | ||||
| Program/script | \\grkalfs01\netconfigfiles\GlobalSettings\Setups\Cisco-pbvpn\Cert\proper-import-certificate.bat |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Delete |
| Name | ReadCache | |||
| Author | EMEA\tentolouris.5 | |||
| Description | ||||
| Run only when user is logged on | ||||
| GroupId | NT AUTHORITY\SYSTEM | |||
| Run with highest privileges | HighestAvailable | |||
| Hidden | Yes | |||
| Configure for | 1.3 | |||
| Enabled | Yes |
| 1. Start a program | ||||
| Program/script | \\grkalfs01\netconfigfiles\GlobalSettings\WAHA-NoCachedLogon\ReadCache.vbs |
| Stop processing items on this extension if an error occurs on this item | No |
| Apply once and do not reapply | No |
| Action | Update |
| Name | Remove_MS3DViewer | |||
| Author | EMEA\tentolouris.5 | |||
| Description | ||||
| Run only when user is logged on | ||||
| GroupId | NT AUTHORITY\SYSTEM | |||
| Run with highest privileges | HighestAvailable | |||
| Hidden | No | |||
| Configure for | 1.3 | |||
| Enabled | Yes |
| 1. Run at user logon | ||||
| Delay task for | 30 seconds | |||
| Repeat task every 5 minutes for a duration of 30 minutes | ||||
| Stop all running tasks at end of repetition duration | No | |||
| Activate | 26-3-2021 17:00:02 | Synchronize across time zones | No | |
| Enabled | Yes | |||
| 2. At task creation/modification | ||||
| Enabled | Yes | |||
| 1. Start a program | ||||
| Program/script | Powershell.exe | |||
| Arguments | -ExecutionPolicy Bypass \\grkalfs01\netconfigfiles\GlobalSettings\Setups\RemoveMS3DViewerAPPX\Uninstall_MS3DViewerAPPX.ps1 |
| Stop if the computer ceases to be idle | Yes | |||
| Restart if the idle state resumes | No | |||
| Start the task only if the computer is on AC power | No | |||
| Stop if the computer switches to battery power | Yes | |||
| Allow task to be run on demand | Yes | |||
| Run task as soon as possible after a scheduled start is missed | Yes | |||
| Stop task if it runs longer than | 3 days | |||
| If the running task does not end when requested, force it to stop | Yes | |||
| If the task is already running, then the following rule applies | IgnoreNew |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Update |
| Name | Remove_Uninstall_Microsoft.MSPaint | |||
| Author | EMEA\tentolouris.5 | |||
| Description | ||||
| Run only when user is logged on | ||||
| GroupId | NT AUTHORITY\SYSTEM | |||
| Run with highest privileges | HighestAvailable | |||
| Hidden | No | |||
| Configure for | 1.3 | |||
| Enabled | Yes |
| 1. Run at user logon | ||||
| Delay task for | 30 seconds | |||
| Repeat task every 5 minutes for a duration of 30 minutes | ||||
| Stop all running tasks at end of repetition duration | No | |||
| Activate | 26-3-2021 17:00:02 | Synchronize across time zones | No | |
| Enabled | Yes | |||
| 2. At task creation/modification | ||||
| Enabled | Yes | |||
| 1. Start a program | ||||
| Program/script | Powershell.exe | |||
| Arguments | -ExecutionPolicy Bypass \\grkalfs01.emea.tpg.ads\netconfigfiles\GlobalSettings\Setups\RemoveAPPX\Uninstall_Microsoft.MSPaint.ps1 |
| Stop if the computer ceases to be idle | Yes | |||
| Restart if the idle state resumes | No | |||
| Start the task only if the computer is on AC power | No | |||
| Stop if the computer switches to battery power | Yes | |||
| Allow task to be run on demand | Yes | |||
| Run task as soon as possible after a scheduled start is missed | Yes | |||
| Stop task if it runs longer than | 3 days | |||
| If the running task does not end when requested, force it to stop | Yes | |||
| If the task is already running, then the following rule applies | IgnoreNew |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Update |
| Name | Remove_Uninstall_VP9VideoExtensions | |||
| Author | EMEA\tentolouris.5 | |||
| Description | ||||
| Run only when user is logged on | ||||
| GroupId | NT AUTHORITY\SYSTEM | |||
| Run with highest privileges | HighestAvailable | |||
| Hidden | No | |||
| Configure for | 1.3 | |||
| Enabled | Yes |
| 1. Run at user logon | ||||
| Delay task for | 30 seconds | |||
| Repeat task every 5 minutes for a duration of 30 minutes | ||||
| Stop all running tasks at end of repetition duration | No | |||
| Activate | 26-3-2021 17:00:02 | Synchronize across time zones | No | |
| Enabled | Yes | |||
| 2. At task creation/modification | ||||
| Enabled | Yes | |||
| 1. Start a program | ||||
| Program/script | Powershell.exe | |||
| Arguments | -ExecutionPolicy Bypass \\grkalfs01.emea.tpg.ads\netconfigfiles\GlobalSettings\Setups\RemoveAPPX\Uninstall_VP9VideoExtensions.ps1 |
| Stop if the computer ceases to be idle | Yes | |||
| Restart if the idle state resumes | No | |||
| Start the task only if the computer is on AC power | No | |||
