<html dir="ltr" xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" gpmc_reportInitialized="false">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-16" />
<title>PT-PO-WIN-C-Windows 11 Hardening PCI - Deny Camera</title>
<!-- Styles -->
<style type="text/css">
                body    { background-color:#FFFFFF; border:1px solid #666666; color:#000000; font-size:68%; font-family:MS Shell Dlg; margin:0,0,10px,0; word-break:normal; word-wrap:break-word; }

                table   { font-size:100%; table-layout:fixed; width:100%; }

                td,th   { overflow:visible; text-align:left; vertical-align:top; white-space:normal; }

                .title  { background:#FFFFFF; border:none; color:#333333; display:inline-table; height:24px; margin:0px,0px,0px,0px; padding-top:0px; position:relative; table-layout:fixed; z-index:5; }

                .he0_expanded    { background-color:#FEF7D6; border:1px solid #BBBBBB; color:#3333CC; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:0px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; }

                .he1_expanded    { background-color:#A0BACB; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:20px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; }

                .he0h_expanded   { background-color: #FEF0D0; border: 1px solid #BBBBBB; color: #000000; cursor: hand; display: block; font-family: MS Shell Dlg; font-size: 100%; font-weight: bold; height: 2.25em; margin-bottom: -1px; margin-left: 5px; margin-right: 0px; padding-left: 8px; padding-right: 5em; padding-top: 4px; position: relative;  }
                .he1h_expanded   { background-color: #7197B3; border: 1px solid #BBBBBB; color: #000000; cursor: hand; display: block; font-family: MS Shell Dlg; font-size: 100%; font-weight: bold; height: 2.25em; margin-bottom: -1px; margin-left: 10px; margin-right: 0px; padding-left: 8px; padding-right: 5em; padding-top: 4px; position: relative; }

                .he1    { background-color:#A0BACB; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:20px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; }

                .he2    { background-color:#C0D2DE; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:30px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; }

                .he3    { background-color:#D9E3EA; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:40px; margin-right:0px; padding-left:11px; padding-right:5em; padding-top:4px; position:relative; }

                .he4    { background-color:#E8E8E8; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:50px; margin-right:0px; padding-left:11px; padding-right:5em; padding-top:4px; position:relative; }

                .he4h   { background-color:#E8E8E8; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:55px; margin-right:0px; padding-left:11px; padding-right:5em; padding-top:4px; position:relative; }

                .he4i   { background-color:#F9F9F9; border:1px solid #BBBBBB; color:#000000; display:block; font-family:MS Shell Dlg; font-size:100%; margin-bottom:-1px; margin-left:55px; margin-right:0px; padding-bottom:5px; padding-left:21px; padding-top:4px; position:relative; }

                .he2i   { background-color:#F9F9F9; border:1px solid #BBBBBB; color:#000000; display:block; font-family:MS Shell Dlg; font-size:100%; margin-bottom:-1px; margin-left:35px; margin-right:0px; padding-bottom:5px; padding-left:21px; padding-top:4px; position:relative;}
                .he5    { background-color:#E8E8E8; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:60px; margin-right:0px; padding-left:11px; padding-right:5em; padding-top:4px; position:relative; }

                .he5h   { background-color:#E8E8E8; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; padding-left:11px; padding-right:5em; padding-top:4px; margin-bottom:-1px; margin-left:65px; margin-right:0px; position:relative; }

                .he5i   { background-color:#F9F9F9; border:1px solid #BBBBBB; color:#000000; display:block; font-family:MS Shell Dlg; font-size:100%; margin-bottom:-1px; margin-left:65px; margin-right:0px; padding-left:21px; padding-bottom:5px; padding-top: 4px; position:relative; }

                div .expando { color:#000000; text-decoration:none; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:normal; position:absolute; right:10px; text-decoration:underline; z-index: 0; }

                .he0 .expando { font-size:100%; }

                .info, .info3, .info4, .disalign  { line-height:1.6em; padding:0px,0px,0px,0px; margin:0px,0px,0px,0px; }

                .disalign TD                      { padding-bottom:5px; padding-right:10px; }

                .info TD                          { padding-right:10px; width:50%; }

                .info3 TD                         { padding-right:10px; width:33%; }

                .info4 TD, .info4 TH              { padding-right:10px; width:25%; }

                .info TH, .info3 TH, .info4 TH, .disalign TH { border-bottom:1px solid #CCCCCC; padding-right:10px; }

                .subtable, .subtable3             { border:1px solid #CCCCCC; margin-left:0px; background:#FFFFFF; margin-bottom:10px; }

                .subtable TD, .subtable3 TD       { padding-left:10px; padding-right:5px; padding-top:3px; padding-bottom:3px; line-height:1.1em; }

                .subtable TH, .subtable3 TH       { border-bottom:1px solid #CCCCCC; font-weight:normal; padding-left:10px; line-height:1.6em;  }

                .subtable .footnote               { border-top:1px solid #CCCCCC; }

                .subtable3 .footnote, .subtable .footnote { border-top:1px solid #CCCCCC; }

                .subtable_frame     { background:#D9E3EA; border:1px solid #CCCCCC; margin-bottom:10px; margin-left:15px; }

                .subtable_frame TD  { line-height:1.1em; padding-bottom:3px; padding-left:10px; padding-right:15px; padding-top:3px; }

                .subtable_frame TH  { border-bottom:1px solid #CCCCCC; font-weight:normal; padding-left:10px; line-height:1.6em; }

                .subtableInnerHead { border-bottom:1px solid #CCCCCC; border-top:1px solid #CCCCCC; }

                .explainlink            { color:#0000FF; text-decoration:none; cursor:hand; }

                .explainlink:hover      { color:#0000FF; text-decoration:underline; }

                .spacer { background:transparent; border:1px solid #BBBBBB; color:#FFFFFF; display:block; font-family:MS Shell Dlg; font-size:100%; height:10px; margin-bottom:-1px; margin-left:43px; margin-right:0px; padding-top: 4px; position:relative; }

                .filler { background:transparent; border:none; color:#FFFFFF; display:block; font:100% MS Shell Dlg; line-height:8px; margin-bottom:-1px; margin-left:53px; margin-right:0px; padding-top:4px; position:relative; }

                .container { display:block; position:relative; }

                .rsopheader { background-color:#A0BACB; border-bottom:1px solid black; color:#333333; font-family:MS Shell Dlg; font-size:130%; font-weight:bold; padding-bottom:5px; text-align:center; }

                .rsopname { color:#333333; font-family:MS Shell Dlg; font-size:130%; font-weight:bold; padding-left:11px; }

                .gponame{ color:#333333; font-family:MS Shell Dlg; font-size:130%; font-weight:bold; padding-left:11px; }

                .gpotype{ color:#333333; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; padding-left:11px; }

                #uri    { color:#333333; font-family:MS Shell Dlg; font-size:100%; padding-left:11px; }

                #dtstamp{ color:#333333; font-family:MS Shell Dlg; font-size:100%; padding-left:11px; text-align:left; width:30%; }

                #objshowhide { color:#000000; cursor:hand; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; margin-right:0px; padding-right:10px; text-align:right; text-decoration:underline; z-index:2; word-wrap:normal; }

                #gposummary { display:block; }

                #gpoinformation { display:block; }

                @media print {

                    #objshowhide{ display:none; }

                    body    { color:#000000; border:1px solid #000000; }

                    .title  { color:#000000; border:1px solid #000000; }

                    .he0_expanded    { color:#000000; border:1px solid #000000; }

                    .he1h_expanded   { color:#000000; border:1px solid #000000; }

                    .he1_expanded    { color:#000000; border:1px solid #000000; }

                    .he1    { color:#000000; border:1px solid #000000; }

                    .he2    { color:#000000; background:#EEEEEE; border:1px solid #000000; }

                    .he3    { color:#000000; border:1px solid #000000; }

                    .he4    { color:#000000; border:1px solid #000000; }

                    .he4h   { color:#000000; border:1px solid #000000; }

                    .he4i   { color:#000000; border:1px solid #000000; }

                    .he5    { color:#000000; border:1px solid #000000; }

                    .he5h   { color:#000000; border:1px solid #000000; }

                    .he5i   { color:#000000; border:1px solid #000000; }

                    }

</style>
<!-- Scripts -->
<script type="text/javascript" language="javascript">
/*
String "strShowHide(0/1)"
0 = Hide all mode.
1 = Show all mode.
*/

var windowsArray = new Array();
var strShowHide = 1;

//Localized strings

var strShow = "show";
var strHide = "hide";
var strShowAll = "show all";
var strHideAll = "hide all";
var strShown = "shown";
var strHidden = "hidden";
var strExpandoNumPixelsFromEdge = "10px";


function IsSectionHeader(obj) {
    return (obj.className === "he0_expanded") || (obj.className === "he0h_expanded") || (obj.className === "he1h_expanded") || (obj.className === "he1_expanded") || (obj.className === "he1") || (obj.className === "he2") || (obj.className === "he3") || (obj.className === "he4") || (obj.className === "he4h") || (obj.className === "he5") || (obj.className === "he5h");
}

function IsSectionExpandedByDefault(objHeader) {
    if (objHeader === null) {
        return false;
    } else {
        return (objHeader.className.slice(objHeader.className.lastIndexOf("_")) === "_expanded");
    }
}

function SetSectionState(objHeader, strState) {
    var i = 0;
    var j;
    var all = objHeader.parentElement.ownerDocument.all;

    if (all === null) {
        return;
    }

    for (j = 0; j < all.length; j++) {
        if (all[j] === objHeader) {
            break;
        }
        i = i + 1;
    }

    for (j = i; j < all.length; j++) {
        if (all[i].className === "container") {
            break;
        }
        i = i + 1;
    }

    var objContainer = all[i];

    if (strState === "toggle") {
        if (objContainer.style.display === "none") {
            SetSectionState(objHeader, "show");
        }
        else {
            SetSectionState(objHeader, "hide");
        }
    }
    else {
        var objExpando = objHeader.children[1];

        if (strState === "show") {
            objContainer.style.display = "block";
            objExpando.innerText = strHide;
        }
        else if (strState === "hide") {
            objContainer.style.display = "none";
            objExpando.innerText = strShow;
        }
    }
}

function ShowSection(objHeader) {
    SetSectionState(objHeader, "show");
}

function HideSection(objHeader) {
    SetSectionState(objHeader, "hide");
}

function ToggleSection(objHeader) {
    SetSectionState(objHeader, "toggle");
}

/*================================================================================
' link at the top of the page to collapse/expand all collapsable elements
'================================================================================
*/
function objshowhide_onClick() {
    var obji;
    var objBody = document.body.getElementsByTagName("*");

    if (objBody === null) {
        return;
    }
    
    switch (strShowHide) {
        case 0:
            strShowHide = 1;
            window.objshowhide.innerText = strShowAll;
            for (obji = 0; obji < objBody.length; obji++) {
                if (objBody[obji].className !== 'undefined' && IsSectionHeader(objBody[obji])) {
                    HideSection(objBody[obji]);
                }
            }
            break;
        case 1:
            strShowHide = 0;
            window.objshowhide.innerText = strHideAll;
            for (obji = 0; obji < objBody.length; obji++) {
                if (objBody[obji].className !== 'undefined' && IsSectionHeader(objBody[obji])) {
                    ShowSection(objBody[obji]);
                }
            }
            break;
    }
}

/*================================================================================
' onload collapse all except the first two levels of headers (he0, he1)
'================================================================================*/
function window_onload() {
    // Only initialize once.  The UI may reinsert a report into the webbrowser control,
    // firing onLoad multiple times.
    if (document.documentElement.getAttribute("gpmc_reportInitialized").toUpperCase() !== "TRUE") {
        // Set text direction
        fDetDir(document.dir.toUpperCase());

        // Initialize sections to default expanded/collapsed state.
        var objBody = document.body.getElementsByTagName("*");

        if (objBody === null) {
            return;
        }

        for (var obji = 0; obji < objBody.length; obji++) {
            if (IsSectionHeader(objBody[obji])) {
                if (IsSectionExpandedByDefault(objBody[obji])) {
                    ShowSection(objBody[obji]);
                }
                else {
                    HideSection(objBody[obji]);
                }
            }
        }

        objshowhide.innerText = strShowAll;

        document.documentElement.setAttribute("gpmc_reportInitialized", "true");
    }
}

/*'================================================================================
' When direction (LTR/RTL) changes, change adjust for readability
'================================================================================
*/
function document_onPropertyChange() {
    if (window.event.propertyName === "dir") {
        fDetDir(document.dir.toUpperCase());
    }
}

function fDetDir(strDir) {
    var colRules;
    var nug;
    var i;
    var strClass;

    switch (strDir.toUpperCase()) {
        case "LTR":
            colRules = document.styleSheets[0].cssRules;
            if (colRules !== null && colRules !== undefined ) {            
                for (i = 0; i < colRules.length - 1; i++) {
                    nug = colRules[i];
                    strClass = nug.selectorText;
                    if (nug.style.textAlign === "right") {
                        nug.style.textAlign = "left";
                    }
                    switch (strClass) {
                        case "div .expando":
                            nug.style.Left = "";
                            nug.style.Right = strExpandoNumPixelsFromEdge;
                            break;
                        case "#objshowhide":
                            nug.style.textAlign = "right";
                            break;
                    }
                }
            }
            break;
        case "RTL":
            colRules = document.styleSheets[0].cssRules;
            if (colRules !== null && colRules !== undefined ) {            
                for (i = 0; i < colRules.length - 1; i++) {
                    nug = colRules[i];
                    strClass = nug.selectorText;
                    if (nug.style.textAlign === "left") {
                        nug.style.textAlign = "right";
                    }
                    switch (strClass) {
                        case "div .expando":
                            nug.style.Left = strExpandoNumPixelsFromEdge;
                            nug.style.Right = "";
                            break;
                        case "#objshowhide":
                            nug.style.textAlign = "left";
                            break;
                    }
                }
            }
            break;
    }
}

/*'================================================================================
'When printing reports, if a given section is expanded, let's says "shown" (instead of "hide" in the UI).
'================================================================================
*/
function window_onbeforeprint() {
    var obji;
    for (obji in document.all) {
        if (document.all.hasOwnProperty(obji)) {
            if (obji.className === "expando") {
                if (obji.innerText === strHide) {
                    obji.innerText = strShown;
                }
                if (obji.innerText === strShow) {
                    obji.innerText = strHidden;
                }
            }
        }
    }
}

