Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
TN-PO-WIN-C-Windows 10 Hardening RollOut
Data collected on: 2-9-2025 12:50:47
General
Details
Domainemea.tpg.ads
OwnerEMEA\toumi.80-adm
Created3-4-2025 18:36:36
Modified9-4-2025 16:02:40
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions45 (AD), 45 (SYSVOL)
Unique ID{56d5fd22-ab5a-4630-ac99-9aa28bee5453}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
None
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\TN-G-ORG-OU AdminsEdit settings, delete, modify securityNo
EMEA\TN-L-SEC-Delegation Modify Group Policy Settings AccessEdit settings, delete, modify securityNo
EMEA\toumi.80-admEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/User Rights Assignment
PolicySetting
Deny log on locallyEMEA\TN-L-SEC-GPO-WAHA-User-Configuration, TN-L-SEC-Folder_Redirection_Startmenu_WAHA
Local Policies/Security Options
User Account Control
PolicySetting
User Account Control: Admin Approval Mode for the Built-in Administrator accountDisabled
User Account Control: Behavior of the elevation prompt for standard usersPrompt for credentials
User Account Control: Detect application installations and prompt for elevationEnabled
System Services
AppX Deployment Service (AppXSVC) (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Windows Defender Advanced Threat Protection Service (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Microsoft Defender Antivirus Network Inspection Service (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
Microsoft Defender Antivirus Service (Startup Mode: Disabled)
Permissions
No permissions specified
Auditing
No auditing specified
File System
%AppData%\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\TN-L-SEC Disable Win10 FeaturesFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%AppData%\Opera Software
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\TNKR2-G-ORG-TikTok_Disable_Win10_Features_TikTokFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%ProgramFiles%\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe\Cortana.exe
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
AllowAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGESRead and ExecuteThis folder, subfolders and files
AllowCREATOR OWNERFull ControlSubfolders and files only
AllowNT AUTHORITY\SYSTEMFull ControlThis folder, subfolders and files
AllowBUILTIN\AdministratorsFull ControlThis folder, subfolders and files
AllowBUILTIN\UsersRead and ExecuteThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\TN-L-SEC Disable Win10 FeaturesFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell_ise.exe
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\TN-L-SEC Disable Win10 FeaturesFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\TN-L-SEC Disable Win10 FeaturesFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%SystemRoot%\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\TN-L-SEC Disable Win10 FeaturesFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
%UserProfile%\Downloads\OperaPortable
Configure this file or folder then: Replace existing permissions on all subfolders and files with inheritable permissions
Owner
Permissions
TypeNamePermissionApply To
DenyEMEA\TNKR2-G-ORG-TikTok_Disable_Win10_Features_TikTokFull ControlThis folder, subfolders and files
Allow inheritable permissions from the parent to propagate to this object and all child objectsDisabled
Auditing
No auditing specified
Public Key Policies/Intermediate Certification Authority Certificates
Issued ToIssued ByExpiration DateIntended Purposes
Sectigo RSA Organization Validation Secure Server CAUSERTrust RSA Certification Authority1-1-2031 00:59:59Server Authentication, Client Authentication
USERTrust ECC Certification AuthorityUSERTrust ECC Certification Authority19-1-2038 00:59:59Time Stamping, Encrypting File System, IP security tunnel termination, Server Authentication, IP security user, Client Authentication, Secure Email, Code Signing
USERTrust RSA Certification AuthorityUSERTrust RSA Certification Authority19-1-2038 00:59:59<All>
UTN-USERFirst-ObjectUTN-USERFirst-Object9-7-2019 20:40:36Code Signing, Time Stamping, Encrypting File System

For additional information about individual settings, launch the Local Group Policy Object Editor.
