Windows Server 2012 and Windows 8 Group Policy Settings

Group Policy Settings Reference
Windows Server 2012 and Windows 8
This spreadsheet lists the policy settings for computer and user configurations that are included in the Administrative template files (.admx and
Windows Server 2012. The policy settings included in this spreadsheet cover Windows Server 2012, Windows Server 2008 R2, Windows Ser
Windows 8, Windows 7, Windows Vista with SP1,Windows XP Professional with SP2 or earlier service packs, and Microsoft Windows 2000 w
These files are used to expose policy settings when you use the Group Policy Management Console (GPMC) to edit Group Policy Objects (GP
You can use the filtering capabilities that are included in this spreadsheet to view a specific subset of data, based on one value or a combinati
in one or more of the columns. In addition, you can click Custom in the drop-down list of any of the column headings to add additional filtering
To view a specific subset of data, click the drop-down arrow in the column heading of cells that contain the value or combination of values on w
and then click the desired value in the drop-down list. For example, to view policy settings that are available for Windows Server 2012 or Wind
Administrative Template worksheet, click the drop-down arrow next to Supported On, and then click At least Microsoft Windows Server 2
What's New
The Administrative Template spreadsheet contains three columns that provide more information about each policy setting's behavior related to
These columns are the following:
Reboot Required: A "Yes" in this column means that the Windows operating systems requires a restart before it applies the described po
Logoff Required: A "Yes" in this column means that the Windows operating system requires the user to log off and log on again before it
Active Directory Schema or Domain Requirements: A "Yes" in this column means that you must extend the Active Directory schema b
Status: A "New" in this column means that the setting did not exist prior to Windows Server 2012 and Windows 8. It does not mean that t
and Windows 8. Refer to the column entitled "supported on" to determine to which operating system the policy setting applies.
Legal Notice
This document is provided as-is. Information and views expressed in this document, including URL and other Internet Web site references, may change witho
Some examples depicted herein are provided for illustration only and are fictitious. No real association or connection is intended or should be inferred.
This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your in
2012 Microsoft Corporation. All rights reserved.
Active Directory, Hyper-V, Microsoft, MS-DOS, Visual Basic, Visual Studio, Windows, Windows NT, Windows Server,
and Windows Vista are trademarks of the Microsoft group of companies.
All other trademarks are property of their respective owners.

Status File Name
ActiveXInstallService.admx
ActiveXInstallService.admx
AddRemovePrograms.admx
adfs.admx
AppCompat.admx
AppCompat.admx
AppCompat.admx
AppCompat.admx
AppCompat.admx
AppCompat.admx
AppCompat.admx
AppCompat.admx
AppCompat.admx
New AppxPackageManager.admx
New AppxPackageManager.admx
New AppXRuntime.admx
AttachmentManager.admx
AutoPlay.admx
AutoPlay.admx
AutoPlay.admx
AutoPlay.admx
AutoPlay.admx
AutoPlay.admx
AutoPlay.admx
AutoPlay.admx
Biometrics.admx
Biometrics.admx
Biometrics.admx
Biometrics.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
Bits.admx
CEIPEnable.admx
CEIPEnable.admx
CipherSuiteOrder.admx
COM.admx
COM.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
conf.admx
ControlPanel.admx
ControlPanel.admx
ControlPanel.admx
ControlPanel.admx
ControlPanelDisplay.admx
New ControlPanelDisplay.admx
Cpls.admx
CredentialProviders.admx
CredentialProviders.admx
New CredentialProviders.admx
New CredentialProviders.admx
CredSsp.admx
CredSsp.admx
CredSsp.admx
CredSsp.admx
CredSsp.admx
CredSsp.admx
CredSsp.admx
CredSsp.admx
CredSsp.admx
CredUI.admx
CredUI.admx
New CredUI.admx
New CredUI.admx
CtrlAltDel.admx
CtrlAltDel.admx
CtrlAltDel.admx
CtrlAltDel.admx
DCOM.admx
DCOM.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
Desktop.admx
New DeviceCompat.admx
New DeviceCompat.admx
DeviceInstallation.admx
DeviceRedirection.admx
DeviceRedirection.admx
DeviceSetup.admx
DeviceSetup.admx
DeviceSetup.admx
DeviceSetup.admx
DeviceSetup.admx
DeviceSetup.admx
DeviceSetup.admx
New DeviceSetup.admx
DeviceSetup.admx
DFS.admx
DigitalLocker.admx
DigitalLocker.admx
DiskDiagnostic.admx
DiskDiagnostic.admx
DiskNVCache.admx
DiskNVCache.admx
DiskNVCache.admx
DiskNVCache.admx
DiskQuota.admx
DiskQuota.admx
DiskQuota.admx
DiskQuota.admx
DiskQuota.admx
DiskQuota.admx
DistributedLinkTracking.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
DnsClient.admx
New DnsClient.admx
New DnsClient.admx
New DnsClient.admx
New DnsClient.admx
New DnsClient.admx
New DnsClient.admx
DWM.admx
DWM.admx
DWM.admx
DWM.admx
New DWM.admx
DWM.admx
DWM.admx
DWM.admx
DWM.admx
New EAIME.admx
New EAIME.admx
New EAIME.admx
New EAIME.admx
New EAIME.admx
New EAIME.admx
New EAIME.admx
New EAIME.admx
New EarlyLaunchAM.admx
New EdgeUI.admx
New EdgeUI.admx
EncryptFilesonMove.admx
EnhancedStorage.admx
New EnhancedStorage.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
New ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
ErrorReporting.admx
EventForwarding.admx
EventForwarding.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventLog.admx
EventViewer.admx
EventViewer.admx
EventViewer.admx
Explorer.admx
Explorer.admx
Explorer.admx
Explorer.admx
Explorer.admx
Explorer.admx
New ExternalBoot.admx
New FileHistory.admx
FileRecovery.admx
New FileServerVSSAgent.admx
New FileServerVSSProvider.admx
FileSys.admx
FileSys.admx
FileSys.admx
FileSys.admx
FileSys.admx
FileSys.admx
New FileSys.admx
FolderRedirection.admx
New FolderRedirection.admx
FramePanes.admx
FramePanes.admx
fthsvc.admx
GameExplorer.admx
GameExplorer.admx
GameExplorer.admx
Globalization.admx
Globalization.admx
Globalization.admx
New Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
Globalization.admx
GroupPolicy-Server.admx
New grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
grouppolicy.admx
GroupPolicyPreferences.admx
Help.admx
Help.admx
Help.admx
Help.admx
HelpAndSupport.admx
HelpAndSupport.admx
HelpAndSupport.admx
HelpAndSupport.admx
New hotspotauth.admx
HotStart.admx
HotStart.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
New ICM.admx
New ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
ICM.admx
IIS.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
inetres.admx
inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
New inetres.admx
InkWatson.admx
InkWatson.admx
iSCSI.admx
iSCSI.admx
iSCSI.admx
iSCSI.admx
iSCSI.admx
iSCSI.admx
iSCSI.admx
iSCSI.admx
iSCSI.admx
iSCSI.admx
kdc.admx
kdc.admx
New kdc.admx
New kdc.admx
kerberos.admx
kerberos.admx
kerberos.admx
kerberos.admx
kerberos.admx
New kerberos.admx
New kerberos.admx
New kerberos.admx
New kerberos.admx
New kerberos.admx
New kerberos.admx
LanmanServer.admx
New LanmanServer.admx
LeakDiagnostic.admx
LinkLayerTopologyDiscovery.admx
LinkLayerTopologyDiscovery.admx
New LocationProviderAdm.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
Logon.admx
New Logon.admx
Logon.admx
New Logon.admx
New Logon.admx
New Logon.admx
MediaCenter.admx
MediaCenter.admx
MMC.admx
MMC.admx
MMC.admx
MMC.admx
MMC.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapins.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MMCSnapIns2.admx
MobilePCMobilityCenter.admx
MobilePCMobilityCenter.admx
MobilePCPresentationSettings.admx
MobilePCPresentationSettings.admx
New msched.admx
New msched.admx
New msched.admx
MSDT.admx
MSDT.admx
MSDT.admx
Msi-FileRecovery.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
msi.admx
New msi.admx
New msi.admx
NAPXPQec.admx
New nca.admx
New nca.admx
New nca.admx
New nca.admx
New nca.admx
New nca.admx
New nca.admx
New nca.admx
NCSI.admx
NCSI.admx
NCSI.admx
NCSI.admx
NCSI.admx
New NCSI.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
NetLogon.admx
New NetLogon.admx
New NetLogon.admx
New NetLogon.admx
NetworkConnections.admx
New NetworkIsolation.admx
NetworkProjection.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
OfflineFiles.admx
New OfflineFiles.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
P2P-pnrp.admx
ParentalControls.admx
New pca.admx
pca.admx
pca.admx
pca.admx
pca.admx
pca.admx
pca.admx
PeerToPeerCaching.admx
New PeerToPeerCaching.admx
PenTraining.admx
PenTraining.admx
PerfCenterCPL.admx
PerfCenterCPL.admx
PerfCenterCPL.admx
PerfCenterCPL.admx
PerfCenterCPL.admx
PerfCenterCPL.admx
PerformanceDiagnostics.admx
PerformancePerftrack.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
Power.admx
PowerShellExecutionPolicy.admx
PowerShellExecutionPolicy.admx
New PowerShellExecutionPolicy.admx
PreviousVersions.admx
Printing.admx
New Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
New Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
Printing.admx
New Printing.admx
New Printing.admx
Printing2.admx
Printing2.admx
Printing2.admx
Printing2.admx
Printing2.admx
Printing2.admx
Printing2.admx
Printing2.admx
Printing2.admx
Printing2.admx
Programs.admx
Programs.admx
Programs.admx
Programs.admx
Programs.admx
Programs.admx
Programs.admx
PswdSync.admx
PswdSync.admx
PswdSync.admx
PswdSync.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
QOS.admx
RacWmiProv.admx
Radar.admx
ReAgent.admx
Reliability.admx
Reliability.admx
Reliability.admx
Reliability.admx
RemoteAssistance.admx
RemovableStorage.admx
rpc.admx
rpc.admx
rpc.admx
rpc.admx
rpc.admx
rpc.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
scripts.admx
sdiageng.admx
sdiageng.admx
sdiageng.admx
sdiagschd.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
New Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
Search.admx
New Search.admx
SearchOCR.admx
SearchOCR.admx
SecurityCenter.admx
Sensors.admx
Sensors.admx
Sensors.admx
Sensors.admx
Sensors.admx
Sensors.admx
ServerManager.admx
ServerManager.admx
ServerManager.admx
ServerManager.admx
Servicing.admx
New SettingSync.admx
Setup.admx
Setup.admx
ShapeCollector.admx
ShapeCollector.admx
SharedFolders.admx
SharedFolders.admx
Sharing.admx
Sharing.admx
Shell-CommandPrompt-RegEditTools.admx
ShellWelcomeCenter.admx
Sidebar.admx
Sidebar.admx
Sidebar.admx
Sidebar.admx
Sidebar.admx
Sidebar.admx
SideShow.admx
SideShow.admx
SideShow.admx
SideShow.admx
SideShow.admx
SideShow.admx
SideShow.admx
SideShow.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
SmartCard.admx
Snis.admx
Snis.admx
Snmp.admx
Snmp.admx
Snmp.admx
SoundRec.admx
SoundRec.admx
New srm-fci.admx
New srm-fci.admx
srm-fci.admx
New srm-fci.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
New StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
StartMenu.admx
New StartMenu.admx
StartMenu.admx
New StartMenu.admx
SystemResourceManager.admx
SystemRestore.admx
SystemRestore.admx
TabletPCInputPanel.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
TabletShell.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
Taskbar.admx
New Taskbar.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
TaskScheduler.admx
tcpip.admx
tcpip.admx
tcpip.admx
tcpip.admx
tcpip.admx
tcpip.admx
tcpip.admx
tcpip.admx
tcpip.admx
tcpip.admx
tcpip.admx
tcpip.admx
New tcpip.admx
Terminalserver-Server.admx
New Terminalserver-Server.admx
New Terminalserver-Server.admx
New TerminalServer-WinIP.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
New TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
TerminalServer.admx
Thumbnails.admx
Thumbnails.admx
Thumbnails.admx
TouchInput.admx
TouchInput.admx
TouchInput.admx
TouchInput.admx
New Tpm.admx
New Tpm.admx
Tpm.admx
Tpm.admx
Tpm.admx
New Tpm.admx
New Tpm.admx
New Tpm.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserDataBackup.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
UserProfiles.admx
New UserProfiles.admx
VolumeEncryption.admx
New VolumeEncryption.admx
W32Time.admx
W32Time.admx
W32Time.admx
W32Time.admx
New WCM.admx
New WCM.admx
New WCM.admx
New WCM.admx
wdi.admx
wdi.admx
WinCal.admx
WinCal.admx
WindowsAnytimeUpgrade.admx
WindowsAnytimeUpgrade.admx
WindowsBackup.admx
WindowsBackup.admx
WindowsBackup.admx
WindowsBackup.admx
WindowsBackup.admx
WindowsColorSystem.admx
WindowsColorSystem.admx
WindowsConnectNow.admx
WindowsDefender.admx
WindowsExplorer.admx
New WindowsExplorer.admx
WindowsFileProtection.admx
windowsfirewall.admx
WindowsMail.admx
WindowsMail.admx
WindowsMail.admx
WindowsMail.admx
WindowsMediaDRM.admx
WindowsMediaPlayer.admx
WindowsMessenger.admx
WindowsRemoteManagement.admx
New WindowsRemoteManagement.admx
WindowsRemoteShell.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WindowsUpdate.admx
WinInit.admx
WinInit.admx
New WinInit.admx
WinLogon.admx
WinLogon.admx
WinLogon.admx
WinLogon.admx
WinLogon.admx
WinLogon.admx
WinLogon.admx
Winsrv.admx
New WinStoreUI.admx
New WinStoreUI.admx
New WinStoreUI.admx
New WinStoreUI.admx
New wlansvc.admx
WordWheel.admx
New WPN.admx
New WPN.admx
New WPN.admx
New WPN.admx
New wwansvc.admx
New wwansvc.admx
Policy Setting Name
Approved Installation Sites for ActiveX Controls
Establish ActiveX installation policy for sites in Trusted zones
Specify default category for Add New Programs
Hide the "Add a program from CD-ROM or floppy disk" option
Hide the "Add programs from Microsoft" option
Hide the "Add programs from your network" option
Hide Add New Programs page
Remove Add or Remove Programs
Hide the Set Program Access and Defaults page
Hide Change or Remove Programs page
Go directly to Components Wizard
Remove Support Information
Hide Add/Remove Windows Components page
Turn off Federation Service
Prevent access to 16-bit applications
Remove Program Compatibility Property Page
Turn off Application Telemetry
Turn off SwitchBack Compatibility Engine
Turn off Application Compatibility Engine
Turn off Program Compatibility Assistant
Turn off Program Compatibility Assistant
Turn off Steps Recorder
Turn off Inventory Collector
Allow all trusted apps to install
Allow deployment operations in special profiles
Block launching desktop apps associated with a file.
Block launching desktop apps associated with a file.
Block launching desktop apps associated with a protocol
Block launching desktop apps associated with a protocol
Notify antivirus programs when opening attachments
Trust logic for file attachments
Do not preserve zone information in file attachments
Hide mechanisms to remove zone information
Default risk level for file attachments
Inclusion list for high risk file types
Inclusion list for low file types
Inclusion list for moderate risk file types
Set the default behavior for AutoRun
Set the default behavior for AutoRun
Prevent AutoPlay from remembering user choices.
Prevent AutoPlay from remembering user choices.
Turn off Autoplay
Turn off Autoplay
Disallow Autoplay for non-volume devices
Disallow Autoplay for non-volume devices
Allow the use of biometrics
Allow users to log on using biometrics
Allow domain users to log on using biometrics
Specify timeout for fast user switching events
Timeout for inactive BITS jobs
Limit the maximum BITS job download time
Limit the maximum network bandwidth for BITS background transfers
Set up a work schedule to limit the maximum network bandwidth used for BITS background transfers
Set up a maintenance schedule to limit the maximum network bandwidth used for BITS background transfers
Allow BITS Peercaching
Limit the age of files in the BITS Peercache
Limit the BITS Peercache size
Do not allow the computer to act as a BITS Peercaching client
Do not allow the computer to act as a BITS Peercaching server
Limit the maximum network bandwidth used for Peercaching
Set default download behavior for BITS jobs on costed networks
Limit the maximum number of BITS jobs for this computer
Limit the maximum number of BITS jobs for each user
Limit the maximum number of files allowed in a BITS job
Limit the maximum number of ranges that can be added to the file in a BITS job
Do not allow the BITS client to use Windows Branch Cache
Allow Corporate redirection of Customer Experience Improvement uploads
Tag Windows Customer Experience Improvement data with Study Identifier
SSL Cipher Suite Order
Download missing COM components
Download missing COM components
Disable application Sharing
Prevent Control
Prevent Sharing
Prevent Sharing Command Prompts
Prevent Desktop Sharing
Prevent Sharing Explorer windows
Prevent Application Sharing in true color
Disable Audio
Prevent changing DirectSound Audio setting
Disable full duplex Audio
Prevent receiving Video
Prevent sending Video
Limit the bandwidth of Audio and Video
Allow persisting automatic acceptance of Calls
Disable Chat
Disable Whiteboard
Disable NetMeeting 2.x Whiteboard
Disable remote Desktop Sharing
Enable Automatic Configuration
Prevent adding Directory servers
Prevent automatic acceptance of Calls
Prevent changing Call placement method
Disable Directory services
Prevent receiving files
Prevent sending files
Prevent viewing Web directory
Limit the size of sent files
Set the intranet support Web page
Set Call Security options
Disable the Advanced Calling button
Hide the Audio page
Hide the General page
Hide the Security page
Hide the Video page
Hide specified Control Panel items
Always open All Control Panel Items when opening Control Panel
Prohibit access to Control Panel and PC settings
Show only specified Control Panel items
Disable the Display Control Panel
Hide Settings tab
Prevent changing color and appearance
Prevent changing screen saver
Enable screen saver
Force specific screen saver
Password protect the screen saver
Screen saver timeout
Prevent changing desktop background
Prevent changing sounds
Prevent changing mouse pointers
Prevent changing desktop icons
Prevent changing color scheme
Prevent changing theme
Load a specific theme
Prevent changing visual style for windows and buttons
Force a specific visual style file or force Windows Classic
Prohibit selection of visual style font size
Do not display the lock screen
Prevent changing lock screen image
Prevent changing start menu background
Apply the default account picture to all users
Assign a default domain for logon
Exclude credential providers
Turn on PIN sign-in
Turn off picture password sign-in
Allow delegating default credentials
Allow delegating default credentials with NTLM-only server authentication
Allow delegating fresh credentials
Allow delegating fresh credentials with NTLM-only server authentication
Allow delegating saved credentials
Allow delegating saved credentials with NTLM-only server authentication
Deny delegating default credentials
Deny delegating fresh credentials
Deny delegating saved credentials
Enumerate administrator accounts on elevation
Require trusted path for credential entry
Do not display the password reveal button
Do not display the password reveal button
Remove Change Password
Remove Lock Computer
Remove Task Manager
Remove Logoff
Allow local activation security check exemptions
Define Activation Security Check exemptions
Enable Active Desktop
Disable Active Desktop
Prohibit changes
Add/Delete items
Prohibit adding items
Prohibit closing items
Prohibit deleting items
Prohibit editing items
Disable all items
Allow only bitmapped wallpaper
Desktop Wallpaper
Enable filter in Find dialog box
Hide Active Directory folder
Maximum size of Active Directory searches
Prohibit User from manually redirecting Profile Folders
Hide and disable all items on the desktop
Remove the Desktop Cleanup Wizard
Hide Internet Explorer icon on desktop
Remove Computer icon on the desktop
Remove My Documents icon on the desktop
Hide Network Locations icon on desktop
Remove Properties from the Computer icon context menu
Remove Properties from the Documents icon context menu
Do not add shares of recently opened documents to Network Locations
Remove Recycle Bin icon from desktop
Remove Properties from the Recycle Bin context menu
Don't save settings at exit
Prevent adding, dragging, dropping and closing the Taskbar's toolbars
Prohibit adjusting desktop toolbars
Turn off Aero Shake window minimizing mouse gesture
Device compatibility settings
Driver compatibility settings
Prioritize all digitally signed drivers equally during the driver ranking and selection process
Configure device installation time-out
Prevent creation of a system restore point during device activity that would normally prompt creation of a restore point
Allow remote access to the Plug and Play interface
Allow administrators to override Device Installation Restriction policies
Allow installation of devices using drivers that match these device setup classes
Prevent installation of devices using drivers that match these device setup classes
Allow installation of devices that match any of these device IDs
Prevent installation of devices that match any of these device IDs
Prevent installation of removable devices
Prevent installation of devices not described by other policy settings
Time (in seconds) to force reboot when required for policy changes to take effect
Display a custom message title when device installation is prevented by a policy setting
Display a custom message when installation is prevented by a policy setting
Allow non-administrators to install drivers for these device setup classes
Code signing for device drivers
Prevent redirection of USB devices
Prevent redirection of devices that match any of these device Ids
Turn off "Found New Hardware" balloons during device installation
Do not send a Windows error report when a generic driver is installed on a device
Prevent Windows from sending an error report when a device driver requests additional software during installation
Configure driver search locations
Turn off Windows Update device driver search prompt
Turn off Windows Update device driver search prompt
Specify search order for device driver source locations
Specify the search server for device driver updates
Prevent device metadata retrieval from the Internet
Configure how often a DFS client discovers domain controllers
Do not allow Digital Locker to run
Do not allow Digital Locker to run
Disk Diagnostic: Configure custom alert text
Disk Diagnostic: Configure execution level
Turn off boot and resume optimizations
Turn off cache power mode
Turn off non-volatile cache feature
Turn off solid state mode
Enable disk quotas
Enforce disk quota limit
Specify default quota limit and warning level
Log event when quota limit is exceeded
Log event when quota warning level is exceeded
Apply policy to removable media
Allow Distributed Link Tracking clients to use domain resources
Connection-specific DNS suffix
DNS servers
Primary DNS suffix
Register DNS records with connection-specific DNS suffix
Register PTR records
Dynamic update
Replace addresses in conflicts
Registration refresh interval
TTL value for A and PTR records
DNS suffix search list
Update security level
Update top level domain zones
Primary DNS suffix devolution
Primary DNS suffix devolution level
Turn off multicast name resolution
Allow DNS suffix appending to unqualified multi-label name queries
Turn off smart multi-homed name resolution
Turn off smart protocol reordering
Allow NetBT queries for fully qualified domain names
Prefer link local responses over DNS when received over a network with higher precedence
Turn off IDN encoding
IDN mapping
Do not allow window animations
Do not allow window animations
Do not allow Flip3D invocation
Do not allow Flip3D invocation
Use solid color for Start background
Specify a default color
Specify a default color
Do not allow color changes
Do not allow color changes
Turn on misconversion logging for misconversion report
Turn off saving auto-tuning data to file
Turn off history-based predictive input
Turn off Open Extended Dictionary
Turn off Internet search integration
Turn off custom dictionary
Restrict character code range of conversion
Do not include Non-Publishing Standard Glyph in the candidate list
Boot-Start Driver Initialization Policy
Turn off switching between recent apps
Turn off tracking of app usage
Do not automatically encrypt files moved to encrypted folders
Allow only USB root hub connected Enhanced Storage devices
Allow Enhanced Storage certificate provisioning
Lock Enhanced Storage when the computer is locked
Do not allow non-Enhanced Storage removable devices
Do not allow password authentication of Enhanced Storage devices
Do not allow Windows to activate Enhanced Storage devices
Configure list of IEEE 1667 silos usable on your computer
Configure list of Enhanced Storage devices usable on your computer
Configure Error Reporting
Display Error Notification
Disable Windows Error Reporting
Disable Windows Error Reporting
Prevent display of the user interface for critical errors
Disable logging
Disable logging
Do not send additional data
Do not send additional data
Do not throttle additional data
Do not throttle additional data
Send additional data when on battery power
Send additional data when on battery power
Send data when on connected to a restricted/costed network
Send data when on connected to a restricted/costed network
Default application reporting settings
List of applications to never report errors for
List of applications to always report errors for
Report operating system errors
Configure Report Archive
Configure Report Archive
Configure Corporate Windows Error Reporting
List of applications to be excluded
List of applications to be excluded
Configure Report Queue
Configure Report Queue
Customize consent settings
Customize consent settings
Ignore custom consent settings
Ignore custom consent settings
Configure Default consent
Configure Default consent
Configure target Subscription Manager
Configure forwarder resource usage
Back up log automatically when full
Configure log access
Control Event Log behavior when the log file reaches its maximum size
Control the location of the log file
Specify the maximum log file size (KB)
Turn on logging
Events.asp program
Events.asp program command line parameters
Events.asp URL
Display the menu bar in File Explorer
Prevent users from adding files to the root of their Users Files folder.
Turn off common control and window animations
Turn off Data Execution Prevention for Explorer
Turn off heap termination on corruption
Set a support web page link
Windows To Go Default Startup Options
Allow hibernate (S4) when starting from a Windows To Go workspace
Disallow standby sleep states (S1-S3) when starting from a Windows to Go workspace
Turn off File History
Configure Corrupted File Recovery behavior
Configure maximum age of file server shadow copies
Allow or Disallow use of encryption to protect the RPC protocol messages between File Share Shadow Copy Provider running on application server
Selectively allow the evaluation of a symbolic link
Do not allow compression on all NTFS volumes
Do not allow encryption on all NTFS volumes
Enable NTFS pagefile encryption
Short name creation options
Disable delete notifications on all volumes
Enable / disable TXF deprecated features
Use localized subfolder names when redirecting Start Menu and My Documents
Do not automatically make all redirected folders available offline
Do not automatically make specific redirected folders available offline
Use localized subfolder names when redirecting Start Menu and My Documents
Enable optimized move of contents in Offline Files cache on Folder Redirection server path change
Redirect folders on primary computers only
Redirect folders on primary computers only
Turn on or off details pane
Turn off Preview Pane
Configure Scenario Execution Level
Turn off downloading of game information
Turn off tracking of last play time of games in the Games folder
Turn off game updates
Disallow selection of Custom Locales
Disallow selection of Custom Locales
Restrict system locales
Disallow copying of user input methods to the system account for sign-in
Restrict user locales
Restrict user locales
Disallow changing of geographic location
Disallow changing of geographic location
Disallow user override of locale settings
Disallow user override of locale settings
Hide Regional and Language Options administrative options
Hide the geographic location option
Hide the select language group options
Hide user locale selection and customization options
Restricts the UI language Windows uses for all logged users
Restricts the UI languages Windows should use for the selected user
Force selected system UI language to overwrite the user UI language
Restrict selection of Windows menus and dialogs language
Turn off offer text predictions as I type
Turn off insert a space after selecting a text prediction
Turn off autocorrect misspelled words
Turn off highlight misspelled words
Block clean-up of unused language packs
Century interpretation for Year 2000
Turn off automatic learning
Turn off automatic learning
Allow asynchronous user Group Policy processing when logging on through Remote Desktop Services
Enable AD/DFS domain controller synchronization during policy refresh
Turn off Group Policy Client Service AOAC optimization
Configure Direct Access connections as a fast network connection
Change Group Policy processing to run asynchronously when a slow network connection is detected.
