Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
MATMT-PO-WIN-U-Security-CCW-Staff-enc
Data collected on: 2-9-2025 08:51:39
General
Details
Domainemea.tpg.ads
OwnerS-1-5-21-513466819-3096973226-347852806-27238
Created19-9-2014 16:14:42
Modified9-2-2023 14:44:44
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{a3c8b9c7-3a11-48aa-bc4e-8f1564ea7eef}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
StaffNoEnabledemea.tpg.ads/MA/Staff

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\MATMT-L-SEC-GPO-Security-CCW-Staff-enc
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\MA-G-ORG-OU AdminsEdit settings, delete, modify securityNo
EMEA\MATMT-L-SEC-GPO-Security-CCW-Staff-encRead (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
S-1-5-21-513466819-3096973226-347852806-203252ReadNo
S-1-5-21-513466819-3096973226-347852806-27238Edit settings, delete, modify securityNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Folder Redirection
Desktop
Setting: Not configured
Start Menu
Setting: Not configured
Internet Explorer Maintenance
Connection/Proxy Settings
Enable proxy settings
ProtocolServerPort
HTTP10.212.5.738888
Secure10.212.5.738888
FTP10.212.5.738888
Gopher10.212.5.738888
Socks10.212.5.738888
Exceptions:Do not use proxy server for addresses beginning with10.0.4.30, wasp, srv_web, 172.16.24.3, 172.16.139.9, 172.16.139.8, 172.16.24.4, glpi, 172.16.54.32, vega, deneb, 172.16.139.4, srv_web, 172.16.24.3, 172.16.139.9, 172.16.139.8, 172.16.24.4, glpi, 172.16.139.4, vega, 10.217.2.24, tntukweb02, 10.217.2.37, 10.212.5.103, 213.71.24.202, *.emea.tpg.ads,
Do not use proxy server for local (intranet) addressesEnabled
URLs/Important URLs
NameURL
Home page URLabout:blank
Search bar URLNot configured
Online support page URLNot configured
URLs/Favorites and Links
PolicySetting
Place favorites and links at the top of the list in the order specified belowEnabled
Delete existing Favorites and Links, if presentNot configured
Delete existing channels, if presentEnabled
Security/Security Zones and Content Ratings
Security Zones and Privacy
These settings will not apply to users that log on to computers that have the Internet Explorer Enhanced Security Configuration (ESC) enabled. To create settings for users on computers that have ESC enabled, create a new GPO and edit that GPO on a computer where ESC is enabled.
Internet (Security Level: Medium)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching applications and unsafe filesPrompt
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Software channel permissionsMedium safety
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Local intranet (Security Level: Low)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsEnable
Download unsigned ActiveX controlsPrompt
Initialize and script ActiveX controls not marked as safePrompt
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsLow safety
Miscellaneous
Access data sources across domainsEnable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsEnable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsEnable
Launching applications and unsafe filesEnable
Launching programs and files in an IFRAMEEnable
Navigate sub-frames across different domainsEnable
Software channel permissionsLow safety
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptEnable
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon with current username and password
Sites
Require server verification (https:) for all sites in this zoneDisabled
Include all local (intranet) sites not listed in other zonesEnabled
Include all sites that bypass the proxy serverEnabled
Include all network paths (UNCs)Enabled
Sites in this zone
http://localhost/
Trusted sites (Security Level: Custom)
.NET Framework-reliant components
Run components not signed with AuthenticodeEnable
Run components signed with AuthenticodeEnable
ActiveX controls and plug-ins
Download signed ActiveX controlsPrompt
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insEnable
Script ActiveX controls marked safe for scriptingEnable
Downloads
File downloadEnable
