Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
NLCTX-PO-WIN-Computer Restrictions and Hardening
Data collected on: 2-9-2025 10:15:10
General
Details
Domainemea.tpg.ads
OwnerEMEA\cloots.5-adm
Created8-2-2022 11:31:24
Modified6-8-2025 18:04:20
User Revisions37 (AD), 37 (SYSVOL)
Computer Revisions355 (AD), 355 (SYSVOL)
Unique ID{e6e42b51-4084-4f43-9bf5-46749371f44e}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
SBCNoEnabledemea.tpg.ads/NL/Systems/CitrixBNL/SBC
StagingNoDisabledemea.tpg.ads/NL/Systems/CitrixBNL/Staging
VDINoEnabledemea.tpg.ads/NL/Systems/CitrixBNL/VDI
EnecoYesEnabledemea.tpg.ads/NL/Systems/Test/VDI/Eneco
HSDNoEnabledemea.tpg.ads/SR/Systems/Citrix/HSD
VDINoEnabledemea.tpg.ads/SR/Systems/Citrix/VDI

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\cloots.5-admEdit settings, delete, modify securityNo
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\NL-L-SEC-Delegation Modify Group Policy Settings AccessEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit directory service accessSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess, Failure
Audit system eventsSuccess, Failure
Local Policies/User Rights Assignment
PolicySetting
Deny log on locallyEMEA\NL-L-SEC-Deny Local Logon ADM accounts, EMEA\NL-L-SEC-Service Accounts Restrictions
Deny log on through Terminal ServicesEMEA\NL-L-SEC-Deny Local Logon ADM accounts
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Accounts: Rename administrator account"Apollo"
Devices
PolicySetting
Devices: Prevent users from installing printer driversDisabled
Interactive Logon
PolicySetting
Interactive logon: Don't display last signed-inEnabled
Shutdown
PolicySetting
Shutdown: Clear virtual memory pagefileEnabled
Event Log
PolicySetting
Maximum application log size3000000 kilobytes
Maximum security log size3000000 kilobytes
Maximum system log size3000000 kilobytes
Retain security log90 days
Retention method for application logAs needed
Retention method for security logBy days
Retention method for system logAs needed
System Services
Browser (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Registry (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Task Scheduler (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Shell Hardware Detection (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Image Acquisition (WIA) (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Telephony (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
File System
%ProgramFiles% (x86)\Kobo
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowS-1-5-21-513466819-3096973226-347852806-474671Full ControlThis folder, subfolders and files
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%ProgramFiles%\Common Files\microsoft shared\VGX\VGX.dll
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%UserProfile%\Desktop
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
AllowCREATOR OWNERRead and ExecuteThis folder, subfolders and files
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Registry
MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddMediaServer
Configure this key then: Replace existing permissions on all subkeys with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\UsersReadThis key and subkeys
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESReadThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Configure this key then: Replace existing permissions on all subkeys with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\UsersReadThis key and subkeys
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESReadThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowFileExtensions
Configure this key then: Replace existing permissions on all subkeys with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\UsersReadThis key and subkeys
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESReadThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowHiddenFiles
Configure this key then: Replace existing permissions on all subkeys with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\UsersReadThis key and subkeys
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESReadThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Public Key Policies/Certificate Path Validation Settings/Network Retrieval
PolicySetting
Default URL retrieval timeout in seconds15
Default path validation cumulative timeout in seconds20
Allow issuer certificate retrieval during path validationEnabled
Default cross-certificate download interval in hours168
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
DigiCert Global Root CADigiCert Global Root CA10-11-2031 01:00:00<All>
IISBV Root CA v3IISBV Root CA v39-6-2036 11:13:31<All>
IKEA Issuing CA V3IISBV Root CA v35-7-2026 15:55:00<All>
QuoVadis Root CA 2 G3QuoVadis Root CA 2 G312-1-2042 19:59:32<All>
ssl-proxy-trusted.tpnordic.localssl-proxy-trusted.tpnordic.local17-9-2024 13:37:31<All>
USERTrust RSA Certification AuthorityAAA Certificate Services1-1-2029 00:59:59<All>
Zscaler Intermediate Root CA (zscloud.net)Zscaler Root CA23-6-2041 07:33:19<All>

For additional information about individual settings, launch the Local Group Policy Object Editor.
