Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
MKSKP-PO-WIN-U-PCI_GECSP_Restrictions
Data collected on: 2-9-2025 09:55:18
General
Details
Domainemea.tpg.ads
OwnerEMEA\bahtiri.5-adm
Created26-3-2021 12:26:26
Modified9-2-2023 15:01:00
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{d3e819e5-1b60-4568-9dbd-e2b26f5b23fe}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
MKNoEnabledemea.tpg.ads/MK

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\MK-L-SEC-User Restrictions PCI_GESCP
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\bahtiri.5-admEdit settings, delete, modify securityNo
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\Domain ComputersReadNo
EMEA\MK-L-SEC-Delegation Full AccessEdit settings, delete, modify securityNo
EMEA\MK-L-SEC-Delegation Read Group Policy results Data AccessReadNo
EMEA\MK-L-SEC-User Restrictions PCI_GESCPRead (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Security Settings
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVisual Basic Source File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Hash Rules
Help.Exe (6.3.9600.17415); Help; Command Line Help Utility; Microsoft® Windows® Operating System; Microsoft Corporation
Security LevelDisallowed
Description
Date last modified11-7-2018 12:08:16
MSPAINT.EXE (6.3.9600.17415); MSPAINT; Paint; Microsoft® Windows® Operating System; Microsoft Corporation
Security LevelDisallowed
Description
Date last modified11-7-2018 16:49:47
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified11-7-2018 12:07:11
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified11-7-2018 12:07:11
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy
Security LevelDisallowed
DescriptionDisable Local Cortana Search
Date last modified22-12-2018 14:32:20
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Always open All Control Panel Items when opening Control PanelEnabled
Prohibit access to Control Panel and PC settingsEnabled
Show only specified Control Panel itemsEnabled
List of allowed Control Panel items
Microsoft.AudioDevicesAndSoundThemes
Microsoft.Keyboard
Microsoft.Mouse
Microsoft.RegionalAndLanguageOptions
Control Panel/Add or Remove Programs
PolicySettingComment
Hide Add/Remove Windows Components pageEnabled
Control Panel/Display
PolicySettingComment
Disable the Display Control PanelEnabled
Hide Settings tabEnabled
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Password protect the screen saverEnabled
Prevent changing color and appearanceEnabled
Prevent changing color schemeEnabled
Prevent changing desktop backgroundEnabled
Prevent changing desktop iconsEnabled
Prevent changing mouse pointersEnabled
Prevent changing screen saverEnabled
Prevent changing themeEnabled
Prevent changing visual style for windows and buttonsEnabled
Prohibit selection of visual style font sizeEnabled
Screen saver timeoutEnabled
Number of seconds to wait to enable the screen saver
Seconds:300
Control Panel/Printers
PolicySettingComment
Browse a common web site to find printersDisabled
Browse the network to find printersDisabled
Default Active Directory path when searching for printersDisabled
Package Point and print - Approved serversDisabled
Point and Print RestrictionsDisabled
Prevent addition of printersEnabled
Prevent deletion of printersEnabled
Desktop
PolicySettingComment
Do not add shares of recently opened documents to Network LocationsEnabled
Don't save settings at exitEnabled
Hide and disable all items on the desktopDisabled
Hide Network Locations icon on desktopEnabled
Prevent adding, dragging, dropping and closing the Taskbar's toolbarsEnabled
Prohibit adjusting desktop toolbarsEnabled
Prohibit User from manually redirecting Profile FoldersEnabled
Remove Computer icon on the desktopEnabled
Remove My Documents icon on the desktopEnabled
Remove Properties from the Computer icon context menuEnabled
Remove Properties from the Documents icon context menuEnabled
Remove Properties from the Recycle Bin context menuEnabled
