Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
PCUB-PO-WIN-C-Remote Controll Servers Settings
Data collected on: 2-9-2025 09:00:02
General
Details
Domainemea.tpg.ads
OwnerS-1-5-21-513466819-3096973226-347852806-305342
Created27-10-2016 10:53:22
Modified3-4-2025 13:49:12
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions20 (AD), 20 (SYSVOL)
Unique ID{f2467b4d-6ae5-42f9-b4f0-92bd15ba1298}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
ServersNoEnabledemea.tpg.ads/LT/Systems/Servers
ServersNoEnabledemea.tpg.ads/PL/Systems/Servers
ServersNoEnabledemea.tpg.ads/UA/Systems/Servers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\LT-L-SEC-Server Remote Controll Settings
EMEA\PL-L-SEC-Server Remote Controll Settings
EMEA\UA-L-SEC-Server Remote Controll Settings
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\Domain ComputersReadNo
EMEA\LT-L-SEC-Server Remote Controll SettingsRead (from Security Filtering)No
EMEA\PL-L-SEC-Delegation Modify Group Policy Settings AccessEdit settings, delete, modify securityNo
EMEA\PL-L-SEC-Server Remote Controll SettingsRead (from Security Filtering)No
EMEA\UA-L-SEC-Server Remote Controll SettingsRead (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.22
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Inbound Rules
NameDescription
Remote Service Management (NP-In)Inbound rule for the local Service Control Manager to be remotely managed over Named Pipes.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port445
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileDomain, Private, Public
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupRemote Service Management
Remote Service Management (RPC)Inbound rule for the local Service Control Manager to be remotely managed via RPC/TCP.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\services.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileDomain, Private, Public
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupRemote Service Management
Remote Service Management (RPC-EPMAP)Inbound rule for the RPCSS service to allow RPC/TCP traffic for the local Service Control Manager.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portRPC endpoint mapping
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileDomain, Private, Public
Network interface typeAll
ServiceRPCSS
Allow edge traversalFalse
GroupRemote Service Management
Remote Desktop - Shadow (TCP-In)Inbound rule for the Remote Desktop service to allow shadowing of an existing Remote Desktop session. (TCP-In)
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\RdpSa.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portAny
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalTrue
GroupRemote Desktop
Remote Desktop - User Mode (TCP-In)Inbound rule for the Remote Desktop service to allow RDP traffic. [TCP 3389]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port3389
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicetermservice
Allow edge traversalFalse
GroupRemote Desktop
Remote Desktop - User Mode (UDP-In)Inbound rule for the Remote Desktop service to allow RDP traffic. [UDP 3389]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%SystemRoot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol17
Local port3389
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
Servicetermservice
Allow edge traversalFalse
GroupRemote Desktop
Windows Remote Management (HTTP-In)Inbound rule for Windows Remote Management via WS-Management. [TCP 5985]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port5985
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupWindows Remote Management
Windows Remote Management (HTTP-In)Inbound rule for Windows Remote Management via WS-Management. [TCP 5985]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port5985
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupWindows Remote Management
Windows Remote Management - Compatibility Mode (HTTP-In)Compatibility mode inbound rule for Windows Remote Management via WS-Management. [TCP 80]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port80
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupWindows Remote Management (Compatibility)
File and Printer Sharing (Echo Request - ICMPv4-In)Echo Request messages are sent as ping requests to other nodes.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramAny
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol1
Local portAny
Remote portAny
ICMP settingstype 8:code any
Local scopeAny
Remote scopeAny
ProfileDomain, Private, Public
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupFile and Printer Sharing
File Server Remote Management (DCOM-In)Inbound rule to allow DCOM traffic to manage the File Services role.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%systemroot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port135
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceRPCSS
Allow edge traversalFalse
GroupFile Server Remote Management
File Server Remote Management (SMB-In)Inbound rule to allow SMB traffic to manage the File Services role.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port445
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupFile Server Remote Management
File Server Remote Management (WMI-In)Inbound rule to allow WMI traffic to manage the File Services role.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
Program%systemroot%\system32\svchost.exe
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local portDynamic RPC
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceWinmgmt
Allow edge traversalFalse
GroupFile Server Remote Management
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
PolicySettingComment
Allow users to connect remotely by using Remote Desktop ServicesEnabled
User Configuration (Enabled)
No settings defined.