Public Key Policies/Intermediate Certification Authority Certificates
Issued ToIssued ByExpiration DateIntended Purposes
Sectigo RSA Organization Validation Secure Server CAUSERTrust RSA Certification Authority1-1-2031 00:59:59Server Authentication, Client Authentication
Thawte RSA CA 2018DigiCert Global Root CA6-11-2027 13:23:52Server Authentication, Client Authentication
Zscaler Intermediate Root CA (zscloud.net) (t) Zscaler Intermediate Root CA (zscloud.net)11-2-2023 03:01:00<All>

For additional information about individual settings, launch the Local Group Policy Object Editor.
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy versionNot Configured
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNo
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Connection Security Settings
Advanced Audit Configuration
Account Logon
PolicySetting
Audit Other Account Logon EventsSuccess, Failure
Account Management
PolicySetting
Audit Application Group ManagementSuccess, Failure
Audit Computer Account ManagementSuccess, Failure
Audit Security Group ManagementSuccess, Failure
Audit User Account ManagementSuccess, Failure
Detailed Tracking
PolicySetting
Audit Process CreationSuccess, Failure
Audit Process TerminationSuccess, Failure
Logon/Logoff
PolicySetting
Audit Account LockoutSuccess, Failure
Audit LogoffSuccess, Failure
Audit LogonSuccess, Failure
Audit Special LogonSuccess, Failure
Policy Change
PolicySetting
Audit Audit Policy ChangeSuccess, Failure
Audit Authentication Policy ChangeSuccess, Failure
System
PolicySetting
Audit Security State ChangeSuccess, Failure
Audit System IntegritySuccess, Failure
Application Control Policies
Appx Rules
No rules of type 'Appx Rules' are defined.
Dll Rules
No rules of type 'Dll Rules' are defined.
Executable Rules
No rules of type 'Executable Rules' are defined.
Windows Installer Rules
No rules of type 'Windows Installer Rules' are defined.
Script Rules
No rules of type 'Script Rules' are defined.
Policy-based QoS
QoS Policies
Policy NameDSCP ValueThrottle Rate (KBps) Policy Conditions
screenagent0150Protocol: TCP
Application: %ProgramFiles (x86)\Nice Systems\ScreenAgent\SASession.exe
Source IP: Any
Destination IP: Any
Source Port: Any
Destination Port: Any

Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Citrix Components/Workspace Environment Management/Agent Host Configuration
PolicySettingComment
Agent service portEnabled
Agent service port :8286
PolicySettingComment
Cache synchronization portEnabled
Cache synchronization port :8288
PolicySettingComment
Infrastructure serverEnabled
Infrastructure server :nlamsctwem01.emea.tpg.ads
LAPS
PolicySettingComment
Do not allow password expiration time longer than required by policyEnabled
Enable local admin password managementEnabled
Password SettingsEnabled
Password ComplexityLarge letters + small letters + numbers + specials
Password Length14
Password Age (Days)30
Network/Network Connections/Windows Defender Firewall/Domain Profile
PolicySettingComment
Windows Defender Firewall: Prohibit notificationsEnabled
Windows Defender Firewall: Protect all network connectionsDisabled
Printers
PolicySettingComment
Point and Print RestrictionsEnabled
Users can only point and print to these servers:Disabled
Enter fully qualified server names separated by semicolons
Users can only point and print to machines in their forestDisabled
Security Prompts:
When installing drivers for a new connection:Do not show warning or elevation prompt
When updating drivers for an existing connection:Do not show warning or elevation prompt
This setting only applies to:
Windows Vista and later
System/Group Policy
PolicySettingComment
Configure folder redirection policy processingEnabled
Allow processing across a slow network connectionDisabled