Remove Recycle Bin icon from desktopEnabled
Remove the Desktop Cleanup WizardEnabled
Desktop/Active Directory
PolicySettingComment
Hide Active Directory folderEnabled
Maximum size of Active Directory searchesEnabled
Number of objects returned: 0
Desktop/Desktop
PolicySettingComment
Disable all itemsEnabled
Prohibit adding itemsEnabled
Prohibit changesEnabled
Prohibit deleting itemsEnabled
Prohibit editing itemsEnabled
Google/Google Chrome/Deprecated policies
PolicySettingComment
Choose how to specify proxy server settingsEnabled
Choose how to specify proxy server settingsUse system proxy settings
PolicySettingComment
URL to a proxy .pac fileEnabled
URL to a proxy .pac filehttp://deffmproxyrr.emea.tpg.ads/cfg/config.pac
Mozilla/Firefox
PolicySettingComment
Blocked websitesEnabled
file://c:/
file:///c:/
c:\
PolicySettingComment
Disable Firefox AccountsEnabled
Disable Private BrowsingEnabled
Display Menu Bar (Deprecated)Disabled
Mozilla/Firefox/Proxy Settings
PolicySettingComment
Automatic proxy configuration URLEnabled
URL:http://deffmproxyrr.emea.tpg.ads/cfg/config.pac
PolicySettingComment
Connection TypeEnabled
Use system proxy settings
PolicySettingComment
Do not allow proxy settings to be changedEnabled
Do not prompt for authentication if password is savedDisabled
HTTP ProxyEnabled
Host including port:http://deffmproxyrr.emea.tpg.ads/cfg/config.pac
PolicySettingComment
HTTPS ProxyEnabled
Host including port:
PolicySettingComment
Proxy DNS when using SOCKS v5Disabled
Proxy PassthroughEnabled
No proxy for
Example: .mozilla.org, .net.nz, 192.168.1.0/24
Connections to localhost, 127.0.0.1/8, and ::1 are never proxied.
PolicySettingComment
SOCKS HostEnabled
Host including port:
SOCKS Version:
SOCKS v4
PolicySettingComment
Use HTTP proxy for HTTPSEnabled
Network/Network Connections
PolicySettingComment
Ability to change properties of an all user remote access connectionDisabled
Ability to Enable/Disable a LAN connectionDisabled
Ability to rename all user remote access connectionsDisabled
Ability to rename LAN connectionsDisabled
Ability to rename LAN connections or remote access connections available to all usersDisabled
Prohibit access to properties of a LAN connectionEnabled
Prohibit access to properties of components of a LAN connectionEnabled
Prohibit access to properties of components of a remote access connectionEnabled
Prohibit access to the Advanced Settings item on the Advanced menuEnabled
Prohibit access to the New Connection WizardEnabled
Prohibit access to the Remote Access Preferences item on the Advanced menuEnabled
Prohibit adding and removing components for a LAN or remote access connectionEnabled
Prohibit connecting and disconnecting a remote access connectionEnabled
Prohibit Enabling/Disabling components of a LAN connectionEnabled
Prohibit TCP/IP advanced configurationEnabled
Start Menu and Taskbar
PolicySettingComment
Add "Run in Separate Memory Space" check box to Run dialog boxDisabled
Add Logoff to the Start MenuEnabled
Add Search Internet link to Start MenuDisabled
Add the Run command to the Start MenuDisabled
Change Start Menu power buttonEnabled
Choose one of the following actionsLog off
PolicySettingComment
Clear history of recently opened documents on exitEnabled
Clear the recent programs list for new usersEnabled
Clear tile notifications during log onEnabled
Disable showing balloon notifications as toasts.Enabled
Do not allow pinning programs to the TaskbarEnabled
Do not allow pinning Store app to the TaskbarEnabled
Do not display any custom toolbars in the taskbarEnabled
Do not keep history of recently opened documentsEnabled
Do not search communicationsEnabled
Do not search for filesEnabled
Do not search InternetEnabled
Do not search programs and Control Panel itemsEnabled
Force classic Start MenuDisabled
Force Start to be either full screen size or menu sizeEnabled
Choose one of the following sizesStart menu
PolicySettingComment
Gray unavailable Windows Installer programs Start Menu shortcutsEnabled