/*================================================================================
'If a section is collapsed, change to "hidden" in the printout (instead of "show").
'================================================================================
*/
function window_onafterprint() {
    var obji;
    for (obji in document.all) {
        if (document.all.hasOwnProperty(obji)) {
            if (obji.className === "expando") {
                if (obji.innerText === strShown) {
                    obji.innerText = strHide;
                }
                if (obji.innerText === strHidden) {
                    obji.innerText = strShow;
                }
            }
        }
    }
}

/*================================================================================
' Adding keypress support for accessibility
'================================================================================
*/
function document_onkeypress(event) {
    var chCode = ('charCode' in event) ? event.charCode : event.keyCode;

    //space bar (32) or carriage return (13) or line feed (10)
    if (chCode == "32" || chCode == "13" || chCode == "10") {
        if (event.srcElement.className === "expando") {
            document_onclick();
            event.returnValue = false;
        }
        if (event.srcElement.className === "sectionTitle") {
            document_onclick();
            event.returnValue = false;
        }
        if (event.srcElement.id === "objshowhide") {
            objshowhide_onClick();
            event.returnValue = false;
        }
    }
}

/*================================================================================
' When user clicks anywhere in the document body, determine if user is clicking
' on a header element.
'================================================================================
*/
function document_onclick() {
    var strsrc = window.event.srcElement;

    while (strsrc.className === "sectionTitle" || strsrc.className === "expando") {
        strsrc = strsrc.parentElement;
    }

    // Only handle clicks on headers.
    if (!IsSectionHeader(strsrc)) {
        return;
    }

    ToggleSection(strsrc);

    window.event.returnValue = false;
}

function ToggleState(e) {
    var objParentDisplayItem;
    var objDisplayItem;
    var i;

    if (e.innerText === strShow) {
        e.innerText = strHide;
        objParentDisplayItem = e.parentNode;
        objDisplayItem = objParentDisplayItem.childNodes;
        for (i = 0; i < objDisplayItem.length; i++) {
            if (objDisplayItem[i].id === "showItem") {
                objDisplayItem[i].style.display = "Block";
            }
        }
    }
    else {
        e.innerText = strShow;
        objParentDisplayItem = e.parentNode;
        objDisplayItem = objParentDisplayItem.childNodes;
        for (i = 0; i < objDisplayItem.length; i++) {
            if (objDisplayItem[i].id === "showItem") {
                objDisplayItem[i].style.display = "None";
            }
        }
    }
}

function traverseToURL(url) {
    if (url != null) {
        var urlInitialSubstr = url.substring(0, 4).toLowerCase();
        if (urlInitialSubstr === "http") {
            window.open(url, "_blank");
        }
    }
}

function getExplainWindowTitle() {
    return document.getElementById("explainText_windowTitle").innerHTML;
}

function getExplainWindowStyles() {
    return document.getElementById("explainText_windowStyles").innerHTML;
}

function getExplainWindowSettingPathLabel() {
    return document.getElementById("explainText_settingPathLabel").innerHTML;
}

function getExplainWindowExplainTextLabel() {
    return document.getElementById("explainText_explainTextLabel").innerHTML;
}

function getExplainWindowPrintButton() {
    return document.getElementById("explainText_printButton").innerHTML;
}

function getExplainWindowCloseButton() {
    return document.getElementById("explainText_closeButton").innerHTML;
}

function getNoExplainTextAvailable() {
    return document.getElementById("explainText_noExplainTextAvailable").innerHTML;
}

function getExplainWindowSupportedLabel() {
    return document.getElementById("explainText_supportedLabel").innerHTML;
}

function getNoSupportedTextAvailable() {
    return document.getElementById("explainText_noSupportedTextAvailable").innerHTML;
}

function showExplainText(srcElement)
{
    var strDiagArgs;

    var strSettingName = srcElement.getAttribute("gpmc_settingName");
    var strSettingPath = srcElement.getAttribute("gpmc_settingPath");
    var strSettingDescription = srcElement.getAttribute("gpmc_settingDescription");

    if (strSettingDescription === "")
    {
        strSettingDescription = getNoExplainTextAvailable();
    }

    var strSupported = srcElement.getAttribute("gpmc_supported");

    if (strSupported === "")
    {
        strSupported = getNoSupportedTextAvailable();
    }

    var strHtml = "<html dir=" + document.dir +  ">\n";
    strHtml += "<head>\n";
    strHtml += "<title>" + getExplainWindowTitle() + "</title>\n";
    strHtml += "<style type='text/css'>\n" + getExplainWindowStyles() + "</style>\n";
    strHtml += "</head>\n";
    strHtml += "<body>\n";
    strHtml += "<div class='head'>" + strSettingName +"</div>\n";
    strHtml += "<div class='path'><b>" + getExplainWindowSettingPathLabel() + "</b><br/>" + strSettingPath +"</div>\n";
    strHtml += "<div class='path'><b>" + getExplainWindowSupportedLabel() + "</b><br/>" + strSupported +"</div>\n";
    strHtml += "<div class='info'>\n";
    strHtml += "<div class='hdr'>" + getExplainWindowExplainTextLabel() + "</div>\n";
    strHtml += "<div class='bdy'>" + strSettingDescription + "</div>\n";
    strHtml += "<div class='btn'>";
    strHtml += getExplainWindowPrintButton();
    strHtml += getExplainWindowCloseButton();
    strHtml += "</div></body></html>";

    // IE specific method for showing the popup.
    if(navigator.userAgent.indexOf("MSIE") > 0 && window.location.toString().indexOf("file:") === -1)
    {
        strDiagArgs = "dialogHeight=360px;dialogWidth=630px;status=no;scroll=yes;resizable=yes;minimize=yes;maximize=yes;";

        var vModeless = window.showModelessDialog("about:blank", window, strDiagArgs);
        vModeless.document.write(strHtml);
        vModeless.document.close();
        vModeless.location.reload(false);
                        
        window.event.returnValue = false;
    }
    else
    {
        strDiagArgs = "height=360px, width=630px, status=no, toolbar=no, scrollbars=yes, resizable=yes ";
        
        var expWin = window.open("", "expWin", strDiagArgs);
        expWin.document.write("");
        expWin.document.close();
        expWin.document.write(strHtml);
        expWin.document.close();
        expWin.focus();
    }
    
    return false;
}

function showEvents(srcElement,bVerbose,bInformational,bWarning,bError)
{
    var strWindowId = "EventDetails_" + srcElement.getAttribute("eventLogActivityId");
    if((windowsArray[strWindowId]) && (windowsArray[strWindowId].closed === false)) {
        windowsArray[strWindowId].focus();
    } else {
        var eventIdLabelNode, eventTimeLabelNode, eventDescriptionLabelNode, eventDetailsLabelNode, eventXmlLabelNode, gpEventsTitleNode;
        var eventIdLabelNodeText, eventTimeLabelNodeText, eventDescriptionLabelNodeText, eventXmlLabelNodeText, gpEventsTitleNodeText, eventDetailsLabelNodeText;
        var singlePassEventsDetailsNode, eventRecordArray;
        var dataNotFoundWarningLabelNode, dataNotFoundWarningLabelNodeText;
        var mainSection;
        var attributeValue;
        var singlePassEventsDetails;
        var singlePassEventsDetailsChildren;
        var node;
        var children;
        var xmlDocumentRoot;
        var xmlDocument;
        var serializer;
        var itemSub;
        var doc;

        if (window.XMLSerializer) 
        {
           serializer = new XMLSerializer();
        }

        if (window.DOMParser) 
        {
           // This browser appears to support DOMParser
           parser = new DOMParser();

           doc = document.getElementById("data-island").textContent;
           xmlDocumentRoot = parser.parseFromString(doc, "application/xml");
           xmlDocument = xmlDocumentRoot.documentElement;
           itemSub = 1;
        } 
        else 
        { 
           // Internet Explorer, create a new XML document using ActiveX 
           // and use loadXML as a DOM parser. 
           try 
           {
              doc = document.getElementById("data-island");

              xmlDocumentRoot = new ActiveXObject("Msxml2.DOMDocument.6.0"); 
              xmlDocumentRoot.async = false; 
              xmlDocumentRoot.loadXML(doc.innerHTML);
              xmlDocument = xmlDocumentRoot.documentElement;
              itemSub = 0;
           } 
           catch(e) 
           {
              // Not supported.
           }
        }

        if (xmlDocument != null) {
            mainSection = xmlDocument.getElementsByTagName("MainSection")[0].childNodes;

            if (mainSection != null) {
                for (children = 0; children < mainSection.length; children++) {
                    node = mainSection[children];
                    if (node.nodeType === 1 && node.nodeName === 'Label') {
                        attributeValue = node.getAttribute("Name");
                        if (attributeValue != null) {
                            if (attributeValue === 'ComponentStatus_EventId') {
                                eventIdLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_EventTime') {
                                eventTimeLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_EventDescription') {
                                eventDescriptionLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_EventXml') {
                                eventXmlLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_EventDetails') {
                                eventDetailsLabelNode = node.childNodes[1];
                            }
                            if (attributeValue === 'ComponentStatus_GPEvents') {
                                gpEventsTitleNode = node.childNodes[1];
                            }
                            if (attributeValue === 'Warning_DataNotFound') {
                                dataNotFoundWarningLabelNode = node.childNodes[1];
                            }
                        }
                    }
                }
            }

            singlePassEventsDetails = xmlDocument.getElementsByTagName("SinglePassEventsDetails");
            if (singlePassEventsDetails != null) {
                for (singlePassEventsDetailsChildren = 0; singlePassEventsDetailsChildren < singlePassEventsDetails.length; singlePassEventsDetailsChildren++) {
                    node = singlePassEventsDetails[singlePassEventsDetailsChildren];
                    attributeValue = node.getAttribute("ActivityId");
                    if (attributeValue === srcElement.getAttribute("eventLogActivityId")) {
                        singlePassEventsDetailsNode = node;
                    }
                }
            }
        }
        
        eventIdLabelNodeText = null;
        if (eventIdLabelNode != null) {
            if (eventIdLabelNode.childNodes.length > 0) {
                eventIdLabelNodeText = eventIdLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventIdLabelNodeText == null) {
            eventIdLabelNodeText = "Event ID";
        }

        eventTimeLabelNodeText = null;
        if (eventTimeLabelNode != null) {
            if (eventTimeLabelNode.firstChild.childNodes.length > 0) {
                eventTimeLabelNodeText = eventTimeLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventTimeLabelNodeText == null) {
            eventTimeLabelNodeText = "Event Time";
        }

        eventDescriptionLabelNodeText = null;
        if (eventDescriptionLabelNode != null) {
            if (eventDescriptionLabelNode.childNodes.length > 0) {
                eventDescriptionLabelNodeText = eventDescriptionLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventDescriptionLabelNodeText == null) {
            eventDescriptionLabelNodeText = "Event Description";
        }

        eventXmlLabelNodeText = null;
        if (eventXmlLabelNode != null) {
            if (eventXmlLabelNode.childNodes.length > 0) {
                eventXmlLabelNodeText = eventXmlLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventXmlLabelNodeText == null) {
            eventXmlLabelNodeText = "Event XML";
        }

        gpEventsTitleNodeText = null;
        if (gpEventsTitleNode != null) {
            if (gpEventsTitleNode.childNodes.length > 0) {
                gpEventsTitleNodeText = gpEventsTitleNode.childNodes[0].nodeValue;
            }
        }
        if (gpEventsTitleNodeText == null) {
            gpEventsTitleNodeText = "Group Policy Events";
        }

        eventDetailsLabelNodeText = null;
        if (eventDetailsLabelNode != null) {
            if (eventDetailsLabelNode.childNodes.length > 0) {
                eventDetailsLabelNodeText = eventDetailsLabelNode.childNodes[0].nodeValue;
            }
        }
        if (eventDetailsLabelNodeText == null) {
            eventDetailsLabelNodeText = "Event Details";
        }

        dataNotFoundWarningLabelNodeText = null;
        if (dataNotFoundWarningLabelNode != null) {
            if (dataNotFoundWarningLabelNode.childNodes.length > 0) {
                dataNotFoundWarningLabelNodeText = dataNotFoundWarningLabelNode.childNodes[0].nodeValue;
            }
        }
        if (dataNotFoundWarningLabelNodeText == null) {
            dataNotFoundWarningLabelNodeText = "Data Not Found";
        }
                
        if(singlePassEventsDetailsNode != null)
        {
            eventRecordArray = singlePassEventsDetailsNode.getElementsByTagName("EventRecord");
        }
        
        var htmlText = "<html dir=" + document.dir +  ">";
        htmlText = htmlText + "<head>";
        htmlText = htmlText + "<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" />";
        htmlText = htmlText + "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-16\" />";
        htmlText = htmlText + "<title>" + gpEventsTitleNodeText + "</title>";
        htmlText = htmlText + "</head><style type=\"text/css\">";
        htmlText = htmlText + "body    { background-color:#FFFFFF; color:#000000; font-size:68%; font-family:MS Shell Dlg; margin:0,0,10px,0; word-break:normal; word-wrap:break-word; }";
        htmlText = htmlText + "table   { font-size:100%; table-layout:fixed; width:100%; }";
        htmlText = htmlText + "td,th   { overflow:visible; text-align:left; vertical-align:top; white-space:normal; }";
        htmlText = htmlText + ".he1    { text-align: center; vertical-align: middle; background-color:#C0D2DE; border:1px solid #BBBBBB; color:#000000; cursor:hand; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:4em; position:relative; }";
        htmlText = htmlText + ".centerTxt { text-align: center; }";
        htmlText = htmlText + ".txtFormat1 { text-align: left; vertical-align:top; white-space:pre-line; }";
        htmlText = htmlText + "</style>";
      
        htmlText = htmlText + "<script> function toggle(e) {";
        htmlText = htmlText + "if (e.style.display === \"none\"){ e.style.display = \"\"; }";
        htmlText = htmlText + "else { e.style.display = \"none\"; }";
        htmlText = htmlText + "}</";
        htmlText = htmlText + "script";
        htmlText = htmlText + ">";
      
        htmlText = htmlText + "<body><table border=1><tr>";
        htmlText = htmlText + "<th class=\"he1\"><strong>" + eventIdLabelNodeText + "</strong></th>";
        htmlText = htmlText + "<th class=\"he1\"><strong>" + eventTimeLabelNodeText + "</strong></th>";
        htmlText = htmlText + "<th class=\"he1\"><strong>" + eventDescriptionLabelNodeText + "</strong></th>";
        htmlText = htmlText + "<th class=\"he1\"><strong>" + eventDetailsLabelNodeText + "</strong></th>";

