Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
TNBEA-PO-SEC-C-SFR_Security_W10
Data collected on: 2-9-2025 09:28:52
General
Details
Domainemea.tpg.ads
OwnerEMEA\poincon.7-adm
Created26-6-2019 14:44:28
Modified20-10-2023 10:59:50
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions2 (AD), 2 (SYSVOL)
Unique ID{ef9a214e-5a80-43db-b350-17d52380539b}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
BEANoEnabledemea.tpg.ads/TN/Systems/Clients/BEA

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\TNBEA-G-ORG-SFR_Security_W10
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\poincon.7-admEdit settings, delete, modify securityNo
EMEA\TNBEA-G-ORG-SFR_Security_W10Read (from Security Filtering)No
EMEA\TN-G-ORG-OU AdminsEdit settings, delete, modify securityNo
EMEA\TN-L-SEC-Delegation Modify Group Policy Settings AccessEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Other
PolicySetting
Accounts: Block Microsoft accountsUsers can't add or log on with Microsoft accounts
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.22
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Domain Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Private Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Public Profile Settings
PolicySetting
Firewall stateOff
Inbound connectionsNot Configured
Outbound connectionsNot Configured
Apply local firewall rulesNot Configured
Apply local connection security rulesNot Configured
Display notificationsNot Configured
Allow unicast responsesNot Configured
Log dropped packetsNot Configured
Log successful connectionsNot Configured
Log file pathNot Configured
Log file maximum size (KB)Not Configured
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Control Panel
PolicySettingComment
Allow Online TipsDisabled
Settings Page VisibilityEnabled
Settings Page Visibility:hide:gaming-gamebar;gaming-gamedvr;gaming-gamemode;gaming-broadcasting;gaming-trueplay;gaming-xboxnetworking;cortana-moredetails
Control Panel/Personalization
PolicySettingComment
Prevent changing lock screen and logon imageEnabled
Prevent enabling lock screen cameraEnabled
Prevent enabling lock screen slide showEnabled
Network/Network Connections/Windows Defender Firewall/Domain Profile
PolicySettingComment
Windows Defender Firewall: Protect all network connectionsDisabled
Network/WLAN Service/WLAN Settings
PolicySettingComment
Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid servicesDisabled
System/Driver Installation
PolicySettingComment
Turn off Windows Update device driver search promptEnabled
System/Group Policy
PolicySettingComment
Configure Logon Script DelayDisabled
System/Internet Communication Management/Internet Communication settings
PolicySettingComment
Turn off access to the StoreEnabled
Turn off Windows Update device driver searchingEnabled
System/Scripts
PolicySettingComment
Run logon scripts synchronouslyDisabled
Run startup scripts asynchronouslyEnabled
System/User Profiles
PolicySettingComment
Turn off the advertising IDEnabled
Windows Components/App Privacy
PolicySettingComment
Let Windows apps access account informationEnabled
Default for all apps:Force Deny
Put user in control of these specific apps (use Package Family Names):
Force allow these specific apps (use Package Family Names):
Force deny these specific apps (use Package Family Names):
Windows Components/BitLocker Drive Encryption/Operating System Drives
PolicySettingComment
Choose how BitLocker-protected operating system drives can be recoveredEnabled
Allow data recovery agent 
Configure user storage of BitLocker recovery information:
Allow 48-digit recovery password
Allow 256-bit recovery key
Omit recovery options from the BitLocker setup wizard 
Save BitLocker recovery information to AD DS for operating system drives 
Configure storage of BitLocker recovery information to AD DS: 
Do not enable BitLocker until recovery information is stored to AD DS for operating system drives 
Windows Components/Data Collection and Preview Builds
PolicySettingComment
Allow Diagnostic DataEnabled
Diagnostic data off (not recommended)
PolicySettingComment
Configure the Commercial IDDisabled
Do not show feedback notificationsEnabled
Toggle user control over Insider buildsDisabled
Windows Components/Game Explorer
PolicySettingComment
Turn off downloading of game informationEnabled
Turn off game updatesEnabled
Turn off tracking of last play time of games in the Games folderEnabled
Windows Components/Internet Explorer
PolicySettingComment
Prevent participation in the Customer Experience Improvement ProgramEnabled
Prevent running First Run wizardEnabled
Select your choiceGo directly to home page
PolicySettingComment
Show message when opening sites in Microsoft Edge using Enterprise ModeDisabled
Use the Enterprise Mode IE website listEnabled
Type the location (URL) of your Enterprise Mode IE website listhttp://tnbeafs02/SFR/SiteListSchemaV2.xml
Windows Components/OneDrive
PolicySettingComment
Prevent the usage of OneDrive for file storageDisabled
Prevent the usage of OneDrive for file storage on Windows 8.1Disabled
Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections
PolicySettingComment
Allow users to connect remotely by using Remote Desktop ServicesEnabled
Windows Components/Search
PolicySettingComment
Allow CortanaDisabled
Allow Cortana above lock screenDisabled
Allow search and Cortana to use locationDisabled
Do not allow web searchEnabled
Don't search the web or display web results in SearchEnabled
Don't search the web or display web results in Search over metered connectionsEnabled
Set what information is shared in SearchEnabled
Type of informationAnonymous info
Windows Components/Store
PolicySettingComment
Turn off the offer to update to the latest version of WindowsEnabled
Turn off the Store applicationEnabled
Windows Components/Sync your settings
PolicySettingComment
Do not syncEnabled
Allow users to turn syncing on.Disabled
PolicySettingComment
Do not sync app settingsEnabled
Allow users to turn "app settings" syncing on.Disabled
PolicySettingComment
Do not sync AppsEnabled
Allow users to turn "AppSync" syncing on.Disabled
PolicySettingComment
Do not sync browser settingsEnabled
Allow users to turn "browser" syncing on.Disabled
PolicySettingComment
Do not sync desktop personalizationEnabled
Allow users to turn "desktop personalization" syncing on.Disabled
PolicySettingComment
Do not sync on metered connectionsEnabled
Do not sync other Windows settingsEnabled
Allow users to turn "other Windows settings" syncing on.Disabled
PolicySettingComment
Do not sync passwordsEnabled
Allow users to turn "passwords" syncing on.Disabled
PolicySettingComment
Do not sync personalizeEnabled
Allow users to turn "personalize" syncing on.Disabled
PolicySettingComment
Do not sync start settingsEnabled
Allow users to turn "start layout" syncing on.Disabled
Windows Components/Windows Calendar
PolicySettingComment
Turn off Windows CalendarEnabled
Windows Components/Windows Hello for Business
PolicySettingComment
Use biometricsDisabled
Use Windows Hello for BusinessDisabled
Windows Components/Windows Mail
PolicySettingComment
Turn off Windows Mail applicationEnabled
Windows Components/Windows Messenger
PolicySettingComment
Do not allow Windows Messenger to be runEnabled
Preferences
Windows Settings
Registry
EnableLinkedConnections (Order: 1)
General
ActionCreate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Value nameEnableLinkedConnections
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
EnableLinkedConnections (Order: 2)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Value nameEnableLinkedConnections
Value typeREG_DWORD
Value data0x1 (1)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
DisableFileSyncNGSC (Order: 3)
General
ActionUpdate
Properties
HiveHKEY_LOCAL_MACHINE
Key pathSOFTWARE\Policies\Microsoft\Windows\OneDrive
Value nameDisableFileSyncNGSC
Value typeREG_DWORD
Value data0x0 (0)
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.