Process even if the Group Policy objects have not changedEnabled
PolicySettingComment
Continue experiences on this deviceDisabled
System/Internet Communication Management/Internet Communication settings
PolicySettingComment
Turn off Automatic Root Certificates UpdateDisabled
System/Power Management/Hard Disk Settings
PolicySettingComment
Turn Off the hard disk (on battery)Enabled
Turn Off the Hard Disk (seconds):0
PolicySettingComment
Turn Off the hard disk (plugged in)Enabled
Turn Off the Hard Disk (seconds):0
System/Power Management/Sleep Settings
PolicySettingComment
Specify the system hibernate timeout (on battery)Enabled
System Hibernate Timeout (seconds):0
PolicySettingComment
Specify the system hibernate timeout (plugged in)Enabled
System Hibernate Timeout (seconds):0
PolicySettingComment
Specify the system sleep timeout (on battery)Enabled
System Sleep Timeout (seconds):0
PolicySettingComment
Specify the system sleep timeout (plugged in)Enabled
System Sleep Timeout (seconds):0
System/Remote Assistance
PolicySettingComment
Configure Offer Remote AssistanceEnabled
Permit remote control of this computer:Allow helpers to remotely control the computer
Helpers:
emea.tpg.ads\NL-G-ORG-User Service Desk Users
emea.tpg.ads\BE-G-ORG-User Service Desk Users
emea.tpg.ads\NL-G-ORG-OU Admins
emea.tpg.ads\NL-L-SEC-Remote Assistance Helpers
System/Removable Storage Access
PolicySettingComment
Removable Disks: Deny execute accessEnabled
Removable Disks: Deny read accessEnabled
Removable Disks: Deny write accessEnabled
System/User Profiles
PolicySettingComment
Add the Administrators security group to roaming user profilesEnabled
Delete cached copies of roaming profilesEnabled
Delete user profiles older than a specified number of days on system restartEnabled
Delete user profiles older than (days)30
Windows Components/AutoPlay Policies
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/Event Log Service/Application
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/Event Log Service/System
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/File Explorer
PolicySettingComment
Set a default associations configuration fileEnabled
Default Associations Configuration Filec:\GPO\DefaultAss\Default.xml
Windows Components/News and interests
PolicySettingComment
Enable news and interests on the taskbarDisabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
PolicySettingComment
Allow users to connect remotely by using Remote Desktop ServicesEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Security
PolicySettingComment
Require use of specific security layer for remote (RDP) connectionsEnabledPCI Plugin 18405
Security LayerSSL
Choose the security layer from the drop-down list.
PolicySettingComment
Require user authentication for remote connections by using Network Level AuthenticationEnabledPCI plugin 58453 and 18405
Set client connection encryption levelEnabledpci plugin 57690 Terminal Service Encryption
Encryption LevelHigh Level
Choose the encryption level from the drop-down list.
Windows Components/Search
PolicySettingComment
Allow CortanaDisabled
Windows Components/Store
PolicySettingComment
Disable all apps from Microsoft Store Enabled
Turn off the Store applicationEnabled
Windows Components/Windows Media Player
PolicySettingComment
Do Not Show First Use Dialog BoxesEnabled
Prevent Automatic UpdatesEnabled
Prevent Media SharingEnabled
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Mozilla\lockPref\network.dns.disableIPv61
Preferences
Windows Settings
Environment Variables
Environment Variable (Variable: JAVA_TOOL_OPTIONS)
JAVA_TOOL_OPTIONS (Order: 1)
General
ActionUpdate
Properties
ContextSystem
VariableJAVA_TOOL_OPTIONS
Value-Djava.vendor="Sun Microsystems Inc."