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVisual Basic Source File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified1-10-2019 01:48:09
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified1-10-2019 01:48:09
%programfiles%\WindowsApps\Microsoft.WindowsStore*
Security LevelDisallowed
Description
Date last modified13-7-2020 18:31:45
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel/Regional and Language Options
PolicySettingComment
Allow users to enable online speech recognition servicesDisabled
Control Panel/Regional and Language Options/Handwriting personalization
PolicySettingComment
Turn off automatic learningEnabled
Microsoft Edge
PolicySettingComment
Allow or block video captureDisabled
Allow or deny screen captureDisabled
Allow pages to send synchronous XHR requests during page dismissal (obsolete)Disabled
Allow personalization of ads, Microsoft Edge, search, news and other Microsoft services by sending browsing history, favorites and collections, usage and other browsing data to MicrosoftDisabled
Allow Pin to taskbar wizardDisabled
Allow suggestions from local providersDisabled
Allow users to open files using the ClickOnce protocolDisabled
Allow users to open files using the DirectInvoke protocolDisabled
Block third party cookiesEnabled
Browser sign-in settingsDisabled
Clear browsing data when Microsoft Edge closesDisabled
Configure Online Text To SpeechDisabled
Enable guest modeDisabled
Enable online OCSP/CRL checksDisabled
Enable search suggestionsDisabled
Enable site isolation for every siteDisabled
Enable TranslateDisabled
Enforce Bing SafeSearchEnabled
Enforce Bing SafeSearchConfigure moderate search restrictions in Bing
PolicySettingComment
Enforce Google SafeSearchDisabled
Extend Adobe Flash content setting to all content (obsolete)Disabled
Manage exposure of local IP addressess by WebRTCDisabled
Show an "Always open" checkbox in external protocol dialogDisabled
Specify if online OCSP/CRL checks are required for local trust anchorsEnabled
Microsoft Edge/Content settings
PolicySettingComment
Control use of the Web Bluetooth APIEnabled
Control use of the Web Bluetooth APIDo not allow any site to request access to Bluetooth devices via the Web Bluetooth API
PolicySettingComment
Control use of the WebUSB APIEnabled
Control use of the WebUSB APIDo not allow any site to request access to USB devices via the WebUSB API
PolicySettingComment
Default Adobe Flash setting (obsolete)Enabled
Default Adobe Flash settingBlock the Adobe Flash plugin
Microsoft Edge/HTTP authentication
PolicySettingComment
Supported authentication schemesEnabled
Supported authentication schemesdigest,ntlm,negotiate
Network/IPv6 Configuration
PolicySettingComment
IPv6 Configuration PolicyEnabled
IPv6 ConfigurationDisable all IPv6 components
Network/Offline Files
PolicySettingComment
Allow or Disallow use of the Offline Files featureDisabled
Prohibit user configuration of Offline FilesEnabled
Prevents users from changing any cache configuration settings.
Start Menu and Taskbar
PolicySettingComment
Start LayoutEnabled
Start Layout File\\emea.tpg.ads\sysvol\emea.tpg.ads\Policies\{E8893D3D-99AE-4EEE-9FF0-23F86110DE8A}\Machine\Scripts\Startup\Windows10StartMenu\LayoutModification.xml
Reapply layout at every logon 
System/Internet Communication Management/Internet Communication settings
PolicySettingComment
Turn off access to the StoreEnabled
Turn off handwriting personalization data sharingEnabled
Turn off handwriting recognition error reportingEnabled
Turn off Help and Support Center "Did you know?" contentEnabled
Turn off the Windows Messenger Customer Experience Improvement ProgramEnabled
Turn off Windows Error ReportingEnabled
System/Logon
PolicySettingComment
Always wait for the network at computer startup and logonEnabled
System/OS Policies
PolicySettingComment
Allow publishing of User ActivitiesDisabled
System/Power Management/Hard Disk Settings
PolicySettingComment
Turn Off the hard disk (plugged in)Enabled
Turn Off the Hard Disk (seconds):0
System/Power Management/Sleep Settings
PolicySettingComment
Allow standby states (S1-S3) when sleeping (on battery)Disabled
Allow standby states (S1-S3) when sleeping (plugged in)Disabled
System/Recovery
PolicySettingComment
Allow restore of system to default stateDisabled
System/System Restore
PolicySettingComment
Turn off ConfigurationEnabled
Turn off System RestoreEnabled
System/User Profiles
PolicySettingComment
Do not log users on with temporary profilesEnabled
Turn off the advertising IDEnabled
Windows Components/App Privacy
PolicySettingComment
