Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
ROBUH-PO-WIN-PCI SERVERS VMWARE
Data collected on: 2-9-2025 09:16:16
General
Details
Domainemea.tpg.ads
OwnerS-1-5-21-513466819-3096973226-347852806-300011
Created16-8-2018 09:39:06
Modified17-3-2025 11:56:46
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions60 (AD), 60 (SYSVOL)
Unique ID{9c92621c-0b3e-4946-bfaf-fc5197aba046}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
ServersYesEnabledemea.tpg.ads/RO/Systems/Servers

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\ROBU1BLUEJUMP01$CustomNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Account Policies/Account Lockout Policy
PolicySetting
Account lockout duration60 minutes
Account lockout threshold6 invalid logon attempts
Reset account lockout counter after60 minutes
Local Policies/Audit Policy
PolicySetting
Audit account logon eventsSuccess, Failure
Audit account managementSuccess, Failure
Audit directory service accessSuccess, Failure
Audit logon eventsSuccess, Failure
Audit object accessSuccess, Failure
Audit policy changeSuccess, Failure
Audit privilege useSuccess, Failure
Audit process trackingSuccess, Failure
Audit system eventsSuccess, Failure
Local Policies/User Rights Assignment
PolicySetting
Access this computer from the networkEveryone, NT AUTHORITY\Authenticated Users, BUILTIN\Administrators
Adjust memory quotas for a processBUILTIN\Administrators, NT AUTHORITY\LOCAL SERVICE, NT AUTHORITY\NETWORK SERVICE
Allow log on locallyBUILTIN\Administrators
Allow log on through Terminal ServicesBUILTIN\Administrators
Change the system timeBUILTIN\Administrators
Create a pagefileBUILTIN\Administrators
Deny access to this computer from the networkNT AUTHORITY\ANONYMOUS LOGON, BUILTIN\Guests
Force shutdown from a remote systemBUILTIN\Administrators
Generate security auditsNT AUTHORITY\LOCAL SERVICE, NT AUTHORITY\NETWORK SERVICE
Increase scheduling priorityBUILTIN\Administrators
Load and unload device driversBUILTIN\Administrators
Lock pages in memoryBUILTIN\Administrators
Manage auditing and security logBUILTIN\Administrators
Modify firmware environment valuesBUILTIN\Administrators
Perform volume maintenance tasksBUILTIN\Administrators
Profile single processBUILTIN\Administrators
Profile system performanceBUILTIN\Administrators
Remove computer from docking stationBUILTIN\Administrators
Restore files and directoriesBUILTIN\Administrators
Shut down the systemBUILTIN\Administrators
Take ownership of files or other objectsBUILTIN\Administrators
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Accounts: Limit local account use of blank passwords to console logon onlyEnabled
Accounts: Rename administrator account"Guardian"
Accounts: Rename guest account"GuestGuardian"
Audit
PolicySetting
Audit: Audit the access of global system objectsDisabled
Audit: Audit the use of Backup and Restore privilegeDisabled
Audit: Shut down system immediately if unable to log security auditsDisabled
Devices
PolicySetting
Devices: Allow undock without having to log onDisabled
Devices: Allowed to format and eject removable mediaAdministrators
Devices: Prevent users from installing printer driversEnabled
Devices: Restrict CD-ROM access to locally logged-on user onlyEnabled
Devices: Restrict floppy access to locally logged-on user onlyEnabled
Domain Controller
PolicySetting
Domain controller: Allow server operators to schedule tasksDisabled
Domain controller: Refuse machine account password changesDisabled
Domain Member
PolicySetting
Domain member: Digitally encrypt or sign secure channel data (always)Enabled
Domain member: Digitally encrypt secure channel data (when possible)Enabled
Domain member: Digitally sign secure channel data (when possible)Enabled
Domain member: Disable machine account password changesDisabled
Domain member: Require strong (Windows 2000 or later) session keyEnabled
Interactive Logon
PolicySetting
Interactive logon: Do not require CTRL+ALT+DELDisabled
Interactive logon: Don't display last signed-inEnabled
Interactive logon: Message text for users attempting to log onThis computer system (including all hardware, software, and peripheral equipment) is the property of Teleperformance. Use of this computer system is restricted to official Teleperformance business. Teleperformance reserves the right to monitor use of the computer system at any time. Use of this system constitutes consent to such monitoring. Any unauthorized access, use, or modification of the computer system can result in civil liability and/or criminal penalties.