Prevent changes to Taskbar and Start Menu SettingsEnabled
Prevent grouping of taskbar itemsEnabled
Prevent users from adding or removing toolbarsEnabled
Prevent users from customizing their Start ScreenEnabled
Prevent users from moving taskbar to another screen dock locationEnabled
Prevent users from rearranging toolbarsEnabled
Prevent users from uninstalling applications from StartEnabled
Remove access to the context menus for the taskbarEnabled
Remove All Programs list from the Start menuEnabled
Choose one of the following actionsRemove and disable setting
PolicySettingComment
Remove Balloon Tips on Start Menu itemsEnabled
Remove common program groups from Start MenuEnabled
Remove Default Programs link from the Start menu.Enabled
Remove Documents icon from Start MenuEnabled
Remove Downloads link from Start MenuEnabled
Remove Favorites menu from Start MenuEnabled
Remove Games link from Start MenuEnabled
Remove Help menu from Start MenuEnabled
Remove Homegroup link from Start MenuEnabled
Remove links and access to Windows UpdateEnabled
Remove Music icon from Start MenuEnabled
Remove Network Connections from Start MenuEnabled
Remove Network icon from Start MenuEnabled
Remove Notifications and Action CenterEnabled
Remove Pictures icon from Start MenuEnabled
Remove pinned programs from the TaskbarEnabled
Remove programs on Settings menuEnabled
Remove Recorded TV link from Start MenuEnabled
Remove Run menu from Start MenuEnabled
Remove Search Computer linkEnabled
Remove Search link from Start MenuEnabled
Remove See More Results / Search Everywhere linkEnabled
Remove the People Bar from the taskbarEnabled
Remove the Security and Maintenance iconEnabled
Remove user folder link from Start MenuEnabled
Remove user's folders from the Start MenuEnabled
Remove Videos link from Start MenuEnabled
Search just apps from the Apps viewDisabled
Show "Run as different user" command on StartDisabled
Show QuickLaunch on TaskbarEnabled
Show the Apps view automatically when the user goes to StartDisabled
Show Windows Store apps on the taskbarDisabled
Start LayoutEnabled
Start Layout File\\emea.tpg.ads\MK\Skopje\Public\Start.xml
Reapply layout at every logon 
PolicySettingComment
Turn off all balloon notificationsEnabled
Turn off automatic promotion of notification icons to the taskbarEnabled
Turn off feature advertisement balloon notificationsEnabled
Turn off notification area cleanupEnabled
Start Menu and Taskbar/Notifications
PolicySettingComment
Turn off tile notificationsEnabled
Turn off toast notificationsEnabled
System
PolicySettingComment
Do not display the Getting Started welcome screen at logonEnabled
Don't run specified Windows applicationsEnabled
List of disallowed applications
cmd.exe
HELPCTR.EXE
helppane.exe
msimn.exe
notepad.exe
paint.exe
powershell.exe
powershell_ise.exe
Winhlp32.exe
wmplayer.exe
wordpad.exe
wmplayer.exe
mspaint.exe
StikyNot.exe
PolicySettingComment
Prevent access to registry editing toolsEnabled
Disable regedit from running silently?No
PolicySettingComment
Prevent access to the command promptEnabled
Disable the command prompt script processing also?No
PolicySettingComment
Restrict these programs from being launched from HelpEnabled
Enter executables separated by commas:paint.exe,powershell.exe,cmd.exe,notepad.exe
Example: calc.exe,paint.exe
System/Ctrl+Alt+Del Options
PolicySettingComment
Remove Task ManagerEnabled
System/Internet Communication Management
PolicySettingComment
Restrict Internet communicationEnabled
System/Internet Communication Management/Internet Communication settings
PolicySettingComment
Turn off downloading of print drivers over HTTPEnabled
Turn off handwriting personalization data sharingEnabled
Turn off handwriting recognition error reportingEnabled
Turn off Help Experience Improvement ProgramEnabled
Turn off Help RatingsEnabled
Turn off Internet download for Web publishing and online ordering wizardsEnabled
Turn off Internet File Association serviceEnabled
Turn off printing over HTTPEnabled
Turn off the "Order Prints" picture taskEnabled