Turn off Local Group Policy Objects processing
Specify startup policy processing wait time
Allow cross-forest user policy and roaming user profiles
Configure software Installation policy processing
Configure disk quota policy processing
Configure EFS recovery policy processing
Configure folder redirection policy processing
Configure Internet Explorer Maintenance policy processing
Configure IP security policy processing
Configure registry policy processing
Configure scripts policy processing
Configure security policy processing
Configure wireless policy processing
Configure wired policy processing
Determine if interactive users can generate Resultant Set of Policy data
Determine if interactive users can generate Resultant Set of Policy data
Turn off automatic update of ADM files
Turn off background refresh of Group Policy
Remove users' ability to invoke machine policy refresh
Enforce Show Policies Only
Configure Group Policy domain controller selection
Configure Group Policy slow link detection
Configure Group Policy slow link detection
Set Group Policy refresh interval for computers
Set Group Policy refresh interval for domain controllers
Set Group Policy refresh interval for users
Set default name for new Group Policy objects
Create new Group Policy Object links disabled by default
Always use local ADM files for Group Policy Object Editor
Turn off Resultant Set of Policy logging
Configure user Group Policy loopback processing mode
Specify workplace connectivity wait time for policy processing
Configure Applications preference extension policy processing
Configure Applications preference logging and tracing
Configure Data Sources preference extension policy processing
Configure Data Sources preference logging and tracing
Configure Devices preference extension policy processing
Configure Devices preference logging and tracing
Configure Drive Maps preference extension policy processing
Configure Drive Maps preference logging and tracing
Configure Environment preference extension policy processing
Configure Environment preference logging and tracing
Configure Files preference extension policy processing
Configure Files preference logging and tracing
Configure Folder Options preference extension policy processing
Configure Folder Options preference logging and tracing
Configure Folders preference extension policy processing
Configure Folders preference logging and tracing
Configure Ini Files preference extension policy processing
Configure Ini Files preference logging and tracing
Configure Internet Settings preference extension policy processing
Configure Internet Settings preference logging and tracing
Configure Local Users and Groups preference extension policy processing
Configure Local Users and Groups preference logging and tracing
Configure Network Options preference extension policy processing
Configure Network Options preference logging and tracing
Configure Network Shares preference extension policy processing
Configure Network Shares preference logging and tracing
Configure Power Options preference extension policy processing
Configure Power Options preference logging and tracing
Configure Printers preference extension policy processing
Configure Printers preference logging and tracing
Configure Regional Options preference extension policy processing
Configure Regional Options preference logging and tracing
Configure Registry preference extension policy processing
Configure Registry preference logging and tracing
Configure Scheduled Tasks preference extension policy processing
Configure Scheduled Tasks preference logging and tracing
Configure Services preference extension policy processing
Configure Services preference logging and tracing
Configure Shortcuts preference extension policy processing
Configure Shortcuts preference logging and tracing
Configure Start Menu preference extension policy processing
Configure Start Menu preference logging and tracing
Permit use of Application snap-ins
Permit use of Applications preference extension
Permit use of Control Panel Settings (Computers)
Permit use of Data Sources preference extension
Permit use of Devices preference extension
Permit use of Drive Maps preference extension
Permit use of Environment preference extension
Permit use of Files preference extension
Permit use of Folders preference extension
Permit use of Folder Options preference extension
Permit use of Ini Files preference extension
Permit use of Internet Settings preference extension
Permit use of Local Users and Groups preference extension
Permit use of Network Options preference extension
Permit use of Network Shares preference extension
Permit use of Power Options preference extension
Permit use of Printers preference extension
Permit use of Regional Options preference extension
Permit use of Registry preference extension
Permit use of Scheduled Tasks preference extension
Permit use of Services preference extension
Permit use of Shortcuts preference extension
Permit use of Start Menu preference extension
Permit use of Control Panel Settings (Users)
Permit use of Preferences tab
Restrict potentially unsafe HTML Help functions to specified folders
Restrict these programs from being launched from Help
Restrict these programs from being launched from Help
Turn off Data Execution Prevention for HTML Help Executible
Turn off Active Help
Turn off Help Ratings
Turn off Help Experience Improvement Program
Turn off Windows Online
Enable Hotspot Authentication
Turn off Windows HotStart
Turn off Windows HotStart
Restrict Internet communication
Restrict Internet communication
Turn off Automatic Root Certificates Update
Turn off printing over HTTP
Turn off printing over HTTP
Turn off downloading of print drivers over HTTP
Turn off downloading of print drivers over HTTP
Turn off Windows Update device driver searching
Turn off Event Viewer "Events.asp" links
Turn off Help and Support Center "Did you know?" content
Turn off Help and Support Center Microsoft Knowledge Base search
Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com
Turn off Registration if URL connection is referring to Microsoft.com
Turn off Windows Error Reporting
Turn off access to all Windows Update features
Turn off Search Companion content file updates
Turn off Internet File Association service
Turn off Internet File Association service
Turn off access to the Store
Turn off access to the Store
Turn off Internet download for Web publishing and online ordering wizards
Turn off Internet download for Web publishing and online ordering wizards
Turn off the "Order Prints" picture task
Turn off the "Order Prints" picture task
Turn off the "Publish to Web" task for files and folders
Turn off the "Publish to Web" task for files and folders
Turn off the Windows Messenger Customer Experience Improvement Program
Turn off the Windows Messenger Customer Experience Improvement Program
Turn off Windows Customer Experience Improvement Program
Turn off Windows Network Connectivity Status Indicator active tests
Prevent IIS installation
Audio/Video Player
Carpoint
DHTML Edit Control
Shockwave Flash
Investor
Menu Controls
Microsoft Agent
Microsoft Chat
MSNBC
NetShow File Transfer Control
Microsoft Scriptlet Component
Microsoft Survey Control
Turn off flip ahead feature
Turn off flip ahead feature
Allow active content from CDs to run on user machines
Allow active content from CDs to run on user machines
Check for server certificate revocation
Check for server certificate revocation
Turn off ClearType
Turn off ClearType
Turn on Caret Browsing support
Turn on Caret Browsing support
Turn on Enhanced Protected Mode
Turn on Enhanced Protected Mode
Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabled
Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabled
Always send Do Not Track header
Always send Do Not Track header
Use HTTP 1.1
Use HTTP 1.1
Use HTTP 1.1 through proxy connections
Use HTTP 1.1 through proxy connections
Turn off encryption support
Turn off encryption support
Do not allow resetting Internet Explorer settings
Do not allow resetting Internet Explorer settings
Check for signatures on downloaded programs
Check for signatures on downloaded programs
Allow third-party browser extensions
Allow third-party browser extensions
Allow Install On Demand (Internet Explorer)
Allow Install On Demand (Internet Explorer)
Allow Install On Demand (except Internet Explorer)
Allow Install On Demand (except Internet Explorer)
Automatically check for Internet Explorer updates
Automatically check for Internet Explorer updates
Allow software to run or install even if the signature is invalid
Allow software to run or install even if the signature is invalid
Play animations in web pages
Play animations in web pages
Play sounds in web pages
Play sounds in web pages
Play videos in web pages
Play videos in web pages
Turn off Profile Assistant
Turn off Profile Assistant
Do not save encrypted pages to disk
Do not save encrypted pages to disk
Empty Temporary Internet Files folder when browser is closed
Empty Temporary Internet Files folder when browser is closed
Show Content Advisor on Internet Options
Show Content Advisor on Internet Options
Turn on inline AutoComplete
Turn off inline AutoComplete in File Explorer
Go to an intranet site for a one-word entry in the Address bar
Go to an intranet site for a one-word entry in the Address bar
Turn on script debugging
Turn off details in messages about Internet connection problems
Turn off page transitions
Turn on the display of script errors
Turn off smooth scrolling
Turn off configuring underline links
Subscription Limits
Disable adding channels
Disable adding schedules for offline pages
Disable offline page hit logging
Disable channel user interface completely
Disable editing and creating of schedule groups
Disable editing schedules for offline pages
Disable removing channels
Disable removing schedules for offline pages
Disable all scheduled offline pages
Disable downloading of site subscription content
Prevent specifying the code download path for each computer
Prevent choosing default text size
Disable the Advanced page
Disable the Advanced page
Disable the Connections page
Disable the Connections page
Disable the Content page
Disable the Content page
Disable the General page
Disable the General page
Disable the Privacy page
Disable the Privacy page
Disable the Programs page
Disable the Programs page
Disable the Security page
Disable the Security page
Send internationalized domain names
Send internationalized domain names
Use UTF-8 for mailto links
Use UTF-8 for mailto links
Prevent ignoring certificate errors
Prevent ignoring certificate errors
Turn off sending URLs as UTF-8 (requires restart)
Prevent specifying background color
Prevent specifying text color
Prevent the use of Windows colors
Prevent specifying cipher strength update information URLs
Start the Internet Connection Wizard automatically
Add-on List
Add-on List
Deny all add-ons unless specifically allowed in the Add-on List
Deny all add-ons unless specifically allowed in the Add-on List
All Processes
All Processes
Process List
Process List
Admin-approved behaviors
Admin-approved behaviors
Install binaries signed by MD2 and MD4 signing technologies
Install binaries signed by MD2 and MD4 signing technologies
All Processes
All Processes
Internet Explorer Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
All Processes
All Processes
Process List
Process List
Internet Zone Restricted Protocols
Internet Zone Restricted Protocols
Intranet Zone Restricted Protocols
Intranet Zone Restricted Protocols
Local Machine Zone Restricted Protocols
Local Machine Zone Restricted Protocols
Restricted Sites Zone Restricted Protocols
Restricted Sites Zone Restricted Protocols
Trusted Sites Zone Restricted Protocols
Trusted Sites Zone Restricted Protocols
Turn off Crash Detection
Turn off Crash Detection
Turn off Automatic Crash Recovery
Turn off Automatic Crash Recovery
Turn off Reopen Last Browsing Session
Turn off Reopen Last Browsing Session
Do not allow users to enable or disable add-ons
Do not allow users to enable or disable add-ons
Add a specific list of search providers to the user's list of search providers
Add a specific list of search providers to the user's list of search providers
Turn on menu bar by default
Turn on menu bar by default
Turn off Favorites bar
Turn off Favorites bar
Disable caching of Auto-Proxy scripts
Disable external branding of Internet Explorer
Disable changing Advanced page settings
Customize user agent string
Customize user agent string
Use Automatic Detection for dial-up connections
Prevent "Fix settings" functionality
Prevent "Fix settings" functionality
Prevent managing the phishing filter
Prevent managing the phishing filter
Turn off Managing SmartScreen Filter for Internet Explorer 8
Turn off Managing SmartScreen Filter for Internet Explorer 8
Prevent managing SmartScreen Filter
Prevent managing SmartScreen Filter
Prevent bypassing SmartScreen Filter warnings
Prevent bypassing SmartScreen Filter warnings
Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet
Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet
Turn off the Security Settings Check feature
Turn off the Security Settings Check feature
Position the menu bar above the navigation bar
Prevent changing pop-up filter level
Prevent changing pop-up filter level
Display error message on proxy script download failure
Turn on compatibility logging
Turn on compatibility logging
Enforce full-screen mode
Enforce full-screen mode
Disable Import/Export Settings wizard
Disable Import/Export Settings wizard
Turn off browser geolocation
Turn off browser geolocation
Turn off Adobe Flash in Internet Explorer and prevent applications from using Internet Explorer technology to instantiate Flash objects
Turn off Adobe Flash in Internet Explorer and prevent applications from using Internet Explorer technology to instantiate Flash objects
Turn off page-zooming functionality
Turn off page-zooming functionality
Identity Manager: Prevent users from using Identities
Automatically activate newly installed add-ons
Automatically activate newly installed add-ons
Turn off add-on performance notifications
Turn off add-on performance notifications
Turn on ActiveX Filtering
Turn on ActiveX Filtering
Configure Media Explorer Bar
Prevent access to Delete Browsing History
Prevent access to Delete Browsing History
Prevent deleting form data
Prevent deleting form data
Prevent deleting passwords
Prevent deleting passwords
Prevent deleting cookies
Prevent deleting cookies
Prevent deleting websites that the user has visited
Prevent deleting websites that the user has visited
Prevent deleting download history
Prevent deleting download history
Prevent deleting temporary Internet files
Prevent deleting temporary Internet files
Prevent deleting InPrivate Filtering data
Prevent deleting InPrivate Filtering data
Prevent deleting ActiveX Filtering and Tracking Protection data
Prevent deleting ActiveX Filtering and Tracking Protection data
Prevent deleting favorites site data
Prevent deleting favorites site data
Allow deleting browsing history on exit
Allow deleting browsing history on exit
Prevent running First Run wizard
Prevent running First Run wizard
Prevent access to Internet Explorer Help
Prevent access to Internet Explorer Help
Prevent Internet Explorer Search box from appearing
Prevent Internet Explorer Search box from appearing
Turn off suggestions for all user-installed providers
Turn off suggestions for all user-installed providers
Turn off the quick pick menu
Turn off the quick pick menu
Disable Automatic Install of Internet Explorer components
Set tab process growth
Set tab process growth
Allow Internet Explorer 8 shutdown behavior
Allow Internet Explorer 8 shutdown behavior
Specify default behavior for a new tab
Specify default behavior for a new tab
Turn off Tab Grouping
Turn off Quick Tabs functionality
Turn off Quick Tabs functionality
Prevent changing the default search provider
Prevent changing the default search provider
Disable showing the splash screen
Turn off tabbed browsing
Turn off tabbed browsing
Turn off configuration of pop-up windows in tabbed browsing
Turn off configuration of pop-up windows in tabbed browsing
Disable Periodic Check for Internet Explorer software updates
Prevent configuration of how windows open
Prevent configuration of how windows open
Configure Outlook Express
Pop-up allow list
Pop-up allow list
Disable changing accessibility settings
Disable changing Automatic Configuration settings
Disable changing Automatic Configuration settings
Disable changing Temporary Internet files settings
Disable changing Calendar and Contact settings
Disable changing certificate settings
Disable changing default browser check
Notify users if Internet Explorer is not the default web browser
Disable changing color settings
Disable changing connection settings
Disable changing connection settings
Disable Internet Connection wizard
Disable changing font settings
Disable AutoComplete for forms
Turn on the auto-complete feature for user names and passwords on forms
Disable "Configuring History"
Disable "Configuring History"
Disable changing home page settings
Disable changing secondary home page settings
Disable changing secondary home page settings
Disable changing language settings
Disable changing link color settings
Disable changing Messaging settings
Prevent managing pop-up exception list
Prevent managing pop-up exception list
Turn off pop-up management
Turn off pop-up management
Disable changing Profile Assistant settings
Prevent changing proxy settings
Prevent changing proxy settings
Disable changing ratings settings
Disable the Reset Web Settings feature
Prevent the deletion of temporary Internet files and cookies
Prevent the deletion of temporary Internet files and cookies
Turn off the auto-complete feature for web addresses
Turn off the auto-complete feature for web addresses
Turn off Windows Search AutoComplete
Turn off Windows Search AutoComplete
Turn off URL Suggestions
Turn off URL Suggestions
Search: Disable Find Files via F3 within the browser
Search: Disable Search Customization
Security Zones: Use only machine settings
Security Zones: Do not allow users to change policies
Security Zones: Do not allow users to add/delete sites
Disable software update shell notifications on program launch
Restrict search providers to a specific list
Restrict search providers to a specific list
Prevent participation in the Customer Experience Improvement Program
Prevent participation in the Customer Experience Improvement Program
Prevent configuration of new tab creation
Prevent configuration of new tab creation
Make proxy settings per-machine (rather than per-user)
Allow websites to open windows without status bar or Address bar
Allow video and animation on a webpage that uses an older media player
Allow scriptlets
Allow scriptlets
Turn off first-run prompt
Include local path when user is uploading files to a server
Turn on SmartScreen Filter scan
Allow websites to prompt for information by using scripted windows
Allow updates to status bar via script
Turn on Protected Mode
Show security warning for potentially unsafe files
Allow loading of XAML Browser Applications
Allow scripting of Internet Explorer WebBrowser controls
Turn off .NET Framework Setup
Allow loading of XAML files
Allow loading of XPS files
Access data sources across domains
Allow active scripting
Allow only approved domains to use ActiveX controls without prompt
Allow META REFRESH
Allow META REFRESH
Allow cut, copy or paste operations from the clipboard via script
Allow binary and script behaviors
Use Pop-up Blocker
Use Pop-up Blocker
Display mixed content
Download signed ActiveX controls
Download unsigned ActiveX controls
Allow drag and drop or copy and paste files
Render legacy filters
Allow file downloads
Allow font downloads
Allow installation of desktop items
Java permissions
Java permissions
Launching applications and files in an IFRAME
Logon options
Logon options
Enable MIME Sniffing
Enable dragging of content from different domains within a window
Enable dragging of content from different domains across windows
Navigate windows and frames across different domains
Allow active content over restricted protocols to access my computer
Do not prompt for client certificate selection when no certificates or only one certificate exists.
Automatic prompting for ActiveX controls
Automatic prompting for file downloads
Run ActiveX controls and plugins
Script ActiveX controls marked safe for scripting
Initialize and script ActiveX controls not marked as safe
Scripting of Java applets
Run .NET Framework-reliant components signed with Authenticode
Software channel permissions
Submit non-encrypted form data
Turn on Cross-Site Scripting Filter
Run .NET Framework-reliant components not signed with Authenticode
Userdata persistence
Allow script-initiated windows without size or position constraints
Web sites in less privileged Web content zones can navigate into this zone
Allow scriptlets
Allow scriptlets
Allow META REFRESH
Allow META REFRESH
Use Pop-up Blocker
Use Pop-up Blocker
Java permissions
Java permissions
Logon options
Logon options
Allow scriptlets
Allow scriptlets
Allow META REFRESH
Allow META REFRESH
Use Pop-up Blocker
Use Pop-up Blocker
Java permissions
Java permissions
Logon options
Logon options
Allow scriptlets
Allow scriptlets
Allow META REFRESH
Allow META REFRESH
Use Pop-up Blocker
Use Pop-up Blocker
Java permissions
Java permissions
Logon options
Logon options
Allow scriptlets
Allow scriptlets
Allow META REFRESH
Allow META REFRESH
Use Pop-up Blocker
Use Pop-up Blocker
Java permissions
Java permissions
Logon options
Logon options
Allow scriptlets
Allow scriptlets
Allow META REFRESH
Allow META REFRESH
Use Pop-up Blocker
Use Pop-up Blocker
Java permissions
Java permissions
Logon options
Logon options
Allow scriptlets
Allow scriptlets
Allow META REFRESH
Allow META REFRESH
Use Pop-up Blocker
Use Pop-up Blocker
Java permissions
Java permissions
Logon options
Logon options
Allow scriptlets
Allow scriptlets
Allow META REFRESH
Allow META REFRESH
Use Pop-up Blocker
Use Pop-up Blocker
Java permissions
Java permissions
Logon options
Logon options
Intranet Sites: Include all local (intranet) sites not listed in other zones
Intranet Sites: Include all local (intranet) sites not listed in other zones
Turn on certificate address mismatch warning
Turn on certificate address mismatch warning
Locked-Down Internet Zone Template
Locked-Down Internet Zone Template
Internet Zone Template
Internet Zone Template
Locked-Down Intranet Zone Template
Locked-Down Intranet Zone Template
Intranet Zone Template
Intranet Zone Template
Locked-Down Local Machine Zone Template
Locked-Down Local Machine Zone Template
Local Machine Zone Template
Local Machine Zone Template
Locked-Down Restricted Sites Zone Template
Locked-Down Restricted Sites Zone Template
Restricted Sites Zone Template
Restricted Sites Zone Template
Locked-Down Trusted Sites Zone Template
Locked-Down Trusted Sites Zone Template
Trusted Sites Zone Template
Trusted Sites Zone Template
Intranet Sites: Include all sites that bypass the proxy server
Intranet Sites: Include all sites that bypass the proxy server
Intranet Sites: Include all network paths (UNCs)
Intranet Sites: Include all network paths (UNCs)
Site to Zone Assignment List
Site to Zone Assignment List
Turn on automatic detection of intranet
Turn on automatic detection of intranet
Turn on Notification bar notification for intranet content
Turn on Notification bar notification for intranet content
Allow scriptlets
Allow scriptlets
Allow META REFRESH
Allow META REFRESH
Use Pop-up Blocker
Use Pop-up Blocker
Java permissions
Java permissions
Logon options
Logon options
Allow scriptlets
Allow scriptlets
Allow META REFRESH
Allow META REFRESH
Use Pop-up Blocker
Use Pop-up Blocker
Java permissions
Java permissions
Logon options
Logon options
Prevent specifying the hover color
Prevent specifying the color of links that have not yet been clicked
Prevent specifying the color of links that have already been clicked
Turn on the hover color option
File menu: Disable closing the browser and Explorer windows
File menu: Disable Save As... menu option
File menu: Disable Save As Web Page Complete
File menu: Disable New menu option
File menu: Disable Open menu option
Help menu: Remove 'Send Feedback' menu option
Help menu: Remove 'For Netscape Users' menu option
Help menu: Remove 'Tip of the Day' menu option
Help menu: Remove 'Tour' menu option
Turn off Shortcut Menu
Hide Favorites menu
Disable Open in New Window menu option
Disable Save this program to disk option
Turn off Print Menu
Turn off Print Menu
Tools menu: Disable Internet Options... menu option
View menu: Disable Full Screen menu option
View menu: Disable Source menu option
Turn off automatic image resizing
Turn off image display
Allow Internet Explorer to play media files that use alternative codecs
Allow Internet Explorer to play media files that use alternative codecs
Allow the display of image download placeholders
Turn off smart image dithering
File size limits for Local Machine zone
File size limits for Intranet zone
File size limits for Trusted Sites zone
File size limits for Internet zone
File size limits for Restricted Sites zone
Turn on printing of background colors and images
Turn off background synchronization for feeds and Web Slices
Turn off background synchronization for feeds and Web Slices
Prevent downloading of enclosures
Prevent downloading of enclosures
Prevent subscribing to or deleting a feed or a Web Slice
Prevent subscribing to or deleting a feed or a Web Slice
Prevent automatic discovery of feeds and Web Slices
Prevent automatic discovery of feeds and Web Slices
Prevent access to feed list
Prevent access to feed list
Turn on Basic feed authentication over HTTP
Turn on Basic feed authentication over HTTP
Bypass prompting for Clipboard access for scripts running in any process
Bypass prompting for Clipboard access for scripts running in any process
Bypass prompting for Clipboard access for scripts running in the Internet Explorer process
Bypass prompting for Clipboard access for scripts running in the Internet Explorer process
Define applications and processes that can access the Clipboard without prompting
Define applications and processes that can access the Clipboard without prompting
Prevent configuration of search on Address bar
Prevent configuration of search on Address bar
Prevent configuration of top-result search on Address bar
Prevent configuration of top-result search on Address bar
Allow native XMLHTTP support
Allow native XMLHTTP support
Turn off Data URI support
Turn off Data URI support
Turn off Data Execution Prevention
Do not display the reveal password button
Do not display the reveal password button
Change the maximum number of connections per host (HTTP 1.1)
Change the maximum number of connections per host (HTTP 1.1)
Maximum number of connections per server (HTTP 1.0)
Maximum number of connections per server (HTTP 1.0)
Turn off cross-document messaging
Turn off cross-document messaging
Turn off the XDomainRequest object
Turn off the XDomainRequest object
Turn off the WebSocket Object
Turn off the WebSocket Object
Set the maximum number of WebSocket connections per server
Set the maximum number of WebSocket connections per server
Turn on automatic signup
Turn off toolbar upgrade tool
Turn off toolbar upgrade tool
Turn off Developer Tools
Turn off Developer Tools
Disable customizing browser toolbars
Disable customizing browser toolbar buttons
Configure Toolbar Buttons
Hide the Command bar
Hide the Command bar
Hide the status bar
Hide the status bar
Lock all toolbars
Lock all toolbars
Lock location of Stop and Refresh buttons
Lock location of Stop and Refresh buttons
Customize command labels
Customize command labels
Use large icons for command buttons
Use large icons for command buttons
Display tabs on a separate row
Display tabs on a separate row
Prevent specifying the update check interval (in days)
Prevent changing the URL for checking updates to Internet Explorer and Internet Tools
Turn off ActiveX Opt-In prompt
Turn off ActiveX Opt-In prompt
Prevent per-user installation of ActiveX controls
Prevent per-user installation of ActiveX controls
Specify use of ActiveX Installer Service for installation of ActiveX controls
Specify use of ActiveX Installer Service for installation of ActiveX controls
Turn on Suggested Sites
Turn on Suggested Sites
Turn off InPrivate Browsing
Turn off InPrivate Browsing
Prevent the computer from loading toolbars and Browser Helper Objects when InPrivate Browsing starts
Prevent the computer from loading toolbars and Browser Helper Objects when InPrivate Browsing starts
Turn off collection of InPrivate Filtering data
Turn off collection of InPrivate Filtering data
Establish InPrivate Filtering threshold
Establish InPrivate Filtering threshold
Turn off InPrivate Filtering
Turn off InPrivate Filtering
Establish Tracking Protection threshold
Establish Tracking Protection threshold
Turn off Tracking Protection
Turn off Tracking Protection
Add non-default Accelerators
Add non-default Accelerators
Add default Accelerators
Add default Accelerators
Turn off Accelerators
Turn off Accelerators
Restrict Accelerators to those deployed through Group Policy
Restrict Accelerators to those deployed through Group Policy
Turn on Internet Explorer 7 Standards Mode
Turn on Internet Explorer 7 Standards Mode
Turn off Compatibility View
Turn off Compatibility View
Turn on Internet Explorer Standards Mode for local intranet
Turn on Internet Explorer Standards Mode for local intranet
Turn off Compatibility View button
Turn off Compatibility View button
Use Policy List of Internet Explorer 7 sites
Use Policy List of Internet Explorer 7 sites
Use Policy List of Quirks Mode sites
Use Policy List of Quirks Mode sites
Include updated website lists from Microsoft
Include updated website lists from Microsoft
Turn off ability to pin sites in Internet Explorer on the desktop
Turn off ability to pin sites in Internet Explorer on the desktop
Set default storage limits for websites
Set default storage limits for websites
Allow websites to store indexed databases on client computers
Allow websites to store indexed databases on client computers
Set indexed database storage limits for individual domains
Set indexed database storage limits for individual domains
Set maximum indexed database storage limit for all domains
Set maximum indexed database storage limit for all domains
Allow websites to store application caches on client computers
Allow websites to store application caches on client computers
Set application cache storage limits for individual domains
Set application cache storage limits for individual domains
Set maximum application caches storage limit for all domains
Set maximum application caches storage limit for all domains
Set application caches expiration time limit for individual domains
Set application caches expiration time limit for individual domains
Set maximum application cache resource list size
Set maximum application cache resource list size
Set maximum application cache individual resource size
Set maximum application cache individual resource size
Start Internet Explorer with tabs from last browsing session
Start Internet Explorer with tabs from last browsing session
Open Internet Explorer tiles on the desktop
Open Internet Explorer tiles on the desktop
Set how links are opened in Internet Explorer
Set how links are opened in Internet Explorer
Install new versions of Internet Explorer automatically
Turn off handwriting recognition error reporting
Turn off handwriting recognition error reporting
Do not allow manual configuration of iSNS servers
Do not allow manual configuration of target portals
Do not allow manual configuration of discovered targets
Do not allow adding new targets via manual configuration
Do not allow changes to initiator iqn name
Do not allow additional session logins
Do not allow changes to initiator CHAP secret
Do not allow connections without IPSec
Do not allow sessions without mutual CHAP
Do not allow sessions without one way CHAP
Provide information about previous logons to client computers
Use forest search order
KDC support for claims, compound authentication and Kerberos armoring
Warning for large Kerberos tickets
Define host name-to-Kerberos realm mappings
Define interoperable Kerberos V5 realm settings
Require strict KDC validation
Use forest search order
Require strict target SPN match on remote procedure calls
Specify KDC proxy servers for Kerberos clients
Disable revocation checking for the SSL certificate of KDC proxy servers
Fail authentication requests when Kerberos armoring is not available
Support compound authentication
Set maximum Kerberos SSPI context token buffer size
Kerberos client support for claims, compound authentication and Kerberos armoring
Hash Publication for BranchCache
Hash Version support for BranchCache
Turn on Mapper I/O (LLTDIO) driver
Turn on Responder (RSPNDR) driver
Turn off Windows Location Provider
Do not process the legacy run list
Do not process the legacy run list
Do not process the run once list
Do not process the run once list
Always use classic logon
Do not display the Getting Started welcome screen at logon
Run these programs at user logon
Run these programs at user logon
Always wait for the network at computer startup and logon
Remove Boot / Shutdown / Logon / Logoff status messages
Do not display the Getting Started welcome screen at logon
Display highly detailed status messages
Hide entry points for Fast User Switching
Turn off Windows Startup sound
Show first sign-in animation
Always use custom logon background
Do not enumerate connected users on domain-joined computers
Enumerate local users on domain-joined computers
Turn off app notifications on the lock screen
Do not allow Windows Media Center to run
Do not allow Windows Media Center to run
Restrict the user from entering author mode
Restrict users to the explicitly permitted list of snap-ins
Extended View (Web View)
ActiveX Control
Link to Web Address
AppleTalk Routing
Authorization Manager
Certification Authority Policy Settings
Connection Sharing (NAT)
DCOM Configuration Extension
Device Manager
DHCP Relay Management
Enterprise PKI
Event Viewer
Event Viewer (Windows Vista)
IAS Logging
IGMP Routing
IP Routing
IPX RIP Routing
IPX Routing
IPX SAP Routing
Logical and Mapped Drives
Online Responder
OSPF Routing
Public Key Policies
RAS Dialin - User Node
Remote Access
Removable Storage
RIP Routing
Routing
Send Console Message
Service Dependencies
Shared Folders Ext
SMTP Protocol
SNMP
System Properties
Group Policy Management
Group Policy Object Editor
Group Policy tab for Active Directory Tools
Resultant Set of Policy snap-in
Administrative Templates (Computers)
Administrative Templates (Users)
Folder Redirection
Internet Explorer Maintenance
