Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
PT-PO-WIN-ADM-U-Restrictions PCI LITE
Data collected on: 2-9-2025 09:08:06
General
Details
Domainemea.tpg.ads
OwnerS-1-5-21-513466819-3096973226-347852806-386608
Created14-11-2017 12:55:36
Modified28-11-2024 17:03:46
User Revisions147 (AD), 147 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{fc8a8284-8c42-4299-bbab-758ba1d921b1}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
PTNoEnabledemea.tpg.ads/PT

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\PT-L-SEC-U-W11 Hardening PCICustomNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Windows Settings
Scripts
Logon
For this GPO, Script order: Windows PowerShell scripts will run first
NameParameters
DisableDesktop.ps1
Restore_PWA_Edge_Chrome.ps1
Security Settings
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVisual Basic Source File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Path Rules
%SystemRoot%/HelpPane.exe
Security LevelDisallowed
Description
Date last modified11-9-2017 11:07:07
%SystemRoot%/winhlp32.exe
Security LevelDisallowed
Description
Date last modified11-9-2017 11:11:21
Folder Redirection
Start Menu
Setting: Not configured
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Always open All Control Panel Items when opening Control PanelEnabled
Show only specified Control Panel itemsEnabled
List of allowed Control Panel items
Microsoft.Mouse
Microsoft.Display
Microsoft.DevicesAndPrinters
Microsoft.RegionalAndLanguageOptions
Control Panel/Personalization
PolicySettingComment
Prevent changing desktop backgroundEnabled
Desktop
PolicySettingComment
Do not add shares of recently opened documents to Network LocationsEnabled
Hide and disable all items on the desktopEnabledGESCP: #22032762
Hide Network Locations icon on desktopEnabled
Prevent adding, dragging, dropping and closing the Taskbar's toolbarsEnabled
Prohibit User from manually redirecting Profile FoldersEnabled
Remove My Documents icon on the desktopEnabled
Remove Properties from the Computer icon context menuEnabled
Remove Properties from the Documents icon context menuEnabled
Remove Properties from the Recycle Bin context menuEnabled
Remove Recycle Bin icon from desktopEnabled
Remove the Desktop Cleanup WizardEnabled
Desktop/Desktop
PolicySettingComment
Disable all itemsEnabledGESCP: #22032762
Prohibit adding itemsEnabledGESCP: #22032762
Google/Google Chrome
PolicySettingComment
Enable TranslateDisabled
Microsoft Edge
PolicySettingComment
Allow importing of payment infoDisabled
Allow importing of saved passwordsDisabled
Allow user feedbackDisabled
Block access to a list of URLsEnabled
Block access to a list of URLs
edge://*
edge:///*
file://*
file:///*
Data:*
PolicySettingComment
Control where developer tools can be usedEnabledGESCP
Control where developer tools can be usedDon't allow using the developer tools
PolicySettingComment
Define a list of allowed URLsEnabled
Define a list of allowed URLs
edge://downloads/
edge://policy
edge://page-info
PolicySettingComment
Enable AutoFill for addressesDisabled
Enable AutoFill for payment instrumentsDisabled
Enable the Collections featureDisabledCO 439951 - Disable "Enable Collections feature"
Enable the Screenshot (previously named Web Capture) feature in Microsoft EdgeDisabledGESCP
Hide the First-run experience and splash screenEnabled
Microsoft Edge/Content settings
PolicySettingComment
Configure cookiesEnabled
Configure cookiesKeep cookies for the duration of the session, except ones listed in "SaveCookiesOnExit"
Microsoft Edge/Extensions
PolicySettingComment
Control which extensions cannot be installedEnabled#23405718 - Block Edge Extensions
Extension IDs the user should be prevented from installing (or * for all)
*
Microsoft Edge/Password manager and protection
PolicySettingComment
Enable saving passwords to the password managerDisabled
Shared Folders
PolicySettingComment
Allow shared folders to be publishedDisabled
Start Menu and Taskbar
PolicySettingComment
Add Logoff to the Start MenuEnabled
Disable context menus in the Start MenuEnabled
Do not search communicationsEnabled
Do not search for filesEnabled
Do not search InternetEnabled