Font downloadEnable
Microsoft VM
Java permissionsHigh safety
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHEnable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesEnable
Installation of desktop itemsPrompt
Launching applications and unsafe filesEnable
Launching programs and files in an IFRAMEPrompt
Navigate sub-frames across different domainsDisable
Software channel permissionsMedium safety
Submit nonencrypted form dataEnable
Userdata persistenceEnable
Scripting
Active scriptingEnable
Allow paste operations via scriptPrompt
Scripting of Java appletsEnable
User Authentication
LogonAutomatic logon only in Intranet zone
Sites
Require server verification (https:) for all sites in this zoneEnabled
Sites in this zone
*.englishtown.com
http://10.217.25.70/
https://10.217.25.70/
Restricted sites (Security Level: High)
.NET Framework-reliant components
Run components not signed with AuthenticodeDisable
Run components signed with AuthenticodeDisable
ActiveX controls and plug-ins
Download signed ActiveX controlsDisable
Download unsigned ActiveX controlsDisable
Initialize and script ActiveX controls not marked as safeDisable
Run ActiveX controls and plug-insDisable
Script ActiveX controls marked safe for scriptingDisable
Downloads
File downloadDisable
Font downloadDisable
Microsoft VM
Java permissionsDisable Java
Miscellaneous
Access data sources across domainsDisable
Allow META REFRESHDisable
Display mixed contentPrompt
Don't prompt for client certificate selection when no certificates or only one certificate existsDisable
Drag and drop or copy and paste filesPrompt
Installation of desktop itemsDisable
Launching applications and unsafe filesDisable
Launching programs and files in an IFRAMEDisable
Navigate sub-frames across different domainsDisable
Software channel permissionsHigh safety
Submit nonencrypted form dataPrompt
Userdata persistenceDisable
Scripting
Active scriptingDisable
Allow paste operations via scriptDisable
Scripting of Java appletsDisable
User Authentication
LogonPrompt for user name and password
Sites
Sites in this zone
None
Privacy
Privacy LevelMedium
Web Sites
Always allowNone
Always blockNone
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Hide specified Control Panel itemsDisabled
Prohibit access to Control Panel and PC settingsEnabled
Show only specified Control Panel itemsDisabled
Control Panel/Add or Remove Programs
PolicySettingComment
Hide Add New Programs pageEnabled
Hide Add/Remove Windows Components pageEnabled
Hide Change or Remove Programs pageEnabled
Hide the "Add a program from CD-ROM or floppy disk" optionEnabled
Hide the "Add programs from Microsoft" optionEnabled
Hide the "Add programs from your network" optionEnabled
Hide the Set Program Access and Defaults pageEnabled
Remove Add or Remove ProgramsEnabled
Remove Support InformationEnabled
Control Panel/Display
PolicySettingComment
Hide Settings tabEnabled
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Prevent changing desktop backgroundEnabled
Prevent changing screen saverEnabled
Control Panel/Printers
PolicySettingComment
Browse the network to find printersEnabled
Prevent addition of printersEnabled
Prevent deletion of printersEnabled
Desktop
PolicySettingComment
Do not add shares of recently opened documents to Network LocationsEnabled
Don't save settings at exitDisabled
Hide and disable all items on the desktopDisabled
Hide Internet Explorer icon on desktopDisabled
Hide Network Locations icon on desktopEnabled
Prevent adding, dragging, dropping and closing the Taskbar's toolbarsEnabled
Prohibit adjusting desktop toolbarsEnabled
Prohibit User from manually redirecting Profile FoldersEnabled
Remove Computer icon on the desktopDisabled
Remove My Documents icon on the desktopEnabled
Remove Properties from the Computer icon context menuEnabled
Remove Properties from the Documents icon context menuEnabled
Remove Properties from the Recycle Bin context menuDisabled
Remove Recycle Bin icon from desktopEnabled
Remove the Desktop Cleanup WizardEnabled
Desktop/Desktop
PolicySettingComment
Desktop WallpaperEnabled
