Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
RU-PO-SEC-C-Operators Workstations
Data collected on: 2-9-2025 08:54:11
General
Details
Domainemea.tpg.ads
OwnerEMEA\efimov.6
Created29-4-2014 08:32:04
Modified5-3-2025 12:04:52
User Revisions50 (AD), 50 (SYSVOL)
Computer Revisions319 (AD), 319 (SYSVOL)
Unique ID{08e13eea-ef28-45a8-b1ef-babbdd7b64b5}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
AHANoEnabledemea.tpg.ads/RU/Systems/Clients/AHA
Operators WorkstationsNoEnabledemea.tpg.ads/RU/Systems/Clients/KZN/Operators Workstations
Operators WorkstationsNoEnabledemea.tpg.ads/RU/Systems/Clients/MOS/Operators Workstations
Operators WorkstationsNoEnabledemea.tpg.ads/RU/Systems/Clients/REN/Operators Workstations
Operators WorkstationsNoEnabledemea.tpg.ads/RU/Systems/Clients/RND/Operators Workstations
Operators WorkstationsNoEnabledemea.tpg.ads/RU/Systems/Clients/TOI/Operators Workstations
Operators WorkstationsNoEnabledemea.tpg.ads/RU/Systems/Clients/TTI/Operators Workstations
Operators WorkstationsNoEnabledemea.tpg.ads/RU/Systems/Clients/VGG/Operators Workstations
Operators WorkstationsNoEnabledemea.tpg.ads/RU/Systems/Clients/VLD/Operators Workstations
Operators WorkstationsNoEnabledemea.tpg.ads/RU/Systems/Clients/VOG/Operators Workstations

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\efimov.6Edit settings, delete, modify securityNo
EMEA\RU-L-SEC-Delegation Group Policy Objects Modify AccessEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Scripts
Startup
For this GPO, Script order: Not configured
NameParameters
__opsWS_StartUp.cmd
Security Settings
Local Policies/Security Options
Accounts
PolicySetting
Accounts: Guest account statusDisabled
Interactive Logon
PolicySetting
Interactive logon: Don't display last signed-inEnabled
File System
%SystemDrive%\Temp\ScreenRecord
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder only
AllowBUILTIN\UsersCreate folders / Append data, Write attributes, Write extended attributesThis folder only
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\HelpPane.exe
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell_ise.exe
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\winhlp32.exe
Configure this file or folder then: Propagate inheritable permissions to all subfolders and files
Owner
Permissions
TypeNamePermissionApply To
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Registry
CLASSES_ROOT\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder
Configure this key then: Propagate inheritable permissions to all subkeys
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESFull controlThis key and subkeys
AllowCREATOR OWNERFull controlSubkeys only
AllowNT AUTHORITY\SYSTEMFull controlThis key and subkeys
AllowBUILTIN\AdministratorsFull controlThis key and subkeys
AllowBUILTIN\UsersReadThis key and subkeys
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Start Menu and Taskbar
PolicySettingComment
Hide the TaskView buttonEnabled
Remove pinned programs from the TaskbarEnabled
System/Logon
PolicySettingComment
Hide entry points for Fast User SwitchingEnabled
System/Removable Storage Access
PolicySettingComment
All Removable Storage classes: Deny all accessEnabled
Removable Disks: Deny execute accessEnabled
Removable Disks: Deny read accessEnabled
Removable Disks: Deny write accessEnabled
WPD Devices: Deny read accessEnabled
WPD Devices: Deny write accessEnabled
System/User Profiles
PolicySettingComment
Delete cached copies of roaming profilesEnabled
Windows Components/Game Explorer
PolicySettingComment
Turn off downloading of game informationEnabled
Turn off game updatesEnabled
Windows Components/Internet Explorer
PolicySettingComment
Make proxy settings per-machine (rather than per-user)Disabled
Prevent changing proxy settingsDisabled
Windows Components/Internet Explorer/Toolbars
PolicySettingComment
Turn off Developer ToolsEnabled
Windows Components/Microsoft Edge
PolicySettingComment
Allow Developer ToolsDisabled
Allow InPrivate browsingEnabled
Windows Components/OneDrive
PolicySettingComment
Prevent the usage of OneDrive for file storageEnabled
Windows Components/Remote Desktop Services/Remote Desktop Connection Client