        htmlText = htmlText + "</tr>";
        var i;
        var eventId;
        var eventTime;
        var eventDescription;
        var eventXml;
        var eventType;
        var displayEvent;
        var eventXmlId;
        var displayBgColor;

        if(eventRecordArray != null && eventRecordArray.length > 0)
        {
            for (i=0; i < eventRecordArray.length; i++)
            {
                displayEvent = false;
                var eventIdElements = eventRecordArray[i].getElementsByTagName("EventId");        
                if((eventIdElements != null) && (eventIdElements.length > 0) && (eventIdElements[0].firstChild != null))
                {
                    eventId =  eventIdElements[0].firstChild.nodeValue;
                }
                else
                {
                    eventId =  dataNotFoundWarningLabelNodeText;
                }
                var eventTimeElements = eventRecordArray[i].getElementsByTagName("EventTime");
                if((eventTimeElements != null) && (eventTimeElements.length > 0) && (eventTimeElements[0].firstChild != null))
                {
                    eventTime = eventTimeElements[0].firstChild.nodeValue;
                }
                else
                {
                    eventTime = dataNotFoundWarningLabelNodeText;
                }
                var eventDescriptionElements = eventRecordArray[i].getElementsByTagName("EventDescription");
                if((eventDescriptionElements != null) && (eventDescriptionElements.length > 0) && (eventDescriptionElements[0].firstChild != null))
                {
                        eventDescription = eventDescriptionElements[0].firstChild.nodeValue;
                }
                else
                {
                    eventDescription = dataNotFoundWarningLabelNodeText;
                }
                var eventXmlElements = eventRecordArray[i].getElementsByTagName("EventXml");
                if((eventXmlElements != null) && (eventXmlElements.length > 0) && (eventXmlElements[0].firstChild != null))
                {
                    if (window.XMLSerializer) 
                    {
                       var xml = serializer.serializeToString(eventXmlElements[0].firstChild);
                       eventXml = xml;
                    } 
                    else 
                    {
                       if (typeof eventXmlElements[0].firstChild.xml != "undefined") 
                       {
                          eventXml = eventXmlElements[0].firstChild.xml;
                       }
                    }
                }
                else
                {
                    eventXml = dataNotFoundWarningLabelNodeText;
                }
                var eventLevelElements = eventRecordArray[i].getElementsByTagName("EventLevel");
                if((eventLevelElements != null) && (eventLevelElements.length > 0) && (eventLevelElements[0].firstChild != null))
                {
                    eventType = eventLevelElements[0].firstChild.nodeValue;
                }
                else
                {
                    eventType = 5;
                }
                
                if((bVerbose === true)&&(eventType == 5))
                {
                    displayEvent = true;
                }
                else if((bInformational === true)&&(eventType == 4))
                {
                    displayEvent = true;
                }
                else if((bWarning === true)&&(eventType == 3))
                {
                    displayEvent = true;
                }
                else if((bError === true)&&((eventType == 1)||(eventType == 2)))
                {
                    displayEvent = true;
                }
                
                if (displayEvent === true)
                {
                    eventXmlId = "EventXml" + (i+"");
                    htmlText = htmlText + "<tr>";
                    htmlText = htmlText + "<td class=\"centerTxt\" style=\"background:" + displayBgColor +"\">" + eventId + "</td>";
                    htmlText = htmlText + "<td class=\"centerTxt\" style=\"background:" + displayBgColor +"\">" + eventTime + "</td>";
                    htmlText = htmlText + "<td class=\"txtFormat1\" style=\"background:" + displayBgColor +"\">" + eventDescription + "</td>";
                    htmlText = htmlText + "<td style=\"background:" + displayBgColor +"\"><span style=\"color:blue; cursor:hand\" onclick=\"toggle(" + eventXmlId +");\" onKeyPress=\"toggle(" + eventXmlId + ");\" tabIndex=1 >";
                    htmlText = htmlText + eventXmlLabelNodeText + "</span><br/>";
                    htmlText = htmlText + "<span style=\"display:none\" id=" + eventXmlId +">";
                    htmlText = htmlText + eventXml + "</span>";
                    htmlText = htmlText + "</td>";
                    htmlText = htmlText + "</tr>";
                }
            }
        }
        htmlText = htmlText + "</table></body></html>";

        if(windowsArray[strWindowId])
        {
            delete windowsArray[strWindowId];
        }
        
        // IE specific method for showing the popup.
        if(navigator.userAgent.indexOf("MSIE") > 0 && window.location.toString().indexOf("file:") === -1)
        {
            var strDiagArgs = "dialogHeight=360px;dialogWidth=630px;status=no;scroll=yes;resizable=yes;minimize=yes;maximize=yes;";

            var vModeless = window.showModelessDialog("about:blank", window, strDiagArgs);
            vModeless.document.write(htmlText);
            vModeless.document.close();
            vModeless.location.reload(false);
            windowsArray[strWindowId] = vModeless;            
        }
        else
        {
            var strDiagArgs = "height=360px, width=630px, status=no, toolbar=no, scrollbars=yes, resizable=yes";
        
            windowsArray[strWindowId] = window.open("", "", strDiagArgs);
            windowsArray[strWindowId].document.write(htmlText);
            windowsArray[strWindowId].focus();
        } 
    }

    xmlDocumentRoot = null;
}

function cleanUp() {
    var windowsArray = this.windowsArray;
    for (var currentWindow in windowsArray) {
        if (windowsArray.hasOwnProperty(currentWindow)) {
            windowsArray[currentWindow].close();
        }
    }
}

function getMessageText(messageNode) {
    if (messageNode != null) {
        if (messageNode.firstChild != null) {
            if (messageNode.firstChild.nodeType === 3) {
                for (var i = 0; i < messageNode.childNodes.length; i++) 
                {
                    var curNode = messageNode.childNodes[i];
                    if(curNode.nodeType === 1){
                        return curNode.childNodes[0].nodeValue;
                    }
                }
            } else {
                return messageNode.firstChild.childNodes[0].nodeValue;
            }
        }
    }
    return null;
}

function showComponentProcessingDetails(srcElement) {
    var strWindowId = "ProcessingDetails_" + srcElement.getAttribute("eventLogActivityId");
    if ((windowsArray[strWindowId]) && (windowsArray[strWindowId].closed === false)) {
        windowsArray[strWindowId].focus();
    } else {
        var doc;
        var parser;
        var xmlDocumentRoot;
        var xmlDocument;

        var extensionsProcessedLabelNode, slowLinkThresholdLabelNode, linkSpeedLabelNode, extensionsProcessedTimeTakenNode;
        var domainControllerIpLabelNode, domainControllerNameLabelNode, processingTypeLabelNode, loopbackModeLabelNode;
        var processingTriggerLabelNode, extensionNameLabelNode, timeTakenLabelNode;
        var dataNotFoundWarningLabelNode;
        var singlePassEventsDetailsNode, totalProcessingTimeLabelNode, refreshMessageLabelNode;
        var processingDetailsUserTitleNode, processingDetailsComputerTitleNode;
        var policySectionNode;
        var policyEventsDetailsNode, detailsLabelNode;

        var extensionsProcessedLabelNodeText, slowLinkThresholdLabelNodeText, linkSpeedLabelNodeText, extensionsProcessedTimeTakenNodeText;
        var domainControllerIpLabelNodeText, domainControllerNameLabelNodeText, processingTypeLabelNodeText, loopbackModeLabelNodeText;
        var processingTriggerLabelNodeText, extensionNameLabelNodeText, timeTakenLabelNodeText;
        var dataNotFoundWarningLabelNodeText, totalProcessingTimeLabelNodeText, refreshMessageLabelNodeText;
        var processingDetailsUserTitleNodeText, processingDetailsComputerTitleNodeText;
        var detailsLabelNodeText;

        var slowLinkThresholdValue, linkSpeedValue, domainControllerIpValue, domainControllerNameValue;
        var processingTypeValue, loopbackModeValue, processingTriggerValue, totalPolicyProcessingTime, extensionProcessingTimeArray;
        var cseNameArray = new Array();
        var cseElapsedTimeArray = new Array();
        var policyApplicationFinishedTime;

        var isComputerProcessing;
        var strDiagArgs;
        var mainSection;
        var attributeValue;
        var singlePassEventsDetails;
        var singlePassEventsDetailsChildren;
        var node;
        var children;
        var itemSub;

        if (window.DOMParser) 
        {
           // This browser appears to support DOMParser
           parser = new DOMParser();
           doc = document.getElementById("data-island").textContent;

           xmlDocumentRoot = parser.parseFromString(doc, "application/xml");

           xmlDocument = xmlDocumentRoot.documentElement;

           itemSub = 1;
        } 
        else 
        { 
           // Internet Explorer, create a new XML document using ActiveX 
           // and use loadXML as a DOM parser. 
           try 
           {
              doc = document.getElementById("data-island");

              xmlDocumentRoot = new ActiveXObject("Msxml2.DOMDocument.6.0"); 
              xmlDocumentRoot.async = false; 
              xmlDocumentRoot.loadXML(doc.innerHTML);
              xmlDocument = xmlDocumentRoot.documentElement;
              itemSub = 0;
           } 
           catch(e) 
           {
              // Not supported.
           }
        }

        if (xmlDocument != null) {
            mainSection = xmlDocument.getElementsByTagName("MainSection")[0].childNodes;

            if (mainSection != null) {
                for (children = 0; children < mainSection.length; children++) {
                    node = mainSection[children];
                    if (node.nodeType === 1 && node.nodeName === 'Label') {
                        attributeValue = node.getAttribute("Name")
                        if (attributeValue != null) {
                            if (attributeValue === 'ComponentStatus_ExtensionsProcessed') {
                                extensionsProcessedLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_SlowLinkThreshold') {
                                slowLinkThresholdLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_LinkSpeed') {
                                linkSpeedLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_TimeTaken') {
                                extensionsProcessedTimeTakenNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_DomainControllerIP') {
                                domainControllerIpLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_DomainControllerName') {
                                domainControllerNameLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ProcessingTrigger') {
                                processingTriggerLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ExtensionName') {
                                extensionNameLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_TimeTaken') {
                                timeTakenLabelNode = node;
                            }
                            if (attributeValue === 'Warning_DataNotFound') {
                                dataNotFoundWarningLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_TotalProcessingTime') {
                                totalProcessingTimeLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_RefreshMessage') {
                                refreshMessageLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_UserProcessingDetails') {
                                processingDetailsUserTitleNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ComputerProcessingDetails') {
                                detailsLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ProcessingType') {
                                processingTypeLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_LoopbackMode') {
                                loopbackModeLabelNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_UserProcessingDetails') {
                                processingDetailsUserTitleNode = node;
                            }
                            if (attributeValue === 'ComponentStatus_ComputerProcessingDetails') {
                                processingDetailsComputerTitleNode = node;
                            }
                        }
                    }
                }
            }

            singlePassEventsDetails = xmlDocument.getElementsByTagName("SinglePassEventsDetails");
            if (singlePassEventsDetails != null) {
                for (singlePassEventsDetailsChildren = 0; singlePassEventsDetailsChildren < singlePassEventsDetails.length; singlePassEventsDetailsChildren++) {
                    node = singlePassEventsDetails[singlePassEventsDetailsChildren];
                    if (node.getAttribute("ActivityId") === srcElement.getAttribute("eventLogActivityId")) {
                        singlePassEventsDetailsNode = node;
                    }
                }
            }

            if (singlePassEventsDetailsNode) {
                policyEventsDetailsNode = singlePassEventsDetailsNode.parentNode;
                if (policyEventsDetailsNode) {
                    policySectionNode = policyEventsDetailsNode.parentNode;
                    if (policySectionNode) {
                        if (policySectionNode.nodeName === 'UserPolicySection') {
                            isComputerProcessing = false;
                        }
                        if (policySectionNode.nodeName === 'ComputerPolicySection') {
                            isComputerProcessing = true;
                        }
                    }
                }
            }
        }

        
        extensionsProcessedLabelNodeText = getMessageText(extensionsProcessedLabelNode);
        slowLinkThresholdLabelNodeText = getMessageText(slowLinkThresholdLabelNode);
        linkSpeedLabelNodeText = getMessageText(linkSpeedLabelNode);
        domainControllerIpLabelNodeText = getMessageText(domainControllerIpLabelNode);
        domainControllerNameLabelNodeText = getMessageText(domainControllerNameLabelNode);
        processingTypeLabelNodeText = getMessageText(processingTypeLabelNode);
        loopbackModeLabelNodeText = getMessageText(loopbackModeLabelNode);
        processingTriggerLabelNodeText = getMessageText(processingTriggerLabelNode);
        extensionNameLabelNodeText = getMessageText(extensionNameLabelNode);
        timeTakenLabelNodeText = getMessageText(timeTakenLabelNode);
        processingDetailsUserTitleNodeText = getMessageText(processingDetailsUserTitleNode);
        processingDetailsComputerTitleNodeText = getMessageText(processingDetailsComputerTitleNode);
        dataNotFoundWarningLabelNodeText = getMessageText(dataNotFoundWarningLabelNode);
        totalProcessingTimeLabelNodeText = getMessageText(totalProcessingTimeLabelNode);
        refreshMessageLabelNodeText = getMessageText(refreshMessageLabelNode);
        detailsLabelNodeText = getMessageText(detailsLabelNode);
     

        slowLinkThresholdValue = null;
        linkSpeedValue = null;
        domainControllerIpValue = null;
        domainControllerNameValue = null;
        processingTypeValue = null;
        loopbackModeValue = null;
        processingTriggerValue = null;