Turn off the "Publish to Web" task for files and foldersEnabled
Turn off the Windows Messenger Customer Experience Improvement ProgramEnabled
Turn off Windows OnlineEnabled
System/Removable Storage Access
PolicySettingComment
All Removable Storage classes: Deny all accessEnabled
CD and DVD: Deny read accessEnabled
CD and DVD: Deny write accessEnabled
Floppy Drives: Deny read accessEnabled
Floppy Drives: Deny write accessEnabled
Removable Disks: Deny read accessEnabled
Removable Disks: Deny write accessEnabled
Tape Drives: Deny read accessEnabled
Tape Drives: Deny write accessEnabled
WPD Devices: Deny read accessEnabled
WPD Devices: Deny write accessEnabled
System/Windows HotStart
PolicySettingComment
Turn off Windows HotStartEnabled
Windows Components/Add features to Windows 10
PolicySettingComment
Prevent the wizard from running.Enabled
Windows Components/AutoPlay Policies
PolicySettingComment
Set the default behavior for AutoRunEnabled
Default AutoRun BehaviorDo not execute any autorun commands
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/Desktop Gadgets
PolicySettingComment
Restrict unpacking and installation of gadgets that are not digitally signed.Enabled
Turn off desktop gadgetsEnabled
Turn Off user-installed desktop gadgetsEnabled
Windows Components/Desktop Window Manager/Window Frame Coloring
PolicySettingComment
Do not allow color changesEnabled
Windows Components/Edge UI
PolicySettingComment
Allow edge swipeDisabled
Disable help tipsEnabled
Do not show recent apps when the mouse is pointing to the upper-left corner of the screenEnabled
Prevent users from replacing the Command Prompt with Windows PowerShell in the menu they see when they right-click the lower-left corner or press the Windows logo key+XEnabled
Search, Share, Start, Devices, and Settings don't appear when the mouse is pointing to the upper-right corner of the screenEnabled
Turn off switching between recent appsEnabled
Turn off tracking of app usageEnabled
Windows Components/File Explorer
PolicySettingComment
Display the menu bar in File Explorer Disabled
Do not move deleted files to the Recycle BinEnabled
Hide these specified drives in My ComputerEnabled
Pick one of the following combinationsRestrict all drives
PolicySettingComment
Hides the Manage item on the File Explorer context menuEnabled
No Computers Near Me in Network LocationsEnabled
No Entire Network in Network LocationsEnabled
Prevent access to drives from My ComputerEnabled
Pick one of the following combinationsRestrict all drives
PolicySettingComment
Prevent users from adding files to the root of their Users Files folder.Enabled
Remove "Map Network Drive" and "Disconnect Network Drive"Enabled
Remove CD Burning featuresEnabled
Remove File Explorer's default context menuEnabled
Remove File menu from File ExplorerEnabled
Remove Hardware tabEnabled
Remove Search button from File ExplorerEnabled
Remove Security tabEnabled
Remove Shared Documents from My ComputerEnabled
Remove the Search the Internet "Search again" linkEnabled
Remove UI to change keyboard navigation indicator settingEnabled
Remove UI to change menu animation settingEnabled
Turn off the caching of thumbnails in hidden thumbs.db filesEnabled
Turn off Windows Key hotkeysEnabled
Windows Components/File Explorer/Common Open File Dialog
PolicySettingComment
Hide the dropdown list of recent filesEnabled
Items displayed in Places BarEnabled
Places to display:
Item 1
Item 2
Item 3
Item 4
Item 5
Windows Components/File Explorer/Explorer Frame Pane
PolicySettingComment
Turn off Preview PaneEnabled
Turn on or off details paneEnabled
Configure details paneAlways hide
Windows Components/File Explorer/Previous Versions
PolicySettingComment
Hide previous versions list for local filesEnabled
Windows Components/Internet Explorer
PolicySettingComment
Search: Disable Search CustomizationEnabled
Windows Components/Internet Explorer/Browser menus
PolicySettingComment
File menu: Disable Save As Web Page CompleteEnabled