IP Security Policy Management
Windows Firewall with Advanced Security
NAP Client Configuration
Remote Installation Services
Scripts (Startup/Shutdown)
Scripts (Logon/Logoff)
Security Settings
Software Installation (Computers)
Software Installation (Users)
Wired Network (IEEE 802.3) Policies
Wireless Network (IEEE 802.11) Policies
Administrative Templates (Computers)
Administrative Templates (Users)
Folder Redirection
Internet Explorer Maintenance
Scripts (Startup/Shutdown)
Scripts (Logon/Logoff)
Security Settings
Software Installation (Computers)
Software Installation (Users)
Active Directory Domains and Trusts
Active Directory Sites and Services
Active Directory Users and Computers
ADSI Edit
Certification Authority
Certificates
Certificate Templates
Component Services
Computer Management
Device Manager
Distributed File System
Disk Defragmenter
Disk Management
Event Viewer
Event Viewer (Windows Vista)
Failover Clusters Manager
FAX Service
FrontPage Server Extensions
Health Registration Authority (HRA)
Internet Authentication Service (IAS)
Internet Information Services
Indexing Service
IP Security Policy Management
IP Security Monitor
Local Users and Groups
NAP Client Configuration
.Net Framework Configuration
Network Policy Server (NPS)
Performance Logs and Alerts
QoS Admission Control
Remote Desktops
Routing and Remote Access
Removable Storage Management
Security Configuration and Analysis
Security Templates
Server Manager
Services
Shared Folders
System Information
Telephony
Remote Desktop Services Configuration
TPM Management
Windows Firewall with Advanced Security
Wireless Monitor
WMI Control
Group Policy Starter GPO Editor
Group Policy Management Editor
Storage Manager for SANs
Storage Manager for SANS Extension
Disk Management Extension
Share and Storage Management
Share and Storage Management Extension
DFS Management
DFS Management Extension
File Server Resource Manager
File Server Resource Manager Extension
Turn off Windows Mobility Center
Turn off Windows Mobility Center
Turn off Windows presentation settings
Turn off Windows presentation settings
Automatic Maintenance Activation Boundary
Automatic Maintenance Random Delay
Automatic Maintenance WakeUp Policy
Microsoft Support Diagnostic Tool: Configure execution level
Microsoft Support Diagnostic Tool: Restrict tool download
Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider
Configure MSI Corrupted File Recovery behavior
Allow users to browse for source while elevated
Allow users to use media source while elevated
Allow users to patch elevated products
Always install with elevated privileges
Always install with elevated privileges
Prohibit use of Restart Manager
Remove browse dialog box for new source
Prohibit flyweight patching
Turn off logging via package settings
Prevent removable media source for any installation
Turn off Windows Installer
Prevent users from using Windows Installer to install updates and upgrades
Prohibit rollback
Prohibit rollback
Allow user control over installs
Prohibit non-administrators from applying vendor signed updates
Prohibit removal of updates
Turn off creation of System Restore checkpoints
Prohibit User Installs
Enforce upgrade component rules
Control maximum size of baseline file cache
Specify the types of events Windows Installer records in its transaction log
Prevent Internet Explorer security prompt for Windows Installer scripts
Specify the order in which Windows Installer searches for installation files
Save copies of transform files in a secure location on workstation
Turn off shared components
Prevent embedded UI
Allow the Network Access Protection client to support the 802.1x Enforcement Client component
Support Email Address
Friendly Name
User Interface
Prefer Local Names Allowed
DirectAccess Passive Mode
Corporate Resources
IPsec Tunnel Endpoints
Custom Commands
Specify corporate Website probe URL
Specify corporate DNS probe host name
Specify corporate DNS probe host address
Specify corporate site prefix list
Specify domain location determination URL
Specify passive polling
Contact PDC on logon failure
Use initial DC discovery retry setting for background callers
Use maximum DC discovery retry interval setting for background callers
Use final DC discovery retry setting for background callers
Use positive periodic DC cache refresh for background callers
Specify log file debug output level
Specify expected dial-up delay on logon
Specify maximum log file size
Specify negative DC Discovery cache setting
Set Netlogon share compatibility
Specify positive periodic DC Cache refresh for non-background callers
Set scavenge interval
Specify site name
Set SYSVOL share compatibility
Use DNS name resolution with a single-label domain name instead of NetBIOS name resolution to locate the DC
Use automated site coverage by the DC Locator DNS SRV Records
Specify DC Locator DNS records not registered by the DCs
Specify Refresh Interval of the DC Locator DNS records
Set TTL in the DC Locator DNS Records
Specify sites covered by the GC Locator DNS SRV Records
Set Priority in the DC Locator DNS SRV records
Set Weight in the DC Locator DNS SRV records
Specify sites covered by the application directory partition DC Locator DNS SRV records
Specify sites covered by the DC Locator DNS SRV records
Specify dynamic registration of the DC Locator DNS Records
Try Next Closest Site
Force Rediscovery Interval
Return domain controller address type
Allow cryptography algorithms compatible with Windows NT 4.0
Do not process incoming mailslot messages used for domain controller location based on NetBIOS domain names
Do not use NetBIOS-based discovery for domain controller location when DNS-based discovery fails
Specify address lookup behavior for DC locator ping
Use urgent mode when pinging domain controllers
Prohibit adding and removing components for a LAN or remote access connection
Prohibit access to the Advanced Settings item on the Advanced menu
Prohibit TCP/IP advanced configuration
Prohibit installation and configuration of Network Bridge on your DNS domain network
Prohibit Enabling/Disabling components of a LAN connection
Ability to delete all user remote access connections
Prohibit deletion of remote access connections
Prohibit access to the Remote Access Preferences item on the Advanced menu
Enable Windows 2000 Network Connections settings for Administrators
Turn off notifications when a connection has only limited or no connectivity
Prohibit access to properties of components of a LAN connection
Ability to Enable/Disable a LAN connection
Prohibit access to properties of a LAN connection
Prohibit access to the New Connection Wizard
Prohibit use of Internet Connection Firewall on your DNS domain network
Ability to change properties of an all user remote access connection
Prohibit access to properties of components of a remote access connection
Prohibit connecting and disconnecting a remote access connection
Prohibit changing properties of a private remote access connection
Ability to rename all user remote access connections
Ability to rename LAN connections or remote access connections available to all users
Ability to rename LAN connections
Prohibit renaming private remote access connections
Prohibit use of Internet Connection Sharing on your DNS domain network
Prohibit viewing of status for an active connection
Require domain users to elevate when setting a network's location
Do not show the "local access only" network icon
Route all traffic through the internal network
Internet proxy servers for apps
Intranet proxy servers for apps
Private network ranges for apps
Proxy definitions are authoritative
Subnet definitions are authoritative
Turn off Connect to a Network Projector
Turn off Connect to a Network Projector
Network Projector Port Setting
Subfolders always available offline
Specify administratively assigned Offline Files
Specify administratively assigned Offline Files
Non-default server disconnect actions
Non-default server disconnect actions
Default cache size
Allow or Disallow use of the Offline Files feature
Encrypt the Offline Files cache
Event logging level
Event logging level
Files not cached
Action on server disconnect
Action on server disconnect
Prevent use of Offline Files folder
Prevent use of Offline Files folder
Prohibit user configuration of Offline Files
Prohibit user configuration of Offline Files
Remove "Make Available Offline" command
Remove "Make Available Offline" command
Remove "Make Available Offline" for these files and folders
Remove "Make Available Offline" for these files and folders
Turn off reminder balloons
Turn off reminder balloons
At logoff, delete local copy of users offline files
Reminder balloon frequency
Reminder balloon frequency
Initial reminder balloon lifetime
Initial reminder balloon lifetime
Reminder balloon lifetime
Reminder balloon lifetime
Configure Slow link speed
Synchronize all offline files before logging off
Synchronize all offline files before logging off
Synchronize all offline files when logging on
Synchronize all offline files when logging on
Synchronize offline files before suspend
Synchronize offline files before suspend
Turn on economical application of administratively assigned Offline Files
Configure slow-link mode
Limit disk space used by Offline Files
Configure Background Sync
Enable Transparent Caching
Enable file screens
Remove "Work offline" command
Remove "Work offline" command
Enable file synchronization on costed networks
Turn off Microsoft Peer-to-Peer Networking Services
Turn off Multicast Bootstrap
Turn off PNRP cloud creation
Set PNRP cloud to resolve only
Set the Seed Server
Set the Seed Server
Set the Seed Server
Disable password strength validation for Peer Grouping
Make Family Safety control panel visible on a Domain
Detect compatibility issues for applications and drivers
Detect application install failures
Detect applications unable to launch installers under UAC
Detect application failures caused by deprecated Windows DLLs
Detect application failures caused by deprecated COM objects
Detect application installers that need to be run as administrator
Notify blocked drivers
Turn on BranchCache
Set percentage of disk space used for client computer cache
Set BranchCache Hosted Cache mode
Set BranchCache Distributed Cache mode
Configure BranchCache for network files
Enable Automatic Hosted Cache Discovery by Service Connection Point
Configure Client BranchCache Version Support
Configure Hosted Cache Servers
Set age for segments in the data cache
Turn off Tablet PC Pen Training
Turn off Tablet PC Pen Training
Turn off access to the performance center core section
Turn off access to the performance center core section
Turn off access to the solutions to performance problems section
Turn off access to the solutions to performance problems section
Turn off access to the OEM and Microsoft branding section
Turn off access to the OEM and Microsoft branding section
Enable/Disable PerfTrack
Critical battery notification action
Low battery notification action
Critical battery notification level
Low battery notification level
Turn off low battery user notification
Select the Power button action (plugged in)
Select the Sleep button action (plugged in)
Select the lid switch action (plugged in)
Select the Start menu Power button action (plugged in)
Select the Power button action (on battery)
Select the Sleep button action (on battery)
Select the lid switch action (on battery)
Select the Start menu Power button action (on battery)
Turn Off the hard disk (plugged in)
Turn Off the hard disk (on battery)
Specify a custom active power plan
Select an active power plan
Prompt for password on resume from hibernate/suspend
Turn on the ability for applications to prevent sleep transitions (plugged in)
Specify the system hibernate timeout (plugged in)
Require a password when a computer wakes (plugged in)
Specify the system sleep timeout (plugged in)
Turn off hybrid sleep (plugged in)
Turn on the ability for applications to prevent sleep transitions (on battery)
Specify the system hibernate timeout (on battery)
Require a password when a computer wakes (on battery)
Specify the system sleep timeout (on battery)
Turn off hybrid sleep (on battery)
Turn off adaptive display timeout (plugged in)
Turn off adaptive display timeout (on battery)
Turn off the display (plugged in)
Turn off the display (on battery)
Allow standby states (S1-S3) when sleeping (plugged in)
Allow standby states (S1-S3) when sleeping (on battery)
Do not turn off system power after a Windows system shutdown has occurred.
Allow automatic sleep with Open Network Files (plugged in)
Allow automatic sleep with Open Network Files (on battery)
Reduce display brightness (plugged in)
Reduce display brightness (on battery)
Specify the display dim brightness (plugged in)
Specify the display dim brightness (on battery)
Turn on desktop background slideshow (plugged in)
Turn on desktop background slideshow (on battery)
Specify the unattended sleep timeout (plugged in)
Specify the unattended sleep timeout (on battery)
Allow applications to prevent automatic sleep (plugged in)
Allow applications to prevent automatic sleep (on battery)
Reserve battery notification level
Turn on Script Execution
Turn on Script Execution
Turn on Module Logging
Turn on Module Logging
Set the default source path for Update-Help
Set the default source path for Update-Help
Prevent restoring previous versions from backups
Prevent restoring previous versions from backups
Hide previous versions list for local files
Hide previous versions list for local files
Prevent restoring local previous versions
Prevent restoring local previous versions
Hide previous versions list for remote files
Hide previous versions list for remote files
Prevent restoring remote previous versions
Prevent restoring remote previous versions
Hide previous versions of files on backup location
Hide previous versions of files on backup location
Activate Internet printing
Isolate print drivers from applications
Custom support URL in the Printers folder's left pane
Add Printer wizard - Network scan page (Managed network)
Browse the network to find printers
Always render print jobs on the server
Always rasterize content to be printed using a software rasterizer
Browse a common web site to find printers
Disallow installation of printers using kernel-mode drivers
Prevent addition of printers
Prevent deletion of printers
Add Printer wizard - Network scan page (Unmanaged network)
Only use Package Point and print
Package Point and print - Approved servers
Only use Package Point and print
Package Point and print - Approved servers
Computer location
Pre-populate printer search location text
Point and Print Restrictions
Point and Print Restrictions
Default Active Directory path when searching for printers
Printer browsing
Execute print drivers in isolated processes
Override print driver execution compatibility setting reported by print driver
Extend Point and Print connection to search Windows Update
Do not allow v4 printer drivers to show printer extensions
Change Microsoft XPS Document Writer (MXDW) default output format to the legacy Microsoft XPS format (*.xps)
Allow Print Spooler to accept client connections
Automatically publish new printers in Active Directory
Prune printers that are not automatically republished
Directory pruning interval
Directory pruning priority
Directory pruning retry
Log directory pruning retry events
Allow printers to be published
Check published state
Allow pruning of published printers
Hide the Programs Control Panel
Hide "Programs and Features" page
Hide "Installed Updates" page
Hide "Set Program Access and Computer Defaults" page
Hide "Windows Marketplace"
Hide "Get Programs" page
Hide "Windows Features"
Turn on extensive logging for Password Synchronization
Set the number of synchronization retries for servers running Password Synchronization
Turn on the Windows to NIS password synchronization for users that have been migrated to Active Directory
Set the interval between synchronization retries for Password Synchronization
Best effort service type
Controlled load service type
Guaranteed service type
Network control service type
Qualitative service type
Limit outstanding packets
Limit reservable bandwidth
Set timer resolution
Non-conforming packets
Configure Reliability WMI Providers
Allow restore of system to default state
Enable Persistent Time Stamp
Report unplanned shutdown events
Activate Shutdown Event Tracker System State Data feature
Display Shutdown Event Tracker
Turn on session logging
Allow only Windows Vista or later connections
Turn on bandwidth optimization
Customize warning messages
Configure Solicited Remote Assistance
Configure Offer Remote Assistance
Set time (in seconds) to force reboot
Set time (in seconds) to force reboot
CD and DVD: Deny read access
CD and DVD: Deny read access
CD and DVD: Deny write access
CD and DVD: Deny write access
CD and DVD: Deny execute access
Custom Classes: Deny read access
Custom Classes: Deny read access
Custom Classes: Deny write access
Custom Classes: Deny write access
Floppy Drives: Deny read access
Floppy Drives: Deny read access
Floppy Drives: Deny write access
Floppy Drives: Deny write access
Floppy Drives: Deny execute access
Removable Disks: Deny read access
Removable Disks: Deny read access
Removable Disks: Deny write access
Removable Disks: Deny write access
Removable Disks: Deny execute access
All Removable Storage classes: Deny all access
All Removable Storage classes: Deny all access
Tape Drives: Deny read access
Tape Drives: Deny read access
Tape Drives: Deny write access
Tape Drives: Deny write access
Tape Drives: Deny execute access
WPD Devices: Deny read access
WPD Devices: Deny read access
WPD Devices: Deny write access
WPD Devices: Deny write access
All Removable Storage: Allow direct access in remote sessions
Enable RPC Endpoint Mapper Client Authentication
Propagate extended error information
Ignore Delegation Failure
Set Minimum Idle Connection Timeout for RPC/HTTP connections
Restrict Unauthenticated RPC clients
Maintain RPC Troubleshooting State Information
Specify maximum wait time for Group Policy scripts
Run legacy logon scripts hidden
Display instructions in logoff scripts as they run
Run logon scripts synchronously
Run logon scripts synchronously
Display instructions in logon scripts as they run
Run Windows PowerShell scripts first at computer startup, shutdown
Run Windows PowerShell scripts first at user logon, logoff
Run Windows PowerShell scripts first at user logon, logoff
Display instructions in shutdown scripts as they run
Run startup scripts asynchronously
Display instructions in startup scripts as they run
Allow logon scripts when NetBIOS or WINS is disabled
Configure Security Policy for Scripted Diagnostics
Troubleshooting: Allow users to access and run Troubleshooting Wizards
Troubleshooting: Allow users to access online troubleshooting content on Microsoft servers from the Troubleshooting Control Panel (via the Wind
Configure Scheduled Maintenance Behavior
Prevent adding UNC locations to index from Control Panel
Prevent adding UNC locations to index from Control Panel
Allow indexing of encrypted files
Disable indexer backoff
Prevent clients from querying the index remotely
Prevent indexing when running on battery power to conserve energy
Prevent customization of indexed locations in Control Panel
Prevent customization of indexed locations in Control Panel
Allow use of diacritics
Always use automatic language detection when indexing content and properties
Prevent automatically adding shared folders to the Windows Search index
Prevent adding user-specified locations to the All Locations menu
Prevent the display of advanced indexing options for Windows Search in the Control Panel
Prevent indexing files in offline files cache
Enable indexing uncached Exchange folders
Enable indexing of online delegate mailboxes
Enable throttling for online mail indexing
Prevent indexing Microsoft Office Outlook
Prevent indexing e-mail attachments
Control rich previews for attachments
Prevent indexing public folders
Indexer data location
Add primary intranet search location
Add secondary intranet search locations
Preview pane location
Set large or small icon view in desktop search results
Stop indexing in the event of limited hard drive space
Prevent unwanted iFilters and protocol handlers
Do not allow web search
Prevent indexing certain paths
Prevent indexing certain paths
Default indexed paths
Default indexed paths
Default excluded paths
Default excluded paths
Prevent indexing of certain file types
Turn off storage and display of search history
Select OCR languages from a code page
Force TIFF IFilter to perform OCR for every page in a TIFF document
Turn on Security Center (Domain PCs only)
Turn off sensors
Turn off sensors
Turn off location
Turn off location
Turn off location scripting
Turn off location scripting
Do not display Server Manager automatically at logon
Configure the refresh interval for Server Manager
Do not display Initial Configuration Tasks window automatically at logon
Do not display Manage Your Server page at logon
Specify settings for optional component installation and component repair
Do not sync
Do not sync app settings
Do not sync passwords
Do not sync personalize
Do not sync other Windows settings
Do not sync desktop personalization
Do not sync browser settings
Do not sync on metered connections
Specify Windows Service Pack installation file location
Specify Windows installation file location
Turn off handwriting personalization data sharing
Turn off handwriting personalization data sharing
Allow DFS roots to be published
Allow shared folders to be published
Prevent users from sharing files within their profile.
Prevent the computer from joining a homegroup
Prevent access to the command prompt
Prevent access to registry editing tools
Run only specified Windows applications
Don't run specified Windows applications
Do not display the Welcome Center at user logon
Turn off desktop gadgets
Turn off desktop gadgets
Restrict unpacking and installation of gadgets that are not digitally signed.
Restrict unpacking and installation of gadgets that are not digitally signed.
Turn Off user-installed desktop gadgets
Turn Off user-installed desktop gadgets
Delete data from devices running Microsoft firmware when a user logs off from the computer.
Delete data from devices running Microsoft firmware when a user logs off from the computer.
Turn off Windows SideShow
Turn off Windows SideShow
Turn off automatic wake
Turn off automatic wake
Require a PIN to access data on devices running Microsoft firmware
Require a PIN to access data on devices running Microsoft firmware
Allow certificates with no extended key usage certificate attribute
Allow Integrated Unblock screen to be displayed at the time of logon
Filter duplicate logon certificates
Force the reading of all certificates from the smart card
Allow signature keys valid for Logon
Allow time invalid certificates
Turn on certificate propagation from smart card
Configure root certificate clean up
Turn on root certificate propagation from smart card
Display string when smart card is blocked
Reverse the subject name stored in a certificate when displaying
Prevent plaintext PINs from being returned by Credential Manager
Allow user name hint
Turn on Smart Card Plug and Play service
Notify user of successful smart card driver installation
Allow ECC certificates to be used for logon and authentication
Turn on extensive logging for Active Directory Domain Services domain controllers that are running Server for NIS
Set the map update interval for NIS subordinate servers
Specify communities
Specify permitted managers
Specify traps for public community
Do not allow Sound Recorder to run
Do not allow Sound Recorder to run
File Classification Infrastructure: Display Classification tab in File Explorer
File Classification Infrastructure: Specify classification properties list
Customize message for Access Denied errors
Enable access-denied assistance on client for all file types
Clear the recent programs list for new users
Remove Games link from Start Menu
Remove Search Computer link
Remove See More Results / Search Everywhere link
Add Search Internet link to Start Menu
Do not search for files
Do not search Internet
Do not search programs and Control Panel items
Do not search communications
Remove user folder link from Start Menu
Add the Run command to the Start Menu
Show QuickLaunch on Taskbar
Clear history of recently opened documents on exit
Add Logoff to the Start Menu
Gray unavailable Windows Installer programs Start Menu shortcuts
Turn off personalized menus
Lock the Taskbar
Add "Run in Separate Memory Space" check box to Run dialog box
Turn off notification area cleanup
Remove Balloon Tips on Start Menu items
Remove drag-and-drop and context menus on the Start Menu
Clear history of tile notifications on exit
Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands
Remove common program groups from Start Menu
Remove Favorites menu from Start Menu
Remove Search link from Start Menu
Remove frequent programs list from the Start Menu
Remove Help menu from Start Menu
Turn off user tracking
Remove All Programs list from the Start menu
Remove Network Connections from Start Menu
Remove pinned programs list from the Start Menu
Do not keep history of recently opened documents
Remove Recent Items menu from Start Menu
Do not use the search-based method when resolving shell shortcuts
Do not use the tracking-based method when resolving shell shortcuts
Remove Run menu from Start Menu
Remove programs on Settings menu
Prevent changes to Taskbar and Start Menu Settings
Remove Default Programs link from the Start menu.
Remove Documents icon from Start Menu
Remove Music icon from Start Menu
Remove Network icon from Start Menu
Remove Pictures icon from Start Menu
Remove user's folders from the Start Menu
Force classic Start Menu
Remove Clock from the system notification area
Prevent grouping of taskbar items
Do not display any custom toolbars in the taskbar
Remove access to the context menus for the taskbar
Hide the notification area
Remove user name from Start Menu
Remove links and access to Windows Update
Remove the "Undock PC" button from the Start Menu
Remove Logoff on the Start Menu
Remove Homegroup link from Start Menu
Remove Downloads link from Start Menu
Remove Recorded TV link from Start Menu
Remove Videos link from Start Menu
Prevent users from uninstalling applications from Start
Change Start Menu power button
Show "Run as different user" command on Start
Turn on Accounting for WSRM
Set the Email IDs to which notifications are to be sent
Set the Time interval in minutes for logging accounting data
Set the SMTP Server used to send notifications
Turn off Configuration
Turn off System Restore
Turn off AutoComplete integration with Input Panel
Turn off AutoComplete integration with Input Panel
Prevent Input Panel tab from appearing
Prevent Input Panel tab from appearing
For tablet pen input, dont show the Input Panel icon
For tablet pen input, dont show the Input Panel icon
For touch input, dont show the Input Panel icon
For touch input, dont show the Input Panel icon
Turn off password security in Input Panel
Turn off password security in Input Panel
Switch to the Simplified Chinese (PRC) gestures
Switch to the Simplified Chinese (PRC) gestures
Include rarely used Chinese, Kanji, or Hanja characters
Include rarely used Chinese, Kanji, or Hanja characters
Turn off tolerant and Z-shaped scratch-out gestures
Turn off tolerant and Z-shaped scratch-out gestures
Disable text prediction
Disable text prediction
Do not allow Inkball to run
Do not allow Inkball to run
Do not allow Windows Journal to be run
Do not allow Windows Journal to be run
Do not allow printing to Journal Note Writer
Do not allow printing to Journal Note Writer
Do not allow Snipping Tool to run
Do not allow Snipping Tool to run
Turn off pen feedback
Turn off pen feedback
Prevent Back-ESC mapping
Prevent Back-ESC mapping
Prevent launch an application
Prevent launch an application
Prevent press and hold
Prevent press and hold
Turn off hardware buttons
Turn off hardware buttons
Prevent Flicks Learning Mode
Prevent Flicks Learning Mode
Prevent flicks
Prevent flicks
Remove the battery meter
Remove the networking icon
Remove the volume control icon
Remove the Action Center icon
Lock all taskbar settings
Prevent users from adding or removing toolbars
Prevent users from rearranging toolbars
Turn off all balloon notifications
Prevent users from moving taskbar to another screen dock location
Prevent users from resizing the taskbar
Turn off taskbar thumbnails
Remove pinned programs from the Taskbar
Turn off automatic promotion of notification icons to the taskbar
Turn off feature advertisement balloon notifications
Do not display or track items in Jump Lists from remote locations
Do not allow pinning programs to the Taskbar
Do not allow pinning items in Jump Lists
Do not allow taskbars on more than one display
Prohibit Browse
Prohibit Browse
Hide Advanced Properties Checkbox in Add Scheduled Task Wizard
Hide Advanced Properties Checkbox in Add Scheduled Task Wizard
Prohibit Drag-and-Drop
Prohibit Drag-and-Drop
Prevent Task Run or End
Prevent Task Run or End
Hide Property Pages
Hide Property Pages
Prohibit New Task Creation
Prohibit New Task Creation
Prohibit Task Deletion
Prohibit Task Deletion
Set ISATAP State
Set ISATAP Router Name
Set 6to4 State
Set 6to4 Relay Name
Set 6to4 Relay Name Resolution Interval
Set Teredo State
Set Teredo Server Name
Set Teredo Refresh Rate
Set Teredo Client Port
Set Teredo Default Qualified
Set IP-HTTPS State
Set Window Scaling Heuristics State
Set IP Stateless Autoconfiguration Limits State
Allow time zone redirection
Do not allow Clipboard redirection
Remove remote desktop wallpaper
Always show desktop on connection
Allow remote start of unlisted programs
Allow desktop composition for remote desktop sessions
Use RD Connection Broker load balancing
Redirect only the default client printer
Redirect only the default client printer
Set time limit for logoff of RemoteApp sessions
Set time limit for logoff of RemoteApp sessions
Do not allow font smoothing
Select the network adapter to be used for Remote Desktop IP Virtualization
Do not use Remote Desktop Session Host server IP address when virtual IP address is not available
Turn off Fair Share CPU Scheduling
Turn off Windows Installer RDS Compatibility
Turn on Remote Desktop IP Virtualization
Use the hardware default graphics adapter for all Remote Desktop Services sessions
Configure image quality for RemoteFX Adaptive Graphics
Configure RemoteFX Adaptive Graphics
Enable Remote Desktop Protocol 8.0
Select network detection on the server
Select RDP transport protocols
Turn Off UDP On Client
Do not allow passwords to be saved
Do not allow passwords to be saved
Set client connection encryption level
Always prompt for password upon connection
Require use of specific security layer for remote (RDP) connections
Require user authentication for remote connections by using Network Level Authentication
Server authentication certificate template
Set RD Gateway authentication method
Enable connection through RD Gateway
Set RD Gateway server address
Automatic reconnection
Limit maximum color depth
Limit number of monitors
Allow users to connect remotely by using Remote Desktop Services
Limit maximum display resolution
Enforce Removal of Remote Desktop Wallpaper
Deny logoff of an administrator logged in to the console session
Configure keep-alive connection interval
Use the specified Remote Desktop license servers
Hide notifications about RD Licensing problems that affect the RD Session Host server
Set the Remote Desktop licensing mode
Limit number of connections
Remove "Disconnect" option from Shut Down dialog
Remove Windows Security item from Start menu
Suspend user sign-in to complete app registration
Set rules for remote control of Remote Desktop Services user sessions
Set rules for remote control of Remote Desktop Services user sessions
Restrict Remote Desktop Services users to a single Remote Desktop Services session
Start a program on connection
Start a program on connection
Do not allow local administrators to customize permissions
Always show desktop on connection
Set Remote Desktop Services User Home Directory
Set path for Remote Desktop Services Roaming User Profile
Use mandatory profiles on the RD Session Host server
Limit the size of the entire roaming user profile cache
License server security group
Prevent license upgrade
Allow audio and video playback redirection
Limit audio playback quality
Allow audio recording redirection
Do not allow Clipboard redirection
Do not allow COM port redirection
Do not set default client printer to be default printer in a session
Use Remote Desktop Easy Print printer driver first
Use Remote Desktop Easy Print printer driver first
Do not allow drive redirection
Do not allow LPT port redirection
Do not allow supported Plug and Play device redirection
Do not allow client printer redirection
Specify RD Session Host server fallback printer driver behavior
Do not allow smart card device redirection
Allow time zone redirection
Require secure RPC communication
Join RD Connection Broker
Configure RD Connection Broker farm name
Use IP Address Redirection
Configure RD Connection Broker server name
End session when time limits are reached
End session when time limits are reached
Set time limit for disconnected sessions
Set time limit for disconnected sessions
Set time limit for active but idle Remote Desktop Services sessions
Set time limit for active but idle Remote Desktop Services sessions
Set time limit for active Remote Desktop Services sessions
Set time limit for active Remote Desktop Services sessions
Do not delete temp folders upon exit
Do not use temporary folders per session
Allow .rdp files from unknown publishers
Allow .rdp files from unknown publishers
Allow .rdp files from valid publishers and user's default .rdp settings
Allow .rdp files from valid publishers and user's default .rdp settings
Specify SHA1 thumbprints of certificates representing trusted .rdp publishers
Specify SHA1 thumbprints of certificates representing trusted .rdp publishers
Prompt for credentials on the client computer
Configure server authentication for client
Configure image quality for RemoteFX Adaptive Graphics
Configure RemoteFX Adaptive Graphics
Configure compression for RemoteFX data
Optimize visual experience for Remote Desktop Service Sessions
Allow RDP redirection of other supported RemoteFX USB devices from this computer
Configure RemoteFX
Optimize visual experience when using RemoteFX
Enable RemoteFX encoding for RemoteFX clients designed for Windows Server 2008 R2 SP1
Specify default connection URL
Select network detection on the server
Select RDP transport protocols
Turn Off UDP On Client
Turn off the display of thumbnails and only display icons.