Let Windows apps access account informationEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access call historyEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access contactsEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access diagnostic information about other appsEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access emailEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access locationEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access messagingEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access motionEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access notificationsEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access TasksEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access the calendarEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access the cameraEnabled
Default for all apps:Force Allow
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access the microphoneEnabled
Default for all apps:Force Allow
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps access trusted devicesEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps communicate with unpaired devicesEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps control radiosEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps make phone callsEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
PolicySettingComment
Let Windows apps run in the backgroundEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
Windows Components/Application Compatibility
PolicySettingComment
Remove Program Compatibility Property PageEnabled
Turn off Application Compatibility EngineEnabled
Turn off Application TelemetryEnabled
Turn off Inventory CollectorEnabled
Turn off Program Compatibility AssistantEnabled
Turn off Steps RecorderEnabled
Turn off SwitchBack Compatibility EngineEnabled
Windows Components/Cloud Content
PolicySettingComment
Do not show Windows tipsEnabled
Turn off Microsoft consumer experiencesEnabled
Windows Components/Data Collection and Preview Builds
PolicySettingComment
Allow Diagnostic DataEnabled
Diagnostic data off (not recommended)
PolicySettingComment
Configure the Commercial IDDisabled
Do not show feedback notificationsEnabled
Limit optional diagnostic data for Desktop AnalyticsDisabled
Toggle user control over Insider buildsDisabled
Windows Components/Delivery Optimization
PolicySettingComment
Download ModeEnabled
Download Mode:Bypass (100)
Windows Components/Desktop Gadgets
PolicySettingComment
Turn off desktop gadgetsEnabled
Windows Components/File Explorer
PolicySettingComment
Do not show the 'new application installed' notificationEnabled
Set a default associations configuration fileEnabled
Default Associations Configuration File\\emea.tpg.ads\sysvol\emea.tpg.ads\Policies\{E8893D3D-99AE-4EEE-9FF0-23F86110DE8A}\Machine\Scripts\Startup\Windows10StartMenu\AppAssoc.xml
PolicySettingComment
Start File Explorer with ribbon minimizedEnabled
Pick one of the following settings 
Windows Components/File History
PolicySettingComment
Turn off File HistoryEnabled
Windows Components/Find My Device
PolicySettingComment
Turn On/Off Find My DeviceDisabled
Windows Components/Game Explorer
PolicySettingComment
Turn off downloading of game informationEnabled
Turn off game updatesEnabled
Turn off tracking of last play time of games in the Games folderEnabled
Windows Components/Location and Sensors
PolicySettingComment
Turn off locationEnabled
Turn off sensorsEnabled
Windows Components/Location and Sensors/Windows Location Provider
PolicySettingComment
Turn off Windows Location ProviderEnabled
Windows Components/Microsoft account
PolicySettingComment
Block all consumer Microsoft account user authenticationEnabled
Windows Components/Microsoft Defender Antivirus
PolicySettingComment
Turn off Microsoft Defender AntivirusEnabled
Windows Components/Microsoft Defender Antivirus/MAPS
PolicySettingComment
Configure local setting override for reporting to Microsoft MAPSDisabled
Join Microsoft MAPSEnabled
Join Microsoft MAPSDisabled
PolicySettingComment
Send file samples when further analysis is requiredEnabled
Send file samples when further analysis is requiredNever send
Windows Components/Microsoft Defender Antivirus/Real-time Protection
PolicySettingComment
Monitor file and program activity on your computerDisabled
Turn off real-time protectionDisabled
Turn on behavior monitoringDisabled
Turn on process scanning whenever real-time protection is enabledDisabled
Windows Components/Microsoft Edge
PolicySettingComment
Allow clearing browsing data on exitEnabled
Allow InPrivate browsingDisabled
Allow search engine customizationDisabled
Prevent access to the about:flags page in Microsoft EdgeEnabled
Prevent the First Run webpage from opening on Microsoft EdgeEnabled