Interactive logon: Message title for users attempting to log on"User Information"
Interactive logon: Number of previous logons to cache (in case domain controller is not available)0 logons
Interactive logon: Prompt user to change password before expiration14 days
Interactive logon: Require Domain Controller authentication to unlock workstationEnabled
Interactive logon: Require Windows Hello for Business or smart cardDisabled
Interactive logon: Smart card removal behaviorForce Logoff
Microsoft Network Client
PolicySetting
Microsoft network client: Digitally sign communications (always)Disabled
Microsoft network client: Digitally sign communications (if server agrees)Enabled
Microsoft network client: Send unencrypted password to third-party SMB serversDisabled
Microsoft Network Server
PolicySetting
Microsoft network server: Amount of idle time required before suspending session15 minutes
Microsoft network server: Digitally sign communications (always)Enabled
Microsoft network server: Digitally sign communications (if client agrees)Enabled
Microsoft network server: Disconnect clients when logon hours expireEnabled
Network Access
PolicySetting
Network access: Allow anonymous SID/Name translationDisabled
Network access: Do not allow anonymous enumeration of SAM accountsEnabled
Network access: Do not allow anonymous enumeration of SAM accounts and sharesEnabled
Network access: Do not allow storage of passwords and credentials for network authenticationEnabled
Network access: Let Everyone permissions apply to anonymous usersDisabled
Network access: Restrict anonymous access to Named Pipes and SharesEnabled
Network access: Shares that can be accessed anonymously
Network access: Sharing and security model for local accountsClassic - local users authenticate as themselves
Network Security
PolicySetting
Network security: Do not store LAN Manager hash value on next password changeEnabled
Network security: Force logoff when logon hours expireEnabled
Network security: LAN Manager authentication levelSend NTLMv2 response only. Refuse LM & NTLM
Network security: LDAP client signing requirementsRequire signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clientsEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Network security: Minimum session security for NTLM SSP based (including secure RPC) serversEnabled
Require NTLMv2 session securityEnabled
Require 128-bit encryptionEnabled
Recovery Console
PolicySetting
Recovery console: Allow automatic administrative logonDisabled
Recovery console: Allow floppy copy and access to all drives and all foldersDisabled
Shutdown
PolicySetting
Shutdown: Allow system to be shut down without having to log onDisabled
Shutdown: Clear virtual memory pagefileDisabled
System Cryptography
PolicySetting
System cryptography: Force strong key protection for user keys stored on the computerUser is prompted when the key is first used
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signingDisabled
System Objects
PolicySetting
System objects: Require case insensitivity for non-Windows subsystemsEnabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)Enabled
System Settings
PolicySetting
System settings: Optional subsystems
User Account Control
PolicySetting
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModeElevate without prompting
User Account Control: Detect application installations and prompt for elevationDisabled
User Account Control: Run all administrators in Admin Approval ModeDisabled
Other
PolicySetting
Interactive logon: Display user information when the session is lockedUser display name only
Interactive logon: Machine inactivity limit300 seconds
Registry Values
PolicySetting
MACHINE\Software\Microsoft\Driver Signing\Policy2
System Services
AeLookupSvc (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Alerter (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Application Layer Gateway Service (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Application Management (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
ASP.NET State Service (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Audio (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
BITS (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Browser (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
CiSvc (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
ClipSrv (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
clr_optimization_v2.0.50727_32 (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
COM+ System Application (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Cryptographic Services (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
DCOM Server Process Launcher (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Dfs (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
DHCP Client (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
dmadmin (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
dmserver (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
ERSvc (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Event Log (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
COM+ Event System (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
FontCache3.0.0.0 (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
helpsvc (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Human Interface Device Service (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
HTTPFilter (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
idsvc (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
ImapiService (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
IsmServ (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
kdc (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Server (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Workstation (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
LicenseService (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
TCP/IP NetBIOS Helper (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Messenger (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
mnmsrvc (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Distributed Transaction Coordinator (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Installer (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
NetDDE (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
NetDDEdsdm (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Netlogon (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Network Connections (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Net.Tcp Port Sharing Service (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Nla (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