| Stop if the computer switches to battery power | Yes | |||
| Allow task to be run on demand | Yes | |||
| Run task as soon as possible after a scheduled start is missed | Yes | |||
| Stop task if it runs longer than | 3 days | |||
| If the running task does not end when requested, force it to stop | Yes | |||
| If the task is already running, then the following rule applies | IgnoreNew |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Update |
| Name | Remove_Uninstall_WebMediaExtensions | |||
| Author | EMEA\tentolouris.5 | |||
| Description | ||||
| Run only when user is logged on | ||||
| GroupId | NT AUTHORITY\SYSTEM | |||
| Run with highest privileges | HighestAvailable | |||
| Hidden | No | |||
| Configure for | 1.3 | |||
| Enabled | Yes |
| 1. Run at user logon | ||||
| Delay task for | 30 seconds | |||
| Repeat task every 5 minutes for a duration of 30 minutes | ||||
| Stop all running tasks at end of repetition duration | No | |||
| Activate | 26-3-2021 17:00:02 | Synchronize across time zones | No | |
| Enabled | Yes | |||
| 2. At task creation/modification | ||||
| Enabled | Yes | |||
| 1. Start a program | ||||
| Program/script | Powershell.exe | |||
| Arguments | -ExecutionPolicy Bypass \\grkalfs01.emea.tpg.ads\netconfigfiles\GlobalSettings\Setups\RemoveAPPX\Uninstall_WebMediaExtensions.ps1 |
| Stop if the computer ceases to be idle | Yes | |||
| Restart if the idle state resumes | No | |||
| Start the task only if the computer is on AC power | No | |||
| Stop if the computer switches to battery power | Yes | |||
| Allow task to be run on demand | Yes | |||
| Run task as soon as possible after a scheduled start is missed | Yes | |||
| Stop task if it runs longer than | 3 days | |||
| If the running task does not end when requested, force it to stop | Yes | |||
| If the task is already running, then the following rule applies | IgnoreNew |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Update |
| Name | Remove_Uninstall_WebpImageExtension | |||
| Author | EMEA\tentolouris.5 | |||
| Description | ||||
| Run only when user is logged on | ||||
| GroupId | NT AUTHORITY\SYSTEM | |||
| Run with highest privileges | HighestAvailable | |||
| Hidden | No | |||
| Configure for | 1.3 | |||
| Enabled | Yes |
| 1. Run at user logon | ||||
| Delay task for | 30 seconds | |||
| Repeat task every 5 minutes for a duration of 30 minutes | ||||
| Stop all running tasks at end of repetition duration | No | |||
| Activate | 26-3-2021 17:00:02 | Synchronize across time zones | No | |
| Enabled | Yes | |||
| 2. At task creation/modification | ||||
| Enabled | Yes | |||
| 1. Start a program | ||||
| Program/script | Powershell.exe | |||
| Arguments | -ExecutionPolicy Bypass \\grkalfs01.emea.tpg.ads\netconfigfiles\GlobalSettings\Setups\RemoveAPPX\Uninstall_WebpImageExtension.ps1 |
| Stop if the computer ceases to be idle | Yes | |||
| Restart if the idle state resumes | No | |||
| Start the task only if the computer is on AC power | No | |||
| Stop if the computer switches to battery power | Yes | |||
| Allow task to be run on demand | Yes | |||
| Run task as soon as possible after a scheduled start is missed | Yes | |||
| Stop task if it runs longer than | 3 days | |||
| If the running task does not end when requested, force it to stop | Yes | |||
| If the task is already running, then the following rule applies | IgnoreNew |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |
| Action | Update |
| Name | Office StartUP update | |||
| Author | EMEA\tentolouris.5-adm | |||
| Description | ||||
| Run only when user is logged on | ||||
| GroupId | NT AUTHORITY\SYSTEM | |||
| Run with highest privileges | HighestAvailable | |||
| Hidden | No | |||
| Configure for | 1.2 | |||
| Enabled | Yes |
| 1. At startup | ||||
| Enabled | Yes | |||
| 1. Start a program | ||||
| Program/script | C:\Windows\System32\cmd.exe | |||
| Arguments | /c if exist "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe" ( "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe" /update user displaylevel=false forceappshutdown=true ) |
| Stop if the computer ceases to be idle | No | |||
| Restart if the idle state resumes | No | |||
| Start the task only if the computer is on AC power | No | |||
| Stop if the computer switches to battery power | No | |||
| Allow task to be run on demand | No | |||
| Stop task if it runs longer than | Immediately | |||
| If the running task does not end when requested, force it to stop | No | |||
| If the task is already running, then the following rule applies | IgnoreNew |
| Stop processing items on this extension if an error occurs on this item | No |
| Remove this item when it is no longer applied | No |
| Apply once and do not reapply | No |