Wallpaper Name:C:\Windows\Temp\tp.bmp
Example: Using a local path: C:\windows\web\wallpaper\home.jpg
Example: Using a UNC path: \\Server\Share\Corp.jpg
Wallpaper Style:Center
PolicySettingComment
Disable Active DesktopDisabled
Enable Active DesktopEnabled
Allows HTML and JPEG Wallpaper
Network/Offline Files
PolicySettingComment
Prevent use of Offline Files folderEnabled
Remove "Make Available Offline" commandEnabled
Synchronize all offline files before logging offDisabled
Synchronize all offline files when logging onDisabled
Start Menu and Taskbar
PolicySettingComment
Add Logoff to the Start MenuEnabled
Clear the recent programs list for new usersEnabled
Do not allow pinning programs to the TaskbarEnabled
Do not display any custom toolbars in the taskbarEnabled
Do not search programs and Control Panel itemsEnabled
Do not use the search-based method when resolving shell shortcutsEnabled
Do not use the tracking-based method when resolving shell shortcutsEnabled
Force classic Start MenuEnabled
Gray unavailable Windows Installer programs Start Menu shortcutsEnabled
Lock the TaskbarEnabled
Prevent changes to Taskbar and Start Menu SettingsEnabled
Prevent grouping of taskbar itemsEnabled
Prevent users from adding or removing toolbarsEnabled
Prevent users from customizing their Start ScreenEnabled
Remove Balloon Tips on Start Menu itemsEnabled
Remove common program groups from Start MenuEnabled
Remove Default Programs link from the Start menu.Enabled
Remove Documents icon from Start MenuEnabled
Remove Downloads link from Start MenuEnabled
Remove Favorites menu from Start MenuEnabled
Remove frequent programs list from the Start MenuEnabled
Remove Games link from Start MenuEnabled
Remove Help menu from Start MenuEnabled
Remove Homegroup link from Start MenuEnabled
Remove links and access to Windows UpdateEnabled
Remove Music icon from Start MenuEnabled
Remove Network Connections from Start MenuEnabled
Remove Network icon from Start MenuEnabled
Remove Pictures icon from Start MenuEnabled
Remove pinned programs from the TaskbarEnabled
Remove pinned programs list from the Start MenuEnabled
Remove Recent Items menu from Start MenuEnabled
Remove Recorded TV link from Start MenuEnabled
Remove Run menu from Start MenuEnabled
Remove Search Computer linkEnabled
Remove Search link from Start MenuDisabled
Remove the "Undock PC" button from the Start MenuEnabled
Turn off personalized menusEnabled
Turn off user trackingEnabled
System
PolicySettingComment
Century interpretation for Year 2000Disabled
Do not display the Getting Started welcome screen at logonEnabled
Don't run specified Windows applicationsEnabled
List of disallowed applications
*.bat
*.com
*.exe
*.msc
*.msi
PolicySettingComment
Download missing COM componentsDisabled
Prevent access to registry editing toolsEnabled
Disable regedit from running silently?Yes
PolicySettingComment
Prevent access to the command promptEnabled
Disable the command prompt script processing also?No
PolicySettingComment
Restrict these programs from being launched from HelpEnabled
Enter executables separated by commas:*.exe;*.comm;*.dll;*.msc;*.mmc
Example: calc.exe,paint.exe
PolicySettingComment
Windows Automatic UpdatesDisabled
System/Driver Installation
PolicySettingComment
Code signing for driver packagesEnabled
When Windows detects a driver file without a digital signature:Block
PolicySettingComment
Configure driver search locationsEnabled
Do not search floppy disk drivesEnabled
Do not search CD-ROM drivesEnabled
Do not search Windows UpdateEnabled
PolicySettingComment
Turn off Windows Update device driver search promptEnabled
System/Folder Redirection
PolicySettingComment
Do not automatically make all redirected folders available offlineEnabled
System/Group Policy
PolicySettingComment
Set Group Policy refresh interval for usersEnabled
This setting allows you to customize how often Group Policy is applied
to users. The range is 0 to 44640 minutes (31 days).
Minutes:1
This is a random time added to the refresh interval to prevent
all clients from requesting Group Policy at the same time.