Send all intranet sites to Internet Explorer 11Enabled
Windows Components/OneDrive
PolicySettingComment
Prevent OneDrive files from syncing over metered connectionsEnabled
Metered Network SettingBlock syncing on all metered connections
PolicySettingComment
Prevent OneDrive from generating network traffic until the user signs in to OneDriveEnabled
Prevent the usage of OneDrive for file storageEnabled
Prevent the usage of OneDrive for file storage on Windows 8.1Enabled
Save documents to OneDrive by defaultDisabled
Windows Components/Online Assistance
PolicySettingComment
Turn off Active HelpEnabled
Windows Components/Push To Install
PolicySettingComment
Turn off Push To Install serviceEnabled
Windows Components/Search
PolicySettingComment
Allow Cloud SearchEnabled
Cloud Search SettingDisable Cloud Search
PolicySettingComment
Allow CortanaDisabled
Allow Cortana above lock screenDisabled
Allow indexing of encrypted filesDisabled
Allow search and Cortana to use locationDisabled
Do not allow web searchEnabled
Don't search the web or display web results in SearchEnabled
Set what information is shared in SearchEnabled
Type of informationAnonymous info
Windows Components/Security Center
PolicySettingComment
Turn on Security Center (Domain PCs only)Disabled
Windows Components/Speech
PolicySettingComment
Allow Automatic Update of Speech DataDisabled
Windows Components/Store
PolicySettingComment
Disable all apps from Microsoft Store Enabled
Only display the private store within the Microsoft StoreEnabled
Turn off the Store applicationEnabled
Windows Components/Tablet PC/Handwriting personalization
PolicySettingComment
Turn off automatic learningEnabled
Windows Components/Windows Defender SmartScreen/Explorer
PolicySettingComment
Configure Windows Defender SmartScreenDisabled
Windows Components/Windows Defender SmartScreen/Microsoft Edge
PolicySettingComment
Configure Windows Defender SmartScreenDisabled
Windows Components/Windows Error Reporting
PolicySettingComment
Automatically send memory dumps for OS-generated error reportsDisabled
Disable Windows Error ReportingEnabled
Do not send additional dataEnabled
Windows Components/Windows Game Recording and Broadcasting
PolicySettingComment
Enables or disables Windows Game Recording and BroadcastingDisabled
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
Software\Policies\Microsoft\Windows\PreviewBuilds\EnableConfigFlighting1
Software\Policies\Microsoft\Windows\PreviewBuilds\EnableExperimentation1
Preferences
Windows Settings
Files
File (Target Path: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2)
Group2 (Order: 1)
General
ActionDelete
Properties
Destination fileC:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenEnabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3)
Group3 (Order: 2)
General
ActionDelete
Properties
Destination fileC:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenEnabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
File (Target Path: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1)
Group1 (Order: 3)
General
ActionDelete
Properties
Destination fileC:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenEnabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Registry
DisableAntiSpyware (Order: 1)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows Defender
Value nameDisableAntiSpyware
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
AutoDownload (Order: 2)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate
Value nameAutoDownload
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
DisableWindowsConsumerFeatures (Order: 3)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\CloudContent
Value nameDisableWindowsConsumerFeatures
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
Start (Order: 4)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\SecurityHealthService
Value nameStart
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
DownloadMode (Order: 5)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config
Value nameDownloadMode
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
AutoDownload (Order: 6)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\WindowsStore
Value nameAutoDownload
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
FormatDatabase (Order: 7)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSYSTEM\CurrentControlSet\Services\CSC\Parameters
Value nameFormatDatabase
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
DisableStoreApps (Order: 8)
General
ActionDelete
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\WindowsStore
Value nameDisableStoreApps
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.