Turn off the display of thumbnails and only display icons on network folders
Turn off the caching of thumbnails in hidden thumbs.db files
Turn off Tablet PC touch input
Turn off Tablet PC touch input
Turn off Touch Panning
Turn off Touch Panning
Turn on TPM backup to Active Directory Domain Services
Configure the level of TPM owner authorization information available to the operating system
Configure the list of blocked TPM commands
Ignore the default list of blocked TPM commands
Ignore the local list of blocked TPM commands
Standard User Lockout Duration
Standard User Individual Lockout Threshold
Standard User Total Lockout Threshold
Prevent the user from running the Backup Status and Configuration program
Prevent the user from running the Backup Status and Configuration program
Prevent backing up to local disks
Prevent backing up to local disks
Prevent backing up to network location
Prevent backing up to network location
Prevent backing up to optical media (CD/DVD)
Prevent backing up to optical media (CD/DVD)
Turn off the ability to back up data files
Turn off the ability to back up data files
Turn off restore functionality
Turn off restore functionality
Turn off the ability to create a system image
Turn off the ability to create a system image
Add the Administrators security group to roaming user profiles
Do not check for user ownership of Roaming Profile Folders
Connect home directory to root of the share
Delete cached copies of roaming profiles
Disable detection of slow network connections
Prompt user when a slow network connection is detected
Exclude directories in roaming profile
Leave Windows Installer and Group Policy Software Installation Data
Limit profile size
Only allow local user profiles
Establish timeout value for dialog boxes
Do not log users on with temporary profiles
Maximum retries to unload and update user profile
Prevent Roaming Profile changes from propagating to the server
Wait for remote user profile
Control slow network connection timeout for user profiles
Delete user profiles older than a specified number of days on system restart
Specify network directories to sync at logon/logoff time only
Do not forcefully unload the users registry at user logoff
Set maximum wait time for the network if a user has a roaming user profile or remote home directory
Set roaming profile path for all users logging onto this computer
Set the schedule for background upload of a roaming user profile's registry file while user is logged on
User management of sharing user name, account picture, and domain information with apps (not desktop apps)
Download roaming profiles on primary computers only
Set user home folder
Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista)
Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)
Choose default folder for recovery password
Choose drive encryption method and cipher strength (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)
Choose drive encryption method and cipher strength
Prevent memory overwrite on restart
Allow enhanced PINs for startup
Configure use of passwords for operating system drives
Reset platform validation data after BitLocker recovery
Disallow standard users from changing the PIN or password
Provide the unique identifiers for your organization
Validate smart card certificate usage rule compliance
Use enhanced Boot Configuration Data validation profile
Choose how BitLocker-protected operating system drives can be recovered
Enforce drive encryption type on operating system drives
Require additional authentication at startup (Windows Server 2008 and Windows Vista)
Require additional authentication at startup
Allow network unlock at startup
Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)
Configure TPM platform validation profile for BIOS-based firmware configurations
Configure TPM platform validation profile for native UEFI firmware configurations
Configure minimum PIN length for startup
Configure use of hardware-based encryption for operating system drives
Enable use of BitLocker authentication requiring preboot keyboard input on slates
Allow Secure Boot for integrity validation
Choose how BitLocker-protected fixed drives can be recovered
Configure use of passwords for fixed data drives
Deny write access to fixed drives not protected by BitLocker
Allow access to BitLocker-protected fixed data drives from earlier versions of Windows
Configure use of smart cards on fixed data drives
Enforce drive encryption type on fixed data drives
Configure use of hardware-based encryption for fixed data drives
Choose how BitLocker-protected removable drives can be recovered
Control use of BitLocker on removable drives
Configure use of passwords for removable data drives
Deny write access to removable drives not protected by BitLocker
Allow access to BitLocker-protected removable data drives from earlier versions of Windows
Configure use of smart cards on removable data drives
Enforce drive encryption type on removable data drives
Configure use of hardware-based encryption for removable data drives
Global Configuration Settings
Configure Windows NTP Client
Enable Windows NTP Client
Enable Windows NTP Server
Prohibit connection to non-domain networks when connected to domain authenticated network
Minimize the number of simultaneous connections to the Internet or a Windows Domain
Prohibit connection to roaming Mobile Broadband networks
Disable power management in connected standby mode
Diagnostics: Configure scenario retention
Diagnostics: Configure scenario execution level
Turn off Windows Calendar
Turn off Windows Calendar
Prevent the wizard from running.
Prevent the wizard from running.
Allow only system backup
Disallow locally attached storage as backup target
Disallow network as backup target
Disallow optical media as backup target
Disallow run-once backups
Prohibit installing or uninstalling color profiles
Prohibit installing or uninstalling color profiles
Prohibit access of the Windows Connect Now wizards
Prohibit access of the Windows Connect Now wizards
Configuration of wireless settings using Windows Connect Now
Check for New Signatures Before Scheduled Scans
Turn off Windows Defender
Configure Microsoft Active Protection Service Reporting
Turn off Real-Time Monitoring
Turn off Routinely Taking Action
Hide the common dialog back button
Hide the dropdown list of recent files
Hide the common dialog places bar
Items displayed in Places Bar
Turn on Classic Shell
Display confirmation dialog when deleting files
Allow only per user or approved shell extensions
Do not track Shell shortcuts during roaming
Maximum number of recent documents
Turn off caching of thumbnail pictures
Remove CD Burning features
Remove UI to change menu animation setting
Remove UI to change keyboard navigation indicator setting
Remove DFS tab
Hide these specified drives in My Computer
No Entire Network in Network Locations
Remove File menu from File Explorer
Do not allow Folder Options to be opened from the Options button on the View tab of the ribbon
Remove Hardware tab
Hides the Manage item on the File Explorer context menu
Remove Shared Documents from My Computer
Remove "Map Network Drive" and "Disconnect Network Drive"
Do not move deleted files to the Recycle Bin
Do not request alternate credentials
Remove Security tab
Remove Search button from File Explorer
Remove File Explorer's default context menu
Prevent access to drives from My Computer
Turn off Windows+X hotkeys
No Computers Near Me in Network Locations
Request credentials for network installations
Maximum allowed Recycle Bin size
Turn off shell protocol protected mode
Turn off shell protocol protected mode
Remove the Search the Internet "Search again" link
Pin Internet search sites to the "Search again" links and the Start menu
Pin Libraries or Search Connectors to the "Search again" links and the Start menu
Verify old and new Folder Redirection targets point to the same share before redirecting
Disable Known Folders
Turn off the display of snippets in Content view mode
Turn off Windows Libraries features that rely on indexed file data
Turn off display of recent search entries in the File Explorer search box
Disable binding directly to IPropertySetStorage without intermediate layers.
Disable binding directly to IPropertySetStorage without intermediate layers.
Turn off numerical sorting in File Explorer
Turn off numerical sorting in File Explorer
Allow OpenSearch queries in File Explorer
Allow previewing and custom thumbnails of OpenSearch query results in File Explorer
Location where all default Library definition files for users/machines reside.
Location where all default Library definition files for users/machines reside.
Configure Windows SmartScreen
Show lock in the user tile menu
Show sleep in the power options menu
Show hibernate in the power options menu
Do not show the 'new application installed' notification
Start File Explorer with ribbon minimized
Start File Explorer with ribbon minimized
Set a default associations configuration file
Allow the use of remote paths in file shortcut icons
Specify Windows File Protection cache location
Limit Windows File Protection cache size
Set Windows File Protection scanning
Hide the file scan progress window
Windows Firewall: Allow authenticated IPsec bypass
Windows Firewall: Define inbound program exceptions
Windows Firewall: Allow local program exceptions
Windows Firewall: Protect all network connections
Windows Firewall: Do not allow exceptions
Windows Firewall: Allow inbound file and printer sharing exception
Windows Firewall: Allow ICMP exceptions
Windows Firewall: Allow logging
Windows Firewall: Prohibit notifications
Windows Firewall: Define inbound port exceptions
Windows Firewall: Allow local port exceptions
Windows Firewall: Allow inbound remote administration exception
Windows Firewall: Allow inbound Remote Desktop exceptions
Windows Firewall: Prohibit unicast response to multicast or broadcast requests
Windows Firewall: Allow inbound UPnP framework exceptions
Windows Firewall: Define inbound program exceptions
Windows Firewall: Allow local program exceptions
Windows Firewall: Protect all network connections
Windows Firewall: Do not allow exceptions
Windows Firewall: Allow inbound file and printer sharing exception
Windows Firewall: Allow ICMP exceptions
Windows Firewall: Allow logging
Windows Firewall: Prohibit notifications
Windows Firewall: Define inbound port exceptions
Windows Firewall: Allow local port exceptions
Windows Firewall: Allow inbound remote administration exception
Windows Firewall: Allow inbound Remote Desktop exceptions
Windows Firewall: Prohibit unicast response to multicast or broadcast requests
Windows Firewall: Allow inbound UPnP framework exceptions
Turn off Windows Mail application
Turn off Windows Mail application
Turn off the communities features
Turn off the communities features
Prevent Windows Media DRM Internet Access
Prevent Automatic Updates
Do Not Show First Use Dialog Boxes
Prevent Video Smoothing
Prevent CD and DVD Media Information Retrieval
Prevent Media Sharing
Prevent Music File Media Information Retrieval
Prevent Quick Launch Toolbar Shortcut Creation
Prevent Radio Station Preset Retrieval
Prevent Desktop Shortcut Creation
Allow Screen Saver
Prevent Codec Download
Do Not Show Anchor
Hide Privacy Tab
Hide Security Tab
Set and Lock Skin
Configure HTTP Proxy
Configure MMS Proxy
Configure RTSP Proxy
Hide Network Tab
Configure Network Buffering
Streaming Media Protocols
Do not automatically start Windows Messenger initially
Do not automatically start Windows Messenger initially
Do not allow Windows Messenger to be run
Do not allow Windows Messenger to be run
Allow Basic authentication
Allow unencrypted traffic
Disallow Digest authentication
Disallow Negotiate authentication
Disallow Kerberos authentication
Allow CredSSP authentication
Trusted Hosts
Allow remote server management through WinRM
Turn On Compatibility HTTP Listener
Turn On Compatibility HTTPS Listener
Allow Basic authentication
Allow unencrypted traffic
Disallow WinRM from storing RunAs credentials
Disallow Negotiate authentication
Disallow Kerberos authentication
Allow CredSSP authentication
Specify channel binding token hardening level
Allow Remote Shell Access
Specify idle Timeout
MaxConcurrentUsers
Specify maximum amount of memory in MB per Shell
Specify maximum number of processes per Shell
Specify Shell Timeout
Specify maximum number of remote shells per user
Windows Automatic Updates
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box
Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box
Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box
Remove access to use all Windows Update features
Configure Automatic Updates
Specify intranet Microsoft update service location
Automatic Updates detection frequency
Allow non-administrators to receive update notifications
Allow Automatic Updates immediate installation
Turn on recommended updates via Automatic Updates
Turn on Software Notifications
Enabling Windows Update Power Management to automatically wake up the system to install scheduled updates
No auto-restart with logged on users for scheduled automatic updates installations
Re-prompt for restart with scheduled installations
Delay Restart for scheduled installations
Reschedule Automatic Updates scheduled installations
Enable client-side targeting
Allow signed updates from an intranet Microsoft update service location
Turn off legacy remote shutdown interface
Timeout for hung logon sessions during shutdown
Require use of fast startup
Display information about previous logons during user logon
Remove logon hours expiration warnings
Set action to take when logon hours expire
Disable or enable software Secure Attention Sequence
Report when logon server was not available during user logon
Report when logon server was not available during user logon
Custom User Interface
Turn off automatic termination of applications that block or cancel shutdown
Turn off the Store application
Turn off the Store application
Allow Store to install apps on Windows To Go workspaces
Turn off Automatic Download of updates
Set Cost
Custom Instant Search Internet search provider
Turn off tile notifications
Turn off toast notifications
Turn off toast notifications on the lock screen
Turn off notifications network usage
Set 3G Cost
Set 4G Cost
Scope Policy Path
Machine Windows Components\ActiveX Installer Service
Machine Windows Components\ActiveX Installer Service
User Control Panel\Add or Remove Programs
Machine Windows Components\Active Directory Federation Services
Machine Windows Components\Application Compatibility
User Windows Components\Application Compatibility
Machine Windows Components\App Package Deployment
Machine Windows Components\App Package Deployment
Machine Windows Components\App runtime
User Windows Components\App runtime
Machine Windows Components\App runtime
User Windows Components\App runtime
User Windows Components\Attachment Manager
Machine Windows Components\AutoPlay Policies
User Windows Components\AutoPlay Policies
Machine Windows Components\Biometrics
Machine Network\Background Intelligent Transfer Service (BITS)
Machine Windows Components\Windows Customer Experience Improvement Program
Machine Windows Components\Windows Customer Experience Improvement Program
Machine Network\SSL Configuration Settings
User System
Machine System
User Windows Components\NetMeeting\Application Sharing
User Windows Components\NetMeeting\Audio & Video
User Windows Components\NetMeeting
Machine Windows Components\NetMeeting
User Windows Components\NetMeeting\Options Page
User Control Panel
User Control Panel
User Control Panel
User Control Panel
User Control Panel\Display
User Control Panel\Display
User Control Panel\Personalization
Machine Control Panel\Personalization
Machine Control Panel\User Accounts
Machine System\Logon
Machine System\Credentials Delegation
Machine Windows Components\Credential User Interface
User Windows Components\Credential User Interface
User System\Ctrl+Alt+Del Options
Machine System\Distributed COM\Application Compatibility Settings
Machine System\Distributed COM\Application Compatibility Settings
User Desktop\Desktop
User Desktop\Active Directory
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
User Desktop
Machine Windows Components\Device and Driver Compatibility
Machine Windows Components\Device and Driver Compatibility
Machine System\Device Installation
Machine System\Device Installation\Device Installation Restrictions
Machine System\Driver Installation
User System\Driver Installation
Machine System\Device Redirection\Device Redirection Restrictions
Machine System\Device Redirection\Device Redirection Restrictions
Machine System\Driver Installation
Machine Network
User Windows Components\Digital Locker
Machine Windows Components\Digital Locker
Machine System\Troubleshooting and Diagnostics\Disk Diagnostic
Machine System\Troubleshooting and Diagnostics\Disk Diagnostic
Machine System\Disk NV Cache
Machine System\Disk Quotas
Machine System
Machine Network\DNS Client
User Windows Components\Desktop Window Manager
Machine Windows Components\Desktop Window Manager
User Windows Components\Desktop Window Manager
User Windows Components\Desktop Window Manager\Window Frame Coloring
Machine Windows Components\Desktop Window Manager\Window Frame Coloring
User Windows Components\Desktop Window Manager\Window Frame Coloring
Machine Windows Components\Desktop Window Manager\Window Frame Coloring
User Windows Components\IME
Machine System\Early Launch Antimalware
User Windows Components\Edge UI
User Windows Components\Edge UI
Machine System
Machine System\Enhanced Storage Access
Machine Windows Components\Windows Error Reporting
User Windows Components\Windows Error Reporting
Machine Windows Components\Windows Error Reporting\Advanced Error Reporting Settings
User Windows Components\Windows Error Reporting\Advanced Error Reporting Settings
User Windows Components\Windows Error Reporting\Consent
Machine Windows Components\Windows Error Reporting\Consent
Machine Windows Components\Event Forwarding
Machine Windows Components\Event Forwarding
Machine Windows Components\Event Log Service\Application
Machine Windows Components\Event Log Service\Security
Machine Windows Components\Event Log Service\Setup
Machine Windows Components\Event Log Service\System
Machine Windows Components\Event Viewer
User Windows Components\File Explorer
Machine Windows Components\File Explorer
Machine Windows Components\Portable Operating System
Machine Windows Components\File History
Machine System\Troubleshooting and Diagnostics\Corrupted File Recovery
Machine System\File Share Shadow Copy Agent
Machine System\File Share Shadow Copy Provider
Machine System\Filesystem
Machine System\Filesystem\NTFS
Machine System\Filesystem
User System\Folder Redirection
Machine System\Folder Redirection
Machine System\Folder Redirection
User Windows Components\File Explorer\Explorer Frame Pane
User Windows Components\File Explorer\Explorer Frame Pane
Machine System\Troubleshooting and Diagnostics\Fault Tolerant Heap
Machine Windows Components\Game Explorer
User System\Locale Services
Machine System\Locale Services
User Control Panel\Regional and Language Options
Machine Control Panel\Regional and Language Options
User System
User Control Panel\Regional and Language Options\Handwriting personalization
Machine Control Panel\Regional and Language Options\Handwriting personalization
Machine System\Group Policy
User System\Group Policy
Machine System\Group Policy\Logging and tracing
User Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Prefe
Machine System
User System
Machine System
Machine System
Machine Windows Components\Online Assistance
User System\Internet Communication Management\Internet Communication settings
Machine Network\Hotspot Authentication
User System\Windows HotStart
Machine System\Windows HotStart
User System\Internet Communication Management
Machine System\Internet Communication Management
Machine System\Internet Communication Management\Internet Communication settings
Machine Windows Components\Internet Information Services
User Windows Components\Internet Explorer\Administrator Approved Controls
Machine Windows Components\Internet Explorer\Internet Control Panel\Advanced Page
User Windows Components\Internet Explorer\Internet Control Panel\Advanced Page
Machine Windows Components\Internet Explorer\Internet Control Panel\Content Page
User Windows Components\Internet Explorer\Internet Control Panel\Content Page
User Windows Components\Internet Explorer\Internet Settings\AutoComplete
Machine Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing
User Windows Components\Internet Explorer\Internet Settings\Advanced settings\Browsing
User Windows Components\Internet Explorer\Offline Pages
Machine Windows Components\Internet Explorer\Corporate Settings\Code Download
User Windows Components\Internet Explorer\Internet Settings\Display settings
Machine Windows Components\Internet Explorer\Internet Control Panel
User Windows Components\Internet Explorer\Internet Control Panel
User Windows Components\Internet Explorer\Internet Settings\URL Encoding
User Windows Components\Internet Explorer\Internet Settings\Display settings\General Colors
Machine Windows Components\Internet Explorer\Internet Settings\Component Updates\Help Menu > About Interne
User Windows Components\Internet Explorer\Internet Settings\Advanced settings\Internet Connection Wizard
Machine Windows Components\Internet Explorer\Security Features\Add-on Management
User Windows Components\Internet Explorer\Security Features\Add-on Management
Machine Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction
User Windows Components\Internet Explorer\Security Features\Binary Behavior Security Restriction
Machine Windows Components\Internet Explorer\Security Features\Consistent Mime Handling
User Windows Components\Internet Explorer\Security Features\Consistent Mime Handling
Machine Windows Components\Internet Explorer\Security Features\Notification bar
User Windows Components\Internet Explorer\Security Features\Notification bar
Machine Windows Components\Internet Explorer\Security Features\Local Machine Zone Lockdown Security
User Windows Components\Internet Explorer\Security Features\Local Machine Zone Lockdown Security
Machine Windows Components\Internet Explorer\Security Features\Mime Sniffing Safety Feature
User Windows Components\Internet Explorer\Security Features\Mime Sniffing Safety Feature
Machine Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction
User Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction
Machine Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown
User Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown
Machine Windows Components\Internet Explorer\Security Features\Object Caching Protection
User Windows Components\Internet Explorer\Security Features\Object Caching Protection
Machine Windows Components\Internet Explorer\Security Features\Protection From Zone Elevation
User Windows Components\Internet Explorer\Security Features\Protection From Zone Elevation
Machine Windows Components\Internet Explorer\Security Features\Restrict ActiveX Install
User Windows Components\Internet Explorer\Security Features\Restrict ActiveX Install
Machine Windows Components\Internet Explorer\Security Features\Restrict File Download
User Windows Components\Internet Explorer\Security Features\Restrict File Download
Machine Windows Components\Internet Explorer\Security Features\Scripted Window Security Restrictions
User Windows Components\Internet Explorer\Security Features\Scripted Window Security Restrictions
Machine Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protoc
User Windows Components\Internet Explorer\Security Features\Network Protocol Lockdown\Restricted Protoc
Machine Windows Components\Internet Explorer
User Windows Components\Internet Explorer
Machine Windows Components\Internet Explorer\Delete Browsing History
User Windows Components\Internet Explorer\Delete Browsing History
Machine Windows Components\Internet Explorer\Internet Settings\AutoComplete
Machine Windows Components\Internet Explorer\Internet Settings\AutoComplete
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Mach
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Mach
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zon
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zon
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Site
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Site
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zon
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zon
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted S
User Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted S
Machine Windows Components\Internet Explorer\Internet Control Panel\Security Page
User Windows Components\Internet Explorer\Internet Control Panel\Security Page
User Windows Components\Internet Explorer\Internet Settings\Display settings\Link Colors
User Windows Components\Internet Explorer\Browser menus
Machine Windows Components\Internet Explorer\Browser menus
User Windows Components\Internet Explorer\Internet Settings\Advanced settings\Multimedia
Machine Windows Components\Internet Explorer\Internet Settings\Advanced settings\Multimedia
User Windows Components\Internet Explorer\Persistence Behavior
User Windows Components\Internet Explorer\Internet Settings\Advanced settings\Printing
Machine Windows Components\RSS Feeds
User Windows Components\RSS Feeds
Machine Windows Components\Internet Explorer\Application Compatibility\Clipboard access
User Windows Components\Internet Explorer\Application Compatibility\Clipboard access
Machine Windows Components\Internet Explorer\Internet Settings\Advanced settings\Searching
User Windows Components\Internet Explorer\Internet Settings\Advanced settings\Searching
Machine Windows Components\Internet Explorer\Internet Settings\Advanced settings\Searching
User Windows Components\Internet Explorer\Internet Settings\Advanced settings\Searching
Machine Windows Components\Internet Explorer\Security Features\AJAX
User Windows Components\Internet Explorer\Security Features\AJAX
Machine Windows Components\Internet Explorer\Security Features
User Windows Components\Internet Explorer\Security Features
User Windows Components\Internet Explorer\Security Features
User Windows Components\Internet Explorer\Internet Settings\Advanced settings\Signup Settings
Machine Windows Components\Internet Explorer\Toolbars
User Windows Components\Internet Explorer\Toolbars
Machine Windows Components\Internet Explorer\Internet Settings\Component Updates\Periodic check for updates t
Machine Windows Components\Internet Explorer\Internet Settings\Component Updates\Periodic check for updates t
Machine Windows Components\Internet Explorer\Privacy
User Windows Components\Internet Explorer\Privacy
User Windows Components\Internet Explorer\Accelerators
Machine Windows Components\Internet Explorer\Accelerators
Machine Windows Components\Internet Explorer\Compatibility View
User Windows Components\Internet Explorer\Compatibility View
Machine Windows Components\Internet Explorer\Internet Control Panel\General Page\Browsing History
User Windows Components\Internet Explorer\Internet Control Panel\General Page\Browsing History
Machine Windows Components\Internet Explorer\Internet Control Panel\General Page
User Windows Components\Internet Explorer\Internet Control Panel\General Page
Machine Windows Components\Internet Explorer\Internet Settings
User Windows Components\Internet Explorer\Internet Settings
Machine Windows Components\Internet Explorer\Internet Settings
User Windows Components\Internet Explorer\Internet Settings
Machine System\iSCSI\iSCSI Target Discovery
Machine System\iSCSI\General iSCSI
Machine System\iSCSI\General iSCSI
Machine System\iSCSI\iSCSI Security
Machine System\KDC
Machine System\KDC
Machine System\KDC
Machine System\KDC
Machine System\Kerberos
Machine Network\Lanman Server
Machine Network\Lanman Server
Machine System\Troubleshooting and Diagnostics\Windows Memory Leak Diagnosis
Machine Network\Link-Layer Topology Discovery
Machine Network\Link-Layer Topology Discovery
Machine Windows Components\Location and Sensors\Windows Location Provider
User System\Logon
User System\Logon
User System\Logon
Machine System
User System
Machine System
User Windows Components\Windows Media Center
Machine Windows Components\Windows Media Center
User Windows Components\Microsoft Management Console
User Windows Components\Microsoft Management Console
User Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-in
User Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins
User Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy
User Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group
User Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resulta
User Windows Components\Windows Mobility Center
Machine Windows Components\Windows Mobility Center
User Windows Components\Presentation Settings
Machine Windows Components\Presentation Settings
Machine Windows Components\Maintenance Scheduler
Machine System\Troubleshooting and Diagnostics\Microsoft Support Diagnostic Tool
Machine System\Troubleshooting and Diagnostics\MSI Corrupted File Recovery
Machine Windows Components\Windows Installer
User Windows Components\Windows Installer
Machine Windows Components\Network Access Protection
Machine Network\DirectAccess Client Experience Settings
Machine Network\Network Connectivity Status Indicator
Machine System\Net Logon
Machine System\Net Logon\DC Locator DNS Records
User Network\Network Connections
Machine Network\Network Connections
Machine Network\Network Isolation
User Windows Components\Network Projector
Machine Windows Components\Network Projector
Machine Windows Components\Network Projector
Machine Network\Offline Files
User Network\Offline Files
Machine Network\Microsoft Peer-to-Peer Networking Services
Machine Network\Microsoft Peer-to-Peer Networking Services\Peer Name Resolution Protocol\Global Clouds
Machine Network\Microsoft Peer-to-Peer Networking Services\Peer Name Resolution Protocol\Link-Local Clouds
Machine Network\Microsoft Peer-to-Peer Networking Services\Peer Name Resolution Protocol\Site-Local Clouds
Machine Network\Microsoft Peer-to-Peer Networking Services
Machine Windows Components\Family Safety
Machine System\Troubleshooting and Diagnostics\Application Compatibility Diagnostics
Machine Network\BranchCache
User Windows Components\Tablet PC\Tablet PC Pen Training
Machine Windows Components\Tablet PC\Tablet PC Pen Training
Machine System\Performance Control Panel
User System\Performance Control Panel
Machine System\Troubleshooting and Diagnostics\Windows Boot Performance Diagnostics
Machine System\Troubleshooting and Diagnostics\Windows Standby/Resume Performance Diagnostics
Machine System\Troubleshooting and Diagnostics\Windows System Responsiveness Performance Diagnostics
Machine System\Troubleshooting and Diagnostics\Windows Shutdown Performance Diagnostics
Machine System\Troubleshooting and Diagnostics\Windows Performance PerfTrack
Machine System\Power Management\Notification Settings
Machine System\Power Management\Button Settings
Machine System\Power Management\Hard Disk Settings
Machine System\Power Management\Hard Disk Settings
Machine System\Power Management
Machine System\Power Management
User System\Power Management
Machine System\Power Management\Sleep Settings
Machine System\Power Management\Video and Display Settings
Machine System
Machine Windows Components\Windows PowerShell
User Windows Components \Windows PowerShell
Machine Windows Components \Windows PowerShell
Machine Windows Components \Windows PowerShell
User Windows Components\File Explorer\Previous Versions
Machine Windows Components\File Explorer\Previous Versions
Machine Printers
Machine Printers
Machine Printers
Machine Printers
User Control Panel\Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
Machine Printers
User Control Panel\Programs
Machine Windows Components\Password Synchronization
Machine Network\QoS Packet Scheduler\DSCP value of conforming packets
Machine Network\QoS Packet Scheduler\DSCP value of non-conforming packets
Machine Network\QoS Packet Scheduler
Machine Network\QoS Packet Scheduler\Layer-2 priority value
Machine Windows Components\Windows Reliability Analysis
Machine System\Troubleshooting and Diagnostics\Windows Resource Exhaustion Detection and Resolution
Machine System\Recovery
Machine System
Machine System
Machine System
Machine System\Remote Assistance
User System\Removable Storage Access
Machine System\Removable Storage Access
Machine System\Remote Procedure Call
Machine System\Scripts
User System\Scripts
User System\Scripts
User System\Scripts
User System\Scripts
User System\Scripts
Machine System\Troubleshooting and Diagnostics\Scripted Diagnostics
Machine System\Troubleshooting and Diagnostics\Scheduled Maintenance
Machine Windows Components\Search
User Windows Components\Search
Machine Windows Components\Search\OCR
Machine Windows Components\Search\OCR
Machine Windows Components\Security Center
User Windows Components\Location and Sensors
Machine Windows Components\Location and Sensors
Machine System\Server Manager
Machine System
Machine System
Machine Windows Components\Sync your settings
Machine System
Machine System
User Shared Folders
User Shared Folders
User Windows Components\Network Sharing
Machine Windows Components\HomeGroup
User System
User System
User System
User System
User Windows Components\Desktop Gadgets
Machine Windows Components\Desktop Gadgets
User Windows Components\Windows SideShow
Machine Windows Components\Windows SideShow
Machine Windows Components\Smart Card
Machine Windows Components\Server for NIS
Machine Windows Components\Server for NIS
Machine Network\SNMP
User Windows Components\Sound Recorder
Machine Windows Components\Sound Recorder
Machine System\File Classification Infrastructure
Machine System\File Classification Infrastructure
Machine System\Access-Denied Assistance
Machine System\Access-Denied Assistance
User Start Menu and Taskbar
Machine Windows Components\Windows System Resource Manager
Machine System\System Restore
Machine System\System Restore