        if (singlePassEventsDetailsNode != null) {
            slowLinkThresholdValue = singlePassEventsDetailsNode.getAttribute("SlowLinkThresholdInKbps");
            linkSpeedValue = singlePassEventsDetailsNode.getAttribute("LinkSpeedInKbps");
            domainControllerIpValue = singlePassEventsDetailsNode.getAttribute("DomainControllerIPAddress");
            domainControllerNameValue = singlePassEventsDetailsNode.getAttribute("DomainControllerName");
            processingTypeValue = singlePassEventsDetailsNode.getAttribute("ProcessingAppMode");
            loopbackModeValue = singlePassEventsDetailsNode.getAttribute("PolicyProcessingMode");
            processingTriggerValue = singlePassEventsDetailsNode.getAttribute("ProcessingTrigger");
            totalPolicyProcessingTime = singlePassEventsDetailsNode.getAttribute("PolicyElapsedTime");
            extensionProcessingTimeArray = singlePassEventsDetailsNode.getElementsByTagName("ExtensionProcessingTime");
        }
        if (slowLinkThresholdValue == null) {
            slowLinkThresholdValue = dataNotFoundWarningLabelNodeText;
        }
        if (linkSpeedValue == null) {
            linkSpeedValue = dataNotFoundWarningLabelNodeText;
        }
        if (domainControllerIpValue == null) {
            domainControllerIpValue = dataNotFoundWarningLabelNodeText;
        }
        else {
            domainControllerIpValue = domainControllerIpValue.replace(/^\\\\/, "");
        }
        if (domainControllerNameValue == null) {
            domainControllerNameValue = dataNotFoundWarningLabelNodeText;
        }
        else {
            domainControllerNameValue = domainControllerNameValue.replace(/^\\\\/, "");
        }
        if (processingTypeValue == null) {
            processingTypeValue = dataNotFoundWarningLabelNodeText;
        }
        if (loopbackModeValue == null) {
            loopbackModeValue = dataNotFoundWarningLabelNodeText;
        }
        if (processingTriggerValue == null) {
            processingTriggerValue = dataNotFoundWarningLabelNodeText;
        }

        if (extensionProcessingTimeArray != null && extensionProcessingTimeArray.length > 0) {
            var cseName;
            var cseElapsedTime;
            var cseProcessedTime;
            var cseId;
            var i;
            var index = 0;
            for (i = 0; i < extensionProcessingTimeArray.length; i++) {
                var cseNameElements = extensionProcessingTimeArray[i].getElementsByTagName("ExtensionName");
                var cseElapsedTimeElements = extensionProcessingTimeArray[i].getElementsByTagName("ElapsedTime");
                var cseProcessedTimeElements = extensionProcessingTimeArray[i].getElementsByTagName("ProcessedTime");
                var cseIdElements = extensionProcessingTimeArray[i].getElementsByTagName("ExtensionGuid");
                if ((cseNameElements.length > 0) && (cseElapsedTimeElements.length > 0) && (cseProcessedTimeElements.length > 0) && (cseIdElements.length > 0)) {
                    if ((cseNameElements[0].firstChild != null) && (cseElapsedTimeElements[0].firstChild != null) && (cseProcessedTimeElements[0].firstChild != null) && (cseIdElements[0].firstChild != null)) {
                        cseName = cseNameElements[0].firstChild.nodeValue;
                        cseElapsedTime = cseElapsedTimeElements[0].firstChild.nodeValue;
                        cseProcessedTime = cseProcessedTimeElements[0].firstChild.nodeValue;
                        cseId = cseIdElements[0].firstChild.nodeValue;
                        if ((cseName != null) && (cseElapsedTime != null) && (cseProcessedTime != null) && (cseId != null)) {
                            cseNameArray[index] = cseName;
                            cseElapsedTimeArray[index] = cseElapsedTime;
                            index = index + 1;
                            if (cseId === '{00000000-0000-0000-0000-000000000000}') {
                                policyApplicationFinishedTime = cseProcessedTime;
                            }
                        }
                    }
                }
            }
        }
          
        var htmlText = "<html dir=" + document.dir +  ">";
        htmlText = htmlText + "<head>";
        htmlText = htmlText + "<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\" />";
        htmlText = htmlText + "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-16\" />";
        if(isComputerProcessing != null)
        {
            if(isComputerProcessing === true)
            {
                htmlText = htmlText + "<title>" + processingDetailsComputerTitleNodeText + "</title>";
            }
            else
            {
                htmlText = htmlText + "<title>" + processingDetailsUserTitleNodeText + "</title>";
            }
        }
        

        htmlText = htmlText + "</head><style type=\"text/css\">";
        htmlText = htmlText + "body    { background-color:#FFFFFF; color:#000000; font-size:68%; font-family:MS Shell Dlg; margin:0,0,10px,0; word-break:normal; word-wrap:break-word; }";
        htmlText = htmlText + "table   { font-size:100%; table-layout:fixed; width:100%; }";
        htmlText = htmlText + "td,th   { overflow:visible; text-align:left; vertical-align:top; white-space:normal; }";
        htmlText = htmlText + ".he0    { background-color:#FEF7D6; border:1px solid #BBBBBB; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2.25em; margin-bottom:-1px; margin-left:0px; margin-right:0px; padding-left:8px; padding-right:5em; padding-top:4px; position:relative; width:100%; }";
        htmlText = htmlText + ".he1    { color:#000000; display:block; font-family:MS Shell Dlg; font-size:100%; font-weight:bold; height:2em;margin-left: 5 px; margin-top: 5 px; position:relative; width:100%; }";
        htmlText = htmlText + ".tblspecialfmt { border:1px solid black;border-collapse:collapse; }";
        htmlText = htmlText + ".tblfirstcolfmt { border-left-width: 1px;border-top-width: 1px;border-bottom-width: 1px;border-right-width: 0px;border-style: solid; border-color: black; }";
        htmlText = htmlText + ".tblsecondcolfmt { border-left-width: 0px;border-top-width: 1px;border-bottom-width: 1px;border-right-width: 1px;border-style: solid; border-color: black; }";
        htmlText = htmlText + "</style>";
        htmlText = htmlText + "<body>";
        htmlText = htmlText + "<span class=\"he1\">" + refreshMessageLabelNodeText + " " + policyApplicationFinishedTime + "</span>" ;
        htmlText = htmlText + "<div class=\"he0\">" + detailsLabelNodeText + "</div>"
        htmltext = htmlText + "<table><tr>";

        htmlText = htmlText + "<td>";
        htmlText = htmlText + "<table>";
        htmlText = htmlText + "<tr><td colspan=\"2\">&nbsp;</td></tr>";


        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + processingTypeLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + processingTypeValue + "</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + loopbackModeLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + loopbackModeValue + "</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + linkSpeedLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + linkSpeedValue + "</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + slowLinkThresholdLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + slowLinkThresholdValue + "</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + domainControllerNameLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + domainControllerNameValue +"</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + domainControllerIpLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + domainControllerIpValue +"</td></tr>";

        htmlText = htmlText + "<tr><td style=\"width: 50%\"><strong>" + processingTriggerLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td>" + processingTriggerValue + "</td></tr>";

        htmlText = htmlText + "</table></td></tr>";
        htmlText = htmlText + "<tr ><td ><table>";


        htmlText = htmlText + "<tr><td><span class=\"he1\" >" + extensionsProcessedLabelNodeText +"</span></td></tr>";
        htmlText = htmlText + "<tr><td><table class=\"tblspecialfmt\" >";
        htmlText = htmlText + "<tr><td class=\"tblfirstcolfmt\" style=\"width: 50%;background-color:#FEF7D6;\"><strong>" + extensionNameLabelNodeText + "</strong></td>";
        htmlText = htmlText + "<td class=\"tblsecondcolfmt\" style=\"background-color:#FEF7D6;\" ><strong>" + timeTakenLabelNodeText + "</strong></td></tr>";

        for (var idx in cseNameArray)
        {
            htmlText = htmlText + "<tr><td style=\"width: 50%\">" + cseNameArray[idx] + "</td>";                   
            htmlText = htmlText + "<td>" + cseElapsedTimeArray[idx] + "</td></tr>";
        }

        if (totalPolicyProcessingTime != null)
        {
            htmlText = htmlText + "<tr><td class=\"tblfirstcolfmt\" style=\"width: 50%\" >" + totalProcessingTimeLabelNodeText +":</td>";
            htmlText = htmlText + "<td class=\"tblsecondcolfmt\">" + totalPolicyProcessingTime + "</td></tr>";
        }
        htmlText = htmlText + "</table></td></tr></table></td></tr></table></body></html>";

        if(windowsArray[strWindowId])
        {
            delete windowsArray[strWindowId];
        }
         
        // IE specific method for showing the popup.
        if(navigator.userAgent.indexOf("MSIE") > 0 && window.location.toString().indexOf("file:") === -1)
        {
            strDiagArgs = "dialogHeight=360px;dialogWidth=630px;status=no;scroll=yes;resizable=yes;minimize=yes;maximize=yes;";

            var vModeless = window.showModelessDialog("about:blank", window, strDiagArgs);
            vModeless.document.write(htmlText);
            vModeless.document.close();
            vModeless.location.reload(false);
            windowsArray[strWindowId] = vModeless;                      
        }
        else
        {
            strDiagArgs = "height=360px, width=630px, status=no, toolbar=no, scrollbars=yes, resizable=yes";
        
            windowsArray[strWindowId] = window.open("", "" , strDiagArgs);
            windowsArray[strWindowId].document.write(htmlText);
            windowsArray[strWindowId].focus();
        }
    }

    xmlDocumentRoot = null;
}
</script>
</head>

<body onload="window_onload();" onclick="document_onclick();" onkeypress="document_onkeypress(event);" onunload="cleanUp();">

<!-- HTML resources -->
<div style="display:none;">
        <div id="explainText_windowTitle">Group Policy Management</div>
        <div id="explainText_windowStyles">
        
                            body  { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; }

                            .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; }

                            .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; }

                            .info { padding-left:10px;width:100%; }

                            table { font-size:100%; width:100%; border:1px solid #999999; }

                            th    { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; }

                            td    { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; }

                            .btn  { width:100%; text-align:right; margin-top:16px; }

                            .hdr  { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; }

                            .bdy  { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; }

                            button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; }

                            @media print {

                                .bdy { display:block; overflow:visible; }

                                button { display:none; }

                                .head { color:#000000; background:#FFFFFF; border:1px solid #000000; }

                            }

                
        </div>
        <div id="explainText_settingPathLabel">Setting Path:</div>
        <div id="explainText_explainTextLabel">Explanation</div>
        <div id="explainText_printButton">
        <button name="Print" onClick="window.print()" accesskey="P"><u>P</u>rint</button>

        </div>
        <div id="explainText_closeButton">
        <button name="Close" onClick="window.close()" accesskey="C"><u>C</u>lose</button>
                
        </div>
        <div id="explainText_noExplainTextAvailable">No explanation is available for this setting.</div>
        <div id="explainText_supportedLabel">Supported On:</div>
        <div id="explainText_noSupportedTextAvailable">Not available</div>
</div><table class="title" >
<tr><td colspan="2" class="gponame">PT-PO-WIN-C-Windows 11 Hardening PCI - Deny Camera</td></tr>
<tr>
    <td id="dtstamp">Data collected on: 2-9-2025 13:17:01</td>
    <td><div id="objshowhide" tabindex="0" onclick="objshowhide_onClick();return false;"></div></td>
</tr>
</table>

<div class="gposummary">
<div class="he0_expanded"><span class="sectionTitle" tabindex="0">General</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he1"><span class="sectionTitle" tabindex="0">Details</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info" >
<tr><td scope="row">Domain</td><td>emea.tpg.ads</td></tr>
<tr><td scope="row">Owner</td><td>EMEA\brighton.6-adm</td></tr>
<tr><td scope="row">Created</td><td>18-8-2025 12:42:02</td></tr>
<tr><td scope="row">Modified</td><td>18-8-2025 13:07:40</td></tr>
<tr><td scope="row">User Revisions</td><td>3 (AD), 3 (SYSVOL)</td></tr>
<tr><td scope="row">Computer Revisions</td><td>4 (AD), 4 (SYSVOL)</td></tr>
<tr><td scope="row">Unique ID</td><td>{ee769556-df06-4ed4-a34f-c8ee21d2429e}</td></tr>
<tr><td scope="row">GPO Status</td><td>User settings disabled</td></tr>
</table></div></div>
<div class="filler"></div>
<div class="he1"><span class="sectionTitle" tabindex="0">Links</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" ><tr><th scope="col">Location</th><th scope="col">Enforced</th><th scope="col">Link Status</th><th scope="col">Path</th></tr>
    <tr><td>Clients</td><td>No</td><td>Enabled</td><td>emea.tpg.ads/PT/Systems/Clients</td></tr>
    </table>
    <br/>This list only includes links in the domain of the GPO.</div></div>
<div class="filler"></div>
<div class="he1"><span class="sectionTitle" tabindex="0">Security Filtering</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>The settings in this GPO can only apply to the following groups, users, and computers:</b></div>
<div class="he4i">
<table class="info" ><tr><th scope="col">Name</th></tr><tr><td>EMEA\PT-L-SEC-C-Windows 11 Hardening Deny Camera</td></tr></table>
</div>
</div>
<div class="filler"></div>

<div class="filler"></div>
<div class="he1"><span class="sectionTitle" tabindex="0">Delegation</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>These groups and users have the specified permission for this GPO</b></div>
<div class="he4i">
<table class="info3" >
<tr><th scope="col">Name</th><th scope="col">Allowed Permissions</th><th scope="col">Inherited</th></tr>
<tr><td>EMEA\brighton.6-adm</td><td>Edit settings, delete, modify security</td><td>No</td></tr>
<tr><td>EMEA\Domain Admins</td><td>Edit settings, delete, modify security</td><td>No</td></tr>
<tr><td>EMEA\PT-L-SEC-C-Windows 11 Hardening Deny Camera</td><td>Read (from Security Filtering)</td><td>No</td></tr>
<tr><td>EMEA\PT-L-SEC-Delegation Modify Group Policy Settings Access</td><td>Edit settings, delete, modify security</td><td>No</td></tr>
<tr><td>NT AUTHORITY\Authenticated Users</td><td>Read</td><td>No</td></tr>
<tr><td>NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS</td><td>Read</td><td>No</td></tr>
<tr><td>NT AUTHORITY\SYSTEM</td><td>Edit settings, delete, modify security</td><td>No</td></tr>
<tr><td>ROOT\Enterprise Admins</td><td>Edit settings, delete, modify security</td><td>No</td></tr>
</table>