The range is 0 to 1440 minutes (24 hours)
Minutes:2
System/Internet Communication Management/Internet Communication settings
PolicySettingComment
Turn off downloading of print drivers over HTTPEnabled
Turn off Internet download for Web publishing and online ordering wizardsEnabled
Turn off Internet File Association serviceEnabled
Turn off printing over HTTPEnabled
Turn off the "Order Prints" picture taskEnabled
Turn off the "Publish to Web" task for files and foldersEnabled
Turn off the Windows Messenger Customer Experience Improvement ProgramEnabled
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/File Explorer
PolicySettingComment
Allow only per user or approved shell extensionsEnabled
Display confirmation dialog when deleting filesEnabled
Do not allow Folder Options to be opened from the Options button on the View tab of the ribbonEnabled
Do not move deleted files to the Recycle BinDisabled
Do not request alternate credentialsEnabled
Do not track Shell shortcuts during roamingEnabled
Hides the Manage item on the File Explorer context menuEnabled
Maximum number of recent documentsEnabled
Maximum number of recent documents15
PolicySettingComment
No Computers Near Me in Network LocationsEnabled
No Entire Network in Network LocationsEnabled
Remove "Map Network Drive" and "Disconnect Network Drive"Enabled
Remove CD Burning featuresEnabled
Remove DFS tabEnabled
Remove File Explorer's default context menuDisabled
Remove File menu from File ExplorerEnabled
Remove Hardware tabEnabled
Remove Search button from File ExplorerDisabled
Remove Security tabEnabled
Remove Shared Documents from My ComputerEnabled
Remove UI to change keyboard navigation indicator settingEnabled
Remove UI to change menu animation settingEnabled
Request credentials for network installationsEnabled
Turn off caching of thumbnail picturesEnabled
Turn off shell protocol protected modeEnabled
Turn off Windows Key hotkeysDisabled
Windows Components/File Explorer/Common Open File Dialog
PolicySettingComment
Hide the common dialog places barEnabled
Hide the dropdown list of recent filesEnabled
Items displayed in Places BarDisabled
Windows Components/Internet Explorer
PolicySettingComment
Disable caching of Auto-Proxy scriptsEnabled
Disable changing accessibility settingsEnabled
Disable changing Advanced page settingsEnabled
Disable changing Automatic Configuration settingsEnabled
Disable changing Calendar and Contact settingsEnabled
Disable changing certificate settingsEnabled
Disable changing color settingsEnabled
Disable changing connection settingsEnabled
Disable changing default browser checkEnabled
Disable changing font settingsEnabled
Disable changing home page settingsEnabled
Home Page 
PolicySettingComment
Disable changing language settingsEnabled
Disable changing link color settingsEnabled
Disable changing Messaging settingsEnabled
Disable changing Profile Assistant settingsEnabled
Disable changing ratings settingsEnabled
Disable changing Temporary Internet files settingsEnabled
Disable external branding of Internet ExplorerEnabled
Disable Import/Export Settings wizardEnabled
Disable Internet Connection wizardEnabled
Disable the Reset Web Settings featureEnabled
Display error message on proxy script download failureEnabled
Do not allow users to enable or disable add-onsEnabled
Identity Manager: Prevent users from using IdentitiesEnabled
Prevent changing proxy settingsEnabled
Prevent configuration of how windows openEnabled
Select where to open linksOpen in a new Internet Explorer window
PolicySettingComment
Search: Disable Find Files via F3 within the browserEnabled
Turn off Crash DetectionEnabled
Turn off pop-up managementEnabled
Use Automatic Detection for dial-up connectionsDisabled
Windows Components/Internet Explorer/Delete Browsing History
PolicySettingComment
Disable "Configuring History"Enabled
Days to keep pages in History 
Windows Components/Internet Explorer/Internet Control Panel
PolicySettingComment
Disable the Connections pageEnabled
Windows Components/Internet Explorer/Internet Control Panel/Security Page
PolicySettingComment
Locked-Down Trusted Sites Zone TemplateEnabled
Locked-Down Trusted SitesLow
PolicySettingComment
Site to Zone Assignment ListEnabled
Enter the zone assignments here. 