User Windows Components\Tablet PC\Input Panel
Machine Windows Components\Tablet PC\Input Panel
User Windows Components\Tablet PC\Accessories
Machine Windows Components\Tablet PC\Accessories
User Windows Components\Tablet PC\Cursors
Machine Windows Components\Tablet PC\Cursors
User Windows Components\Tablet PC\Hardware Buttons
Machine Windows Components\Tablet PC\Hardware Buttons
User Windows Components\Tablet PC\Pen Flicks Learning
Machine Windows Components\Tablet PC\Pen Flicks Learning
User Windows Components\Tablet PC\Pen UX Behaviors
Machine Windows Components\Tablet PC\Pen UX Behaviors
User Windows Components\Task Scheduler
Machine Windows Components\Task Scheduler
Machine Network\TCPIP Settings\IPv6 Transition Technologies
Machine Network\TCPIP Settings\Parameters
Machine Network\TCPIP Settings\Parameters
User Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Re
User Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Re
User Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Envir
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Envir
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\RD Connection Broker
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Printer Redirection
User Windows Components\Remote Desktop Services\Remote Desktop Session Host\Printer Redirection
User Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Application Compatibilit
Machine Windows Components\Remote Desktop Services\Remote Desktop Connection Client
User Windows Components\Remote Desktop Services\Remote Desktop Connection Client
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security
User Windows Components\Remote Desktop Services\RD Gateway
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Licensing
User Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Profiles
Machine Windows Components\Remote Desktop Services\RD Licensing
Machine Windows Components\Remote Desktop Services\RD Licensing
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Re
User Windows Components\Remote Desktop Services\Remote Desktop Session Host\Printer Redirection
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Temporary folders
Machine Windows Components\Remote Desktop Services\Remote Desktop Session Host\Temporary folders
Machine Windows Components\Remote Desktop Services\Remote Desktop Connection Client\RemoteFX USB Dev
User Windows Components\Remote Desktop Services\RemoteApp and Desktop Connections
User Windows Components\Tablet PC\Touch Input
Machine Windows Components\Tablet PC\Touch Input
User Windows Components\Tablet PC\Touch Input
Machine Windows Components\Tablet PC\Touch Input
Machine System\Trusted Platform Module Services
User Windows Components\Backup\Client
Machine Windows Components\Backup\Client
Machine System\User Profiles
User System\User Profiles
Machine Windows Components\BitLocker Drive Encryption
Machine Windows Components\BitLocker Drive Encryption\Operating System Drives
Machine Windows Components\BitLocker Drive Encryption\Fixed Data Drives
Machine Windows Components\BitLocker Drive Encryption\Removable Data Drives
Machine System\Windows Time Service
Machine System\Windows Time Service\Time Providers
Machine Network\Windows Connection Manager
Machine System\Troubleshooting and Diagnostics
Machine System\Troubleshooting and Diagnostics
User Windows Components\Windows Calendar
Machine Windows Components\Windows Calendar
Machine Windows Components\Add features to Windows 8
User Windows Components\Add features to Windows 8
Machine Windows Components\Backup\Server
User Windows Components\Windows Color System
Machine Windows Components\Windows Color System
User Network\Windows Connect Now
Machine Network\Windows Connect Now
Machine Network\Windows Connect Now
Machine Windows Components\Windows Defender
User Windows Components\File Explorer\Common Open File Dialog
Machine System\Windows File Protection
Machine Network\Network Connections\Windows Firewall
Machine Network\Network Connections\Windows Firewall\Domain Profile
Machine Network\Network Connections\Windows Firewall\Standard Profile
User Windows Components\Windows Mail
Machine Windows Components\Windows Mail
User Windows Components\Windows Mail
Machine Windows Components\Windows Mail
Machine Windows Components\Windows Media Digital Rights Management
Machine Windows Components\Windows Media Player
User Windows Components\Windows Media Player
User Windows Components\Windows Media Player\Playback
User Windows Components\Windows Media Player\Playback
User Windows Components\Windows Media Player\User Interface
User Windows Components\Windows Media Player\Networking
Machine Windows Components\Windows Messenger
User Windows Components\Windows Messenger
Machine Windows Components\Windows Messenger
User Windows Components\Windows Messenger
Machine Windows Components\Windows Remote Management (WinRM)\WinRM Client
Machine Windows Components\Windows Remote Management (WinRM)\WinRM Service
Machine Windows Components\Windows Remote Shell
User System
Machine Windows Components\Windows Update
User Windows Components\Windows Update
Machine Windows Components\Shutdown Options
Machine Windows Components\Shutdown Options
Machine System\Shutdown
Machine Windows Components\Windows Logon Options
User Windows Components\Windows Logon Options
User System
Machine System\Shutdown Options
User Windows Components\Store
Machine Windows Components\Store
Machine Network\WLAN Service\WLAN Media Cost
User Windows Components\Instant Search
User Start Menu and Taskbar\Notifications
Machine Network\WWAN Service\WWAN Media Cost
Machine Network\WWAN Service\WWAN Media Cost
Registry Information
HKLM\SOFTWARE\Policies\Microsoft\Windows\AxInstaller!ApprovedList, HKLM\SOFTWARE\Policies\Microsoft\Windows\AxInstaller\ApprovedActiveXInstallS
HKLM\SOFTWARE\Policies\Microsoft\Windows\AxInstaller\AxISURLZonePolicies!InstallTrustedOCX, HKLM\SOFTWARE\Policies\Microsoft\Windows\AxInsta
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!DefaultCategory
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoAddFromCDorFloppy
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoAddFromInternet
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoAddFromNetwork
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoAddPage
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoAddRemovePrograms
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoChooseProgramsPage
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoRemovePage
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoServices
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoSupportInfo
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Uninstall!NoWindowsSetupPage
HKLM\Software\Policies\Microsoft\Windows\ADFS!DisallowFederationService
HKLM\Software\Policies\Microsoft\Windows\AppCompat!VDMDisallowed
HKLM\Software\Policies\Microsoft\Windows\AppCompat!DisablePropPage
HKLM\Software\Policies\Microsoft\Windows\AppCompat!AITEnable
HKLM\Software\Policies\Microsoft\Windows\AppCompat!SbEnable
HKLM\Software\Policies\Microsoft\Windows\AppCompat!DisableEngine
HKCU\Software\Policies\Microsoft\Windows\AppCompat!DisablePCA
HKLM\Software\Policies\Microsoft\Windows\AppCompat!DisablePCA
HKLM\Software\Policies\Microsoft\Windows\AppCompat!DisableUAR
HKLM\Software\Policies\Microsoft\Windows\AppCompat!DisableInventory
HKLM\Software\Policies\Microsoft\Windows\Appx!AllowAllTrustedApps
HKLM\Software\Policies\Microsoft\Windows\Appx!AllowDeploymentInSpecialProfiles
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Associations!BlockFileElevation
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations!BlockFileElevation
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Associations!BlockProtocolElevation
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations!BlockProtocolElevation
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments!ScanWithAntiVirus
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments!UseTrustedHandlers
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments!SaveZoneInformation
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments!HideZoneInfoOnProperties
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations!DefaultFileTypeRisk
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations!HighRiskFileTypes
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations!LowRiskFileTypes
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations!ModRiskFileTypes
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoAutorun
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoAutorun
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DontSetAutoplayCheckbox
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DontSetAutoplayCheckbox
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoDriveTypeAutoRun
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoDriveTypeAutoRun
HKLM\Software\Policies\Microsoft\Windows\Explorer!NoAutoplayfornonVolume
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoAutoplayfornonVolume
HKLM\SOFTWARE\Policies\Microsoft\Biometrics!Enabled
HKLM\SOFTWARE\Policies\Microsoft\Biometrics\Credential Provider!Enabled
HKLM\SOFTWARE\Policies\Microsoft\Biometrics\Credential Provider!Domain Accounts
HKLM\SOFTWARE\Policies\Microsoft\Biometrics\Credential Provider!SwitchTimeoutInSeconds
HKLM\Software\Policies\Microsoft\Windows\BITS!JobInactivityTimeout
HKLM\Software\Policies\Microsoft\Windows\BITS!MaxDownloadTime
HKLM\Software\Policies\Microsoft\Windows\BITS!EnableBITSMaxBandwidth, HKLM\Software\Policies\Microsoft\Windows\BITS!MaxTransferRateOnSchedul
HKLM\Software\Policies\Microsoft\Windows\BITS\Throttling!EnableBandwidthLimits, HKLM\Software\Policies\Microsoft\Windows\BITS\Throttling!IgnoreBan
HKLM\Software\Policies\Microsoft\Windows\BITS\Throttling!EnableMaintenanceLimits, HKLM\Software\Policies\Microsoft\Windows\BITS\Throttling\Mainten
HKLM\Software\Policies\Microsoft\Windows\BITS!EnablePeercaching
HKLM\Software\Policies\Microsoft\Windows\BITS!MaxContentAge
HKLM\Software\Policies\Microsoft\Windows\BITS!MaxCacheSize
HKLM\Software\Policies\Microsoft\Windows\BITS!DisablePeerCachingClient
HKLM\Software\Policies\Microsoft\Windows\BITS!DisablePeerCachingServer
HKLM\Software\Policies\Microsoft\Windows\BITS!MaxBandwidthServed
HKLM\Software\Policies\Microsoft\Windows\BITS\TransferPolicy!ForegroundTransferPolicy, HKLM\Software\Policies\Microsoft\Windows\BITS\TransferPolicy!
HKLM\Software\Policies\Microsoft\Windows\BITS!MaxJobsPerMachine
HKLM\Software\Policies\Microsoft\Windows\BITS!MaxJobsPerUser
HKLM\Software\Policies\Microsoft\Windows\BITS!MaxFilesPerJob
HKLM\Software\Policies\Microsoft\Windows\BITS!MaxRangesPerFile
HKLM\Software\Policies\Microsoft\Windows\BITS!DisableBranchCache
HKLM\Software\Policies\Microsoft\SQMClient!CorporateSQMURL
HKLM\Software\Policies\Microsoft\SQMClient\Windows!StudyId, HKLM\Software\Policies\Microsoft\SQMClient\Windows!StudyId
HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002!Functions
HKCU\Software\Policies\Microsoft\Windows\App Management!COMClassStore
HKLM\Software\Policies\Microsoft\Windows\App Management!COMClassStore
HKCU\Software\Policies\Microsoft\Conferencing!NoAppSharing
HKCU\Software\Policies\Microsoft\Conferencing!NoAllowControl
HKCU\Software\Policies\Microsoft\Conferencing!NoSharing
HKCU\Software\Policies\Microsoft\Conferencing!NoSharingDosWindows
HKCU\Software\Policies\Microsoft\Conferencing!NoSharingDesktop
HKCU\Software\Policies\Microsoft\Conferencing!NoSharingExplorer
HKCU\Software\Policies\Microsoft\Conferencing!NoTrueColorSharing
HKCU\Software\Policies\Microsoft\Conferencing!NoAudio
HKCU\Software\Policies\Microsoft\Conferencing!NoChangeDirectSound
HKCU\Software\Policies\Microsoft\Conferencing!NoFullDuplex
HKCU\Software\Policies\Microsoft\Conferencing!NoReceivingVideo
HKCU\Software\Policies\Microsoft\Conferencing!NoSendingVideo
HKCU\Software\Policies\Microsoft\Conferencing!MaximumBandwidth
HKCU\Software\Policies\Microsoft\Conferencing!PersistAutoAcceptCalls
HKCU\Software\Policies\Microsoft\Conferencing!NoChat
HKCU\Software\Policies\Microsoft\Conferencing!NoNewWhiteBoard
HKCU\Software\Policies\Microsoft\Conferencing!NoOldWhiteBoard
HKLM\Software\Policies\Microsoft\Conferencing!NoRDS
HKCU\Software\Policies\Microsoft\Conferencing!Use AutoConfig, HKCU\Software\Policies\Microsoft\Conferencing!ConfigFile
HKCU\Software\Policies\Microsoft\Conferencing!NoAddingDirectoryServers
HKCU\Software\Policies\Microsoft\Conferencing!NoAutoAcceptCalls
HKCU\Software\Policies\Microsoft\Conferencing!NoChangingCallMode
HKCU\Software\Policies\Microsoft\Conferencing!NoDirectoryServices
HKCU\Software\Policies\Microsoft\Conferencing!NoReceivingFiles
HKCU\Software\Policies\Microsoft\Conferencing!NoSendingFiles
HKCU\Software\Policies\Microsoft\Conferencing!NoWebDirectory
HKCU\Software\Policies\Microsoft\Conferencing!MaxFileSendSize
HKCU\Software\Policies\Microsoft\Conferencing!IntranetSupportURL
HKCU\Software\Policies\Microsoft\Conferencing!CallSecurity
HKCU\Software\Policies\Microsoft\Conferencing!NoAdvancedCalling
HKCU\Software\Policies\Microsoft\Conferencing!NoAudioPage
HKCU\Software\Policies\Microsoft\Conferencing!NoGeneralPage
HKCU\Software\Policies\Microsoft\Conferencing!NoSecurityPage
HKCU\Software\Policies\Microsoft\Conferencing!NoVideoPage
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisallowCpl, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Disall
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!ForceClassicControlPanel
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoControlPanel
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!RestrictCpl, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Restri
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!NoDispCPL
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!NoDispSettingsPage
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!NoDispAppearancePage
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!NoDispScrSavPage
HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop!ScreenSaveActive
HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop!SCRNSAVE.EXE
HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop!ScreenSaverIsSecure
HKCU\Software\Policies\Microsoft\Windows\Control Panel\Desktop!ScreenSaveTimeOut
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop!NoChangingWallPaper
HKCU\Software\Policies\Microsoft\Windows\Personalization!NoChangingSoundScheme
HKCU\Software\Policies\Microsoft\Windows\Personalization!NoChangingMousePointers
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!NoDispBackgroundPage
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!NoColorChoice
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoThemesTab
HKCU\Software\Policies\Microsoft\Windows\Personalization!ThemeFile
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!NoVisualStyleChoice
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!SetVisualStyle
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!NoSizeChoice
HKLM\Software\Policies\Microsoft\Windows\Personalization!NoLockScreen
HKLM\Software\Policies\Microsoft\Windows\Personalization!NoChangingLockScreen
HKLM\Software\Policies\Microsoft\Windows\Personalization!NoChangingStartMenuBackground
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!UseDefaultTile
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!DefaultLogonDomain
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!ExcludedCredentialProviders
HKLM\Software\Policies\Microsoft\Windows\System!AllowDomainPINLogon
HKLM\Software\Policies\Microsoft\Windows\System!BlockDomainPicturePassword
HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation!AllowDefaultCredentials, HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegatio
HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation!AllowDefCredentialsWhenNTLMOnly, HKLM\Software\Policies\Microsoft\Windows\Creden
HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation!AllowFreshCredentials, HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation
HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation!AllowFreshCredentialsWhenNTLMOnly, HKLM\Software\Policies\Microsoft\Windows\Cred
HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation!AllowSavedCredentials, HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegatio
HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation!AllowSavedCredentialsWhenNTLMOnly, HKLM\Software\Policies\Microsoft\Windows\Cred
HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation!DenyDefaultCredentials, HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegatio
HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation!DenyFreshCredentials, HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation
HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegation!DenySavedCredentials, HKLM\Software\Policies\Microsoft\Windows\CredentialsDelegatio
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\CredUI!EnumerateAdministrators
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\CredUI!EnableSecureCredentialPrompting
HKLM\Software\Policies\Microsoft\Windows\CredUI!DisablePasswordReveal
HKCU\Software\Policies\Microsoft\Windows\CredUI!DisablePasswordReveal
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!DisableChangePassword
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!DisableLockWorkstation
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!DisableTaskMgr
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoLogoff
HKLM\Software\Policies\Microsoft\Windows NT\DCOM\AppCompat!AllowLocalActivationSecurityCheckExemptionList
HKLM\Software\Policies\Microsoft\Windows NT\DCOM\AppCompat!ListBox_Support_ActivationSecurityCheckExemptionList, HKLM\Software\Policies\Micros
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!ForceActiveDesktopOn
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoActiveDesktop
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoActiveDesktopChanges
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\AdminComponent!Add, HKCU\Software\Microsoft\Windows\CurrentVersion\Policie
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop!NoAddingComponents
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop!NoClosingComponents
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop!NoDeletingComponents
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop!NoEditingComponents
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop!NoComponents
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop!NoHTMLWallPaper
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!Wallpaper, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!Wallpape
HKCU\Software\Policies\Microsoft\Windows\Directory UI!EnableFilter
HKCU\Software\Policies\Microsoft\Windows\Directory UI!HideDirectoryFolder
HKCU\Software\Policies\Microsoft\Windows\Directory UI!QueryLimit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisablePersonalDirChange
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoDesktop
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoDesktopCleanupWizard
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoInternetIcon
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum!{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum!{450D8FBA-AD25-11D0-98A8-0800361B1103}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoNetHood
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoPropertiesMyComputer
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoPropertiesMyDocuments
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoRecentDocsNetHood
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum!{645FF040-5081-101B-9F08-00AA002F954E}
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoPropertiesRecycleBin
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSaveSettings
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoCloseDragDropBands
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoMovingBands
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoWindowMinimizingShortcuts
HKLM\System\CurrentControlSet\Policies\Microsoft\Compatibility!DisableDeviceFlags
HKLM\System\CurrentControlSet\Policies\Microsoft\Compatibility!DisableDriverShims
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Settings!AllSigningEqual
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Settings!InstallTimeout
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Settings!DisableSystemRestore
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Settings!AllowRemoteRPC
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions!AllowAdminInstall
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions!AllowDeviceClasses, HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrict
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions!DenyDeviceClasses, HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrict
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions!AllowDeviceIDs, HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions!DenyDeviceIDs, HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions\
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions!DenyRemovableDevices
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions!DenyUnspecified
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions!ForceReboot, HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions!Re
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DeniedPolicy!SimpleText
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DeniedPolicy!DetailText
HKLM\Software\Policies\Microsoft\Windows\DriverInstall\Restrictions!AllowUserDeviceClasses, HKLM\Software\Policies\Microsoft\Windows\DriverInstall\Rest
HKCU\Software\Policies\Microsoft\Windows NT\Driver Signing!BehaviorOnFailedVerify
HKLM\Software\Policies\Microsoft\Windows\DeviceRedirect\Restrictions!AllowRedirect
HKLM\Software\Policies\Microsoft\Windows\DeviceRedirect\Restrictions!DenyDeviceIDs, HKLM\Software\Policies\Microsoft\Windows\DeviceRedirect\Restric
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Settings!DisableBalloonTips
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Settings!DisableSendGenericDriverNotFoundToWER
HKLM\Software\Policies\Microsoft\Windows\DeviceInstall\Settings!DisableSendRequestAdditionalSoftwareToWER
HKCU\Software\Policies\Microsoft\Windows\DriverSearching!DontSearchFloppies, HKCU\Software\Policies\Microsoft\Windows\DriverSearching!DontSearch
HKCU\Software\Policies\Microsoft\Windows\DriverSearching!DontPromptForWindowsUpdate
HKLM\Software\Policies\Microsoft\Windows\DriverSearching!DontPromptForWindowsUpdate
HKLM\Software\Policies\Microsoft\Windows\DriverSearching!SearchOrderConfig
HKLM\Software\Policies\Microsoft\Windows\DriverSearching!DriverServerSelection
HKLM\SOFTWARE\Policies\Microsoft\Windows\Device Metadata!PreventDeviceMetadataFromNetwork
HKLM\Software\Policies\Microsoft\System\DFSClient!DfsDcNameDelay
HKCU\SOFTWARE\Policies\Microsoft\Windows\Digital Locker!DoNotRunDigitalLocker
HKLM\SOFTWARE\Policies\Microsoft\Windows\Digital Locker!DoNotRunDigitalLocker
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{29689E29-2CE9-4751-B4FC-8EFF5066E3FD}!DfdAlertTextOverride
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{29689E29-2CE9-4751-B4FC-8EFF5066E3FD}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policie
HKLM\Software\Policies\Microsoft\Windows\NvCache!OptimizeBootAndResume
HKLM\Software\Policies\Microsoft\Windows\NvCache!EnablePowerModeState
HKLM\Software\Policies\Microsoft\Windows\NvCache!EnableNvCache
HKLM\Software\Policies\Microsoft\Windows\NvCache!EnableSolidStateMode
HKLM\Software\Policies\Microsoft\Windows NT\DiskQuota!Enable
HKLM\Software\Policies\Microsoft\Windows NT\DiskQuota!Enforce
HKLM\Software\Policies\Microsoft\Windows NT\DiskQuota!Limit, HKLM\Software\Policies\Microsoft\Windows NT\DiskQuota!LimitUnits, HKLM\Software\Polic
HKLM\Software\Policies\Microsoft\Windows NT\DiskQuota!LogEventOverLimit
HKLM\Software\Policies\Microsoft\Windows NT\DiskQuota!LogEventOverThreshold
HKLM\Software\Policies\Microsoft\Windows NT\DiskQuota!ApplyToRemovableMedia
HKLM\Software\Policies\Microsoft\Windows\System!DLT_AllowDomainMode
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!AdapterDomainName
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!NameServer
HKLM\Software\Policies\Microsoft\System\DNSClient!NV PrimaryDnsSuffix
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!RegisterAdapterName
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!RegisterReverseLookup
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!RegistrationEnabled
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!RegistrationOverwritesInConflict
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!RegistrationRefreshInterval
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!RegistrationTtl
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!SearchList
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!UpdateSecurityLevel
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!UpdateTopLevelDomainZones
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!UseDomainNameDevolution
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!EnableDevolutionLevelControl, HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!Domai
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!EnableMulticast
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!AppendToMultiLabelName
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!DisableSmartNameResolution
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!DisableSmartProtocolReordering
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!QueryNetBTFQDN
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!PreferLocalOverLowerBindingDNS
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!DisableIdnEncoding
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient!EnableIdnMapping
HKCU\SOFTWARE\Policies\Microsoft\Windows\DWM!DisallowAnimations
HKLM\SOFTWARE\Policies\Microsoft\Windows\DWM!DisallowAnimations
HKCU\SOFTWARE\Policies\Microsoft\Windows\DWM!DisallowFlip3d
HKLM\SOFTWARE\Policies\Microsoft\Windows\DWM!DisallowFlip3d
HKLM\SOFTWARE\Policies\Microsoft\Windows\DWM!DisableAccentGradient
HKCU\SOFTWARE\Policies\Microsoft\Windows\DWM!DefaultColorizationColorState, HKCU\SOFTWARE\Policies\Microsoft\Windows\DWM!DefaultColorizati
HKLM\SOFTWARE\Policies\Microsoft\Windows\DWM!DefaultColorizationColorState, HKLM\SOFTWARE\Policies\Microsoft\Windows\DWM!DefaultColorizati
HKCU\SOFTWARE\Policies\Microsoft\Windows\DWM!DisallowColorizationColorChanges
HKLM\SOFTWARE\Policies\Microsoft\Windows\DWM!DisallowColorizationColorChanges
HKCU\software\policies\microsoft\ime\shared!misconvlogging
HKCU\software\policies\microsoft\ime\imejp!SaveAutoTuneDataToFile
HKCU\software\policies\microsoft\ime\imejp!UseHistorybasedPredictiveInput
HKCU\software\policies\microsoft\ime\shared!OpenExtendedDict
HKCU\software\policies\microsoft\ime\shared!SearchPlugin
HKCU\software\policies\microsoft\ime\shared!UserDict
HKCU\software\policies\microsoft\ime\imejp!CodeAreaForConversion
HKCU\software\policies\microsoft\ime\imejp!ShowOnlyPublishingStandardGlyph
HKLM\System\CurrentControlSet\Policies\EarlyLaunch!DriverLoadPolicy, HKLM\System\CurrentControlSet\Policies\EarlyLaunch!DriverLoadPolicy
HKCU\Software\Policies\Microsoft\Windows\EdgeUI!TurnOffBackstack
HKCU\Software\Policies\Microsoft\Windows\EdgeUI!DisableMFUTracking
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoEncryptOnMove
HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices!RootHubConnectedEnStorDevices
HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices!AllowCertSiloProvisioning
HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices!LockDeviceOnMachineLock
HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices!DisallowLegacyDiskDevices
HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices!DisablePasswordAuthentication
HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices!TCGSecurityActivationDisabled
HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices\ApprovedSilos!SiloAllowListPolicy, HKLM\Software\Policies\Microsoft\Windows\Enhan
HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices\ApprovedEnStorDevices!PolicyEnabled, HKLM\Software\Policies\Microsoft\Windows\E
HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting\DW!DWNoExternalURL, HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting\DW!DWNo
HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting!ShowUI, HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting\DW!DWAllowHeadless
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!Disabled
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!Disabled
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!DontShowUI
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!LoggingDisabled
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!LoggingDisabled
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!DontSendAdditionalData
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!DontSendAdditionalData
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!BypassDataThrottling
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!BypassDataThrottling
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!BypassPowerThrottling
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!BypassPowerThrottling
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!BypassNetworkCostThrottling
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!BypassNetworkCostThrottling
HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting!AllOrNone, HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting!IncludeMicrosoftApps, HK
HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting\ExclusionList
HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting\InclusionList
HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting!IncludeKernelFaults
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!DisableArchive, HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Re
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!DisableArchive, HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Re
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!CorporateWerServer, HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Err
HKCU\Software\Policies\Microsoft\Windows\Windows Error Reporting\ExcludedApplications
HKLM\Software\Policies\Microsoft\Windows\Windows Error Reporting\ExcludedApplications
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!DisableQueue, HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Rep
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting!DisableQueue, HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Rep
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting\Consent
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting\Consent
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting\Consent!DefaultOverrideBehavior
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting\Consent!DefaultOverrideBehavior
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting\Consent!DefaultConsent
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting\Consent!DefaultConsent
HKLM\Software\Policies\Microsoft\Windows\EventLog\EventForwarding\SubscriptionManager
HKLM\Software\Policies\Microsoft\Windows\EventLog\EventForwarding!MaxForwardingRate
HKLM\Software\Policies\Microsoft\Windows\EventLog\Application!AutoBackupLogFiles
HKLM\Software\Policies\Microsoft\Windows\EventLog\Application!ChannelAccess
HKLM\Software\Policies\Microsoft\Windows\EventLog\Application!Retention
HKLM\Software\Policies\Microsoft\Windows\EventLog\Application!File
HKLM\Software\Policies\Microsoft\Windows\EventLog\Application!MaxSize
HKLM\Software\Policies\Microsoft\Windows\EventLog\Security!AutoBackupLogFiles
HKLM\Software\Policies\Microsoft\Windows\EventLog\Security!ChannelAccess
HKLM\Software\Policies\Microsoft\Windows\EventLog\Security!Retention
HKLM\Software\Policies\Microsoft\Windows\EventLog\Security!File
HKLM\Software\Policies\Microsoft\Windows\EventLog\Security!MaxSize
HKLM\Software\Policies\Microsoft\Windows\EventLog\Setup!AutoBackupLogFiles
HKLM\Software\Policies\Microsoft\Windows\EventLog\Setup!ChannelAccess
HKLM\Software\Policies\Microsoft\Windows\EventLog\Setup!Retention
HKLM\Software\Policies\Microsoft\Windows\EventLog\Setup!Enabled
HKLM\Software\Policies\Microsoft\Windows\EventLog\Setup!File
HKLM\Software\Policies\Microsoft\Windows\EventLog\Setup!MaxSize
HKLM\Software\Policies\Microsoft\Windows\EventLog\System!AutoBackupLogFiles
HKLM\Software\Policies\Microsoft\Windows\EventLog\System!ChannelAccess
HKLM\Software\Policies\Microsoft\Windows\EventLog\System!Retention
HKLM\Software\Policies\Microsoft\Windows\EventLog\System!File
HKLM\Software\Policies\Microsoft\Windows\EventLog\System!MaxSize
HKLM\Software\Policies\Microsoft\EventViewer!MicrosoftRedirectionProgram
HKLM\Software\Policies\Microsoft\EventViewer!MicrosoftRedirectionProgramCommandLineParameters
HKLM\Software\Policies\Microsoft\EventViewer!MicrosoftRedirectionURL
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!AlwaysShowClassicMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!PreventItemCreationInUsersFilesFolder
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!TurnOffSPIAnimations
HKLM\Software\Policies\Microsoft\Windows\Explorer!NoDataExecutionPrevention
HKLM\Software\Policies\Microsoft\Windows\Explorer!NoHeapTerminationOnCorruption
HKLM\Software\Policies\Microsoft\Windows\Explorer!AdminInfoUrl
HKLM\Software\Policies\Microsoft\PortableOperatingSystem!Launcher
HKLM\System\CurrentControlSet\Policies\Microsoft\PortableOperatingSystem!Hibernate
HKLM\System\CurrentControlSet\Policies\Microsoft\PortableOperatingSystem!Sleep
HKLM\Software\Policies\Microsoft\Windows\FileHistory!Disabled
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{8519d925-541e-4a2b-8b1e-8059d16082f2}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\M
HKLM\Software\Policies\Microsoft\Windows\fssAgent!MaximumShadowCopyAgeInHours
HKLM\Software\Policies\Microsoft\Windows\fssProv!EncryptProtocol
HKLM\Software\Policies\Microsoft\Windows\Filesystems\NTFS!SymLinkState, HKLM\Software\Policies\Microsoft\Windows\Filesystems\NTFS!SymlinkLocalTo
HKLM\System\CurrentControlSet\Policies!NtfsDisableCompression
HKLM\System\CurrentControlSet\Policies!NtfsDisableEncryption
HKLM\System\CurrentControlSet\Policies!NtfsEncryptPagingFile