</div></div></div>
<div class="filler"></div>
</div>
<div class="he0_expanded"><span class="sectionTitle" tabindex="0">Computer Configuration (Enabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he1h_expanded"><span class="sectionTitle" tabindex="0">Policies</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he1_expanded"><span class="sectionTitle" tabindex="0">Windows Settings</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he2"><span class="sectionTitle" tabindex="0">Scripts</span><a class="expando" href="#"></a></div>
        <div class="container"><div class="he4"><span class="sectionTitle" tabindex="0">Startup</span><a class="expando" href="#"></a></div>
    <div class="container">
<div class="he4i"><b>For this GPO, Script order:</b> Windows PowerShell scripts will run first</div><div class="he4i"><table class="info" >
<tr><th scope="col">Name</th><th scope="col">Parameters</th></tr>
<tr><td>remove_winkey.bat</td><td></td></tr>
</table>
</div></div></div><div class="he2"><span class="sectionTitle" tabindex="0">Security Settings</span><a class="expando" href="#"></a></div>
        <div class="container"><div class="he3"><span class="sectionTitle" tabindex="0">System Services</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4h"><span class="sectionTitle" tabindex="0">AppX Deployment Service (AppXSVC) (Startup Mode: Disabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>Permissions</b><br/>No permissions specified</div><div class="he4i"><b>Auditing</b><br/>No auditing specified</div></div><div class="he4h"><span class="sectionTitle" tabindex="0">Bluetooth Audio Gateway Service (Startup Mode: Disabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>Permissions</b><br/>No permissions specified</div><div class="he4i"><b>Auditing</b><br/>No auditing specified</div></div><div class="he4h"><span class="sectionTitle" tabindex="0">Bluetooth Support Service (Startup Mode: Disabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>Permissions</b><br/>No permissions specified</div><div class="he4i"><b>Auditing</b><br/>No auditing specified</div></div><div class="he4h"><span class="sectionTitle" tabindex="0">Windows Defender Advanced Threat Protection Service (Startup Mode: Disabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>Permissions</b><br/>No permissions specified</div><div class="he4i"><b>Auditing</b><br/>No auditing specified</div></div><div class="he4h"><span class="sectionTitle" tabindex="0">Microsoft Defender Antivirus Network Inspection Service (Startup Mode: Disabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>Permissions</b><br/>No permissions specified</div><div class="he4i"><b>Auditing</b><br/>No auditing specified</div></div><div class="he4h"><span class="sectionTitle" tabindex="0">Microsoft Defender Antivirus Service (Startup Mode: Disabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>Permissions</b><br/>No permissions specified</div><div class="he4i"><b>Auditing</b><br/>No auditing specified</div></div><div class="he4h"><span class="sectionTitle" tabindex="0">WMI Performance Adapter (Startup Mode: Automatic)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>Permissions</b><br/>No permissions specified</div><div class="he4i"><b>Auditing</b><br/>No auditing specified</div></div></div><div class="he3"><span class="sectionTitle" tabindex="0">File System</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4h"><span class="sectionTitle" tabindex="0">%SystemRoot%\System32\osk.exe</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i">Configure this file or folder then: Propagate inheritable permissions to all subfolders and files</div><div class="he4i"><table class="info" >
<tr><td scope="row"><b>Owner</b></td><td></td></tr>
</table>
</div><div class="he4i"><b>Permissions</b><table class="subtable3" >
<tr><th scope="col">Type</th><th scope="col">Name</th><th scope="col">Permission</th><th scope="col">Apply To</th></tr><tr><td>Deny</td><td>APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES</td><td>Full Control</td><td>This folder, subfolders and files</td></tr></table>
<table class="subtable">
<tr><td scope="row">Allow inheritable permissions from the parent to propagate to this object and all child objects</td><td>Disabled</td></tr>
</table>
</div><div class="he4i"><b>Auditing</b><br/>No auditing specified</div></div></div><div class="he3"><span class="sectionTitle" tabindex="0">Software Restriction Policies</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info" >
<tr><td><b>Enforcement</b></td></tr>
<tr><td colspan="1">
    <table class="subtable3" >
    <tr><th scope="col">Policy</th><th scope="col">Setting</th></tr>
    <tr><td>Apply Software Restriction Policies to the following</td><td>All software files except libraries (such as DLLs)</td></tr>
    <tr><td>Apply Software Restriction Policies to the following users</td><td>All users</td></tr>
    <tr><td>When applying Software Restriction Policies</td><td>Ignore certificate rules</td></tr>
    </table>
</td></tr>
<tr><td><b>Designated File Types</b></td></tr>
<tr><td colspan="1">
<table class="subtable" ><tr><th scope="col">File Extension</th><th scope="col">File Type</th></tr>
<tr><td>ADE</td><td>ADE File</td></tr>
<tr><td>ADP</td><td>ADP File</td></tr>
<tr><td>BAS</td><td>BAS File</td></tr>
<tr><td>BAT</td><td>Windows Batch File</td></tr>
<tr><td>CHM</td><td>Compiled HTML Help file</td></tr>
<tr><td>CMD</td><td>Windows Command Script</td></tr>
<tr><td>COM</td><td>MS-DOS Application</td></tr>
<tr><td>CPL</td><td>Control panel item</td></tr>
<tr><td>CRT</td><td>Security Certificate</td></tr>
<tr><td>EXE</td><td>Application</td></tr>
<tr><td>HLP</td><td>Help file</td></tr>
<tr><td>HTA</td><td>HTML Application</td></tr>
<tr><td>INF</td><td>Setup Information</td></tr>
<tr><td>INS</td><td>INS File</td></tr>
<tr><td>ISP</td><td>ISP File</td></tr>
<tr><td>LNK</td><td>Shortcut</td></tr>
<tr><td>MDB</td><td>MDB File</td></tr>
<tr><td>MDE</td><td>MDE File</td></tr>
<tr><td>MSC</td><td>Microsoft Common Console Document</td></tr>
<tr><td>MSI</td><td>Windows Installer Package</td></tr>
<tr><td>MSP</td><td>Windows Installer Patch</td></tr>
<tr><td>MST</td><td>MST File</td></tr>
<tr><td>OCX</td><td>ActiveX control</td></tr>
<tr><td>PCD</td><td>PCD File</td></tr>
<tr><td>PIF</td><td>Shortcut to MS-DOS Program</td></tr>
<tr><td>REG</td><td>Registration Entries</td></tr>
<tr><td>SCR</td><td>Screen saver</td></tr>
<tr><td>SHS</td><td>SHS File</td></tr>
<tr><td>URL</td><td>Internet Shortcut</td></tr>
<tr><td>VB</td><td>Visual Basic Source File</td></tr>
<tr><td>WSC</td><td>Windows Script Component</td></tr>
</table>
</td></tr>
<tr><td><b>Trusted Publishers</b></td></tr>
<tr><td colspan="1">
    <table class="subtable" >
    <tr><td scope="row">Trusted publisher management</td><td>Allow all administrators and users to manage user's own Trusted Publishers</td></tr>
    <tr><td scope="row">Certificate verification</td><td>None</td></tr>
    </table>
</td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Software Restriction Policies/Security Levels</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i">
      <table class="info" >
      <tr><th scope="col">Policy</th><th scope="col">Setting</th></tr>
      <tr><td>Default Security Level</td><td>Unrestricted</td></tr>
      </table>
    </div></div><div class="he3"><span class="sectionTitle" tabindex="0">Software Restriction Policies/Additional Rules</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4h"><span class="sectionTitle" tabindex="0">Path Rules</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info" ><tr><td><b>%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%</b></td></tr><tr><td><table class="subtable" >
<tr><td scope="row">Security Level</td><td>Unrestricted</td></tr>
<tr><td scope="row">Description</td><td></td></tr>
<tr><td scope="row">Date last modified</td><td>2-7-2024 11:47:48</td></tr>
</table>
</td></tr><tr><td><b>%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%</b></td></tr><tr><td><table class="subtable" >
<tr><td scope="row">Security Level</td><td>Unrestricted</td></tr>
<tr><td scope="row">Description</td><td></td></tr>
<tr><td scope="row">Date last modified</td><td>2-7-2024 11:47:48</td></tr>
</table>
</td></tr><tr><td><b>C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy</b></td></tr><tr><td><table class="subtable" >
<tr><td scope="row">Security Level</td><td>Disallowed</td></tr>
<tr><td scope="row">Description</td><td>Deny Search</td></tr>
<tr><td scope="row">Date last modified</td><td>2-7-2024 11:48:28</td></tr>
</table>
</td></tr><tr><td><b>C:\Windows\SystemApps\Microsoft.Windows.Search*</b></td></tr><tr><td><table class="subtable" >
<tr><td scope="row">Security Level</td><td>Disallowed</td></tr>
<tr><td scope="row">Description</td><td>Deny Search</td></tr>
<tr><td scope="row">Date last modified</td><td>2-7-2024 11:48:47</td></tr>
</table>
</td></tr></table></div></div></div></div></div><div class="filler"></div>
<div class="he1"><span class="sectionTitle" tabindex="0">Administrative Templates</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i">Policy definitions (ADMX files) retrieved from the central store.</div><div class="he3"><span class="sectionTitle" tabindex="0">Control Panel</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow Online Tips" gpmc_settingPath="Computer Configuration/Administrative Templates/Control Panel" gpmc_settingDescription="Enables or disables the retrieval of online tips and help for the Settings app.&lt;br/&gt;&lt;br/&gt;If disabled, Settings will not contact Microsoft content services to retrieve tips and help content." gpmc_supported="At least Windows Server 2016, Windows 10 Version 1709">Allow Online Tips</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Google/Google Chrome</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow user feedback" gpmc_settingPath="Computer Configuration/Administrative Templates/Google/Google Chrome" gpmc_settingDescription="Setting the policy to Enabled or leaving it unset lets users send feedback to Google through Menu &amp;gt; Help &amp;gt; Report an Issue or key combination.&lt;br/&gt;&lt;br/&gt;Setting the policy to Disabled means users can&amp;#39;t send feedback to Google." gpmc_supported="Microsoft Windows 7 or later">Allow user feedback</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Google/Google Chrome/Google Cast</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Enable Google Cast" gpmc_settingPath="Computer Configuration/Administrative Templates/Google/Google Chrome/Google Cast" gpmc_settingDescription="Setting the policy to Enabled or leaving it unset turns on Google Cast, which users can launch from the app menu, page context menus, media controls on Cast-enabled websites, and (if shown) the Cast toolbar icon.&lt;br/&gt;&lt;br/&gt;Setting the policy to Disabled turns off Google Cast." gpmc_supported="Microsoft Windows 7 or later">Enable Google Cast</span></td><td>Disabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Show the Google Cast toolbar icon" gpmc_settingPath="Computer Configuration/Administrative Templates/Google/Google Chrome/Google Cast" gpmc_settingDescription="Setting the policy to Enabled displays the Cast toolbar icon on the toolbar or the overflow menu, and users can&amp;#39;t remove it.&lt;br/&gt;&lt;br/&gt;Setting the policy to Disabled or leaving it unset lets users pin or remove the icon through its contextual menu.&lt;br/&gt;&lt;br/&gt;If the policy EnableMediaRouter is set to Disabled, then this policy&amp;#39;s value has no effect, and the toolbar icon doesn&amp;#39;t appear." gpmc_supported="Microsoft Windows 7 or later">Show the Google Cast toolbar icon</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Microsoft Edge</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Ads setting for sites with intrusive ads" gpmc_settingPath="Computer Configuration/Administrative Templates/Microsoft Edge" gpmc_settingDescription="Controls whether ads are blocked on sites with intrusive ads.&lt;br/&gt;&lt;br/&gt;Policy options mapping:&lt;br/&gt;&lt;br/&gt;* AllowAds (1) = Allow ads on all sites&lt;br/&gt;&lt;br/&gt;* BlockAds (2) = Block ads on sites with intrusive ads. (Default value)&lt;br/&gt;&lt;br/&gt;Use the preceding information when configuring this policy." gpmc_supported="Microsoft Edge version 78, Windows 7 or later">Ads setting for sites with intrusive ads</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Ads setting for sites with intrusive ads</td><td>Block ads on sites with intrusive ads. (Default value)</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow user feedback" gpmc_settingPath="Computer Configuration/Administrative Templates/Microsoft Edge" gpmc_settingDescription="Microsoft Edge uses the Edge Feedback feature (enabled by default) to allow users to send feedback, suggestions or customer surveys and to report any issues with the browser. Also, by default, users can&amp;#39;t disable (turn off) the Edge Feedback feature.&lt;br/&gt;&lt;br/&gt;Starting in Microsoft Edge 105, if the user is signed into Microsoft Edge with their work or school account, their feedback is associated with their account and organization.&lt;br/&gt;&lt;br/&gt;If you enable this policy or don&amp;#39;t configure it, users can invoke Edge Feedback.&lt;br/&gt;&lt;br/&gt;If you disable this policy, users can&amp;#39;t invoke Edge Feedback." gpmc_supported="Microsoft Edge version 77, Windows 7 or later">Allow user feedback</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Microsoft Edge/Cast</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Enable Google Cast" gpmc_settingPath="Computer Configuration/Administrative Templates/Microsoft Edge/Cast" gpmc_settingDescription="Enable this policy to enable Google Cast. Users will be able to launch it from the app menu, page context menus, media controls on Cast-enabled websites, and (if shown) the Cast toolbar icon.&lt;br/&gt;&lt;br/&gt;Disable this policy to disable Google Cast.&lt;br/&gt;&lt;br/&gt;By default, Google Cast is enabled." gpmc_supported="Microsoft Edge version 77, Windows 7 or later">Enable Google Cast</span></td><td>Disabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Show the cast icon in the toolbar" gpmc_settingPath="Computer Configuration/Administrative Templates/Microsoft Edge/Cast" gpmc_settingDescription="Set this policy to true to show the Cast toolbar icon on the toolbar or the overflow menu. Users won&amp;#39;t be able to remove it.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this policy or if you disable it, users can pin or remove the icon by using its contextual menu.&lt;br/&gt;&lt;br/&gt;If you&amp;#39;ve also set the &amp;#39;EnableMediaRouter&amp;#39; (Enable Google Cast) policy to false, then this policy is ignored, and the toolbar icon isn&amp;#39;t shown." gpmc_supported="Microsoft Edge version 77, Windows 7 or later">Show the cast icon in the toolbar</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">System/Group Policy</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Configure Logon Script Delay" gpmc_settingPath="Computer Configuration/Administrative Templates/System/Group Policy" gpmc_settingDescription="&lt;br/&gt;        Enter “0” to disable Logon Script Delay.&lt;br/&gt;&lt;br/&gt;        This policy setting allows you to configure how long the Group Policy client waits after logon before running scripts.&lt;br/&gt;&lt;br/&gt;        By default, the Group Policy client waits five minutes before running logon scripts. This helps create a responsive desktop environment by preventing disk contention.&lt;br/&gt;&lt;br/&gt;        If you enable this policy setting, Group Policy will wait for the specified amount of time before running logon scripts.&lt;br/&gt;&lt;br/&gt;        If you disable this policy setting, Group Policy will run scripts immediately after logon.&lt;br/&gt;&lt;br/&gt;        If you do not configure this policy setting, Group Policy will wait five minutes before running logon scripts.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2012 R2, Windows 8.1 or Windows RT 8.1">Configure Logon Script Delay</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>minute:</td><td>1</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">System/Logon</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Show first sign-in animation " gpmc_settingPath="Computer Configuration/Administrative Templates/System/Logon" gpmc_settingDescription="This policy setting allows you to control whether users see the first sign-in animation when signing in to the computer for the first time.  This applies to both the first user of the computer who completes the initial setup and users who are added to the computer later.  It also controls if Microsoft account users will be offered the opt-in prompt for services during their first sign-in.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Microsoft account users will see the opt-in prompt for services, and users with other accounts will see the sign-in animation.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, users will not see the animation and Microsoft account users will not see the opt-in prompt for services.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, the user who completes the initial Windows setup will see the animation during their first sign-in. If the first user had already completed the initial setup and this policy setting is not configured, users new to this computer will not see the animation.&lt;br/&gt;&lt;br/&gt;        Note: The first sign-in animation will not be shown on Server, so this policy will have no effect.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2012, Windows 8 or Windows RT">Show first sign-in animation </span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">System/Troubleshooting and Diagnostics/Scheduled Maintenance</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Configure Scheduled Maintenance Behavior" gpmc_settingPath="Computer Configuration/Administrative Templates/System/Troubleshooting and Diagnostics/Scheduled Maintenance" gpmc_settingDescription="Determines whether scheduled diagnostics will run to proactively detect and resolve system problems.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, you must choose an execution level.  If you choose detection and troubleshooting only, Windows will periodically detect and troubleshoot problems.  The user will be notified of the problem for interactive resolution. &lt;br/&gt;&lt;br/&gt;If you choose detection, troubleshooting and resolution, Windows will resolve some of these problems silently without requiring user input.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Windows will not be able to detect, troubleshoot or resolve problems on a scheduled basis.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, local troubleshooting preferences will take precedence, as configured in the control panel.  If no local troubleshooting preference is configured, scheduled diagnostics are enabled for detection, troubleshooting and resolution by default.&lt;br/&gt;&lt;br/&gt;No reboots or service restarts are required for this policy to take effect: changes take effect immediately.&lt;br/&gt;&lt;br/&gt;This policy setting will only take effect when the Task Scheduler service is in the running state.  When the service is stopped or disabled, scheduled diagnostics will not be executed.  The Task Scheduler service can be configured with the Services snap-in to the Microsoft Management Console." gpmc_supported="At least Windows Server 2008 R2 or Windows 7">Configure Scheduled Maintenance Behavior</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/App Privacy</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access account information" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access account information.