Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
ROBUH-PO-WIN-CU-DEFAULT DOMAIN POLICY-ANT
Data collected on: 2-9-2025 11:34:59
General
Details
Domainemea.tpg.ads
OwnerS-1-5-21-513466819-3096973226-347852806-612168
Created11-10-2023 11:44:32
Modified12-10-2023 09:03:38
User Revisions8 (AD), 8 (SYSVOL)
Computer Revisions131 (AD), 131 (SYSVOL)
Unique ID{e60ae29d-3c34-4f9d-8917-dbe8bdff8a6a}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
ANTNoEnabledemea.tpg.ads/RO/Systems/Clients/ANT

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\ROBU1VMANT01$
S-1-5-21-513466819-3096973226-347852806-1108829
S-1-5-21-513466819-3096973226-347852806-1504198
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\ROBU1VMANT01$Read (from Security Filtering)No
EMEA\RO-G-ORG-OU AdminsEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
S-1-5-21-513466819-3096973226-347852806-1108829Read (from Security Filtering)No
S-1-5-21-513466819-3096973226-347852806-1504198Read (from Security Filtering)No
S-1-5-21-513466819-3096973226-347852806-612168Edit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Account Policies/Password Policy
PolicySetting
Enforce password history13 passwords remembered
Maximum password age30 days
Minimum password age1 days
Minimum password length12 characters
Password must meet complexity requirementsEnabled
Store passwords using reversible encryptionDisabled
Account Policies/Account Lockout Policy
PolicySetting
Account lockout duration30 minutes
Account lockout threshold3 invalid logon attempts
Allow administrator account lockoutEnabled
Reset account lockout counter after30 minutes
Account Policies/Kerberos Policy
PolicySetting
Enforce user logon restrictionsEnabled
Maximum lifetime for service ticket600 minutes
Maximum lifetime for user ticket10 hours
Maximum lifetime for user ticket renewal7 days
Maximum tolerance for computer clock synchronization5 minutes
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess
Local Policies/User Rights Assignment
PolicySetting
Add workstations to domainEMEA\RO-G-ORG-Workstations Admins
Local Policies/Security Options
Interactive Logon
PolicySetting
Interactive logon: Don't display last signed-inEnabled
Interactive logon: Message text for users attempting to log onThis computer system (including all hardware, software, and peripheral equipment) is, the property of Teleperformance. Use of this computer system is restricted to official, Teleperformance business. Teleperformance reserves the right to monitor use of the, computer system at any time. Use of this system constitutes consent to such monitoring., Any unauthorized access, use, or modification of the computer system can result in civil, liability and/or criminal penalties.
Interactive logon: Message title for users attempting to log on""Property of Teleperformance""
Interactive logon: Prompt user to change password before expiration10 days
Microsoft Network Server
PolicySetting
Microsoft network server: Digitally sign communications (always)Enabled
Microsoft network server: Digitally sign communications (if client agrees)Enabled
Network Access
PolicySetting
Network access: Allow anonymous SID/Name translationDisabled
Network Security
PolicySetting
Network security: Do not store LAN Manager hash value on next password changeEnabled
Network security: Force logoff when logon hours expireDisabled
File System
%SystemRoot%\Web\Screen\img100.jpg
Do not allow permissions on this file or folder to be replaced
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy versionNot Configured
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Prevent changing lock screen and logon imageEnabled
Network/Network Connections/Windows Defender Firewall/Domain Profile
PolicySettingComment
Windows Defender Firewall: Protect all network connectionsDisabled
Network/Network Provider
PolicySettingComment
Hardened UNC PathsEnabled
Specify hardened network paths. In the name field, type a fully-qualified UNC path for each network resource. To secure all access to a share with a particular name, regardless of the server name, specify a server name of '*' (asterisk). For example, "\\*\NETLOGON". To secure all access to all shares hosted on a server, the share name portion of the UNC path may be omitted. For example, "\\SERVER". In the value field, specify one or more of the following options, separated by commas: 'RequireMutualAuthentication=1': Mutual authentication between the client and server is required to ensure the client connects to the correct server. 'RequireIntegrity=1': Communication between the client and server must employ an integrity mechanism to prevent data tampering. 'RequirePrivacy=1': Communication between the client and the server must be encrypted to prevent third parties from observing sensitive data.
Hardened UNC Paths: 
\\*\NETLOGONRequireMutualAuthentication=1, RequireIntegrity=1
\\*\SYSVOLRequireMutualAuthentication=1, RequireIntegrity=1
You should require both Integrity and Mutual Authentication for any UNC paths that host executable programs, script files, or files that control security policies. Consider hosting files that do not require Integrity or Privacy on separate shares from those that absolutely need such security for optimal performance. For additional details on configuring Windows computers to require additional security when accessing specific UNC paths, visit http://support.microsoft.com/kb/3000483.
System
PolicySettingComment
Display highly detailed status messagesEnabled
System/Group Policy
PolicySettingComment
Set Group Policy refresh interval for computersEnabled
This setting allows you to customize how often Group Policy is applied
to computers. The range is 0 to 44640 minutes (31 days).
Minutes:60
This is a random time added to the refresh interval to prevent
all clients from requesting Group Policy at the same time.
The range is 0 to 1440 minutes (24 hours)
Minutes:30
Windows Components/Windows Logon Options
PolicySettingComment
Display information about previous logons during user logonDisabled
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Personalization
PolicySettingComment
Enable screen saverEnabled
Force specific screen saverEnabled
Screen saver executable name\\robuhdrd01\ScreenSaver\ScreenSaver.scr
PolicySettingComment
Password protect the screen saverEnabled
Prevent changing screen saverEnabled
Screen saver timeoutEnabled
Number of seconds to wait to enable the screen saver
Seconds:60
Desktop/Desktop
PolicySettingComment
Desktop WallpaperEnabled
Wallpaper Name:\\ROBUHDRD01\Wallpaper\OPS\WallpaperDec2022.jpg
Example: Using a local path: C:\windows\web\wallpaper\home.jpg
Example: Using a UNC path: \\Server\Share\Corp.jpg
Wallpaper Style:Fit
System/Group Policy
PolicySettingComment
Set Group Policy refresh interval for usersEnabled
This setting allows you to customize how often Group Policy is applied
to users. The range is 0 to 44640 minutes (31 days).
Minutes:15
This is a random time added to the refresh interval to prevent
all clients from requesting Group Policy at the same time.
The range is 0 to 1440 minutes (24 hours)
Minutes:8