PolicySettingComment
Specify SHA1 thumbprints of certificates representing trusted .rdp publishersEnabled
Comma-separated list of SHA1 trusted certificate thumbprints:a15cfdd8dc2083e8dd41db882ba53165ed728ffa
Windows Components/RSS Feeds
PolicySettingComment
Turn off background synchronization for feeds and Web SlicesEnabled
Windows Components/Search
PolicySettingComment
Do not allow web searchEnabled
Don't search the web or display web results in SearchEnabled
Don't search the web or display web results in Search over metered connectionsEnabled
Windows Components/Store
PolicySettingComment
Turn off Automatic Download and Install of updatesEnabled
Windows Components/Widgets
PolicySettingComment
Allow widgetsDisabled
Windows Components/Windows Error Reporting
PolicySettingComment
Disable Windows Error ReportingEnabled
Windows Components/Windows Mail
PolicySettingComment
Turn off the communities featuresEnabled
Turn off Windows Mail applicationEnabled
Windows Components/Windows Messenger
PolicySettingComment
Do not allow Windows Messenger to be runEnabled
Do not automatically start Windows Messenger initiallyEnabled
Windows Components/Windows SideShow
PolicySettingComment
Turn off Windows SideShowEnabled
Preferences
Windows Settings
Folders
Folder (Path: c:\temp\ScreenRecord)
ScreenRecord (Order: 1)
General
ActionUpdate
Attributes
Pathc:\temp\ScreenRecord
Read-onlyDisabled
HiddenEnabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Registry
SpecialRoamingOverrideAllowed (Order: 1)
General
ActionReplace
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
Value nameSpecialRoamingOverrideAllowed
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Item-level targeting: Operating System
AttributeValue
boolAND
not0
classNT
versionWINTHRESHOLD
typeNE
editionNE
spNE
Attributes (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_CLASSES_ROOT
Key pathCLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder
Value nameAttributes
Value typeREG_DWORD
Value data0xB0940064 (2962489444)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
AgentDesktop.exe (Order: 3)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
Value nameAgentDesktop.exe
Value typeREG_DWORD
Value data0x2AF8 (11000)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Control Panel Settings
Services
Service (Name: BthHFSrv)
BthHFSrv (Order: 1)
General
Service nameBthHFSrv
ActionStop service
Startup type:Disabled
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Service (Name: bthserv)
bthserv (Order: 2)
General
Service namebthserv
ActionStop service
Startup type:Disabled
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Service (Name: WlanSvc)
WlanSvc (Order: 3)
General
Service nameWlanSvc
ActionStop service
Startup type:Disabled
Wait timeout if service is locked:30 seconds
Service Account
Log on service as:No change
Recovery
First failure:No change
Second failure:No change
Subsequent failures:No change
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Disabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Internet Explorer
PolicySettingComment
Turn off ActiveX Opt-In promptEnabled
Windows Components/Internet Explorer/Internet Control Panel/Security Page
PolicySettingComment
Site to Zone Assignment ListEnabled
Enter the zone assignments here. 
https://gcslearn.partners.extranet.microsoft.com/ 2
https://vkbexternal.partners.extranet.microsoft.com/ 2
https://mslms.cloudapp.net/ 2
http://agentservice.xbox.com2
https://agentservice.xbox.com2
http://edccs.partners.extranet.microsoft.com2
https://edccs.partners.extranet.microsoft.com2
https://pssoe.partners.extranet.microsoft.com/OECC/CustomerSearch.aspx2
https://hotfixex.partners.extranet.microsoft.com/2
https://supportdiagnostics.partners.extranet.microsoft.com/ 2
https://vkbexternal.partners.extranet.microsoft.com/2
http://hotfixex.partners.extranet.microsoft.com/2
http://supportdiagnostics.partners.extranet.microsoft.com/ 2
http://vkbexternal.partners.extranet.microsoft.com/2
https://sharepoint.partners.extranet.microsoft.com2
http://sharepoint.partners.extranet.microsoft.com2
https://sharepoint.partners.extranet.microsoft.com/sites/CAPWEB/ASD/Pages/Prerequisites.aspx 2