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Environment Variable (Variable: appgateWW)
appgateWW (Order: 2)
General
ActionUpdate
Properties
ContextSystem
VariableappgateWW
Value--url="appgate://access.wwiops.io/eyJwcm9maWxlTmFtZSI6IldXLVBhcnRuZXJzIiwic3BhIjp7Im1vZGUiOiJUQ1AiLCJuYW1lIjoid3dfY2xpZW50cyIsImtleSI6Ijc0MzlkZWI4MTMxMmE3OWNmYmYwMDdiYTljZDNlMGJlNjQ1Y2VhYTE0ZjYwNGUyMmJhMGZjNGEzOTI2MmEwNWQifSwiY2FGaW5nZXJwcmludCI6IjlkZTE0YmM2ODhmNjhiMWViZTIxMGZmYjY4YjljZmNjYTAyMWU2MjM5M2E5YzVkMThjMWUzYWExMGJmMzA0NGMiLCJpZGVudGl0eVByb3ZpZGVyTmFtZSI6IldXLVBhcnRuZXJzIn0="
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Files
File (Target Path: C:\Windows\System32\drivers\etc\hosts)
hosts (Order: 1)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\NL\Amsterdam\Settings\Pushfiles\Hostfile\hosts
Destination fileC:\Windows\System32\drivers\etc\hosts
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
File (Target Path: C:\Program Files\NICE\WFM\7.3\TP-DENLPLAC\wfm\configuration\config.ini)
config.ini (Order: 2)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\nl\Amsterdam\Settings\Pushfiles\IEX 7.3\Amsterdam\config.ini
Destination fileC:\Program Files\NICE\WFM\7.3\TP-DENLPLAC\wfm\configuration\config.ini
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
File (Target Path: C:\GPO\IE11Mode\IE11_Sitelist.xml)
IE11_Sitelist.xml (Order: 3)
General
ActionUpdate
Properties
Source file(s)\\emea.tpg.ads\nl\Amsterdam\Settings\Pushfiles\IE11Mode\IE11_Sitelist.xml
Destination fileC:\GPO\IE11Mode\IE11_Sitelist.xml
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
File (Target Path: c:\GPO\DefaultAss\Default.xml)
Default.xml (Order: 4)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\NL\Amsterdam\Settings\Pushfiles\Comp_Rest_Hard_Pol\Default.xml
Destination filec:\GPO\DefaultAss\Default.xml
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Registry
InitialKeyboardIndicators (Order: 1)
General
ActionUpdate
Properties
HiveHKEY_USERS
Key path.DEFAULT\Control Panel\Keyboard
Value nameInitialKeyboardIndicators
Value typeREG_SZ
Value data2
Common
Options
Stop processing items on this extension if an error occurs on this itemYes
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Enable num-lock on startup
BlockNetFramework451 (Order: 2)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\NET Framework Setup\NDP
Value nameBlockNetFramework451
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
UserFeedbackAllowed (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Edge
Value nameUserFeedbackAllowed
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
enablesecuritysignature (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanServer\Parameters
Value nameenablesecuritysignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Signing PCI 57608
requiresecuresignature (Order: 5)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanServer\Parameters
Value namerequiresecuresignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Signing PCI 57608
RequireSecuritySignature (Order: 6)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters
Value nameRequireSecuritySignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Signing PCI 57608
EnableSecuritySignature (Order: 7)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters
Value nameEnableSecuritySignature
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
SMB Siging PCI 57608
TurnOffSidebar (Order: 8)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar
Value nameTurnOffSidebar
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
PCI Plugin 59915
CachedLogonsCount (Order: 9)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Value nameCachedLogonsCount
Value typeREG_SZ
Value data0
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Plugin ID 11457
LmCompatibilityLevel (Order: 10)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Lsa
Value nameLmCompatibilityLevel
Value typeREG_DWORD
Value data0x3 (3)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 11)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSystem\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 12)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSystem\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexeplore.exe (Order: 13)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX
Value nameiexeplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexplore.exe (Order: 14)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PRINT_INFO_DISCLOSURE_FIX
Value nameiexplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexplore.exe (Order: 15)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING
Value nameiexplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
iexplore.exe (Order: 16)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ALLOW_USER32_EXCEPTION_HANDLER_HARDENING
Value nameiexplore.exe
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CWDIllegalInDllSearch (Order: 17)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager
Value nameCWDIllegalInDllSearch
Value typeREG_DWORD
Value data0x2 (2)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
FeatureSettingsOverride (Order: 18)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
Value nameFeatureSettingsOverride
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Nessus Plugin 111689
FeatureSettingsOverrideMask (Order: 19)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\Memory Management
Value nameFeatureSettingsOverrideMask
Value typeREG_DWORD
Value data0x3 (3)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Nessus Plugin 111689
RestrictDriverInstallationToAdministrators (Order: 20)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint
Value nameRestrictDriverInstallationToAdministrators
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AllocateCDRoms (Order: 21)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Value nameAllocateCDRoms
Value typeREG_SZ