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access account information by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access account information and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access account information and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access account information by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access account information</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access an eye tracker device" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access the eye tracker.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access the eye tracker by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access the eye tracker and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access the eye tracker and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access the eye tracker by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access an eye tracker device</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access call history" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access call history.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access call history by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access the call history and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access the call history and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access the call history by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access call history</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access contacts" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access contacts.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access contacts by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access contacts and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access contacts and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access contacts by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access contacts</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access diagnostic information about other apps" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can get diagnostic information about other Windows apps, including user name.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can get diagnostic information about other apps using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to get diagnostic information about other apps and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to get diagnostic information about other apps and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can get diagnostic information about other apps by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10 Version 1703">Let Windows apps access diagnostic information about other apps</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access email" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access email.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access email by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access email and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access email and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access email by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access email</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access location" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access location.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access location by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access location and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access location and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access location by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access location</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access messaging" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can read or send messages (text or MMS).&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can read or send messages by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps can read or send messages and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps cannot read or send messages and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can read or send messages by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access messaging</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access motion" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access motion data.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access motion data by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access motion data and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access motion data and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access motion data by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access motion</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access notifications" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access notifications.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access notifications by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access notifications and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access notifications and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access notifications by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access notifications</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access Tasks" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access tasks.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access tasks by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access tasks and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access tasks and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access tasks by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access Tasks</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access the calendar" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access the calendar.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access the calendar by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access the calendar and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access the calendar and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access the calendar by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access the calendar</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access the camera" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access the camera.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access the camera by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access the camera and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access the camera and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access the camera by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access the camera</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access the microphone" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access the microphone.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access the microphone by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access the microphone and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access the microphone and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access the microphone by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access the microphone</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Allow</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps access trusted devices" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can access trusted devices.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can access trusted devices by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to access trusted devices and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to access trusted devices and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access trusted devices by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps access trusted devices</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps communicate with unpaired devices" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can communicate with unpaired wireless devices.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can communicate with unpaired wireless devices by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to communicate with unpaired wireless devices and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to communicate with unpaired wireless devices and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can communicate with unpaired wireless devices by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps communicate with unpaired devices</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps control radios" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps have access to control radios.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps have access to control radios by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps will have access to control radios and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps will not have access to control radios and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps have access to control radios by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps control radios</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps make phone calls" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can make phone calls.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can make phone calls by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to make phone calls and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to make phone calls and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can make phone calls by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps make phone calls</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Let Windows apps run in the background" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/App Privacy" gpmc_settingDescription="This policy setting specifies whether Windows apps can run in the background.&lt;br/&gt;&lt;br/&gt;You can specify either a default setting for all apps or a per-app setting by specifying a Package Family Name. You can get the Package Family Name for an app by using the Get-AppPackage Windows PowerShell cmdlet. A per-app setting overrides the default setting.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;User is in control&amp;quot; option, employees in your organization can decide whether Windows apps can run in the background by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Allow&amp;quot; option, Windows apps are allowed to run in the background and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you choose the &amp;quot;Force Deny&amp;quot; option, Windows apps are not allowed to run in the background and employees in your organization cannot change it.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can run in the background by using Settings &amp;gt; Privacy on the device.&lt;br/&gt;&lt;br/&gt;If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Let Windows apps run in the background</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Default for all apps:</td><td>Force Deny</td></tr>
<tr><td colspan="2">Put user in control of these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force allow these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
<tr><td colspan="2">Force deny these specific apps (use Package Family Names):</td></tr><tr><td></td><td></td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Application Compatibility</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Application Telemetry" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Application Compatibility" gpmc_settingDescription="The policy controls the state of the Application Telemetry engine in the system.&lt;br/&gt;&lt;br/&gt;Application Telemetry is a mechanism that tracks anonymous usage of specific Windows system components by applications.&lt;br/&gt;&lt;br/&gt;Turning Application Telemetry off by selecting &amp;quot;enable&amp;quot; will stop the collection of usage data.&lt;br/&gt;&lt;br/&gt;If the customer Experience Improvement program is turned off, Application Telemetry will be turned off regardless of how this policy is set.&lt;br/&gt;&lt;br/&gt;Disabling telemetry will take effect on any newly launched applications. To ensure that telemetry collection has stopped for all applications, please reboot your machine." gpmc_supported="At least Windows Server 2008 R2 or Windows 7">Turn off Application Telemetry</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Inventory Collector" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Application Compatibility" gpmc_settingDescription="This policy setting controls the state of the Inventory Collector.      &lt;br/&gt;&lt;br/&gt;The Inventory Collector inventories applications, files, devices, and drivers on the system and sends the information to Microsoft.  This information is used to help diagnose compatibility problems.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the Inventory Collector will be turned off and data will not be sent to Microsoft. Collection of installation data through the Program Compatibility Assistant is also disabled.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the Inventory Collector will be turned on.&lt;br/&gt;&lt;br/&gt;Note: This policy setting has no effect if the Customer Experience Improvement Program is turned off. The Inventory Collector will be off." gpmc_supported="At least Windows Server 2008 R2 or Windows 7">Turn off Inventory Collector</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Steps Recorder" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Application Compatibility" gpmc_settingDescription="This policy setting controls the state of Steps Recorder.&lt;br/&gt;&lt;br/&gt;Steps Recorder keeps a record of steps taken by the user. The data generated by Steps Recorder can be used in feedback systems such as Windows Error Reporting to help developers understand and fix problems. The data includes user actions such as keyboard input and mouse input, user interface data, and screen shots.  Steps Recorder includes an option to turn on and off data collection.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Steps Recorder will be disabled.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, Steps Recorder will be enabled." gpmc_supported="At least Windows Server 2008 R2 or Windows 7">Turn off Steps Recorder</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Cloud Content</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Do not show Windows tips" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Cloud Content" gpmc_settingDescription="This policy setting prevents Windows tips from being shown to users.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users will no longer see Windows tips.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, users may see contextual popups explaining how to use Windows. Microsoft uses diagnostic data to determine which tips to show.&lt;br/&gt;&lt;br/&gt;Note: If you disable or do not configure this policy setting, but enable the &amp;quot;Computer Configuration\Administrative Templates\Windows Components\Data Collection and Preview Builds\Allow Telemetry&amp;quot; policy setting with a level of &amp;quot;Basic&amp;quot; or below, users may see a limited set of tips.&lt;br/&gt;Also, this setting only applies to Enterprise and Education SKUs." gpmc_supported="At least Windows 10">Do not show Windows tips</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Microsoft consumer experiences" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Cloud Content" gpmc_settingDescription="This policy setting turns off experiences that help consumers make the most of their devices and Microsoft account.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users will no longer see personalized recommendations from Microsoft and notifications about their Microsoft account.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, users may see suggestions from Microsoft and notifications about their Microsoft account.&lt;br/&gt;&lt;br/&gt;Note: This setting only applies to Enterprise and Education SKUs." gpmc_supported="At least Windows 10">Turn off Microsoft consumer experiences</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Data Collection and Preview Builds</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow Diagnostic Data" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Data Collection and Preview Builds" gpmc_settingDescription="By configuring this policy setting you can adjust what diagnostic data is collected from Windows. This policy setting also restricts the user from increasing the amount of diagnostic data collection via the Settings app. The diagnostic data collected under this policy impacts the operating system and apps that are considered part of Windows and does not apply to any additional apps installed by your organization.&lt;br/&gt;&lt;br/&gt;    - Diagnostic data off (not recommended). Using this value, no diagnostic data is sent from the device. This value is only supported on Enterprise, Education, and Server editions.&lt;br/&gt;    - Send required diagnostic data. This is the minimum diagnostic data necessary to keep Windows secure, up to date, and performing as expected. Using this value disables the &amp;quot;Optional diagnostic data&amp;quot; control in the Settings app.&lt;br/&gt;    - Send optional diagnostic data. Additional diagnostic data is collected that helps us to detect, diagnose and fix issues, as well as make product improvements. Required diagnostic data will always be included when you choose to send optional diagnostic data.  Optional diagnostic data can also include diagnostic log files and crash dumps. Use the &amp;quot;Limit Dump Collection&amp;quot; and the &amp;quot;Limit Diagnostic Log Collection&amp;quot; policies for more granular control of what optional diagnostic data is sent.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the device will send required diagnostic data and the end user can choose whether to send optional diagnostic data from the Settings app.&lt;br/&gt;&lt;br/&gt;Note:&lt;br/&gt;The &amp;quot;Configure diagnostic data opt-in settings user interface&amp;quot; group policy can be used to prevent end users from changing their data collection settings.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2016, Windows 10">Allow Diagnostic Data</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td></td><td>Send required diagnostic data</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Do not show feedback notifications" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Data Collection and Preview Builds" gpmc_settingDescription="This policy setting allows an organization to prevent its devices from showing feedback questions from Microsoft.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users will no longer see feedback notifications through the Windows Feedback app.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, users may see notifications through the Windows Feedback app asking users for feedback.&lt;br/&gt;&lt;br/&gt;Note: If you disable or do not configure this policy setting, users can control how often they receive feedback questions." gpmc_supported="At least Windows Server 2016, Windows 10">Do not show feedback notifications</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Location and Sensors</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off location" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Location and Sensors" gpmc_settingDescription="&lt;br/&gt;        This policy setting turns off the location feature for this computer.