NtFrs (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
NtLmSsp (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
NtmsSvc (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Plug and Play (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
IPsec Policy Agent (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
ProtectedStorage (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Access Auto Connection Manager (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Access Connection Manager (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
RDSessMgr (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Routing and Remote Access (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Registry (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Procedure Call (RPC) Locator (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Procedure Call (RPC) (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Resultant Set of Policy Provider (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Special Administration Console Helper (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Security Accounts Manager (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Smart Card (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Task Scheduler (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Secondary Logon (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
System Event Notification Service (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Internet Connection Sharing (ICS) (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Shell Hardware Detection (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
SNMP Service (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
SNMP Trap (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Print Spooler (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Image Acquisition (WIA) (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Microsoft Software Shadow Copy Provider (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
SysmonLog (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Telephony (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Desktop Services (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Themes (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
TlntSvr (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
TrkSvr (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Distributed Link Tracking Client (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Remote Desktop Connection Broker (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
UMWdf (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
UPS (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Virtual Disk (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Volume Shadow Copy (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Time (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
W3SVC (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
WebClient (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
WinHTTP Web Proxy Auto-Discovery Service (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Management Instrumentation (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
WmdmPmSN (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Wmi (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
WMI Performance Adapter (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Update (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
WZCSVC (Startup Mode: Automatic)
Permissions
No permissions specified
Auditing
No auditing specified
xmlprov (Startup Mode: Manual)
Permissions
No permissions specified
Auditing
No auditing specified
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVisual Basic Source File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified5-8-2013 08:26:02
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified5-8-2013 08:26:02
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.22
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateNot Configured
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNo
Log file pathNot Configured
Log file maximum size (KB)4096
Private Profile Settings
PolicySetting
Firewall stateNot Configured
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNo
Allow unicast responsesNot Configured
Log dropped packetsYes
Log successful connectionsNo
Log file pathNot Configured
Log file maximum size (KB)4096
Public Profile Settings
PolicySetting
Firewall stateNot Configured
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNo
Allow unicast responsesNot Configured
Log dropped packetsYes
Log successful connectionsNo
Log file pathNot Configured
Log file maximum size (KB)4096
Connection Security Settings
Advanced Audit Configuration
Object Access
PolicySetting
Audit Filtering Platform ConnectionFailure
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Network/Network Connections/Windows Defender Firewall/Domain Profile
PolicySettingComment
Windows Defender Firewall: Allow loggingEnabled
Log dropped packets 
Log successful connectionsDisabled
Log file path and name: 
Size limit (KB):4096
System/Removable Storage Access
PolicySettingComment
All Removable Storage classes: Deny all accessDisabled
System/Windows Time Service/Time Providers
PolicySettingComment
Configure Windows NTP ClientEnabled
NtpServerROBUHEMEADC01.emea.tpg.ads,0x1 ROBUHEMEADC02.emea.tpg.ads,0x1
TypeNTP
CrossSiteSyncFlags2
ResolvePeerBackoffMinutes15
ResolvePeerBackoffMaxTimes7
SpecialPollInterval600
EventLogFlags0
PolicySettingComment
Enable Windows NTP ClientEnabled
Windows Components/AutoPlay Policies
PolicySettingComment
Disallow Autoplay for non-volume devicesEnabled
Set the default behavior for AutoRunEnabled
Default AutoRun BehaviorDo not execute any autorun commands
PolicySettingComment
Turn off AutoplayEnabled
Turn off Autoplay on:All drives
Windows Components/Event Log Service/Application
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/Event Log Service/Security
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/Event Log Service/Setup
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/Event Log Service/System
PolicySettingComment
Control Event Log behavior when the log file reaches its maximum sizeDisabled
Specify the maximum log file size (KB)Enabled
Maximum Log Size (KB)20480
Windows Components/Internet Explorer/Internet Control Panel/Advanced Page
PolicySettingComment
Turn off encryption supportEnabled
Secure Protocol combinationsOnly use TLS 1.2
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Security
PolicySettingComment
Require use of specific security layer for remote (RDP) connectionsEnabled
Security LayerSSL
Choose the security layer from the drop-down list.