HKLM\System\CurrentControlSet\Policies!NtfsDisable8dot3NameCreation
HKLM\System\CurrentControlSet\Policies!DisableDeleteNotification
HKLM\System\CurrentControlSet\Policies!NtfsEnableTxfDeprecatedFunctionality
HKCU\Software\Policies\Microsoft\Windows\System\Fdeploy!LocalizeXPRelativePaths
HKCU\Software\Policies\Microsoft\Windows\NetCache!DisableFRAdminPin
HKCU\Software\Policies\Microsoft\Windows\NetCache\{3EB685DB-65F9-4CF6-A03A-E3EF65729F3D}!DisableFRAdminPinByFolder, HKCU\Software\Policie
HKLM\Software\Policies\Microsoft\Windows\System\Fdeploy!LocalizeXPRelativePaths
HKCU\Software\Policies\Microsoft\Windows\System\Fdeploy!FolderRedirectionEnableCacheRename
HKCU\Software\Policies\Microsoft\Windows\System\Fdeploy!PrimaryComputerEnabledFR
HKLM\Software\Policies\Microsoft\Windows\System\Fdeploy!PrimaryComputerEnabledFR
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoPreviewPane
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoReadingPane
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{dc42ff48-e40d-4a60-8675-e71f7e64aa9a}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\Mic
HKLM\Software\Policies\Microsoft\Windows\GameUX!DownloadGameInfo
HKLM\Software\Policies\Microsoft\Windows\GameUX!ListRecentlyPlayed
HKLM\Software\Policies\Microsoft\Windows\GameUX!GameUpdateOptions
HKCU\Software\Policies\Microsoft\Control Panel\International!CustomLocalesNoSelect
HKLM\Software\Policies\Microsoft\Control Panel\International!CustomLocalesNoSelect
HKLM\Software\Policies\Microsoft\Control Panel\International!RestrictSystemLocales, HKLM\Software\Policies\Microsoft\Control Panel\International!Allowable
HKLM\Software\Policies\Microsoft\Control Panel\International!BlockUserInputMethodsForSignIn
HKCU\Software\Policies\Microsoft\Control Panel\International!RestrictUserLocales, HKCU\Software\Policies\Microsoft\Control Panel\International!AllowableU
HKLM\Software\Policies\Microsoft\Control Panel\International!RestrictUserLocales, HKLM\Software\Policies\Microsoft\Control Panel\International!AllowableUs
HKCU\Software\Policies\Microsoft\Control Panel\International!PreventGeoIdChange
HKLM\Software\Policies\Microsoft\Control Panel\International!PreventGeoIdChange
HKCU\Software\Policies\Microsoft\Control Panel\International!PreventUserOverrides
HKLM\Software\Policies\Microsoft\Control Panel\International!PreventUserOverrides
HKCU\Software\Policies\Microsoft\Control Panel\International!HideAdminOptions
HKCU\Software\Policies\Microsoft\Control Panel\International!HideCurrentLocation
HKCU\Software\Policies\Microsoft\Control Panel\International!HideLanguageSelection
HKCU\Software\Policies\Microsoft\Control Panel\International!HideLocaleSelectAndCustomize
HKLM\Software\Policies\Microsoft\MUI\Settings!PreferredUILanguages
HKCU\Software\Policies\Microsoft\Control Panel\Desktop!PreferredUILanguages
HKLM\Software\Policies\Microsoft\MUI\Settings!MachineUILock
HKCU\Software\Policies\Microsoft\Control Panel\Desktop!MultiUILanguageID
HKCU\Software\Policies\Microsoft\Control Panel\International!TurnOffOfferTextPredictions
HKCU\Software\Policies\Microsoft\Control Panel\International!TurnOffInsertSpace
HKCU\Software\Policies\Microsoft\Control Panel\International!TurnOffAutocorrectMisspelledWords
HKCU\Software\Policies\Microsoft\Control Panel\International!TurnOffHighlightMisspelledWords
HKLM\Software\Policies\Microsoft\Control Panel\International!BlockCleanupOfUnusedPreinstalledLangPacks
HKCU\Software\Policies\Microsoft\Control Panel\International\Calendars\TwoDigitYearMax!1
HKCU\SOFTWARE\Policies\Microsoft\InputPersonalization!RestrictImplicitTextCollection, HKCU\SOFTWARE\Policies\Microsoft\InputPersonalization!Restrict
HKLM\SOFTWARE\Policies\Microsoft\InputPersonalization!RestrictImplicitTextCollection, HKLM\SOFTWARE\Policies\Microsoft\InputPersonalization!RestrictI
HKLM\Software\Policies\Microsoft\Windows\System!ProcessTSUserLogonAsync
HKLM\Software\Policies\Microsoft\Windows\System!ResetDfsClientInfoDuringRefreshPolicy
HKLM\Software\Policies\Microsoft\Windows\System!DisableAOACProcessing
HKLM\Software\Policies\Microsoft\Windows\System!SlowLinkDefaultForDirectAccess
HKLM\Software\Policies\Microsoft\Windows\System!SlowlinkDefaultToAsync
HKLM\Software\Policies\Microsoft\Windows\System!DisableLGPOProcessing
HKLM\Software\Policies\Microsoft\Windows\System!GpNetworkStartTimeoutPolicyValue
HKLM\Software\Policies\Microsoft\Windows\System!AllowX-ForestPolicy-and-RUP
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{c6dc5466-785a-11d2-84d0-00c04fb169f7}!NoSlowLink, HKLM\Software\Policies\Microsoft\Window
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}!NoSlowLink, HKLM\Software\Policies\Microsoft\Window
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}!NoSlowLink, HKLM\Software\Policies\Microsoft\
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{25537BA6-77A8-11D2-9B6C-0000F8080861}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}!NoSlowLink, HKLM\Software\Policies\Microsoft\
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{e437bc1c-aa7d-11d2-a382-00c04f991e27}!NoSlowLink, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}!NoBackgroundPolicy, HKLM\Software\Policies\Mi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{42B5FAAE-6536-11d2-AE5A-0000F87571E3}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}!NoBackgroundPolicy, HKLM\Software\Policies\Mi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}!NoSlowLink, HKLM\Software\Policies\Microsoft
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}!NoSlowLink, HKLM\Software\Policies\Microsoft\W
HKCU\Software\Policies\Microsoft\Windows\System!DenyRsopToInteractiveUser
HKLM\Software\Policies\Microsoft\Windows\System!DenyRsopToInteractiveUser
HKCU\Software\Policies\Microsoft\Windows\Group Policy Editor!DisableAutoADMUpdate
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!DisableBkGndGroupPolicy
HKLM\Software\Policies\Microsoft\Windows\System!DenyUsersFromMachGP
HKCU\Software\Policies\Microsoft\Windows\Group Policy Editor!ShowPoliciesOnly
HKCU\Software\Policies\Microsoft\Windows\Group Policy Editor!DCOption
HKCU\Software\Policies\Microsoft\Windows\System!GroupPolicyMinTransferRate
HKLM\Software\Policies\Microsoft\Windows\System!GroupPolicyMinTransferRate, HKLM\Software\Policies\Microsoft\Windows\System!SlowLinkDefaultFor3G
HKLM\Software\Policies\Microsoft\Windows\System!GroupPolicyRefreshTime, HKLM\Software\Policies\Microsoft\Windows\System!GroupPolicyRefreshTimeO
HKLM\Software\Policies\Microsoft\Windows\System!GroupPolicyRefreshTimeDC, HKLM\Software\Policies\Microsoft\Windows\System!GroupPolicyRefreshTim
HKCU\Software\Policies\Microsoft\Windows\System!GroupPolicyRefreshTime, HKCU\Software\Policies\Microsoft\Windows\System!GroupPolicyRefreshTime
HKCU\Software\Policies\Microsoft\Windows\Group Policy Editor!GPODisplayName
HKCU\Software\Policies\Microsoft\Windows\Group Policy Editor!NewGPOLinksDisabled
HKLM\Software\Policies\Microsoft\Windows\Group Policy!OnlyUseLocalAdminFiles
HKLM\Software\Policies\Microsoft\Windows\System!RSoPLogging
HKLM\Software\Policies\Microsoft\Windows\System!UserPolicyMode
HKLM\Software\Policies\Microsoft\Windows\System!CorpConnStartTimeoutPolicyValue
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{F9C77450-3A41-477E-9310-9ACD617BD9E3}!NoSlowLink, HKLM\Software\Policies\Microsoft\W
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{F9C77450-3A41-477E-9310-9ACD617BD9E3}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{728EE579-943C-4519-9EF7-AB56765798ED}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{728EE579-943C-4519-9EF7-AB56765798ED}!LogLevel, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{1A6364EB-776B-4120-ADE1-B63A406A76B5}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{1A6364EB-776B-4120-ADE1-B63A406A76B5}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{5794DAFD-BE60-433f-88A2-1A31939AC01F}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{5794DAFD-BE60-433f-88A2-1A31939AC01F}!LogLevel, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{0E28E245-9368-4853-AD84-6DA3BA35BB75}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{0E28E245-9368-4853-AD84-6DA3BA35BB75}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{7150F9BF-48AD-4da4-A49C-29EF4A8369BA}!NoSlowLink, HKLM\Software\Policies\Microsoft\W
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{7150F9BF-48AD-4da4-A49C-29EF4A8369BA}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{A3F3E39B-5D83-4940-B954-28315B82F0A8}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{A3F3E39B-5D83-4940-B954-28315B82F0A8}!LogLevel, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{6232C319-91AC-4931-9385-E70C2B099F0E}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{6232C319-91AC-4931-9385-E70C2B099F0E}!LogLevel, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{74EE6C03-5363-4554-B161-627540339CAB}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{74EE6C03-5363-4554-B161-627540339CAB}!LogLevel, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{E47248BA-94CC-49c4-BBB5-9EB7F05183D0}!NoSlowLink, HKLM\Software\Policies\Microsoft\W
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{E47248BA-94CC-49c4-BBB5-9EB7F05183D0}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{17D89FEC-5C44-4972-B12D-241CAEF74509}!NoSlowLink, HKLM\Software\Policies\Microsoft\W
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{17D89FEC-5C44-4972-B12D-241CAEF74509}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{3A0DBA37-F8B2-4356-83DE-3E90BD5C261F}!NoSlowLink, HKLM\Software\Policies\Microsoft\W
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{3A0DBA37-F8B2-4356-83DE-3E90BD5C261F}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{6A4C88C6-C502-4f74-8F60-2CB23EDC24E2}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{6A4C88C6-C502-4f74-8F60-2CB23EDC24E2}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{E62688F0-25FD-4c90-BFF5-F508B9D2E31F}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{E62688F0-25FD-4c90-BFF5-F508B9D2E31F}!LogLevel, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}!NoSlowLink, HKLM\Software\Policies\Microsoft\
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}!LogLevel, HKLM\Software\Policies\Microsoft\Win
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{E5094040-C46C-4115-B030-04FB2E545B00}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{E5094040-C46C-4115-B030-04FB2E545B00}!LogLevel, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{B087BE9D-ED37-454f-AF9C-04291E351182}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{B087BE9D-ED37-454f-AF9C-04291E351182}!LogLevel, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{AADCED64-746C-4633-A97C-D61349046527}!NoSlowLink, HKLM\Software\Policies\Microsoft\W
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{AADCED64-746C-4633-A97C-D61349046527}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{91FBB303-0CD5-4055-BF42-E512A681B325}!NoSlowLink, HKLM\Software\Policies\Microsoft\Wi
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{91FBB303-0CD5-4055-BF42-E512A681B325}!LogLevel, HKLM\Software\Policies\Microsoft\Windo
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}!NoSlowLink, HKLM\Software\Policies\Microsoft\W
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{E4F48E54-F38D-4884-BFB9-D4D2E5729C18}!NoSlowLink, HKLM\Software\Policies\Microsoft\W
HKLM\Software\Policies\Microsoft\Windows\Group Policy\{E4F48E54-F38D-4884-BFB9-D4D2E5729C18}!LogLevel, HKLM\Software\Policies\Microsoft\Wind
HKCU\Software\Policies\Microsoft\MMC\{6A712058-33C6-4046-BCF9-0EA3A8808EDC}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{0DA274B5-EB93-47A7-AAFB-65BA532D3FE6}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{17C6249E-BA57-4F69-AE93-4FB3D25CD9D7}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{1612b55c-243c-48dd-a449-ffc097b19776}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{1b767e9a-7be4-4d35-85c1-2e174a7ba951}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{2EA1A81B-48E5-45E9-8BB7-A6E3AC170006}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{35141B6B-498A-4cc7-AD59-CEF93D89B2CE}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{3BAE7E51-E3F4-41D0-853D-9BB9FD47605F}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{3EC4E9D3-714D-471F-88DC-4DD4471AAB47}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{3BFAE46A-7F3A-467B-8CEA-6AA34DC71F53}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{516FC620-5D34-4B08-8165-6A06B623EDEB}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{5C935941-A954-4F7C-B507-885941ECE5C4}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{79F92669-4224-476c-9C5C-6EFB4D87DF4A}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{949FB894-E883-42C6-88C1-29169720E8CA}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{BFCBBEB0-9DF4-4c0c-A728-434EA66A0373}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{9AD2BAFE-63B4-4883-A08C-C3C6196BCAFD}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{A8C42CEA-CDB8-4388-97F4-5831F933DA84}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{B9CCA4DE-E2B9-4CBD-BF7D-11B6EBFBDDF7}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{BEE07A6A-EC9F-4659-B8C9-0B1937907C83}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{CAB54552-DEEA-4691-817E-ED4A4D1AFC72}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{CC5746A9-9B74-4be5-AE2E-64379C86E0E4}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{CEFFA6E2-E3BD-421B-852C-6F6A79A59BC1}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{CF848D48-888D-4F45-B530-6A201E62A605}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{127537A8-C1ED-40BC-9AE5-C5891DF6B2D4}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{45B01F1C-5AC2-458c-9457-42A81B34A26D}!Restrict_Run
HKLM\Software\Policies\Microsoft\Windows\System!HelpQualifiedRootDir
HKCU\Software\Policies\Microsoft\Windows\System!DisableInHelp
HKLM\Software\Policies\Microsoft\Windows\System!DisableInHelp
HKLM\Software\Policies\Microsoft\Windows\System!DisableHHDEP
HKLM\Software\Policies\Microsoft\Assistance\Client\1.0!NoActiveHelp
HKCU\Software\Policies\Microsoft\Assistance\Client\1.0!NoExplicitFeedback
HKCU\Software\Policies\Microsoft\Assistance\Client\1.0!NoImplicitFeedback
HKCU\Software\Policies\Microsoft\Assistance\Client\1.0!NoOnlineAssist
HKLM\Software\Policies\Microsoft\Windows\HotspotAuthentication!Enabled
HKCU\Software\policies\Microsoft\System\HotStart!NoHotStart
HKLM\Software\policies\Microsoft\System\HotStart!NoHotStart
HKCU\Software\Policies\Microsoft\InternetManagement!RestrictCommunication, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoPub
HKLM\Software\Policies\Microsoft\InternetManagement!RestrictCommunication, HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoPub
HKLM\Software\Policies\Microsoft\SystemCertificates\AuthRoot!DisableRootAutoUpdate
HKCU\Software\Policies\Microsoft\Windows NT\Printers!DisableHTTPPrinting
HKLM\Software\Policies\Microsoft\Windows NT\Printers!DisableHTTPPrinting
HKCU\Software\Policies\Microsoft\Windows NT\Printers!DisableWebPnPDownload
HKLM\Software\Policies\Microsoft\Windows NT\Printers!DisableWebPnPDownload
HKLM\Software\Policies\Microsoft\Windows\DriverSearching!DontSearchWindowsUpdate
HKLM\Software\Policies\Microsoft\EventViewer!MicrosoftEventVwrDisableLinks
HKLM\Software\Policies\Microsoft\PCHealth\HelpSvc!Headlines
HKLM\Software\Policies\Microsoft\PCHealth\HelpSvc!MicrosoftKBSearch
HKLM\Software\Policies\Microsoft\Windows\Internet Connection Wizard!ExitOnMSICW
HKLM\Software\Policies\Microsoft\Windows\Registration Wizard Control!NoRegistration
HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting!DoReport, HKLM\Software\Policies\Microsoft\Windows\Windows Error Reporting!Disabled
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate!DisableWindowsUpdateAccess
HKLM\Software\Policies\Microsoft\SearchCompanion!DisableContentFileUpdates
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoInternetOpenWith
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoInternetOpenWith
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoUseStoreOpenWith
HKLM\Software\Policies\Microsoft\Windows\Explorer!NoUseStoreOpenWith
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoWebServices
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoWebServices
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoOnlinePrintsWizard
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoOnlinePrintsWizard
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoPublishingWizard
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoPublishingWizard
HKCU\Software\Policies\Microsoft\Messenger\Client!CEIP
HKLM\Software\Policies\Microsoft\Messenger\Client!CEIP
HKLM\Software\Policies\Microsoft\SQMClient\Windows!CEIPEnable
HKLM\Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator!NoActiveProbe
HKLM\Software\Policies\Microsoft\Windows NT\IIS!PreventIISInstall
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{05589FA1-C356-11CE-BF01-00AA0055595A}, HKCU\Softwar
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{DED22F57-FEE2-11D0-953B-00C04FD9152D}
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{2D360201-FFF5-11D1-8D03-00A0C959BC0A}
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{D27CDB6E-AE6D-11CF-96B8-444553540000}
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{9276B91A-E780-11d2-8A8D-00C04FA31D93}, HKCU\Softwar
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{275E2FE0-7486-11D0-89D6-00A0C90C9B67}, HKCU\Softwar
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{D45FD31B-5C6E-11D1-9EC1-00C04FD7081F}
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{D6526FE0-E651-11CF-99CB-00C04FD64497}
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{2FF18E10-DE11-11D1-8161-00A0C90DD90C}
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{26F24A93-1DA2-11D0-A334-00AA004A5FC5}
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{AE24FDAE-03C6-11D1-8B76-0080C744F389}
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\AllowedControls!{BD1F006E-174F-11D2-95C0-00C04F9A8CFA}
HKLM\Software\Policies\Microsoft\Internet Explorer\FlipAhead!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\FlipAhead!Enabled
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\Settings!LOCALMACHINE_CD_UNLOC
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\Settings!LOCALMACHINE_CD_UNLOC
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!CertificateRevocation
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!CertificateRevocation
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!UseClearType
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!UseClearType
HKLM\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing!EnableOnStartup
HKCU\Software\Policies\Microsoft\Internet Explorer\CaretBrowsing!EnableOnStartup
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!Isolation
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Isolation
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!DisableEPMCompat
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!DisableEPMCompat
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!DoNotTrack
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!DoNotTrack
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!EnableHttp1_1
HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!EnableHttp1_1
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!ProxyHttp1.1
HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!ProxyHttp1.1
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!SecureProtocols
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!SecureProtocols
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!DisableRIED
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!DisableRIED
HKLM\Software\Policies\Microsoft\Internet Explorer\Download!CheckExeSignatures
HKCU\Software\Policies\Microsoft\Internet Explorer\Download!CheckExeSignatures
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!Enable Browser Extensions
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Enable Browser Extensions
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!NoJITSetup
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!NoJITSetup
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!NoWebJITSetup
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!NoWebJITSetup
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!NoUpdateCheck
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!NoUpdateCheck
HKLM\Software\Policies\Microsoft\Internet Explorer\Download!RunInvalidSignatures
HKCU\Software\Policies\Microsoft\Internet Explorer\Download!RunInvalidSignatures
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!Play_Animations
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Play_Animations
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!Play_Background_Sounds
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Play_Background_Sounds
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!Display Inline Videos
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Display Inline Videos
HKLM\Software\Policies\Microsoft\Internet Explorer\Security\P3Global!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\Security\P3Global!Enabled
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!DisableCachingOfSSLPages
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!DisableCachingOfSSLPages
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Cache!Persistent
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Cache!Persistent
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!ShowContentAdvisor
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!ShowContentAdvisor
HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete!Append Completion
HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete!Use AutoComplete
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!GotoIntranetSiteForSingleWordEntry
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!GotoIntranetSiteForSingleWordEntry
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Disable Script Debugger
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Friendly http errors
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Page_Transitions
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Error Dlg Displayed On Every Error
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!SmoothScroll
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Anchor Underline
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!MaxSubscriptionSize, HKCU\Software\Policies\Microsoft\Internet Explorer\Infode
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoAddingChannels
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoAddingSubscriptions
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoChannelLogging
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoChannelUI
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoEditingScheduleGroups
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoEditingSubscriptions
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoRemovingChannels
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoRemovingSubscriptions
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoScheduledUpdates
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoSubscriptionContent
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!CodeBaseSearchPath
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoDefaultTextSize, HKCU\Software\Policies\Microsoft\Internet Explorer\Zoom!ResetTextSize
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!AdvancedTab
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!AdvancedTab
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!ConnectionsTab
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!ConnectionsTab
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!ContentTab
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!ContentTab
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!GeneralTab
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!GeneralTab
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!PrivacyTab
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!PrivacyTab
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!ProgramsTab
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!ProgramsTab
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!SecurityTab
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!SecurityTab
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!EnablePunyCode
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!EnablePunyCode
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Protocols\Mailto!UTF8Encoding
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Protocols\Mailto!UTF8Encoding
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!PreventIgnoreCertErrors
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!PreventIgnoreCertErrors
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!UrlEncoding
HKCU\Software\Policies\Microsoft\Internet Explorer\Settings!Background Color
HKCU\Software\Policies\Microsoft\Internet Explorer\Settings!Text Color
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Use_DlgBox_Colors
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion!IEAKUpdateUrl
HKCU\Software\Policies\Microsoft\Internet Connection Wizard!DisableICW
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!ListBox_Support_CLSID, HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLS
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!ListBox_Support_CLSID, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CL
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!RestrictToList
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!RestrictToList
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_ADDON_MANAGEMENT, HKLM\Software\Policies\Mi
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_ADDON_MANAGEMENT, HKCU\Software\Policies\Mi
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!ListBox_Support_AllowedBehaviors, HKLM\Software\Policies\Microsoft\Window
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!ListBox_Support_AllowedBehaviors, HKCU\Software\Policies\Microsoft\Window
HKLM\Software\Policies\Microsoft\Internet Explorer\Security!ENABLE_MD2_MD4
HKCU\Software\Policies\Microsoft\Internet Explorer\Security!ENABLE_MD2_MD4
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS!(Reserved), HKLM\Software\Policies\Microsoft\Internet Ex
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS!(Reserved), HKCU\Software\Policies\Microsoft\Internet Ex
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_BEHAVIORS, HKLM\Software\Policies\Microsoft\Inter
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_BEHAVIORS, HKCU\Software\Policies\Microsoft\Inter
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING!(Reserved), HKLM\Software\Policies\Microsoft\Inter
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING!(Reserved), HKCU\Software\Policies\Microsoft\Inter
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_MIME_HANDLING, HKLM\Software\Policies\Microsoft
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_MIME_HANDLING, HKCU\Software\Policies\Microsoft
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND!(Reserved), HKLM\Software\Policies\Microsoft\Intern
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND!(Reserved), HKCU\Software\Policies\Microsoft\Intern
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_SECURITYBAND, HKLM\Software\Policies\Microsoft\
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_SECURITYBAND, HKCU\Software\Policies\Microsoft\
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN!(Reserved), HKLM\Software\Policies\M
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN!(Reserved), HKCU\Software\Policies\M
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_LOCALMACHINE_LOCKDOWN, HKLM\Software\Polic
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_LOCALMACHINE_LOCKDOWN, HKCU\Software\Polic
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING!(Reserved), HKLM\Software\Policies\Microsoft\Interne
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING!(Reserved), HKCU\Software\Policies\Microsoft\Interne
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_MIME_SNIFFING, HKLM\Software\Policies\Microsoft\
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_MIME_SNIFFING, HKCU\Software\Policies\Microsoft\
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL!(Reserved), HKLM\Software\Policies\Micros
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL!(Reserved), HKCU\Software\Policies\Micros
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_DISABLE_MK_PROTOCOL, HKLM\Software\Policies\
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_DISABLE_MK_PROTOCOL, HKCU\Software\Policies\
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN!(Reserved), HKLM\Software\Policies\Microso
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN!(Reserved), HKCU\Software\Policies\Microso
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_PROTOCOL_LOCKDOWN, HKLM\Software\Policies\
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_PROTOCOL_LOCKDOWN, HKCU\Software\Policies\
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING!(Reserved), HKLM\Software\Policies\Microsoft\Inte
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING!(Reserved), HKCU\Software\Policies\Microsoft\Int
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_OBJECT_CACHING, HKLM\Software\Policies\Microso
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_OBJECT_CACHING, HKCU\Software\Policies\Microso
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION!(Reserved), HKLM\Software\Policies\Microsoft\Inter
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION!(Reserved), HKCU\Software\Policies\Microsoft\Inte
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_ZONE_ELEVATION, HKLM\Software\Policies\Microsof
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_ZONE_ELEVATION, HKCU\Software\Policies\Microsof
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL!(Reserved), HKLM\Software\Policies\Mic
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL!(Reserved), HKCU\Software\Policies\Mic
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_RESTRICT_ACTIVEXINSTALL, HKLM\Software\Policie
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_RESTRICT_ACTIVEXINSTALL, HKCU\Software\Polici
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD!(Reserved), HKLM\Software\Policies\Micr
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD!(Reserved), HKCU\Software\Policies\Mic
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_RESTRICT_FILEDOWNLOAD, HKLM\Software\Policie
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_RESTRICT_FILEDOWNLOAD, HKCU\Software\Policie
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS!(Reserved), HKLM\Software\Policies\Micros
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS!(Reserved), HKCU\Software\Policies\Micros
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_WINDOW_RESTRICTIONS, HKLM\Software\Policies\
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_FEATURE_WINDOW_RESTRICTIONS, HKCU\Software\Policies\
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols!ListBox_Support_3, HKLM\SOFTWARE\Policies\Microso
HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols!ListBox_Support_3, HKCU\SOFTWARE\Policies\Micros
HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoCrashDetection
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoCrashDetection
HKLM\Software\Policies\Microsoft\Internet Explorer\Recovery!AutoRecover
HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery!AutoRecover
HKLM\Software\Policies\Microsoft\Internet Explorer\Recovery!NoReopenLastSession
HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery!NoReopenLastSession
HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoExtensionManagement
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoExtensionManagement
HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!AddPolicySearchProviders
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!AddPolicySearchProviders
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!AlwaysShowMenus
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!AlwaysShowMenus
HKLM\Software\Policies\Microsoft\Internet Explorer\LinksBar!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\LinksBar!Enabled
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!EnableAutoProxyResultCache
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoExternalBranding
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Advanced
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!Version
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent!Version
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!DialupAutodetect
HKLM\Software\Policies\Microsoft\Internet Explorer\Security!DisableFixSecuritySettings
HKCU\Software\Policies\Microsoft\Internet Explorer\Security!DisableFixSecuritySettings
HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!Enabled
HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!EnabledV8
HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!EnabledV8
HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!EnabledV9
HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!EnabledV9
HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!PreventOverride
HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!PreventOverride
HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!PreventOverrideAppRepUnknown
HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter!PreventOverrideAppRepUnknown
HKLM\Software\Policies\Microsoft\Internet Explorer\Security!DisableSecuritySettingsCheck
HKCU\Software\Policies\Microsoft\Internet Explorer\Security!DisableSecuritySettingsCheck
HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbar\WebBrowser!ITBar7Position
HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions!DisablePopupFilterLevel
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!DisablePopupFilterLevel
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!DisplayScriptDownloadFailureUI
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Compat_logging!iexplore.exe
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Compat_logging!iexplore.exe