altair2
http://10.217.25.70/2
http://config.crossknowledge.com2
http://cours.crossknowledge.com2
http://sigal.crossknowledge.com2
https://helpdesk-fr.teleperformance.com/caisd/pdmweb.exe2
reporting.teleperformance.fr2
tntukweb022
vega2
PolicySettingComment
Trusted Sites Zone TemplateEnabled
Trusted SitesLow
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Intranet Zone
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsEnable
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsEnable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsEnable
PolicySettingComment
Use Pop-up BlockerDisabled
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Trusted Sites Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsEnable
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingDisable
PolicySettingComment
Allow binary and script behaviorsEnabled
Allow Binary and Script BehaviorsAdministrator approved
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptEnable
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesEnable
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsEnable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsEnable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsEnable
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHEnable
PolicySettingComment
Allow script-initiated windows without size or position constraintsEnabled
Allow script-initiated windows without size or position constraintsDisable
PolicySettingComment
Automatic prompting for ActiveX controlsEnabled
Automatic prompting for ActiveX controlsDisable
PolicySettingComment
Automatic prompting for file downloadsEnabled
Automatic prompting for file downloadsDisable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Disable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsEnable
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsDisable
PolicySettingComment
Enable MIME SniffingEnabled
Enable MIME SniffingDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabled
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabled
Java permissionsDisable Java
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEEnable
PolicySettingComment
Logon optionsEnabled
Logon optionsAutomatic logon with current username and password
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsEnable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeDisable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeDisable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsDisable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingEnable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsEnable
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsLow safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataEnable
PolicySettingComment
Use Pop-up BlockerEnabled
Use Pop-up BlockerDisable
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceEnable
PolicySettingComment
Web sites in less privileged Web content zones can navigate into this zoneEnabled
Web sites in less privileged Web content zones can navigate into this zoneDisable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone
PolicySettingComment
Access data sources across domainsEnabled
Access data sources across domainsEnable
PolicySettingComment
Allow active content over restricted protocols to access my computerEnabled
Allow active content over restricted protocols to access my computerPrompt
PolicySettingComment
Allow active scriptingEnabled
Allow active scriptingEnable
PolicySettingComment
Allow binary and script behaviorsEnabled
Allow Binary and Script BehaviorsEnable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabled
Allow paste operations via scriptEnable
PolicySettingComment
Allow drag and drop or copy and paste filesEnabled
Allow drag and drop or copy and paste filesEnable
PolicySettingComment
Allow file downloadsEnabled
Allow file downloadsEnable
PolicySettingComment
Allow font downloadsEnabled
Allow font downloadsEnable
PolicySettingComment
Allow installation of desktop itemsEnabled
Allow installation of desktop itemsEnable
PolicySettingComment
Allow META REFRESHEnabled
Allow META REFRESHEnable
PolicySettingComment
Allow script-initiated windows without size or position constraintsEnabled
Allow script-initiated windows without size or position constraintsEnable
PolicySettingComment
Automatic prompting for ActiveX controlsEnabled
Automatic prompting for ActiveX controlsEnable
PolicySettingComment
Automatic prompting for file downloadsEnabled
Automatic prompting for file downloadsEnable
PolicySettingComment
Display mixed contentEnabled
Display mixed contentPrompt
PolicySettingComment
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enabled