&lt;br/&gt;&lt;br/&gt;        If you enable this policy setting, the location feature is turned off, and all programs on this computer are prevented from using location information from the location feature.&lt;br/&gt;&lt;br/&gt;        If you disable or do not configure this policy setting, all programs on this computer will not be prevented from using location information from the location feature.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2008 R2 or Windows 7">Turn off location</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off sensors" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Location and Sensors" gpmc_settingDescription="&lt;br/&gt;        This policy setting turns off the sensor feature for this computer.&lt;br/&gt;&lt;br/&gt;        If you enable this policy setting, the sensor feature is turned off, and all programs on this computer cannot use the sensor feature.&lt;br/&gt;&lt;br/&gt;        If you disable or do not configure this policy setting, all programs on this computer can use the sensor feature.&lt;br/&gt;      " gpmc_supported="At least Windows Server 2008 R2 or Windows 7">Turn off sensors</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Microsoft Defender Antivirus</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Microsoft Defender Antivirus" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Microsoft Defender Antivirus" gpmc_settingDescription="This policy setting turns off Microsoft Defender Antivirus.&lt;br/&gt;    &lt;br/&gt;    If you enable this policy setting, Microsoft Defender Antivirus does not run, and will not scan computers for malware or other potentially unwanted software.&lt;br/&gt;&lt;br/&gt;    If you disable this policy setting, Microsoft Defender Antivirus will run regardless of any other installed antivirus product.&lt;br/&gt;&lt;br/&gt;    If you do not configure this policy setting, Windows will internally manage Microsoft Defender Antivirus. If you install another antivirus program, Windows automatically disables Microsoft Defender Antivirus. Otherwise, Microsoft Defender Antivirus will scan your computers for malware and other potentially unwanted software.&lt;br/&gt;&lt;br/&gt;    Enabling or disabling this policy may lead to unexpected or unsupported behavior. It is recommended that you leave this policy setting unconfigured." gpmc_supported="At least Windows Vista">Turn off Microsoft Defender Antivirus</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Microsoft Defender Antivirus/Client Interface</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Enable headless UI mode" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Microsoft Defender Antivirus/Client Interface" gpmc_settingDescription="&lt;br/&gt;        This policy setting allows you to configure whether or not to display AM UI to the users.&lt;br/&gt;        If you enable this setting AM UI won&amp;#39;t be available to users.&lt;br/&gt;    " gpmc_supported="At least Windows Vista">Enable headless UI mode</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Microsoft Edge</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Configure Password Manager" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Microsoft Edge" gpmc_settingDescription="This policy setting lets you decide whether employees can save their passwords locally, using Password Manager. By default, Password Manager is turned on.&lt;br/&gt;&lt;br/&gt;If you enable this setting, employees can use Password Manager to save their passwords locally.&lt;br/&gt;&lt;br/&gt;If you disable this setting, employees can&amp;#39;t use Password Manager to save their passwords locally.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this setting, employees can choose whether to use Password Manager to save their passwords locally." gpmc_supported="Microsoft Edge on Windows 10 or later">Configure Password Manager</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/News and interests</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Enable news and interests on the taskbar" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/News and interests" gpmc_settingDescription="This policy setting specifies whether news and interests is allowed on the device." gpmc_supported="At least Windows Server 2016, Windows 10">Enable news and interests on the taskbar</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/OneDrive</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent the usage of OneDrive for file storage" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/OneDrive" gpmc_settingDescription="This policy setting lets you prevent apps and features from working with files on OneDrive.&lt;br/&gt;If you enable this policy setting:&lt;br/&gt;&lt;br/&gt;* Users can’t access OneDrive from the OneDrive app and file picker.&lt;br/&gt;* Windows Store apps can’t access OneDrive using the WinRT API.&lt;br/&gt;* OneDrive doesn’t appear in the navigation pane in File Explorer.&lt;br/&gt;* OneDrive files aren’t kept in sync with the cloud.&lt;br/&gt;* Users can’t automatically upload photos and videos from the camera roll folder.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, apps and features can work with OneDrive file storage." gpmc_supported="At least Windows Server 2008 R2 or Windows 7">Prevent the usage of OneDrive for file storage</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Online Assistance</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Active Help" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Online Assistance" gpmc_settingDescription="This policy setting specifies whether active content links in trusted assistance content are rendered.  By default, the Help viewer renders trusted assistance content with active elements such as ShellExecute links and Guided Help links.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, active content links are not rendered. The text is displayed, but there are no clickable links for these elements.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the default behavior applies (Help viewer renders trusted assistance content with active elements)." gpmc_supported="At least Windows Vista">Turn off Active Help</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Remove Windows Security item from Start menu" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment" gpmc_settingDescription="Specifies whether to remove the Windows Security item from the Settings menu on Remote Desktop clients. You can use this setting to prevent inexperienced users from logging off from Remote Desktop Services inadvertently.&lt;br/&gt;&lt;br/&gt;If the status is set to Enabled, Windows Security does not appear in Settings on the Start menu. As a result, users must type a security attention sequence, such as CTRL+ALT+END, to open the Windows Security dialog box on the client computer.&lt;br/&gt;&lt;br/&gt;If the status is set to Disabled or Not Configured, Windows Security remains in the Settings menu." gpmc_supported="At least Windows 2000 Terminal Services">Remove Windows Security item from Start menu</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Search</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow Cortana" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Search" gpmc_settingDescription="This policy setting specifies whether Cortana is allowed on the device. &lt;br/&gt;&amp;#160;&lt;br/&gt;If you enable or don&amp;#39;t configure this setting, Cortana will be allowed on the device. If you disable this setting, Cortana will be turned off. &lt;br/&gt;&amp;#160;&lt;br/&gt;When Cortana is off, users will still be able to use search to find things on the device." gpmc_supported="At least Windows Server 2016, Windows 10">Allow Cortana</span></td><td>Disabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow Cortana above lock screen" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Search" gpmc_settingDescription="This policy setting determines whether or not the user can interact with Cortana using speech while the system is locked.&lt;br/&gt;&lt;br/&gt;If you enable or don’t configure this setting, the user can interact with Cortana using speech while the system is locked.&lt;br/&gt;&lt;br/&gt;If you disable this setting, the system will need to be unlocked for the user to interact with Cortana using speech." gpmc_supported="At least Windows Server 2016, Windows 10">Allow Cortana above lock screen</span></td><td>Disabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Do not allow web search" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Search" gpmc_settingDescription="Enabling this policy removes the option of searching the Web from Windows Desktop Search.&lt;br/&gt;&lt;br/&gt;When this policy is disabled or not configured, the Web option is available and users can search the Web via their default browser search engine." gpmc_supported="Microsoft Windows XP, or Windows Server 2003 with Windows Search version 3.01 or later">Do not allow web search</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Don&amp;#39;t search the web or display web results in Search" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Search" gpmc_settingDescription="This policy setting allows you to control whether or not Search can perform queries on the web, if web results are displayed in Search, and if search highlights are shown in the search box and in search home.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, queries won&amp;#39;t be performed on the web, web results won&amp;#39;t be displayed when a user performs a query in Search, and search highlights will not be shown in the search box and in search home.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, queries will be performed on the web, web results will be displayed when a user performs a query in Search, and search highlights will be shown in the search box and in search home.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this policy setting, a user can choose whether or not Search can perform queries on the web, and if the web results are displayed in Search, and if search highlights are shown in the search box and in search home." gpmc_supported="Microsoft Windows 8.1 or later">Don&#39;t search the web or display web results in Search</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Fully disable Search UI" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Search" gpmc_settingDescription="If you enable this policy, the Search UI will be disabled along with all its entry points, such as keyboard shortcuts, touchpad gestures, and type-to-search in the Start menu. The Start menu&amp;#39;s search box and Search Taskbar button will also be hidden.&lt;br/&gt;&lt;br/&gt;If you disable or don&amp;#39;t configure this policy setting, the user will be able to open the Search UI and its different entry points will be shown." gpmc_supported="Windows 11 SE">Fully disable Search UI</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Security Center</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on Security Center (Domain PCs only)" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Security Center" gpmc_settingDescription="This policy setting specifies whether Security Center is turned on or off for computers that are joined to an Active Directory domain. When Security Center is turned on, it monitors essential security settings and notifies the user when the computer might be at risk. The Security Center Control Panel category view also contains a status section, where the user can get recommendations to help increase the computer&amp;#39;s security. When Security Center is not enabled on the domain, neither the notifications nor the Security Center status section are displayed. &lt;br/&gt;&lt;br/&gt;Note that Security Center can only be turned off for computers that are joined to a Windows domain. When a computer is not joined to a Windows domain, the policy setting will have no effect.&lt;br/&gt;&lt;br/&gt;If you do not congifure this policy setting, the Security Center is turned off for domain members. &lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Security Center is turned on for all users. &lt;br/&gt;&lt;br/&gt;If you disable this policy setting, Security Center is turned off for domain members.&lt;br/&gt;&lt;br/&gt;Windows XP SP2&lt;br/&gt;----------------------&lt;br/&gt;In Windows XP SP2, the essential security settings that are monitored by Security Center include firewall, antivirus, and Automatic Updates.  Note that Security Center might not be available following a change to this policy setting until after the computer is restarted for Windows XP SP2 computers. &lt;br/&gt;&lt;br/&gt;Windows Vista&lt;br/&gt;---------------------&lt;br/&gt;In Windows Vista, this policy setting monitors essential security settings to include firewall, antivirus, antispyware, Internet security settings, User Account Control, and Automatic Updates. Windows Vista computers do not require a reboot for this policy setting to take effect." gpmc_supported="At least Windows Server 2003 operating systems or Windows XP Professional">Turn on Security Center (Domain PCs only)</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Store</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Disable all apps from Microsoft Store " gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Store" gpmc_settingDescription="Disable&amp;#160;turns off the launch of all apps from the Microsoft Store that came pre-installed or were downloaded. Apps will not be updated. Your Store will also be disabled.&amp;#160;Enable&amp;#160;turns all of it back on. This setting applies only to Enterprise and Education editions of Windows." gpmc_supported="At least Windows Server 2016, Windows 10">Disable all apps from Microsoft Store </span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Automatic Download and Install of updates" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Store" gpmc_settingDescription="Enables or disables the automatic download and installation of app updates.&lt;br/&gt;&lt;br/&gt;If you enable this setting, the automatic download and installation of app updates is turned off.&lt;br/&gt;&lt;br/&gt;If you disable this setting, the automatic download and installation of app updates is turned on.&lt;br/&gt;&lt;br/&gt;If you don&amp;#39;t configure this setting, the automatic download and installation of app updates is determined by a registry setting that the user can change using Settings in the Microsoft Store." gpmc_supported="At least Windows Server 2012 R2, Windows 8.1 or Windows RT 8.1">Turn off Automatic Download and Install of updates</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off the offer to update to the latest version of Windows" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Store" gpmc_settingDescription="Enables or disables the Store offer to update to the latest version of Windows.&lt;br/&gt;&lt;br/&gt;If you enable this setting, the Store application will not offer updates to the latest version of Windows.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this setting the Store application will offer updates to the latest version of Windows." gpmc_supported="At least Windows Server 2012, Windows 8 or Windows RT">Turn off the offer to update to the latest version of Windows</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off the Store application" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Store" gpmc_settingDescription="Denies or allows access to the Store application.&lt;br/&gt;&lt;br/&gt;If you enable this setting, access to the Store application is denied. Access to the Store is required for installing app updates.&lt;br/&gt;&lt;br/&gt;If you disable or don&amp;#39;t configure this setting, access to the Store application is allowed." gpmc_supported="At least Windows Server 2012, Windows 8 or Windows RT">Turn off the Store application</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Sync your settings</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Do not sync" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Sync your settings" gpmc_settingDescription="Prevent syncing to and from this PC.  This turns off and disables the &amp;quot;sync your settings&amp;quot; switch on the &amp;quot;sync your settings&amp;quot; page in PC Settings.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, &amp;quot;sync your settings&amp;quot; will be turned off, and none of the &amp;quot;sync your setting&amp;quot; groups will be synced on this PC.&lt;br/&gt;&lt;br/&gt;Use the option &amp;quot;Allow users to turn syncing on&amp;quot; so that syncing it turned off by default but not disabled.&lt;br/&gt;&lt;br/&gt;If you do not set or disable this setting, &amp;quot;sync your settings&amp;quot; is on by default and configurable by the user." gpmc_supported="At least Windows Server 2012, Windows 8 or Windows RT">Do not sync</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow users to turn syncing on.</td><td>Disabled</td></tr>