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!AlwaysShowMenus, HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions!NoNa
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!AlwaysShowMenus, HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions!NoNa
HKLM\Software\Policies\Microsoft\Internet Explorer!DisableImportExportFavorites
HKCU\Software\Policies\Microsoft\Internet Explorer!DisableImportExportFavorites
HKLM\Software\Policies\Microsoft\Internet Explorer\Geolocation!PolicyDisableGeolocation
HKCU\Software\Policies\Microsoft\Internet Explorer\Geolocation!PolicyDisableGeolocation
HKLM\Software\Policies\Microsoft\Internet Explorer!DisableFlashInIE
HKCU\Software\Policies\Microsoft\Internet Explorer!DisableFlashInIE
HKLM\Software\Policies\Microsoft\Internet Explorer\ZOOM!ZoomDisabled
HKCU\Software\Policies\Microsoft\Internet Explorer\ZOOM!ZoomDisabled
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Identities!Locked Down
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!IgnoreFrameApprovalCheck
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!IgnoreFrameApprovalCheck
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!DisableAddonLoadTimePerformanceNotifications
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!DisableAddonLoadTimePerformanceNotifications
HKLM\Software\Policies\Microsoft\Internet Explorer\Safety\ActiveXFiltering!IsEnabled
HKCU\Software\Policies\Microsoft\Internet Explorer\Safety\ActiveXFiltering!IsEnabled
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!No_LaunchMediaBar, HKCU\Software\Microsoft\Internet Explorer\media!Autoplay
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!DisableDeleteBrowsingHistory
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!DisableDeleteBrowsingHistory
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!DisableDeleteForms
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!DisableDeleteForms
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!DisableDeletePasswords
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!DisableDeletePasswords
HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanCookies
HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanCookies
HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanHistory
HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanHistory
HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanDownloadHistory
HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanDownloadHistory
HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanTIF
HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanTIF
HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanInPrivateBlocking
HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanInPrivateBlocking
HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanTrackingProtection
HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy!CleanTrackingProtection
HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy!UseAllowList
HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy!UseAllowList
HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy!ClearBrowsingHistoryOnExit
HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy!ClearBrowsingHistoryOnExit
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!DisableFirstRunCustomize
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!DisableFirstRunCustomize
HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoHelpMenu
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoHelpMenu
HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoSearchBox
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoSearchBox
HKLM\Software\Policies\Microsoft\Internet Explorer\SearchScopes!ShowSearchSuggestionsGlobal
HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes!ShowSearchSuggestionsGlobal
HKLM\Software\Policies\Microsoft\Internet Explorer\SearchScopes!DisplayQuickPick
HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes!DisplayQuickPick
HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoJITSetup
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!TabProcGrowth
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!TabProcGrowth
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!ShutdownWaitForOnUnload
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!ShutdownWaitForOnUnload
HKLM\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!NewTabPageShow
HKCU\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!NewTabPageShow
HKCU\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!Groups
HKLM\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!QuickTabsThreshold
HKCU\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!QuickTabsThreshold
HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoChangeDefaultSearchProvider
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoChangeDefaultSearchProvider
HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoSplash
HKLM\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!Enabled
HKLM\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!PopupsUseNewWindow
HKCU\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!PopupsUseNewWindow
HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoUpdateCheck
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!AllowWindowReuse
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!AllowWindowReuse
HKCU\Software\Microsoft\Outlook Express!BlockExeAttachments
HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows!ListBox_Support_Allow, HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows
HKCU\Software\Policies\Microsoft\Internet Explorer\New Windows!ListBox_Support_Allow, HKCU\Software\Policies\Microsoft\Internet Explorer\New Windows
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Accessibility
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!Autoconfig
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Autoconfig
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Cache
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!CalendarContact
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Certificates
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Check_If_Default
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Check_Associations
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Colors
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Connection Settings
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!Connection Settings, HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!Co
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Connwiz Admin Lock
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Fonts
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Use FormSuggest, HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!FormSuggest
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!FormSuggest Passwords, HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!FormS
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!History, HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url Hi
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!History, HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Url H
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!HomePage, HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Start Page
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\SecondaryStartPages
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\SecondaryStartPages
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Languages
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!links
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Messaging
HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions!RestrictPopupExceptionList
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!RestrictPopupExceptionList
HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoPopupManagement
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoPopupManagement
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Profiles
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!Proxy
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Proxy
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Ratings
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!ResetWebSettings
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel!Settings
HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel!Settings
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete!AutoSuggest
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete!AutoSuggest
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\WindowsSearch!EnabledScopes
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\WindowsSearch!EnabledScopes
HKLM\Software\Policies\Microsoft\Internet Explorer\DomainSuggestion!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\DomainSuggestion!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoFindFiles
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoSearchCustomization
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!Security_HKLM_only
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!Security_options_edit
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!Security_zones_map_edit
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoMSAppLogo5ChannelNotify
HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!UsePolicySearchProvidersOnly
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!UsePolicySearchProvidersOnly
HKLM\Software\Policies\Microsoft\Internet Explorer\SQM!DisableCustomerImprovementProgram
HKCU\Software\Policies\Microsoft\Internet Explorer\SQM!DisableCustomerImprovementProgram
HKLM\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!OpenInForeground
HKCU\Software\Policies\Microsoft\Internet Explorer\TabbedBrowsing!OpenInForeground
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!ProxySettingsPerUser
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!2104
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!2104
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!120A
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!120A
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0!120b
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0!120b
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0!120b
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0!120b
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!270B
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!270B
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!1C00
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!1C00
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!1A00
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!1A00
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!1E05
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3!1E05
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0!1409
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0!1409
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!120A
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!120A
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!270B
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!270B
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!1C00
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!1C00
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!1A00
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!1A00
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!1E05
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3!1E05
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap!IntranetName
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap!IntranetName
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!WarnOnBadCertRecving
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!WarnOnBadCertRecving
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Lockdown Settings\Template Policies!InternetZoneLockdownTemplate, HKLM\Software\P
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Lockdown Settings\Template Policies!InternetZoneLockdownTemplate, HKCU\Software\P
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Template Policies!InternetZoneTemplate, HKLM\Software\Policies\Microsoft\Win
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Template Policies!InternetZoneTemplate, HKCU\Software\Policies\Microsoft\Win
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Intranet Lockdown Settings\Template Policies!IntranetZoneLockdownTemplate, HKLM\Software\P
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Intranet Lockdown Settings\Template Policies!IntranetZoneLockdownTemplate, HKCU\Software\P
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Intranet Settings\Template Policies!IntranetZoneTemplate, HKLM\Software\Policies\Microsoft\Win
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Intranet Settings\Template Policies!IntranetZoneTemplate, HKCU\Software\Policies\Microsoft\Win
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Local Machine Zone Lockdown Settings\Template Policies!LocalMachineZoneLockdownTemplate
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Local Machine Zone Lockdown Settings\Template Policies!LocalMachineZoneLockdownTemplate
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Local Machine Zone Settings\Template Policies!LocalMachineZoneTemplate, HKLM\Software\Pol
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Local Machine Zone Settings\Template Policies!LocalMachineZoneTemplate, HKCU\Software\Po
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Restricted Sites Lockdown Settings\Template Policies!RestrictedSitesZoneLockdownTemplate, HK
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Restricted Sites Lockdown Settings\Template Policies!RestrictedSitesZoneLockdownTemplate, H
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Restricted Sites Settings\Template Policies!RestrictedSitesZoneTemplate, HKLM\Software\Policie
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Restricted Sites Settings\Template Policies!RestrictedSitesZoneTemplate, HKCU\Software\Policie
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Trusted Sites Lockdown Settings\Template Policies!TrustedSitesZoneLockdownTemplate, HKLM\
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Trusted Sites Lockdown Settings\Template Policies!TrustedSitesZoneLockdownTemplate, HKCU\
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Trusted Sites Settings\Template Policies!TrustedSitesZoneTemplate, HKLM\Software\Policies\Mic
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Trusted Sites Settings\Template Policies!TrustedSitesZoneTemplate, HKCU\Software\Policies\Mic
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap!ProxyByPass
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap!ProxyByPass
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap!UNCAsIntranet
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap!UNCAsIntranet
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!ListBox_Support_ZoneMapKey, HKLM\Software\Policies\Microsoft\Windows\Cu
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!ListBox_Support_ZoneMapKey, HKCU\Software\Policies\Microsoft\Windows\Cu
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap!AutoDetect
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap!AutoDetect
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!WarnOnIntranet
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!WarnOnIntranet
HKCU\Software\Policies\Microsoft\Internet Explorer\Settings!Anchor Color Hover
HKCU\Software\Policies\Microsoft\Internet Explorer\Settings!Anchor Color
HKCU\Software\Policies\Microsoft\Internet Explorer\Settings!Anchor Color Visited
HKCU\Software\Policies\Microsoft\Internet Explorer\Settings!Use Anchor Hover Color
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoBrowserClose
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoBrowserSaveAs
HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions!NoBrowserSaveWebComplete
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoFileNew
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoFileOpen
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoHelpItemSendFeedback
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoHelpItemNetscapeHelp
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoHelpItemTipOfTheDay
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoHelpItemTutorial
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoBrowserContextMenu
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoFavorites
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoOpeninNewWnd
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoSelectDownloadDir
HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoPrinting
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoPrinting
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoBrowserOptions
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoTheaterMode
HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions!NoViewSource
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Enable AutoImageResize
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Display Inline Images
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!EnableAlternativeCodec
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!EnableAlternativeCodec
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Show image placeholders
HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer!SmartDithering
HKCU\Software\Policies\Microsoft\Internet Explorer\Persistence\0!DomainLimit, HKCU\Software\Policies\Microsoft\Internet Explorer\Persistence\0!Document
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!Print_Background
HKLM\Software\Policies\Microsoft\Internet Explorer\Feeds!BackgroundSyncStatus
HKCU\Software\Policies\Microsoft\Internet Explorer\Feeds!BackgroundSyncStatus
HKLM\Software\Policies\Microsoft\Internet Explorer\Feeds!DisableEnclosureDownload
HKCU\Software\Policies\Microsoft\Internet Explorer\Feeds!DisableEnclosureDownload
HKLM\Software\Policies\Microsoft\Internet Explorer\Feeds!DisableAddRemove
HKCU\Software\Policies\Microsoft\Internet Explorer\Feeds!DisableAddRemove
HKLM\Software\Policies\Microsoft\Internet Explorer\Feed Discovery!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\Feed Discovery!Enabled
HKLM\Software\Policies\Microsoft\Internet Explorer\Feeds!DisableFeedPane
HKCU\Software\Policies\Microsoft\Internet Explorer\Feeds!DisableFeedPane
HKLM\Software\Policies\Microsoft\Internet Explorer\Feeds!AllowBasicAuthInClear
HKCU\Software\Policies\Microsoft\Internet Explorer\Feeds!AllowBasicAuthInClear
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Script_Paste_URLAction_If_Prompt!*
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Script_Paste_URLAction_If_Prompt!*
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Script_Paste_URLAction_If_Prompt!(Reserved), HKLM\Software\P
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\Feature_Enable_Script_Paste_URLAction_If_Prompt!(Reserved), HKCU\Software\P
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_Feature_Enable_Script_Paste_URLAction_If_Prompt, HKLM\Softw
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl!ListBox_Support_Feature_Enable_Script_Paste_URLAction_If_Prompt, HKCU\Softw
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!AutoSearch
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!AutoSearch
HKLM\Software\Policies\Microsoft\Internet Explorer\SearchScopes!TopResult
HKCU\Software\Policies\Microsoft\Internet Explorer\SearchScopes!TopResult
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!XMLHTTP
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!XMLHTTP
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DATAURI!iexplore.exe
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DATAURI!iexplore.exe
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!DEPOff
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!DisablePasswordReveal
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!DisablePasswordReveal
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER!iexplore.exe
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER!iexplore.exe
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER!iexplore.exe
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER!iexplore.exe
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOCUMENT_MESSAGING!iexplore.exe
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CROSS_DOCUMENT_MESSAGING!iexplore.exe
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST!iexplore.exe
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST!iexplore.exe
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET!iexplore.exe
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET!iexplore.exe
HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET_MAXCONNECTIONSPERSERVER!iexplore.exe
HKCU\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET_MAXCONNECTIONSPERSERVER!iexplore.exe
HKCU\Software\Policies\Microsoft\IEAK!NoAutomaticSignup
HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions!DisableToolbarUpgrader
HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions!DisableToolbarUpgrader
HKLM\Software\Policies\Microsoft\Internet Explorer\IEDevTools!Disabled
HKCU\Software\Policies\Microsoft\Internet Explorer\IEDevTools!Disabled
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoBandCustomize
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoToolbarCustomize
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!SpecifyDefaultButtons, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Exp
HKLM\Software\Policies\Microsoft\Internet Explorer\CommandBar!CommandBarEnabled
HKCU\Software\Policies\Microsoft\Internet Explorer\CommandBar!CommandBarEnabled
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!StatusBarWeb
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!StatusBarWeb
HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbar!Locked
HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbar!Locked
HKLM\Software\Policies\Microsoft\Internet Explorer\CommandBar!ShowLeftAddressToolbar
HKCU\Software\Policies\Microsoft\Internet Explorer\CommandBar!ShowLeftAddressToolbar
HKLM\Software\Policies\Microsoft\Internet Explorer\CommandBar!TextOption
HKCU\Software\Policies\Microsoft\Internet Explorer\CommandBar!TextOption
HKLM\Software\Policies\Microsoft\Internet Explorer\CommandBar!SmallIcons
HKCU\Software\Policies\Microsoft\Internet Explorer\CommandBar!SmallIcons
HKLM\Software\Policies\Microsoft\Internet Explorer\MINIE!ShowTabsBelowAddressBar
HKCU\Software\Policies\Microsoft\Internet Explorer\MINIE!ShowTabsBelowAddressBar
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!Update_Check_Interval
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!Update_Check_Page
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!NoFirsttimeprompt
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext!NoFirsttimeprompt
HKLM\Software\Policies\Microsoft\Internet Explorer\Security\ActiveX!BlockNonAdminActiveXInstall
HKCU\Software\Policies\Microsoft\Internet Explorer\Security\ActiveX!BlockNonAdminActiveXInstall
HKLM\Software\Policies\Microsoft\Windows\AxInstaller!OnlyUseAXISForActiveXInstall
HKCU\Software\Policies\Microsoft\Windows\AxInstaller!OnlyUseAXISForActiveXInstall
HKLM\Software\Policies\Microsoft\Internet Explorer\Suggested Sites!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\Suggested Sites!Enabled
HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy!EnableInPrivateBrowsing
HKCU\Software\Policies\Microsoft\Internet Explorer\Privacy!EnableInPrivateBrowsing
HKLM\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!DisableToolbars
HKCU\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!DisableToolbars
HKLM\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!DisableLogging
HKCU\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!DisableLogging
HKLM\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!Threshold
HKCU\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!Threshold
HKLM\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!DisableInPrivateBlocking
HKCU\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!DisableInPrivateBlocking
HKLM\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!TrackingProtectionThreshold
HKCU\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!TrackingProtectionThreshold
HKLM\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!DisableTrackingProtection
HKCU\Software\Policies\Microsoft\Internet Explorer\Safety\PrivacIE!DisableTrackingProtection
HKCU\Software\Policies\Microsoft\Internet Explorer\GPActivities\ActivitiesInstall
HKLM\Software\Policies\Microsoft\Internet Explorer\GPActivities\ActivitiesInstall
HKCU\Software\Policies\Microsoft\Internet Explorer\GPActivities\ActivitiesDefaultInstall
HKLM\Software\Policies\Microsoft\Internet Explorer\GPActivities\ActivitiesDefaultInstall
HKLM\Software\Policies\Microsoft\Internet Explorer\Activities!NoActivities
HKCU\Software\Policies\Microsoft\Internet Explorer\Activities!NoActivities
HKLM\Software\Policies\Microsoft\Internet Explorer\Activities\Restrictions!UsePolicyActivitiesOnly
HKCU\Software\Policies\Microsoft\Internet Explorer\Activities\Restrictions!UsePolicyActivitiesOnly
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation!AllSitesCompatibilityMode
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation!AllSitesCompatibilityMode
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation!DisableSiteListEditing
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation!DisableSiteListEditing
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation!IntranetCompatibilityMode
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation!IntranetCompatibilityMode
HKLM\Software\Policies\Microsoft\Internet Explorer\CommandBar!ShowCompatibilityViewButton
HKCU\Software\Policies\Microsoft\Internet Explorer\CommandBar!ShowCompatibilityViewButton
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation\PolicyList
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation\PolicyList
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation\QuirksPolicyList
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation\QuirksPolicyList
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation!MSCompatibilityMode
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserEmulation!MSCompatibilityMode
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!DisableAddSiteMode
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!DisableAddSiteMode
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage!DefaultDomainCacheLimitInMB
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage!DefaultDomainCacheLimitInMB
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\IndexedDB!AllowWebsiteDatabases
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\IndexedDB!AllowWebsiteDatabases
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\IndexedDB!MaxTrustedDomainLimitInMB
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\IndexedDB!MaxTrustedDomainLimitInMB
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\IndexedDB!TotalLimitInMB
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\IndexedDB!TotalLimitInMB
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!AllowWebsiteCaches
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!AllowWebsiteCaches
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!MaxTrustedDomainLimitInMB
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!MaxTrustedDomainLimitInMB
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!TotalLimitInMB
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!TotalLimitInMB
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!GarbageCollectionThresholdInDays
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!GarbageCollectionThresholdInDays
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!ManifestResourceQuota
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!ManifestResourceQuota
HKLM\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!ManifestSingleResourceQuotaInMB
HKCU\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache!ManifestSingleResourceQuotaInMB
HKLM\Software\Policies\Microsoft\Internet Explorer\ContinuousBrowsing!Enabled
HKCU\Software\Policies\Microsoft\Internet Explorer\ContinuousBrowsing!Enabled
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!ApplicationTileImmersiveActivation
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!ApplicationTileImmersiveActivation
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!AssociationActivationMode
HKCU\Software\Policies\Microsoft\Internet Explorer\Main!AssociationActivationMode
HKLM\Software\Policies\Microsoft\Internet Explorer\Main!EnableAutoUpgrade
HKCU\Software\Policies\Microsoft\Windows\HandwritingErrorReports!PreventHandwritingErrorReports
HKLM\Software\Policies\Microsoft\Windows\HandwritingErrorReports!PreventHandwritingErrorReports
HKLM\Software\Policies\Microsoft\Windows\iSCSI!ConfigureiSNSServers
HKLM\Software\Policies\Microsoft\Windows\iSCSI!ConfigureTargetPortals
HKLM\Software\Policies\Microsoft\Windows\iSCSI!ConfigureTargets
HKLM\Software\Policies\Microsoft\Windows\iSCSI!NewStaticTargets
HKLM\Software\Policies\Microsoft\Windows\iSCSI!ChangeIQNName
HKLM\Software\Policies\Microsoft\Windows\iSCSI!RestrictAdditionalLogins
HKLM\Software\Policies\Microsoft\Windows\iSCSI!ChangeCHAPSecret
HKLM\Software\Policies\Microsoft\Windows\iSCSI!RequireIPSec
HKLM\Software\Policies\Microsoft\Windows\iSCSI!RequireMutualCHAP
HKLM\Software\Policies\Microsoft\Windows\iSCSI!RequireOneWayCHAP
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\KDC\Parameters!EmitLILI
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\KDC\Parameters!UseForestSearch, HKLM\Software\Microsoft\Windows\CurrentVersion\P
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\KDC\Parameters!EnableCbacAndArmor, HKLM\Software\Microsoft\Windows\CurrentVers
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\KDC\Parameters!EnableTicketSizeThreshold, HKLM\Software\Microsoft\Windows\Curren
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos!domain_realm_Enabled, HKLM\Software\Microsoft\Windows\CurrentVersion\Po
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos!MitRealms_Enabled, HKLM\Software\Microsoft\Windows\CurrentVersion\Policie
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters!KdcValidation
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters!UseForestSearch, HKLM\Software\Microsoft\Windows\CurrentVers
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters!StrictTargetContext
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos!KdcProxyServer_Enabled, HKLM\Software\Microsoft\Windows\CurrentVersion\
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters!NoRevocationCheck
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters!RequireFast
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!CompoundIdDisabled, HKLM\Software\Policies\Microsoft\Netlogon\Parameters!CompoundIdEnabled
HKLM\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters!EnableMaxTokenSize, HKLM\System\CurrentControlSet\Control\Lsa\Kerberos\Parameter
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters!EnableCbacAndArmor
HKLM\Software\Policies\Microsoft\Windows\LanmanServer!HashPublicationForPeerCaching
HKLM\Software\Policies\Microsoft\Windows\LanmanServer!HashSupportVersion
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{eb73b633-3f4e-4ba0-8f60-8f3c6f53168f}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\Micr
HKLM\Software\Policies\Microsoft\Windows\LLTD!EnableLLTDIO, HKLM\Software\Policies\Microsoft\Windows\LLTD!AllowLLTDIOOnDomain, HKLM\Software
HKLM\Software\Policies\Microsoft\Windows\LLTD!EnableRspndr, HKLM\Software\Policies\Microsoft\Windows\LLTD!AllowRspndrOnDomain, HKLM\Software
HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors!DisableWindowsLocationProvider
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisableCurrentUserRun
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisableLocalMachineRun
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisableCurrentUserRunOnce
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisableLocalMachineRunOnce
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!LogonType
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoWelcomeScreen
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKLM\Software\Policies\Microsoft\Windows NT\CurrentVersion\Winlogon!SyncForegroundPolicy
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!DisableStatusMessages
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoWelcomeScreen
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!VerboseStatus
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!HideFastUserSwitching
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!DisableStartupSound
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!EnableFirstLogonAnimation
HKLM\Software\Policies\Microsoft\Windows\System!UseOEMBackground
HKLM\Software\Policies\Microsoft\Windows\System!DontEnumerateConnectedUsers
HKLM\Software\Policies\Microsoft\Windows\System!EnumerateLocalUsers
HKLM\Software\Policies\Microsoft\Windows\System!DisableLockScreenAppNotifications
HKCU\Software\Policies\Microsoft\WindowsMediaCenter!MediaCenter
HKLM\Software\Policies\Microsoft\WindowsMediaCenter!MediaCenter
HKCU\Software\Policies\Microsoft\MMC!RestrictAuthorMode
HKCU\Software\Policies\Microsoft\MMC!RestrictToPermittedSnapins