File menu: Disable Save As... menu optionEnabled
Help menu: Remove 'For Netscape Users' menu optionEnabled
Help menu: Remove 'Send Feedback' menu optionEnabled
Help menu: Remove 'Tip of the Day' menu optionEnabled
Help menu: Remove 'Tour' menu optionEnabled
Windows Components/Internet Explorer/Delete Browsing History
PolicySettingComment
Allow deleting browsing history on exitEnabled
Disable "Configuring History"Enabled
Days to keep pages in History0
Windows Components/Internet Explorer/Internet Control Panel
PolicySettingComment
Disable the Advanced pageEnabled
Disable the Connections pageEnabled
Disable the Content pageEnabled
Disable the General pageEnabled
Disable the Privacy pageEnabled
Disable the Programs pageEnabled
Disable the Security pageEnabled
Windows Components/Internet Explorer/Internet Control Panel/General Page/Browsing History
PolicySettingComment
Allow websites to store application caches on client computersEnabled
Set application caches expiration time limit for individual domainsEnabled
Number of days1
Windows Components/Internet Explorer/Toolbars
PolicySettingComment
Configure Toolbar ButtonsEnabled
Show Back buttonEnabled
Show Forward buttonEnabled
Show Stop buttonEnabled
Show Refresh buttonEnabled
Show Home buttonEnabled
Show Search buttonDisabled
Show Favorites buttonEnabled
Show History buttonDisabled
Show Folders buttonDisabled
Show Fullscreen buttonDisabled
Show Tools buttonDisabled
Show Mail buttonDisabled
Show Font size buttonDisabled
Show Print buttonDisabled
Show Edit buttonDisabled
Show Discussions buttonDisabled
Show Cut buttonDisabled
Show Copy buttonDisabled
Show Paste buttonDisabled
Show Encoding buttonDisabled
PolicySettingComment
Disable customizing browser toolbar buttonsEnabled
Disable customizing browser toolbarsEnabled
Display tabs on a separate rowEnabled
Lock all toolbarsEnabled
Windows Components/Microsoft Edge
PolicySettingComment
Prevent Microsoft Edge from gathering Live Tile information when pinning a site to StartEnabled
Prevent the First Run webpage from opening on Microsoft EdgeEnabled
Windows Components/Store
PolicySettingComment
Turn off the Store applicationEnabled
Windows Components/Task Scheduler
PolicySettingComment
Prohibit New Task CreationEnabled
Windows Components/Windows Defender SmartScreen/Microsoft Edge
PolicySettingComment
Configure Windows Defender SmartScreenDisabled
Windows Components/Windows Error Reporting
PolicySettingComment
Do not send additional dataEnabled
Windows Components/Windows Installer
PolicySettingComment
Prevent removable media source for any installationEnabled
Windows Components/Windows Logon Options
PolicySettingComment
Report when logon server was not available during user logonEnabled
Windows Components/Windows Mail
PolicySettingComment
Turn off Windows Mail applicationEnabled
Windows Components/Windows Media Center
PolicySettingComment
Do not allow Windows Media Center to runEnabled
Windows Components/Windows Media Player
PolicySettingComment
Prevent CD and DVD Media Information RetrievalEnabled
Prevent Music File Media Information RetrievalEnabled
Prevent Radio Station Preset RetrievalEnabled
Windows Components/Windows Media Player/User Interface
PolicySettingComment
Do Not Show AnchorEnabled
Windows Components/Windows Messenger
PolicySettingComment
Do not allow Windows Messenger to be runEnabled
Do not automatically start Windows Messenger initiallyEnabled
Windows Components/Windows Mobility Center
PolicySettingComment
Turn off Windows Mobility CenterEnabled
Windows Components/Windows PowerShell
PolicySettingComment
Turn on Script ExecutionDisabled
Windows Components/Windows SideShow
PolicySettingComment
Turn off Windows SideShowEnabled
Windows Components/Windows Update/Manage updates offered from Windows Server Update Service
PolicySettingComment
Remove access to use all Windows Update featuresEnabled
Configure notifications:1 - Show restart required notifications
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Mozilla\Firefox\Proxy\FTPProxy