Do not search programs and Control Panel itemsEnabled
Force classic Start MenuEnabled
Prevent users from customizing their Start ScreenEnabled
Prevent users from resizing the taskbarEnabled
Remove common program groups from Start MenuEnabled
Remove Default Programs link from the Start menu.Enabled
Remove Documents icon from Start MenuEnabled
Remove Favorites menu from Start MenuEnabled
Remove Help menu from Start MenuEnabled
Remove links and access to Windows UpdateEnabled
Remove Music icon from Start MenuEnabled
Remove Network Connections from Start MenuEnabled
Remove Network icon from Start MenuEnabled
Remove Pictures icon from Start MenuEnabled
Remove Recent Items menu from Start MenuEnabled
Remove Run menu from Start MenuEnabled
Remove Search link from Start MenuEnabled
Remove user folder link from Start MenuEnabled
Show QuickLaunch on TaskbarEnabled
System
PolicySettingComment
Prevent access to registry editing toolsEnabled
Disable regedit from running silently?No
PolicySettingComment
Prevent access to the command promptEnabled
Disable the command prompt script processing also?No
System/Ctrl+Alt+Del Options
PolicySettingComment
Remove Task ManagerEnabled
System/Removable Storage Access
PolicySettingComment
All Removable Storage classes: Deny all accessEnabled
CD and DVD: Deny read accessEnabled
CD and DVD: Deny write accessEnabled
Windows Components/Attachment Manager
PolicySettingComment
Default risk level for file attachmentsEnabled
Set the default risk levelLow Risk
PolicySettingComment
Do not preserve zone information in file attachmentsEnabled
Inclusion list for low file typesEnabled
Specify low risk extensions (include a leading period, e.g. .bmp;.gif;)..lnk
Windows Components/File Explorer
PolicySettingComment
Do not allow Folder Options to be opened from the Options button on the View tab of the ribbonEnabled
Hide these specified drives in My ComputerEnabled
Pick one of the following combinationsRestrict A, B, C and D drives only
PolicySettingComment
Hides the Manage item on the File Explorer context menuEnabled
No Computers Near Me in Network LocationsEnabled
No Entire Network in Network LocationsEnabled
Prevent access to drives from My ComputerDisabled
Remove "Map Network Drive" and "Disconnect Network Drive"Enabled
Remove CD Burning featuresEnabled
Remove DFS tabEnabledCO 388190
Remove File Explorer's default context menuDisabled
Remove File menu from File ExplorerEnabledCO 388190
Remove Hardware tabEnabledCO 388190
Remove Search button from File ExplorerEnabled
Remove Security tabEnabledCO 388190
Remove Shared Documents from My ComputerEnabled
Turn off caching of thumbnail picturesEnabled
Turn off Windows Key hotkeysEnabled
Turn on Classic ShellDisabled
Windows Components/File Explorer/Previous Versions
PolicySettingComment
Hide previous versions list for local filesEnabledCO 388190
Hide previous versions list for remote filesEnabledCO 388190
Hide previous versions of files on backup locationEnabledCO 388190
Prevent restoring local previous versionsEnabledCO 388190
Prevent restoring previous versions from backupsEnabledCO 388190
Prevent restoring remote previous versionsEnabledCO 388190
Windows Components/Internet Explorer
PolicySettingComment
Do not allow users to enable or disable add-onsEnabledCO 388190
Turn off tabbed browsingDisabled
Windows Components/Internet Explorer/Browser menus
PolicySettingComment
Tools menu: Disable Internet Options... menu optionEnabled
Windows Components/Internet Explorer/Internet Control Panel/Advanced Page
PolicySettingComment
Empty Temporary Internet Files folder when browser is closedEnabled
Windows Components/Microsoft Management Console/Restricted/Permitted snap-ins
PolicySettingComment
Computer ManagementDisabled
Local Users and GroupsDisabled
Windows Components/Windows Messenger
PolicySettingComment
Do not allow Windows Messenger to be runEnabled
Do not automatically start Windows Messenger initiallyEnabled
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Microsoft\WindowsMovieMaker\MovieMaker1
Preferences
Windows Settings
Drive Maps
Drive Map (Drive: O)
O: (Order: 1)
General
ActionDelete
Properties
LetterO
Delete all starting at specified driveDisabled
