Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
PT-PO-WIN-C-Client System Bolt
Data collected on: 2-9-2025 11:31:48
General
Details
Domainemea.tpg.ads
OwnerEMEA\junior.388-adm
Created15-9-2023 18:12:48
Modified25-2-2025 12:40:16
User Revisions2 (AD), 2 (SYSVOL)
Computer Revisions122 (AD), 122 (SYSVOL)
Unique ID{545c1b9d-dd2b-4fe6-a880-06471d1c7fc6}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
ClientsNoEnabledemea.tpg.ads/PT/Systems/Clients

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\PT-L-SEC-Client System Hardening Bolt
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\junior.388-admEdit settings, delete, modify securityNo
EMEA\PT-L-SEC-Client System Hardening BoltRead (from Security Filtering)No
EMEA\PT-L-SEC-Delegation Modify Group Policy Settings AccessEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Windows PowerShell scripts will run first
NameParameters
GroupsFSLogix.ps1
Security Settings
Local Policies/User Rights Assignment
PolicySetting
Allow log on locallyBUILTIN\Administrators, EMEA\PTCIT-G-ORG-Users-TIER2, EMEA\PT-L-SEC-Operation Bolt
Local Policies/Security Options
Interactive Logon
PolicySetting
Interactive logon: Number of previous logons to cache (in case domain controller is not available)0 logons
Interactive logon: Require Domain Controller authentication to unlock workstationEnabled
Network Access
PolicySetting
Network access: Do not allow storage of passwords and credentials for network authenticationEnabled
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
FSLogix/Profile Containers
PolicySettingComment
Delete Local Profile When VHD Should ApplyEnabled
EnabledEnabled
Is Dynamic (VHD)Enabled
Profile TypeEnabled
Normal Profile
PolicySettingComment
Redirection XML Source FolderEnabled
Redirection XML Source Folder\\PTCITFS02\fslogix\Redirections\Bolt
PolicySettingComment
Set Temp Folders to Local PathEnabled
Redirect TEMP, TMP and INetCache to local drive
PolicySettingComment
VHD LocationsDisabled
FSLogix/Profile Containers/Cloud Cache
PolicySettingComment
CCD LocationsEnabled
CCD Locationstype=smb,connectionString=\\PTCITFS02\fslogix\Bolt;type=smb,connectionString=\\PTDOUFS01\fslogix\Bolt
PolicySettingComment
Clear Cache on LogoffEnabled
FSLogix/Profile Containers/Container and Directory Naming
PolicySettingComment
SID Directory Name MatchEnabled
SID Directory Name Match%username%
PolicySettingComment
SID Directory Name PatternEnabled
SID Directory Name Pattern%username%
PolicySettingComment
Volume Type (VHD or VHDX)Enabled
VHDX
Google/Google Chrome
PolicySettingComment
Clear Browsing Data on ExitEnabled
Clear Browsing Data on Exit
autofill
browsing_history
cached_images_and_files
cookies_and_other_site_data
download_history
hosted_app_data
password_signin
site_settings
Google/Google Chrome/Extensions
PolicySettingComment
Configure extension, app, and user script install sourcesEnabled
URL patterns to allow extension, app, and user script installs from
https://chromewebstore.google.com/*
https://chrome.google.com/*
Microsoft Edge
PolicySettingComment
Allow sites configured for Internet Explorer mode to open in Microsoft EdgeEnabled
Configure Internet Explorer integrationEnabled
Configure Internet Explorer integrationInternet Explorer mode
PolicySettingComment
Configure the Enterprise Mode Site ListEnabled
Configure the Enterprise Mode Site List\\emea.tpg.ads\pt\Lisbon-CIT\Clients\Settings\GPO\Sites\Generic\sites.xml
Windows Components/App Privacy
PolicySettingComment
Let Windows apps access the cameraEnabled
Default for all apps:Force Allow
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access the microphoneEnabled
Default for all apps:Force Allow
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
Windows Components/File Explorer
PolicySettingComment
Set a default associations configuration fileEnabled
Default Associations Configuration FileC:\Bin\PDF_Chrome_OpenOffice.xml