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NoDriveTypeAutoRun (Order: 22)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value nameNoDriveTypeAutoRun
Value typeREG_DWORD
Value data0xFF (255)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NtfsDisable8dot3NameCreation (Order: 23)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\FileSystem
Value nameNtfsDisable8dot3NameCreation
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Optional (Order: 24)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager\SubSystems
Value nameOptional
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Enabled (Order: 25)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 26)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NoNewAppAlert (Order: 27)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\Explorer
Value nameNoNewAppAlert
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DelayedDesktopSwitchTimeout (Order: 28)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
Value nameDelayedDesktopSwitchTimeout
Value typeREG_DWORD
Value data0x5 (5)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Installed Components (Order: 29)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Active Setup\Installed Components
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Installed Components (Order: 30)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Scancode Map (Order: 31)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Keyboard Layout
Value nameScancode Map
Value typeREG_BINARY
Value data00000000000000000400000000002AE0000037E00000540000000000
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeMask (Order: 32)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Value nameAttributeMask
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeValue (Order: 33)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Value nameAttributeValue
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ImpliedSelectionModel (Order: 34)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Value nameImpliedSelectionModel
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ExplorerCommandHandler (Order: 35)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSoftware\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddNetworkLocation
Value nameExplorerCommandHandler
Value typeREG_SZ
Value data
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeMask (Order: 36)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowFileExtensions
Value nameAttributeMask
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeValue (Order: 37)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowFileExtensions
Value nameAttributeValue
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ImpliedSelectionModel (Order: 38)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowFileExtensions
Value nameImpliedSelectionModel
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ExplorerCommandHandler (Order: 39)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowFileExtensions
Value nameExplorerCommandHandler
Value typeREG_SZ
Value data
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeMask (Order: 40)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddMediaServer
Value nameAttributeMask
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeValue (Order: 41)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddMediaServer
Value nameAttributeValue
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ImpliedSelectionModel (Order: 42)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddMediaServer
Value nameImpliedSelectionModel
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ExplorerCommandHandler (Order: 43)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.AddMediaServer
Value nameExplorerCommandHandler
Value typeREG_SZ
Value data
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeMask (Order: 44)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowHiddenFiles
Value nameAttributeMask
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AttributeValue (Order: 45)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowHiddenFiles
Value nameAttributeValue
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ImpliedSelectionModel (Order: 46)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowHiddenFiles
Value nameImpliedSelectionModel
Value typeREG_DWORD
Value data0x100000 (1048576)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ExplorerCommandHandler (Order: 47)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\CommandStore\shell\Windows.ShowHiddenFiles
Value nameExplorerCommandHandler
Value typeREG_SZ
Value data
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Local Users and Groups
User (Name: Administrator (built-in))
Administrator (built-in) (Order: 2)
Local User
ActionUpdate
Properties
User nameAdministrator (built-in)
Rename toApollo
User cannot change passwordFalse
Password never expiresTrue
Account is disabledFalse
Account expiresNever
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Group (Name: Remote Desktop Users (built-in))
Remote Desktop Users (built-in) (Order: 1)
Local Group
ActionUpdate
Properties
Group nameRemote Desktop Users (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
EMEA\NL-L-SEC-Remote Desktop Access UsersS-1-5-21-513466819-3096973226-347852806-433231
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Group (Name: Administrators (built-in))
Administrators (built-in) (Order: 3)
Local Group
ActionUpdate
Properties
Group nameAdministrators (built-in)
Delete all member usersDisabled
Delete all member groupsDisabled
Add members
EMEA\NL-L-SEC-Delegation Local Administration Rights Client SystemsS-1-5-21-513466819-3096973226-347852806-2181
EMEA\emeanessus.1S-1-5-21-513466819-3096973226-347852806-32532
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Services
Service (Name: wmiApSrv)
wmiApSrv (Order: 1)
General
Service namewmiApSrv
ActionStart service
Startup type:Automatic
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.