Hide/Show all drivesNo change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Drive Map (Drive: P)
P: (Order: 2)
General
ActionDelete
Properties
LetterP
Delete all starting at specified driveDisabled
Hide/Show all drivesNo change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
Registry
{031E4825-7B94-4dc3-B131-E946B44C8DD5} (Order: 1)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{031E4825-7B94-4dc3-B131-E946B44C8DD5}
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
NoRun (Order: 2)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value nameNoRun
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
NoRun (Order: 3)
General
ActionReplace
Properties
HiveHKEY_CURRENT_USER
Key pathSoftware\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value nameNoRun
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)Yes
Remove this item when it is no longer appliedYes
{59031a47-3f72-44a7-89c5-5595fe6b30ee} (Order: 4)
General
ActionReplace
Properties
HiveHKEY_CURRENT_USER
Key pathSoftware\Microsoft\Windows\CurrentVersion\Policies\NonEnum
Value name{59031a47-3f72-44a7-89c5-5595fe6b30ee}
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedYes
{26EE0668-A00A-44D7-9371-BEB064C98683} (Order: 5)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{26EE0668-A00A-44D7-9371-BEB064C98683}
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} (Order: 6)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Apply once and do not reapplyNo
disablescreenclippings (Order: 7)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathsoftware\policies\microsoft\office\16.0\common\insert media\screenshot
Value namedisablescreenclippings
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
#28014264 - Block Clipping - ScreenShot O365
AutoRepeatDelay (Order: 8)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Accessibility\Keyboard Response
Value nameAutoRepeatDelay
Value typeREG_SZ
Value data0
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
CO488542 - Block AutoRepeat Keyboard
AutoRepeatRate (Order: 9)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Accessibility\Keyboard Response
Value nameAutoRepeatRate
Value typeREG_SZ
Value data0
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
CO488542 - Block AutoRepeat Keyboard
BounceTime (Order: 10)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Accessibility\Keyboard Response
Value nameBounceTime
Value typeREG_SZ
Value data0
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
CO488542 - Block AutoRepeat Keyboard
DelayBeforeAcceptance (Order: 11)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Accessibility\Keyboard Response
Value nameDelayBeforeAcceptance
Value typeREG_SZ
Value data0
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
CO488542 - Block AutoRepeat Keyboard
Flags (Order: 12)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Accessibility\Keyboard Response
Value nameFlags
Value typeREG_SZ
Value data31
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
CO488542 - Block AutoRepeat Keyboard
Last BounceKey Setting (Order: 13)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Accessibility\Keyboard Response
Value nameLast BounceKey Setting
Value typeREG_DWORD
Value data0x1F4 (500)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
CO488542 - Block AutoRepeat Keyboard
Last Valid Delay (Order: 14)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Accessibility\Keyboard Response
Value nameLast Valid Delay
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
CO488542 - Block AutoRepeat Keyboard
Last Valid Repeat (Order: 15)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Accessibility\Keyboard Response
Value nameLast Valid Repeat
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
CO488542 - Block AutoRepeat Keyboard
Last Valid Wait (Order: 16)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER
Key pathControl Panel\Accessibility\Keyboard Response
Value nameLast Valid Wait
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Run in logged-on user's security context (user policy option)No
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
CO488542 - Block AutoRepeat Keyboard