Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
XKPRN-PO-WIN-C-Lufthance Computer Configuration
Data collected on: 2-9-2025 11:45:00
General
Details
Domainemea.tpg.ads
OwnerEMEA\bahtiri.5-adm
Created19-12-2023 09:56:24
Modified25-7-2025 10:30:02
User Revisions0 (AD), 0 (SYSVOL)
Computer Revisions109 (AD), 109 (SYSVOL)
Unique ID{4907153c-2b6b-4288-96c0-7fc18890cd4b}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
PRNNoEnabledemea.tpg.ads/XK/Systems/Clients/PRN

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
EMEA\XKPRN-L-SEC-Computer Configuration Lufthansa AG
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
EMEA\bahtiri.5-admEdit settings, delete, modify securityNo
EMEA\Domain AdminsEdit settings, delete, modify securityNo
EMEA\Domain ComputersReadNo
EMEA\XK-L-SEC-Delegation Modify Group Policy Settings AccessEdit settings, delete, modify securityNo
EMEA\XK-L-SEC-Delegation Read Group Policy Results Data AccessReadNo
EMEA\XKPRN-L-SEC-Computer Configuration Lufthansa AGRead (from Security Filtering)No
NT AUTHORITY\Authenticated UsersReadNo
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
ROOT\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Interactive Logon
PolicySetting
Interactive logon: Number of previous logons to cache (in case domain controller is not available)10 logons
Public Key Policies/Trusted Root Certification Authorities
Certificates
Issued ToIssued ByExpiration DateIntended Purposes
Lufthansa Group Root CA - G1Lufthansa Group Root CA - G13-12-2037 09:32:07<All>
Lufthansa Group Sub CA 1 Server - G1Lufthansa Group Root CA - G18-3-2031 13:42:27<All>

For additional information about individual settings, launch the Local Group Policy Object Editor.
Software Restriction Policies
Enforcement
PolicySetting
Apply Software Restriction Policies to the followingAll software files except libraries (such as DLLs)
Apply Software Restriction Policies to the following usersAll users
When applying Software Restriction PoliciesIgnore certificate rules
Designated File Types
File ExtensionFile Type
ADEADE File
ADPADP File
BASBAS File
BATWindows Batch File
CHMCompiled HTML Help file
CMDWindows Command Script
COMMS-DOS Application
CPLControl panel item
CRTSecurity Certificate
EXEApplication
HLPHelp file
HTAHTML Application
INFSetup Information
INSINS File
ISPISP File
LNKShortcut
MDBMDB File
MDEMDE File
MSCMicrosoft Common Console Document
MSIWindows Installer Package
MSPWindows Installer Patch
MSTMST File
OCXActiveX control
PCDPCD File
PIFShortcut to MS-DOS Program
REGRegistration Entries
SCRScreen saver
SHSSHS File
URLInternet Shortcut
VBVisual Basic Source File
WSCWindows Script Component
Trusted Publishers
Trusted publisher managementAllow all administrators and users to manage user's own Trusted Publishers
Certificate verificationNone
Software Restriction Policies/Security Levels
PolicySetting
Default Security LevelUnrestricted
Software Restriction Policies/Additional Rules
Path Rules
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%
Security LevelUnrestricted
Description
Date last modified17-9-2024 12:31:24
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir%
Security LevelUnrestricted
Description
Date last modified17-9-2024 12:31:24
C:\OneRes\qik\app\*.bat
Security LevelUnrestricted
Description
Date last modified17-9-2024 12:32:03
C:\OneRes_2024.2.0\qik\app\*.bat
Security LevelUnrestricted
Description
Date last modified17-9-2024 12:32:42
Windows Firewall with Advanced Security
Global Settings
PolicySetting
Policy version2.31
Disable stateful FTPNot Configured
Disable stateful PPTPNot Configured
IPsec exemptNot Configured
IPsec through NATNot Configured
Preshared key encodingNot Configured
SA idle timeNot Configured
Strong CRL checkNot Configured
Inbound Rules
NameDescription
@FirewallAPI.dll,-27001@FirewallAPI.dll,-27005
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol1
Local portAny
Remote portAny
ICMP settingstype 8:code any
Local scopeAny
Remote scopeLocal subnet
ProfilePrivate, Public
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group@FirewallAPI.dll,-27000
@FirewallAPI.dll,-27001@FirewallAPI.dll,-27005
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol1
Local portAny
Remote portAny
ICMP settingstype 8:code any
Local scopeAny
Remote scopeAny
ProfileDomain
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
Group@FirewallAPI.dll,-27000
File and Printer Sharing (NB-Datagram-In)Inbound rule for File and Printer Sharing to allow NetBIOS Datagram transmission and reception. [UDP 138]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol17
Local port138
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupFile and Printer Sharing
File and Printer Sharing (SMB-In)Inbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol6
Local port445
Remote portAny
ICMP settingsAny
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupFile and Printer Sharing
File and Printer Sharing (Echo Request - ICMPv4-In)Echo Request messages are sent as ping requests to other nodes.
This rule might contain some elements that cannot be interpreted by the current version of GPMC reporting module
EnabledTrue
ProgramSystem
ActionAllow
SecurityRequire authentication
Authorized computers
Authorized users
Protocol1
Local portAny
Remote portAny
ICMP settingstype 8:code any
Local scopeAny
Remote scopeAny
ProfileAll
Network interface typeAll
ServiceAll programs and services
Allow edge traversalFalse
GroupFile and Printer Sharing
Connection Security Settings
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
System/Logon
PolicySettingComment
Always wait for the network at computer startup and logonDisabled
Windows Components/Microsoft Defender Antivirus
PolicySettingComment
Turn off Microsoft Defender AntivirusEnabled
Preferences
Windows Settings
Files
File (Target Path: C:\Windows\System32\drivers\etc\hosts)
hosts (Order: 1)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\SYSVOL\emea.tpg.ads\Policies\{4907153C-2B6B-4288-96C0-7FC18890CD4B}\Machine\Preferences\Files\hosts
Destination fileC:\Windows\System32\drivers\etc\hosts
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveDisabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
File (Target Path: C:\WinAuth\WinAuth.exe)
WinAuth.exe (Order: 2)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\SYSVOL\emea.tpg.ads\Policies\{4907153C-2B6B-4288-96C0-7FC18890CD4B}\Machine\Preferences\Files\WinAuth.exe
Destination fileC:\WinAuth\WinAuth.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
File (Target Path: C:\TPNotes\TPNotes.exe)
TPNotes.exe (Order: 3)
General
ActionReplace
Properties
Source file(s)\\emea.tpg.ads\SYSVOL\emea.tpg.ads\Policies\{4907153C-2B6B-4288-96C0-7FC18890CD4B}\Machine\Preferences\Files\TPNotes.exe
Destination fileC:\TPNotes\TPNotes.exe
Suppress errors on individual file actionsDisabled
Attributes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Folders
Folder (Path: C:\WinAuth)
WinAuth (Order: 1)
General
ActionCreate
Attributes
PathC:\WinAuth
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
Folder (Path: C:\TPNotes)
TPNotes (Order: 2)
General
ActionCreate
Attributes
PathC:\TPNotes
Read-onlyDisabled
HiddenDisabled
ArchiveEnabled
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyNo
User Configuration (Enabled)
No settings defined.