Do not prompt for client certificate selection when no certificates or only one certificate exists.Enable
PolicySettingComment
Download signed ActiveX controlsEnabled
Download signed ActiveX controlsEnable
PolicySettingComment
Download unsigned ActiveX controlsEnabled
Download unsigned ActiveX controlsPrompt
PolicySettingComment
Enable MIME SniffingEnabled
Enable MIME SniffingEnable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabled
Initialize and script ActiveX controls not marked as safePrompt
PolicySettingComment
Java permissionsEnabled
Java permissionsLow safety
PolicySettingComment
Launching applications and files in an IFRAMEEnabled
Launching applications and files in an IFRAMEEnable
PolicySettingComment
Logon optionsEnabled
Logon optionsAutomatic logon with current username and password
PolicySettingComment
Navigate windows and frames across different domainsEnabled
Navigate windows and frames across different domainsEnable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabled
Run .NET Framework-reliant components not signed with AuthenticodeEnable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabled
Run .NET Framework-reliant components signed with AuthenticodeEnable
PolicySettingComment
Run ActiveX controls and pluginsEnabled
Run ActiveX controls and pluginsEnable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabled
Script ActiveX controls marked safe for scriptingEnable
PolicySettingComment
Scripting of Java appletsEnabled
Scripting of Java appletsEnable
PolicySettingComment
Software channel permissionsEnabled
Software channel permissionsLow safety
PolicySettingComment
Submit non-encrypted form dataEnabled
Submit non-encrypted form dataEnable
PolicySettingComment
Use Pop-up BlockerEnabled
Use Pop-up BlockerDisable
PolicySettingComment
Userdata persistenceEnabled
Userdata persistenceEnable
PolicySettingComment
Web sites in less privileged Web content zones can navigate into this zoneEnabled
Web sites in less privileged Web content zones can navigate into this zonePrompt
Windows Components/NetMeeting/Application Sharing
PolicySettingComment
Disable application SharingEnabled
Prevent Application Sharing in true colorEnabled
Prevent ControlEnabled
Prevent Desktop SharingEnabled
Prevent SharingEnabled
Prevent Sharing Command PromptsEnabled
Prevent Sharing Explorer windowsEnabled
Windows Components/NetMeeting/Audio & Video
PolicySettingComment
Disable AudioEnabled
Disable full duplex AudioEnabled
Prevent changing DirectSound Audio settingEnabled
Prevent receiving VideoEnabled
Prevent sending VideoEnabled
Windows Components/NetMeeting/Options Page
PolicySettingComment
Disable the Advanced Calling buttonEnabled
Hide the Audio pageEnabled
Hide the General pageEnabled
Hide the Security pageEnabled
Hide the Video pageEnabled
Windows Components/Remote Desktop Services/Remote Desktop Connection Client
PolicySettingComment
Do not allow passwords to be savedEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
End session when time limits are reachedEnabled
Set time limit for disconnected sessionsEnabled
End a disconnected session5 minutes
Windows Components/Windows Installer
PolicySettingComment
Always install with elevated privilegesDisabled
Prevent removable media source for any installationEnabled
Prohibit rollbackEnabled
This policy setting may be set for the machine or for the user.
PolicySettingComment
Specify the order in which Windows Installer searches for installation filesDisabled
Windows Components/Windows Media Player
PolicySettingComment
Prevent CD and DVD Media Information RetrievalEnabled
Prevent Music File Media Information RetrievalEnabled
Prevent Radio Station Preset RetrievalEnabled
Windows Components/Windows Media Player/Playback
PolicySettingComment
Allow Screen SaverDisabled
Prevent Codec DownloadEnabled
Windows Components/Windows Messenger
PolicySettingComment
Do not allow Windows Messenger to be runEnabled
Do not automatically start Windows Messenger initiallyEnabled
Windows Components/Windows Update/Legacy Policies
PolicySettingComment
Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog boxEnabled
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog boxEnabled
Windows Components/Windows Update/Manage updates offered from Windows Server Update Service
PolicySettingComment
Remove access to use all Windows Update featuresEnabled
Configure notifications: 
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Microsoft\Outlook Express\BlockExeAttachments0
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives66617335
Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewOnDrive66617335
Software\Policies\Microsoft\Windows\AppCompat\VDMDisallowed1
Software\Policies\Microsoft\WindowsMovieMaker\MovieMaker1