Windows Components/Internet Explorer/Compatibility View
PolicySettingComment
Turn on Internet Explorer Standards Mode for local intranetEnabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
End session when time limits are reachedEnabledCHG000504290 - automatic log off after 30 minutes
Set time limit for disconnected sessionsEnabledCHG000504290 - automatic log off after 30 minutes
End a disconnected session30 minutes
Preferences
Windows Settings
Files
File (Target Path: C:\Bin\LocalStartMenuBolt.xml)
LocalStartMenuBolt.xml (Order: 1)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\pt\Lisbon-CIT\Clients\Settings\GPO\StartMenu\LocalStartMenuBolt.xml
Destination fileC:\Bin\LocalStartMenuBolt.xml
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
File (Target Path: C:\Bin\PDF_Chrome_OpenOffice.xml)
PDF_Chrome_OpenOffice.xml (Order: 2)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\pt\Lisbon-CIT\Clients\Settings\GPO\File Association\PDF_Chrome_OpenOffice.xml
Destination fileC:\Bin\PDF_Chrome_OpenOffice.xml
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
File (Target Path: C:\Bin\IdleTimeRebootBolt.ps1)
IdleTimeRebootBolt.ps1 (Order: 3)
General
ActionDelete
Properties
Destination fileC:\Bin\IdleTimeRebootBolt.ps1
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Description
Copia ficheiro para obrigar o Restart ás máquinas fisicas, para FsLogix não ficar com Profiles de tamanhos "Gigantes".
File (Target Path: C:\Bin\IdleTimeBolt.ps1)
IdleTimeBolt.ps1 (Order: 4)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\pt\Lisbon-CIT\Clients\Settings\GPO\Scripts\Logoff\IdleTimeBolt.ps1
Destination fileC:\Bin\IdleTimeBolt.ps1
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Description
Force Logoff 12h
File (Target Path: C:\Bin\IdleTimeRebootBolt.log)
IdleTimeRebootBolt.log (Order: 5)
General
ActionDelete
Properties
Destination fileC:\Bin\IdleTimeRebootBolt.log
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry
Portal1 (Order: 1)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Palo Alto Networks\GlobalProtect\PanSetup
Value namePortal1
Value typeREG_SZ
Value datagp1110.teleperformance.pt
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
Portal2 (Order: 2)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Palo Alto Networks\GlobalProtect\CBL
Value namePortal2
Value typeREG_SZ
Value datagp1710.teleperfromance.pt
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
Portal (Order: 3)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Palo Alto Networks\GlobalProtect\PanSetup
Value namePortal
Value typeREG_SZ
Value datagp1110.teleperformance.pt
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedYes
Control Panel Settings
Scheduled Tasks
Scheduled Task (At least Windows 7) (Name: Logoff Bolt Machines)
Logoff Bolt Machines (Order: 1)
General
ActionUpdate
Task
Name Logoff Bolt Machines
Author EMEA\silva.12303-adm
Description Force Logoff 12h Bolt Machines (FsLogix)
Run only when user is logged on InteractiveToken
UserId NT AUTHORITY\System
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.3
Enabled Yes
Triggers
1. Daily
Repeat task every 1 hour for a duration of 1 day
Stop all running tasks at end of repetition duration No
Activate 16-11-2023 22:30:00Synchronize across time zones No
Enabled Yes
Recur every 1 days
Actions
1. Start a program
Program/script C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
Arguments -ExecutionPolicy Bypass -File "C:\Bin\IdleTimeBolt.ps1"
Settings
Stop if the computer ceases to be idle No
Restart if the idle state resumes No
Start the task only if the computer is on AC power No
Stop if the computer switches to battery power No
Allow task to be run on demand Yes
If the task fails, restart every 5 minutes
Attempt to restart up to 3
Stop task if it runs longer than 3 days
If the running task does not end when requested, force it to stop No
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.