PolicySettingComment
Require user authentication for remote connections by using Network Level AuthenticationEnabled
Set client connection encryption levelEnabled
Encryption LevelHigh Level
Choose the encryption level from the drop-down list.
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Session Time Limits
PolicySettingComment
Set time limit for active but idle Remote Desktop Services sessionsEnabled
Idle session limit:15 minutes
Preferences
Windows Settings
Registry
DisableServerHeader (Order: 1)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\HTTP\Parameters
Value nameDisableServerHeader
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
CWDIllegalInDllSearch (Order: 2)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Session Manager
Value nameCWDIllegalInDllSearch
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
IgnoreCRL (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Wow6432Node\Secunia\CSI Agent
Value nameIgnoreCRL
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
restrictanonymous (Order: 4)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\Lsa
Value namerestrictanonymous
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ScreenSaveActive (Order: 5)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER (HKU\.DEFAULT)
Key pathControl Panel\Desktop
Value nameScreenSaveActive
Value typeREG_SZ
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ScreenSaveIsSecure (Order: 6)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER (HKU\.DEFAULT)
Key pathControl Panel\Desktop
Value nameScreenSaveIsSecure
Value typeREG_SZ
Value data1
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ScreenSaveTimeOut (Order: 7)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER (HKU\.DEFAULT)
Key pathControl Panel\Desktop
Value nameScreenSaveTimeOut
Value typeREG_SZ
Value data1800
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
SCRNSAVE.EXE (Order: 8)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER (HKU\.DEFAULT)
Key pathControl Panel\Desktop
Value nameSCRNSAVE.EXE
Value typeREG_SZ
Value dataC:\Windows\system32\scrnsave.scr
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NoCDBurning (Order: 9)
General
ActionUpdate
Properties
HiveHKEY_CURRENT_USER (HKU\.DEFAULT)
Key pathSoftware\Microsoft\Windows\CurrentVersion\Policies\Explorer
Value nameNoCDBurning
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
ForceEncryptedData (Order: 10)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\RasMan\PPP
Value nameForceEncryptedData
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
SecureVPN (Order: 11)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\RasMan\PPP
Value nameSecureVPN
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 12)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\AES 128/128
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 13)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\AES 256/256
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 14)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56/56
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 15)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\NULL
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 16)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 128/128
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 17)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40/128
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 18)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 56/128
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 19)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 128/128
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 20)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 21)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 22)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 64/128
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 23)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\MD5
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 24)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 25)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA256
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 26)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA384
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 27)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Hashes\SHA512
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 28)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\Diffie-Hellman
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 29)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\ECDH
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 30)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\KeyExchangeAlgorithms\PKCS
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisabledByDefault (Order: 31)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server
Value nameDisabledByDefault
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 32)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\Multi-Protocol Unified Hello\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisabledByDefault (Order: 33)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server
Value nameDisabledByDefault
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 34)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisabledByDefault (Order: 35)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client
Value nameDisabledByDefault
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisabledByDefault (Order: 36)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server
Value nameDisabledByDefault
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 37)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisabledByDefault (Order: 38)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server
Value nameDisabledByDefault
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 39)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisabledByDefault (Order: 40)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
Value nameDisabledByDefault
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisabledByDefault (Order: 41)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server
Value nameDisabledByDefault
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 42)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisabledByDefault (Order: 43)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
Value nameDisabledByDefault
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisabledByDefault (Order: 44)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server
Value nameDisabledByDefault
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 45)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server
Value nameEnabled
Value typeREG_DWORD
Value data0xFFFFFFFF (4294967295)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 46)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 47)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
NtfsDisable8dot3NameCreation (Order: 48)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\FileSystem
Value nameNtfsDisable8dot3NameCreation
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Enabled (Order: 49)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple DES 168
Value nameEnabled
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Services
Service (Name: Audiosrv)
Audiosrv (Order: 1)
General
Service nameAudiosrv
ActionNo change
Startup type:Disabled
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Disabled)
No settings defined.