</table></td></tr><tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Do not sync personalize" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Sync your settings" gpmc_settingDescription="Prevent the &amp;quot;personalize&amp;quot; group from syncing to and from this PC.  This turns off and disables the &amp;quot;personalize&amp;quot; group on the &amp;quot;sync your settings&amp;quot; page in PC settings.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the &amp;quot;personalize&amp;quot; group will not be synced.&lt;br/&gt;&lt;br/&gt;Use the option &amp;quot;Allow users to turn personalize syncing on&amp;quot; so that syncing it turned off by default but not disabled.&lt;br/&gt;&lt;br/&gt;If you do not set or disable this setting, syncing of the &amp;quot;personalize&amp;quot; group is on by default and configurable by the user." gpmc_supported="At least Windows Server 2012, Windows 8 or Windows RT">Do not sync personalize</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Allow users to turn &quot;personalize&quot; syncing on.</td><td>Disabled</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Widgets</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow widgets" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Widgets" gpmc_settingDescription="This policy specifies whether the widgets feature is allowed on the device.&lt;br/&gt;Widgets will be turned on by default unless you change this in your settings.&lt;br/&gt;If you turned this feature on before, it will stay on automatically unless you turn it off." gpmc_supported="At least Windows 10">Allow widgets</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows Error Reporting</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Disable Windows Error Reporting" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Error Reporting" gpmc_settingDescription="This policy setting turns off Windows Error Reporting, so that reports are not collected or sent to either Microsoft or internal servers within your organization when software unexpectedly stops working or fails.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Windows Error Reporting does not send any problem information to Microsoft. Additionally, solution information is not available in Security and Maintenance in Control Panel.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the Turn off Windows Error Reporting policy setting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings takes precedence. If Turn off Windows Error Reporting is also either disabled or not configured, user settings in Control Panel for Windows Error Reporting are applied." gpmc_supported="At least Windows Vista">Disable Windows Error Reporting</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows Game Recording and Broadcasting</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Enables or disables Windows Game Recording and Broadcasting" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Game Recording and Broadcasting" gpmc_settingDescription="Windows Game Recording and Broadcasting.&lt;br/&gt;&lt;br/&gt;This setting enables or disables the Windows Game Recording and Broadcasting features. If you disable this setting, Windows Game Recording will not be allowed.&lt;br/&gt;If the setting is enabled or not configured, then Recording and Broadcasting (streaming) will be allowed.&lt;br/&gt; " gpmc_supported="At least Windows 10">Enables or disables Windows Game Recording and Broadcasting</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows Hello for Business</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Use Windows Hello for Business" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Hello for Business" gpmc_settingDescription="Windows Hello for Business is an alternative method for signing into Windows using your Active Directory or Azure Active Directory account that can replace passwords, Smart Cards, and Virtual Smart Cards.&lt;br/&gt;&lt;br/&gt;If you enable this policy, the device provisions Windows Hello for Business using keys or certificates for all users.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the device does not provision Windows Hello for Business for any user.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, users can provision Windows Hello for Business as a convenience credential that encrypts their domain password.&lt;br/&gt;&lt;br/&gt;Select &amp;quot;Do not start Windows Hello provisioning after sign-in&amp;quot; when you use a third-party solution to provision Windows Hello for Business.&lt;br/&gt;&lt;br/&gt;If you select &amp;quot;Do not start Windows Hello provisioning after sign-in&amp;quot;, Windows Hello for Business does not automatically start provisioning after the user has signed in.&lt;br/&gt;&lt;br/&gt;If you do not select &amp;quot;Do not start Windows Hello provisioning after sign-in&amp;quot;, Windows Hello for Business automatically starts provisioning after the user has signed in.&lt;br/&gt;&lt;br/&gt;        " gpmc_supported="At least Windows 10">Use Windows Hello for Business</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows Ink Workspace</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Allow suggested apps in Windows Ink Workspace" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Ink Workspace" gpmc_settingDescription="Allow suggested apps in Windows Ink Workspace" gpmc_supported="At least Windows 10 Redstone">Allow suggested apps in Windows Ink Workspace</span></td><td>Disabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows Mail</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Windows Mail application" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Mail" gpmc_settingDescription="Denies or allows access to the Windows Mail application.&lt;br/&gt;&lt;br/&gt;If you enable this setting, access to the Windows Mail application is denied.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this setting, access to the Windows Mail application is allowed." gpmc_supported="At least Windows Vista">Turn off Windows Mail application</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows Media Player</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Do Not Show First Use Dialog Boxes" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Media Player" gpmc_settingDescription="This policy setting allows you to prevent the anchor window from being displayed when Windows Media Player is in skin mode.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the anchor window is hidden when the Player is in skin mode. In addition, the option on the Player tab in the Player that enables users to choose whether the anchor window displays is not available.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, users can show or hide the anchor window when the Player is in skin mode by using the Player tab in the Player.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, and the &amp;quot;Set and lock skin&amp;quot; policy setting is enabled, some options in the anchor window are not available." gpmc_supported="Windows Media Player 9 Series and later.">Do Not Show First Use Dialog Boxes</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent Automatic Updates" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Media Player" gpmc_settingDescription="This policy setting allows you to turn off do not show first use dialog boxes.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the Privacy Options and Installation Options dialog boxes are prevented from being displayed the first time a user starts Windows Media Player.&lt;br/&gt;&lt;br/&gt;This policy setting prevents the dialog boxes which allow users to select privacy, file types, and other desktop options from being displayed when the Player is first started. Some of the options can be configured by using other Windows Media Player group policies.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the dialog boxes are displayed when the user starts the Player for the first time." gpmc_supported="Windows Media Player 9 Series and later.">Prevent Automatic Updates</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent Desktop Shortcut Creation" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Media Player" gpmc_settingDescription="This policy setting allows you to prevent a shortcut icon for the Player from being added to the user&amp;#39;s desktop.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, users cannot add the Player shortcut icon to their desktops.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, users can choose whether to add the Player shortcut icon to their desktops." gpmc_supported="Windows Media Player 9 Series and later.">Prevent Desktop Shortcut Creation</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent Media Sharing" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Media Player" gpmc_settingDescription="This policy setting allows you to prevent media sharing from Windows Media Player.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, any user on this computer is prevented from sharing digital media content from Windows Media Player with other computers and devices that are on the same network. Media sharing is disabled from Windows Media Player or from programs that depend on the Player&amp;#39;s media sharing feature.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, anyone using Windows Media Player can turn media sharing on or off." gpmc_supported="Windows Media Player 11 for Windows XP or Windows Media Player 11 for Windows Vista or later.">Prevent Media Sharing</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Prevent Quick Launch Toolbar Shortcut Creation" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Media Player" gpmc_settingDescription="This policy setting allows you to prevent a shortcut for the Player from being added to the Quick Launch bar.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the user cannot add the shortcut for the Player to the Quick Launch bar.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, the user can choose whether to add the shortcut for the Player to the Quick Launch bar." gpmc_supported="Windows Media Player 9 Series and later.">Prevent Quick Launch Toolbar Shortcut Creation</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows Messenger</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Do not allow Windows Messenger to be run" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Messenger" gpmc_settingDescription="This policy setting allows you to prevent Windows Messenger from running.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Windows Messenger does not run.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, Windows Messenger can be used.&lt;br/&gt;&lt;br/&gt;Note: If you enable this policy setting, Remote Assistance also cannot use Windows Messenger.&lt;br/&gt;&lt;br/&gt;Note: This policy setting is available under both Computer Configuration and User Configuration. If both are present, the Computer Configuration version of this policy setting takes precedence." gpmc_supported="At least Windows Server 2003 operating systems or Windows XP Professional">Do not allow Windows Messenger to be run</span></td><td>Enabled</td><td></td></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Do not automatically start Windows Messenger initially" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Messenger" gpmc_settingDescription="This policy setting prevents Windows Messenger from automatically running at logon. &lt;br/&gt;&lt;br/&gt;If you enable this policy setting, Windows Messenger is not loaded automatically when a user logs on.&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, Windows Messenger will be loaded automatically at logon.&lt;br/&gt;&lt;br/&gt;Note: This policy setting simply prevents Windows Messenger from running initially. If the user invokes and uses Windows Messenger from that point on, Windows Messenger will be loaded.&lt;br/&gt;&lt;br/&gt;The user can also configure this behavior on the Preferences tab on the Tools menu in the Windows Messenger user interface.&lt;br/&gt;&lt;br/&gt;Note: If you do not want users to use Windows Messenger, enable the &amp;quot;Do not allow Windows Messenger to run&amp;quot; policy setting.&lt;br/&gt;&lt;br/&gt;Note: This policy setting is available under both Computer Configuration and User Configuration. If both are present, the Computer Configuration version of this policy setting takes precedence." gpmc_supported="At least Windows Server 2003 operating systems or Windows XP Professional">Do not automatically start Windows Messenger initially</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows Mobility Center</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn off Windows Mobility Center" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Mobility Center" gpmc_settingDescription="This policy setting turns off Windows Mobility Center.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the user is unable to invoke Windows Mobility Center. The Windows Mobility Center UI is removed from all shell entry points and the .exe file does not launch it.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, the user is able to invoke Windows Mobility Center and the .exe file launches it.&lt;br/&gt;&lt;br/&gt;If you do not configure this policy setting, Windows Mobility Center is on by default." gpmc_supported="At least Windows Vista">Turn off Windows Mobility Center</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows PowerShell</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Turn on Script Execution" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows PowerShell" gpmc_settingDescription="This policy setting lets you configure the script execution policy, controlling which scripts are allowed to run.&lt;br/&gt;&lt;br/&gt;If you enable this policy setting, the scripts selected in the drop-down list are allowed to run.&lt;br/&gt;&lt;br/&gt;The &amp;quot;Allow only signed scripts&amp;quot; policy setting allows scripts to execute only if they are signed by a trusted publisher.&lt;br/&gt;&lt;br/&gt;The &amp;quot;Allow local scripts and remote signed scripts&amp;quot; policy setting allows any local scrips to run; scripts that originate from the Internet must be signed by a trusted publisher.&lt;br/&gt;&lt;br/&gt;The &amp;quot;Allow all scripts&amp;quot; policy setting allows all scripts to run.&lt;br/&gt;&lt;br/&gt;If you disable this policy setting, no scripts are allowed to run.&lt;br/&gt;&lt;br/&gt;Note: This policy setting exists under both &amp;quot;Computer Configuration&amp;quot; and &amp;quot;User Configuration&amp;quot; in the Local Group Policy Editor. The &amp;quot;Computer Configuration&amp;quot; has precedence over &amp;quot;User Configuration.&amp;quot;&lt;br/&gt;&lt;br/&gt;If you disable or do not configure this policy setting, it reverts to a per-machine preference setting; the default if that is not configured is &amp;quot;No scripts allowed.&amp;quot;" gpmc_supported="At least Microsoft Windows 7 or Windows Server 2008 family">Turn on Script Execution</span></td><td>Enabled</td><td></td></tr>
<tr><td colspan="3"><table class="subtable_frame" >
<tr><td>Execution Policy</td><td>Allow all scripts</td></tr>
</table></td></tr></table>
</div></div><div class="he3"><span class="sectionTitle" tabindex="0">Windows Components/Windows Security/Systray</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info3" >
<tr><th scope="col">Policy</th><th scope="col">Setting</th><th scope="col">Comment</th></tr>
<tr><td><span class="explainlink" tabindex="0" onkeypress="javascript:showExplainText(this); return false;" onclick="javascript:showExplainText(this); return false;" gpmc_settingName="Hide Windows Security Systray" gpmc_settingPath="Computer Configuration/Administrative Templates/Windows Components/Windows Security/Systray" gpmc_settingDescription="&lt;br/&gt;        This policy setting hides the Windows Security notification area control.&lt;br/&gt;&lt;br/&gt;        The user needs to either sign out and sign in or reboot the computer for this setting to take effect.&lt;br/&gt;&lt;br/&gt;        Enabled:&lt;br/&gt;        Windows Security notification area control will be hidden.&lt;br/&gt;&lt;br/&gt;        Disabled:&lt;br/&gt;        Windows Security notification area control will be shown.&lt;br/&gt;&lt;br/&gt;        Not configured:&lt;br/&gt;        Same as Disabled.&lt;br/&gt;    " gpmc_supported="At least Windows Server 2016, Windows 10 Version 1809">Hide Windows Security Systray</span></td><td>Enabled</td><td></td></tr>
</table>
</div></div></div></div><div class="filler"></div>
<div class="he1h_expanded"><span class="sectionTitle" tabindex="0">Preferences</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he1_expanded"><span class="sectionTitle" tabindex="0">Windows Settings</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he2"><span class="sectionTitle" tabindex="0">Files</span><a class="expando" href="#"></a></div>
        <div class="container"><div class="he3"><span class="sectionTitle" tabindex="0">File (Target Path: C:\Bin\DeleteXMLFilesAltitude.ps1)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4"><span class="sectionTitle" tabindex="0">DeleteXMLFilesAltitude.ps1 (Order: 1)</span><a class="expando" href="#"></a></div>
    <div class="container">
<div class="he4h"><span class="sectionTitle" tabindex="0">General</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info" >
<tr><td>Action</td><td>Replace</td></tr>
</table>
<b>Properties</b><table class="subtable" ><tr><td>Source file(s)</td><td>\\emea.tpg.ads\pt\Lisbon-CIT\Clients\Settings\GPO\Scripts\Altitude\DeleteXMLFilesAltitude.ps1</td></tr>
<tr><td>Destination file</td><td>C:\Bin\DeleteXMLFilesAltitude.ps1</td></tr>
<tr><td>Suppress errors on individual file actions</td><td>Disabled</td></tr>
</table><b>Attributes</b><table class="subtable" ><tr><td>Read-only</td><td>Disabled</td></tr>
<tr><td>Hidden</td><td>Disabled</td></tr>
<tr><td>Archive</td><td>Enabled</td></tr>
</table></div></div><div class="he4h"><span class="sectionTitle" tabindex="0">Common</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>Options</b><table class="subtable" ><tr><td>Stop processing items on this extension if an error occurs on this item</td><td>No</td></tr>
<tr><td>Remove this item when it is no longer applied</td><td>Yes</td></tr>
</table></div></div></div></div></div></div><div class="filler"></div>
<div class="he1_expanded"><span class="sectionTitle" tabindex="0">Control Panel Settings</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he2"><span class="sectionTitle" tabindex="0">Scheduled Tasks</span><a class="expando" href="#"></a></div>
        <div class="container"><div class="he3"><span class="sectionTitle" tabindex="0">Scheduled Task (At least Windows 7) (Name: AltitudeDeleteXMLFiles)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4"><span class="sectionTitle" tabindex="0">AltitudeDeleteXMLFiles (Order: 1)</span><a class="expando" href="#"></a></div>
    <div class="container">
<div class="he4h"><span class="sectionTitle" tabindex="0">General</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><table class="info" >
<tr><td>Action</td><td>Replace</td></tr>
</table>
<b>Task</b><table class="subtable" ><tr><td></td><td>Name  </td><td>AltitudeDeleteXMLFiles</td><td></td><td></td></tr>
<tr><td></td><td>Author  </td><td>EMEA\brighton.6-adm</td><td></td><td></td></tr>
<tr><td></td><td>Description  </td><td></td><td></td><td></td></tr>
<tr><td></td><td>Run only when user is logged on  </td><td>InteractiveToken</td><td></td><td></td></tr>
<tr><td></td><td>UserId  </td><td>%LogonDomain%\%LogonUser%</td><td></td><td></td></tr>
<tr><td></td><td>Run with highest privileges  </td><td>HighestAvailable</td><td></td><td></td></tr>
<tr><td></td><td>Hidden  </td><td>No</td><td></td><td></td></tr>
<tr><td></td><td>Configure for  </td><td>1.3</td><td></td><td></td></tr>
<tr><td></td><td>Enabled  </td><td>Yes</td><td></td><td></td></tr>
</table><b>Triggers</b><table class="subtable" ><tr><td>1. Run at user logon</td><td></td><td></td><td></td><td></td></tr>
<tr><td></td><td>Delay task for  </td><td>30 seconds</td><td></td><td></td></tr>
<tr><td></td><td>Activate  </td><td>2-7-2024 16:04:20</td><td>Synchronize across time zones  </td><td>No</td></tr>
<tr><td></td><td>Enabled  </td><td>Yes</td><td></td><td></td></tr>
<tr><td></td><td></td><td></td><td></td><td></td></tr>
</table><b>Actions</b><table class="subtable" ><tr><td>1. Start a program</td><td></td><td></td><td></td><td></td></tr>
<tr><td></td><td>Program/script  </td><td>%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe</td><td></td><td></td></tr>
<tr><td></td><td>Arguments  </td><td>-ExecutionPolicy Bypass -File &quot;C:\Bin\DeleteXMLFilesAltitude.ps1&quot;</td><td></td><td></td></tr>
</table><b>Settings</b><table class="subtable" ><tr><td></td><td>Stop if the computer ceases to be idle  </td><td>No</td><td></td><td></td></tr>
<tr><td></td><td>Restart if the idle state resumes  </td><td>No</td><td></td><td></td></tr>
<tr><td></td><td>Start the task only if the computer is on AC power  </td><td>No</td><td></td><td></td></tr>
<tr><td></td><td>Stop if the computer switches to battery power  </td><td>No</td><td></td><td></td></tr>
<tr><td></td><td>Allow task to be run on demand  </td><td>No</td><td></td><td></td></tr>
<tr><td></td><td>Stop task if it runs longer than  </td><td>2 hours</td><td></td><td></td></tr>
<tr><td></td><td>If the running task does not end when requested, force it to stop  </td><td>No</td><td></td><td></td></tr>
<tr><td></td><td>If the task is already running, then the following rule applies  </td><td>IgnoreNew</td><td></td><td></td></tr>
</table></div></div><div class="he4h"><span class="sectionTitle" tabindex="0">Common</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i"><b>Options</b><table class="subtable" ><tr><td>Stop processing items on this extension if an error occurs on this item</td><td>No</td></tr>
<tr><td>Remove this item when it is no longer applied</td><td>Yes</td></tr>
</table></div></div></div></div></div></div></div></div>
<div class="filler"></div>
<div class="he0_expanded"><span class="sectionTitle" tabindex="0">User Configuration (Disabled)</span><a class="expando" href="#"></a></div>
<div class="container"><div class="he4i">No settings defined.</div></div>
</body></html>