HKCU\Software\Policies\Microsoft\MMC\{B708457E-DB61-4C55-A92F-0D4B5E9B1224}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{C96401CF-0E17-11D3-885B-00C04F72C717}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{C96401D1-0E17-11D3-885B-00C04F72C717}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{1AA7F83C-C7F5-11D0-A376-00C04FC9DA04}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{1F5EEC01-1214-4D94-80C5-4BDCD2014DDD}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{3F276EB4-70EE-11D1-8A0F-00C04FB93753}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{C2FE450B-D6C2-11D0-A37B-00C04FC9DA04}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{9EC88934-C774-11d1-87F4-00C04FC2C17B}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{90087284-d6d6-11d0-8353-00a0c90640bf}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{C2FE4502-D6C2-11D0-A37B-00C04FC9DA04}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{634BDE40-E5E1-49A1-B2CD-140FFFC830F9}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{394C052E-B830-11D0-9A86-00C04FD8DBF7}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{b05566ae-fe9c-4363-be05-7a4cbb7cb510}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{2E19B602-48EB-11d2-83CA-00104BCA42CF}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{90810502-38F1-11D1-9345-00C04FC9DA04}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{6E8E0081-19CD-11D1-AD91-00AA00B8E05A}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{6d8880af-e518-43a8-986c-1ad21c4c976e}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{34AB8E82-C27E-11D1-A6C0-00C04FB94F17}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{B52C1E50-1DD2-11D1-BC43-00C04FC31FD3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{5880CD5C-8EC0-11d1-9570-0060B0576642}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{243E20B0-48ED-11D2-97DA-00A024D77700}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{DAB1A262-4FD7-11D1-842C-00C04FB6C218}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{B1AFF7D0-0C49-11D1-BB12-00C04FC9A3A3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{BD95BA60-2E26-AAD1-AD99-00AA00B8E05A}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{58221C69-EA27-11CF-ADCF-00AA00A80033}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{03f1f940-a0f2-11d0-bb77-00aa00a1eab7}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{7AF60DD3-4979-11D1-8A6C-00C04FC33566}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{0F3621F1-23C6-11D1-AD97-00AA00B88E5A}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{E12BBB5D-D59D-4E61-947A-301D25AE8C23}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{8FC0B734-A0E1-11D1-A7D3-0000F87571E3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{D70A2BEA-A63E-11D1-A7D4-0000F87571E3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{6DC3804B-7212-458D-ADB0-9A07E2AE1FA2}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{0F6B957D-509E-11D1-A7CC-0000F87571E3}!Restrict_Run, HKCU\Software\Policies\Microsoft\MMC\{D02B1F72-3
HKCU\Software\Policies\Microsoft\MMC\{0F6B957E-509E-11D1-A7CC-0000F87571E3}!Restrict_Run, HKCU\Software\Policies\Microsoft\MMC\{D02B1F73-3
HKCU\Software\Policies\Microsoft\MMC\{88E729D6-BDC1-11D1-BD2A-00C04FB9603F}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{FC715823-C5FB-11D1-9EEF-00A0C90347FF}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{DEA8AFA0-CC85-11d0-9CE2-0080C7221EBD}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{0E752416-F29E-4195-A9DD-7F0D4D5A9D71}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{a1bc4ecb-66b2-44e8-9915-be02e84438ba}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{3060E8CE-7020-11D2-842D-00C04FA372D4}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{40B6664F-4972-11D1-A7CA-0000F87571E3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{40B66650-4972-11D1-A7CA-0000F87571E3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{942A8E4F-A261-11D1-A760-00C04FB9603F}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{BACF5C8A-A3C7-11D1-A760-00C04FB9603F}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{06993B16-A5C7-47EB-B61C-B1CB7EE600AC}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{2DA6AA7F-8C88-4194-A558-0D36E7FD3E64}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{B6F9C8AE-EF3A-41C8-A911-37370C331DD4}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{B6F9C8AF-EF3A-41C8-A911-37370C331DD4}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{c40d66a0-e90c-46c6-aa3b-473e38c72bf2}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{d524927d-6c08-46bf-86af-391534d779d3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{40B66660-4972-11d1-A7CA-0000F87571E3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{40B66661-4972-11d1-A7CA-0000F87571E3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{fe883157-cebd-4570-b7a2-e4fe06abe626}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{7E45546F-6D52-4D10-B702-9C2E67232E62}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{1BC972D6-555C-4FF7-BE2C-C584021A0A6A}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{EBC53A38-A23F-11D0-B09B-00C04FD8DCA6}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{D967F824-9968-11D0-B936-00C04FD8D5B0}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{E355E538-1C2E-11D0-8C37-00C04FD8FE93}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{1C5DACFA-16BA-11D2-81D0-0000F87A7AA3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{de751566-4cc6-11d1-8ca0-00c04fc297eb}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{53D6AB1D-2488-11D1-A28C-00C04FB94F17}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{A994E107-6854-4F3D-917C-E6F01670F6D3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{C9BC92DF-5B9A-11D1-8F00-00C04FC2C17B}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{74246bfc-4c96-11d0-abef-0020af6b0b7a}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{677A2D94-28D9-11D1-A95B-008048918FB1}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{43668E21-2636-11D1-A1CE-0080C88593A5}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{8EAD3A12-B2C1-11d0-83AA-00A0C92C9D5D}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{975797FC-4E2A-11D0-B702-00C04FD8DBF7}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{b05566ad-fe9c-4363-be05-7a4cbb7cb510}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{D2779945-405B-4ACE-8618-508F3E3054AC}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{753EDB4D-2E1B-11D1-9064-00A0C90AB504}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{FF5903A8-78D6-11D1-92F6-006097B01056}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{89cc9588-7628-4d29-8e4a-6550d0087059}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{8F8F8DC0-5713-11D1-9551-0060B0576642}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{A841B6C2-7577-11D0-BB1F-00A0C922E79C}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{95AD72F0-44CE-11D0-AE29-00AA004B9986}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{DEA8AFA2-CC85-11d0-9CE2-0080C7221EBD}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{57C596D0-9370-40C0-BA0D-AB491B63255D}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{5D6179C8-17EC-11D1-9AA9-00C04FD8FE93}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{a1bc4eca-66b2-44e8-9915-be02e84438ba}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{18BA7139-D98B-43c2-94DA-2604E34E175D}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{6630f2d7-bd52-4072-bfa7-863f3d0c5da0}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{7478EF61-8C46-11d1-8D99-00A0C913CAD4}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{FD57D297-4FD9-11D1-854E-00C04FC31FD3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{3D5D035E-7721-4B83-A645-6C07A3D403B7}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{1AA7F839-C7F5-11D0-A376-00C04FC9DA04}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{3CB6973D-3E6F-11D0-95DB-00A024D77700}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{011BE22D-E453-11D1-945A-00C04FB984F9}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{5ADF5BF6-E452-11D1-945A-00C04FB984F9}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{18ea3f92-d6aa-41d9-a205-2023400c8fbb}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{45ac8c63-23e2-11d1-a696-00c04fd58bc3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{E26D02A0-4C1F-11D1-9AA1-00C04FC3357A}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{B91B6008-32D2-11D2-9888-00A0C925F917}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{7d3830aa-e69e-4e17-8bd1-1b87b97099da}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{b05566ac-fe9c-4368-be02-7a4cbb7cbe11}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{23DC5869-BD9F-46fd-AADD-1F869BA64FC3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{5C659257-E236-11D2-8899-00104B2AFB46}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{9FE24B92-C23D-451c-8045-73038D99E620}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{C11D2F3B-E2F4-4e5b-824B-84A87AB0F666}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{317cdc35-c09e-486f-ab09-90dd2e3fdd7d}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{317cdc37-c09e-486f-ab09-90dd2e3fdd7d}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\{dbfca500-8c31-11d0-aa2c-00a0c92749a3}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{813C1B01-6624-4922-9C6C-03C315646584}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{f9f63d92-6225-410b-bb02-26239b8f1f59}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{671ee405-c969-4af9-ad1b-65e96b3b9a10}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{f78fbadd-c21a-4e0a-b53d-c879a9c8f002}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{f8abd46c-1297-4474-9cdf-831ebb245f49}!Restrict_Run
HKCU\Software\Policies\Microsoft\MMC\FX:{f8abd46e-1297-4474-9cdf-831ebb245f49}!Restrict_Run
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\MobilityCenter!NoMobilityCenter
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\MobilityCenter!NoMobilityCenter
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\PresentationSettings!NoPresentationSettings
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\PresentationSettings!NoPresentationSettings
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler\Maintenance!Activation Boundary
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler\Maintenance!Random Delay
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler\Maintenance!WakeUp
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{C295FBBA-FD47-46ac-8BEE-B1715EC634E5}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policie
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{C295FBBA-FD47-46ac-8BEE-B1715EC634E5}!DownloadToolsEnabled, HKLM\SOFTWARE\Policies\M
HKLM\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnosticsProvider\Policy!DisableQueryRemoteServer
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{54077489-683b-4762-86c8-02cf87a33423}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\M
HKLM\Software\Policies\Microsoft\Windows\Installer!AllowLockdownBrowse
HKLM\Software\Policies\Microsoft\Windows\Installer!AllowLockdownMedia
HKLM\Software\Policies\Microsoft\Windows\Installer!AllowLockdownPatch
HKCU\Software\Policies\Microsoft\Windows\Installer!AlwaysInstallElevated
HKLM\Software\Policies\Microsoft\Windows\Installer!AlwaysInstallElevated
HKLM\Software\Policies\Microsoft\Windows\Installer!DisableAutomaticApplicationShutdown
HKLM\Software\Policies\Microsoft\Windows\Installer!DisableBrowse
HKLM\Software\Policies\Microsoft\Windows\Installer!DisableFlyweightPatching
HKLM\Software\Policies\Microsoft\Windows\Installer!DisableLoggingFromPackage
HKCU\Software\Policies\Microsoft\Windows\Installer!DisableMedia
HKLM\Software\Policies\Microsoft\Windows\Installer!DisableMSI
HKLM\Software\Policies\Microsoft\Windows\Installer!DisablePatch
HKCU\Software\Policies\Microsoft\Windows\Installer!DisableRollback
HKLM\Software\Policies\Microsoft\Windows\Installer!DisableRollback
HKLM\Software\Policies\Microsoft\Windows\Installer!EnableUserControl
HKLM\Software\Policies\Microsoft\Windows\Installer!DisableLUAPatching
HKLM\Software\Policies\Microsoft\Windows\Installer!DisablePatchUninstall
HKLM\Software\Policies\Microsoft\Windows\Installer!LimitSystemRestoreCheckpointing
HKLM\Software\Policies\Microsoft\Windows\Installer!DisableUserInstalls
HKLM\Software\Policies\Microsoft\Windows\Installer!EnforceUpgradeComponentRules
HKLM\Software\Policies\Microsoft\Windows\Installer!MaxPatchCacheSize
HKLM\Software\Policies\Microsoft\Windows\Installer!Logging
HKLM\Software\Policies\Microsoft\Windows\Installer!SafeForScripting
HKCU\Software\Policies\Microsoft\Windows\Installer!SearchOrder
HKLM\Software\Policies\Microsoft\Windows\Installer!TransformsSecure
HKLM\Software\Policies\Microsoft\Windows\Installer!DisableSharedComponent
HKLM\Software\Policies\Microsoft\Windows\Installer!MsiDisableEmbeddedUI
HKLM\SOFTWARE\Policies\Microsoft\NetworkAccessProtection\ClientConfig\Qecs\79620!Enabled
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityAssistant!SupportEmail
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityAssistant!FriendlyName
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityAssistant!ShowUI
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityAssistant!NamePreferenceAllowed
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityAssistant!PassiveMode
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityAssistant\Probes!Probe
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityAssistant\DTEs!DTE
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityAssistant\CustomCommands!CustomCommand
HKLM\Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator\CorporateConnectivity!WebProbeUrl
HKLM\Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator\CorporateConnectivity!DnsProbeHost
HKLM\Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator\CorporateConnectivity!DnsProbeContent
HKLM\Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator\CorporateConnectivity!SitePrefixes
HKLM\Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator\CorporateConnectivity!DomainLocationDeterminationUrl
HKLM\Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator!DisablePassivePolling
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!AvoidPdcOnWan
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!BackgroundRetryInitialPeriod
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!BackgroundRetryMaximumPeriod
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!BackgroundRetryQuitTime
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!BackgroundSuccessfulRefreshPeriod
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!dbFlag
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!ExpectedDialupDelay
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!MaximumLogFileSize
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!NegativeCachePeriod
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!AllowExclusiveScriptsShareAccess
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!NonBackgroundSuccessfulRefreshPeriod
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!ScavengeInterval
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!SiteName
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!AllowExclusiveSysvolShareAccess
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!AllowSingleLabelDnsDomain
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!AutoSiteCoverage
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!DnsAvoidRegisterRecords
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!DnsRefreshInterval
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!DnsTtl
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!GcSiteCoverage
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!LdapSrvPriority
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!LdapSrvWeight
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!NdncSiteCoverage
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!SiteCoverage
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!UseDynamicDns
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!TryNextClosestSite
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!ForceRediscoveryInterval
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!AddressTypeReturned
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!AllowNT4Crypto
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!IgnoreIncomingMailslotMessages
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!AvoidFallbackNetbiosDiscovery
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!AddressLookupOnPingBehavior
HKLM\Software\Policies\Microsoft\Netlogon\Parameters!PingUrgencyMode
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_AddRemoveComponents
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_AdvancedSettings
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_AllowAdvancedTCPIPConfig
HKLM\Software\Policies\Microsoft\Windows\Network Connections!NC_AllowNetBridge_NLA
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_ChangeBindState
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_DeleteAllUserConnection
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_DeleteConnection
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_DialupPrefs
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_EnableAdminProhibits
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_IpStateChecking
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_LanChangeProperties
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_LanConnect
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_LanProperties
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_NewConnectionWizard
HKLM\Software\Policies\Microsoft\Windows\Network Connections!NC_PersonalFirewallConfig
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_RasAllUserProperties
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_RasChangeProperties
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_RasConnect
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_RasMyProperties
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_RenameAllUserRasConnection
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_RenameConnection
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_RenameLanConnection
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_RenameMyRasConnection
HKLM\Software\Policies\Microsoft\Windows\Network Connections!NC_ShowSharedAccessUI
HKCU\Software\Policies\Microsoft\Windows\Network Connections!NC_Statistics
HKLM\Software\Policies\Microsoft\Windows\Network Connections!NC_StdDomainUserSetLocation
HKLM\Software\Policies\Microsoft\Windows\Network Connections!NC_DoNotShowLocalOnlyIcon
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!Force_Tunneling
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkIsolation!DomainProxies
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkIsolation!DomainLocalProxies
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkIsolation!DomainSubnets
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkIsolation!DProxiesAuthoritive
HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkIsolation!DSubnetsAuthoritive
HKCU\Software\Policies\Microsoft\NetworkProjector!DisableNetworkProjector
HKLM\Software\Policies\Microsoft\NetworkProjector!DisableNetworkProjector
HKLM\Software\Policies\Microsoft\NetworkProjector!NetworkProjectionPortNo
HKLM\Software\Policies\Microsoft\Windows\NetCache!AlwaysPinSubFolders
HKCU\Software\Policies\Microsoft\Windows\NetCache\AssignedOfflineFolders
HKLM\Software\Policies\Microsoft\Windows\NetCache\AssignedOfflineFolders
HKCU\Software\Policies\Microsoft\Windows\NetCache\CustomGoOfflineActions
HKLM\Software\Policies\Microsoft\Windows\NetCache\CustomGoOfflineActions
HKLM\Software\Policies\Microsoft\Windows\NetCache!DefCacheSize
HKLM\Software\Policies\Microsoft\Windows\NetCache!Enabled
HKLM\Software\Policies\Microsoft\Windows\NetCache!EncryptCache
HKCU\Software\Policies\Microsoft\Windows\NetCache!EventLoggingLevel
HKLM\Software\Policies\Microsoft\Windows\NetCache!EventLoggingLevel
HKLM\Software\Policies\Microsoft\Windows\NetCache!ExcludeExtensions
HKCU\Software\Policies\Microsoft\Windows\NetCache!GoOfflineAction
HKLM\Software\Policies\Microsoft\Windows\NetCache!GoOfflineAction
HKCU\Software\Policies\Microsoft\Windows\NetCache!NoCacheViewer
HKLM\Software\Policies\Microsoft\Windows\NetCache!NoCacheViewer
HKCU\Software\Policies\Microsoft\Windows\NetCache!NoConfigCache
HKLM\Software\Policies\Microsoft\Windows\NetCache!NoConfigCache
HKCU\Software\Policies\Microsoft\Windows\NetCache!NoMakeAvailableOffline
HKLM\Software\Policies\Microsoft\Windows\NetCache!NoMakeAvailableOffline
HKCU\Software\Policies\Microsoft\Windows\NetCache\NoMakeAvailableOfflineList
HKLM\Software\Policies\Microsoft\Windows\NetCache\NoMakeAvailableOfflineList
HKCU\Software\Policies\Microsoft\Windows\NetCache!NoReminders
HKLM\Software\Policies\Microsoft\Windows\NetCache!NoReminders
HKLM\Software\Policies\Microsoft\Windows\NetCache!PurgeAtLogoff, HKLM\Software\Policies\Microsoft\Windows\NetCache!PurgeOnlyAutoCacheAtLogoff
HKCU\Software\Policies\Microsoft\Windows\NetCache!ReminderFreqMinutes
HKLM\Software\Policies\Microsoft\Windows\NetCache!ReminderFreqMinutes
HKCU\Software\Policies\Microsoft\Windows\NetCache!InitialBalloonTimeoutSeconds
HKLM\Software\Policies\Microsoft\Windows\NetCache!InitialBalloonTimeoutSeconds
HKCU\Software\Policies\Microsoft\Windows\NetCache!ReminderBalloonTimeoutSeconds
HKLM\Software\Policies\Microsoft\Windows\NetCache!ReminderBalloonTimeoutSeconds
HKLM\Software\Policies\Microsoft\Windows\NetCache!SlowLinkSpeed
HKCU\Software\Policies\Microsoft\Windows\NetCache!SyncAtLogoff
HKLM\Software\Policies\Microsoft\Windows\NetCache!SyncAtLogoff
HKCU\Software\Policies\Microsoft\Windows\NetCache!SyncAtLogon
HKLM\Software\Policies\Microsoft\Windows\NetCache!SyncAtLogon
HKCU\Software\Policies\Microsoft\Windows\NetCache!SyncAtSuspend
HKLM\Software\Policies\Microsoft\Windows\NetCache!SyncAtSuspend
HKLM\Software\Policies\Microsoft\Windows\NetCache!EconomicalAdminPinning
HKLM\Software\Policies\Microsoft\Windows\NetCache!SlowLinkEnabled, HKLM\Software\Policies\Microsoft\Windows\NetCache\SlowLinkParams
HKLM\Software\Policies\Microsoft\Windows\NetCache!CacheQuotaLimit, HKLM\Software\Policies\Microsoft\Windows\NetCache!CacheQuotaLimitUnpinned
HKLM\Software\Policies\Microsoft\Windows\NetCache!BackgroundSyncEnabled, HKLM\Software\Policies\Microsoft\Windows\NetCache!BackgroundSyncPer
HKLM\Software\Policies\Microsoft\Windows\NetCache!OnlineCachingLatencyThreshold
HKLM\Software\Policies\Microsoft\Windows\NetCache!ExcludedFileTypes
HKCU\Software\Policies\Microsoft\Windows\NetCache!WorkOfflineDisabled
HKLM\Software\Policies\Microsoft\Windows\NetCache!WorkOfflineDisabled
HKLM\Software\Policies\Microsoft\Windows\NetCache!SyncEnabledForCostedNetwork
HKLM\Software\policies\Microsoft\Peernet!Disabled
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-Global!DisableMulticastBootstrap
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-Global!Disabled
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-Global!SearchOnly
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-Global!SeedServer, HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-Global!DontIncludeMicrosoftS
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-LinkLocal!DisableMulticastBootstrap
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-LinkLocal!Disabled
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-LinkLocal!SearchOnly
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-LinkLocal!SeedServer
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-SiteLocal!DisableMulticastBootstrap
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-SiteLocal!Disabled
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-SiteLocal!SearchOnly
HKLM\Software\policies\Microsoft\Peernet\Pnrp\IPv6-SiteLocal!SeedServer
HKLM\Software\policies\Microsoft\Peernet!IgnoreDomainPasswordPolicyForNewGroups
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ParentalControls!WPCEnableOnDomain
HKLM\Software\Policies\Microsoft\Windows\AppCompat!DisablePcaUI
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{acfd1ca6-18b6-4ccf-9c07-580cdb6eded4}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\Mic
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{081D3213-48AA-4533-9284-D98F01BDC8E6}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{659F08FB-2FAB-42a7-BD4F-566CFA528769}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{88D69CE1-577A-4dd9-87AE-AD36D3CD9643}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policie
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{D113E4AA-2D07-41b1-8D9B-C065194A791D}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policie
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{affc81e2-612a-4f70-6fb2-916ff5c7e3f8}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\Micros
HKLM\SOFTWARE\Policies\Microsoft\PeerDist\Service!Enable
HKLM\SOFTWARE\Policies\Microsoft\PeerDist\CacheMgr\Republication!SizePercent
HKLM\SOFTWARE\Policies\Microsoft\PeerDist\HostedCache\Connection!Location
HKLM\SOFTWARE\Policies\Microsoft\PeerDist\CooperativeCaching!Enable
HKLM\Software\Policies\Microsoft\Windows\NetCache!PeerCachingLatencyThreshold
HKLM\SOFTWARE\Policies\Microsoft\PeerDist\HostedCache\Discovery!SCPDiscoveryEnabled
HKLM\SOFTWARE\Policies\Microsoft\PeerDist\Service\Versioning!PreferredContentInformationVersion
HKLM\SOFTWARE\Policies\Microsoft\PeerDist\HostedCache\MultipleServers
HKLM\SOFTWARE\Policies\Microsoft\PeerDist\Retrieval!SegmentTTL
HKCU\SOFTWARE\Policies\Microsoft\PenTraining!DisablePenTraining
HKLM\SOFTWARE\Policies\Microsoft\PenTraining!DisablePenTraining
HKLM\Software\Policies\Microsoft\Windows\Control Panel\Performance Control Panel!PerfCplEnabled
HKCU\Software\Policies\Microsoft\Windows\Control Panel\Performance Control Panel!PerfCplEnabled
HKLM\Software\Policies\Microsoft\Windows\Control Panel\Performance Control Panel!SolutionsEnabled
HKCU\Software\Policies\Microsoft\Windows\Control Panel\Performance Control Panel!SolutionsEnabled
HKLM\Software\Policies\Microsoft\Windows\Control Panel\Performance Control Panel!UpsellEnabled
HKCU\Software\Policies\Microsoft\Windows\Control Panel\Performance Control Panel!UpsellEnabled
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{67144949-5132-4859-8036-a737b43825d8}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\M
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{ffc42108-4920-4acf-a4fc-8abdcc68ada4}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\Micr
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\M
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{2698178D-FDAD-40AE-9D3C-1371703ADC5B}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policie
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{9c5a40da-b965-4fc3-8781-88dd50a6299d}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\M
HKLM\Software\Policies\Microsoft\Power\PowerSettings\637EA02F-BBCB-4015-8E2C-A1C7B9C0B546!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\d8742dcb-3e6a-4b3c-b3fe-374623cdcf06!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\9A66D8D7-4FF7-4EF9-B5A2-5A326CA2A469!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\8183ba9a-e910-48da-8769-14ae6dc1170a!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\bcded951-187b-4d05-bccc-f7e51960c258!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\7648EFA3-DD9C-4E3E-B566-50F929386280!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\96996BC0-AD50-47EC-923B-6F41874DD9EB!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\5CA83367-6E45-459F-A27B-476B1D01C936!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\A7066653-8D6C-40A8-910E-A1F54B84C7E5!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\7648EFA3-DD9C-4E3E-B566-50F929386280!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\96996BC0-AD50-47EC-923B-6F41874DD9EB!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\5CA83367-6E45-459F-A27B-476B1D01C936!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\A7066653-8D6C-40A8-910E-A1F54B84C7E5!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\6738E2C4-E8A5-4A42-B16A-E040E769756E!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\6738E2C4-E8A5-4A42-B16A-E040E769756E!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings!ActivePowerScheme
HKLM\Software\Policies\Microsoft\Power\PowerSettings!ActivePowerScheme
HKCU\Software\Policies\Microsoft\Windows\System\Power!PromptPasswordOnResume
HKLM\Software\Policies\Microsoft\Power\PowerSettings\B7A27025-E569-46c2-A504-2B96CAD225A1!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\9D7815A6-7EE4-497E-8888-515A05F02364!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\29F6C1DB-86DA-48C5-9FDB-F2B67B1F44DA!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\94ac6d29-73ce-41a6-809f-6363ba21b47e!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\B7A27025-E569-46c2-A504-2B96CAD225A1!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\9D7815A6-7EE4-497E-8888-515A05F02364!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\29F6C1DB-86DA-48C5-9FDB-F2B67B1F44DA!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\94ac6d29-73ce-41a6-809f-6363ba21b47e!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\90959D22-D6A1-49B9-AF93-BCE885AD335B!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\90959D22-D6A1-49B9-AF93-BCE885AD335B!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\3C0BC021-C8A8-4E07-A973-6B14CBCB2B7E!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\3C0BC021-C8A8-4E07-A973-6B14CBCB2B7E!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\abfc2519-3608-4c2a-94ea-171b0ed546ab!DCSettingIndex
HKLM\Software\Policies\Microsoft\Windows NT!DontPowerOffAfterShutdown
HKLM\Software\Policies\Microsoft\Power\PowerSettings\d4c1d4c8-d5cc-43d3-b83e-fc51215cb04d!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\d4c1d4c8-d5cc-43d3-b83e-fc51215cb04d!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\17aaa29b-8b43-4b94-aafe-35f64daaf1ee!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\17aaa29b-8b43-4b94-aafe-35f64daaf1ee!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\f1fbfde2-a960-4165-9f88-50667911ce96!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\f1fbfde2-a960-4165-9f88-50667911ce96!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\309dce9b-bef4-4119-9921-a851fb12f0f4!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\309dce9b-bef4-4119-9921-a851fb12f0f4!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\7bc4a2f9-d8fc-4469-b07b-33eb785aaca0!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\7bc4a2f9-d8fc-4469-b07b-33eb785aaca0!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\A4B195F5-8225-47D8-8012-9D41369786E2!ACSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\A4B195F5-8225-47D8-8012-9D41369786E2!DCSettingIndex
HKLM\Software\Policies\Microsoft\Power\PowerSettings\F3C5027D-CD16-4930-AA6B-90DB844A8F00!DCSettingIndex
HKLM\Software\Policies\Microsoft\Windows\PowerShell!EnableScripts, HKLM\Software\Policies\Microsoft\Windows\PowerShell!ExecutionPolicy
HKCU\Software\Policies\Microsoft\Windows\PowerShell!EnableScripts, HKCU\Software\Policies\Microsoft\Windows\PowerShell!ExecutionPolicy
HKLM\Software\Policies\Microsoft\Windows\PowerShell\ModuleLogging!EnableModuleLogging, HKLM\Software\Policies\Microsoft\Windows\PowerShell\Mod
HKCU\Software\Policies\Microsoft\Windows\PowerShell\ModuleLogging!EnableModuleLogging, HKCU\Software\Policies\Microsoft\Windows\PowerShell\Mod
HKLM\Software\Policies\Microsoft\Windows\PowerShell\UpdatableHelp!EnableUpdateHelpDefaultSourcePath, HKLM\Software\Policies\Microsoft\Windows\P
HKCU\Software\Policies\Microsoft\Windows\PowerShell\UpdatableHelp!EnableUpdateHelpDefaultSourcePath, HKCU\Software\Policies\Microsoft\Windows\P
HKCU\Software\Policies\Microsoft\PreviousVersions!DisableBackupRestore
HKLM\Software\Policies\Microsoft\PreviousVersions!DisableBackupRestore
HKCU\Software\Policies\Microsoft\PreviousVersions!DisableLocalPage
HKLM\Software\Policies\Microsoft\PreviousVersions!DisableLocalPage
HKCU\Software\Policies\Microsoft\PreviousVersions!DisableLocalRestore
HKLM\Software\Policies\Microsoft\PreviousVersions!DisableLocalRestore
HKCU\Software\Policies\Microsoft\PreviousVersions!DisableRemotePage
HKLM\Software\Policies\Microsoft\PreviousVersions!DisableRemotePage
HKCU\Software\Policies\Microsoft\PreviousVersions!DisableRemoteRestore
HKLM\Software\Policies\Microsoft\PreviousVersions!DisableRemoteRestore
HKCU\Software\Policies\Microsoft\PreviousVersions!HideBackupEntries
HKLM\Software\Policies\Microsoft\PreviousVersions!HideBackupEntries
HKLM\Software\Policies\Microsoft\Windows NT\Printers!DisableWebPrinting
HKLM\Software\Policies\Microsoft\Windows NT\Printers!ApplicationDriverIsolation
HKLM\Software\Policies\Microsoft\Windows NT\Printers!SupportLink
HKLM\Software\Policies\Microsoft\Windows NT\Printers\Wizard!DomainDisplayPrinters_State, HKLM\Software\Policies\Microsoft\Windows NT\Printers\Wizar
HKCU\Software\Policies\Microsoft\Windows NT\Printers\Wizard!Downlevel Browse
HKLM\Software\Policies\Microsoft\Windows NT\Printers!ForceCSREMFDespooling
HKLM\Software\Policies\Microsoft\Windows NT\Printers!ForceSoftwareRasterization
HKCU\Software\Policies\Microsoft\Windows NT\Printers\Wizard!Printers Page URL
HKLM\Software\Policies\Microsoft\Windows NT\Printers!KMPrintersAreBlocked
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoAddPrinter
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoDeletePrinter
HKLM\Software\Policies\Microsoft\Windows NT\Printers\Wizard!NonDomainDisplayPrinters_State, HKLM\Software\Policies\Microsoft\Windows NT\Printers\W
HKCU\Software\Policies\Microsoft\Windows NT\Printers\PackagePointAndPrint!PackagePointAndPrintOnly
HKCU\Software\Policies\Microsoft\Windows NT\Printers\PackagePointAndPrint!PackagePointAndPrintServerList, HKCU\Software\Policies\Microsoft\Windows
HKLM\Software\Policies\Microsoft\Windows NT\Printers\PackagePointAndPrint!PackagePointAndPrintOnly
HKLM\Software\Policies\Microsoft\Windows NT\Printers\PackagePointAndPrint!PackagePointAndPrintServerList, HKLM\Software\Policies\Microsoft\Windows
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PhysicalLocation
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PhysicalLocationSupport
HKCU\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint!Restricted, HKCU\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint!Trus
HKLM\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint!Restricted, HKLM\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint!Trus
HKCU\Software\Policies\Microsoft\Windows NT\Printers\Wizard!Default Search Scope
HKLM\Software\Policies\Microsoft\Windows NT\Printers!ServerThread
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PrintDriverIsolationExecutionPolicy
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PrintDriverIsolationOverrideCompat
HKLM\Software\Policies\Microsoft\Windows NT\Printers!DoNotInstallCompatibleDriverFromWindowsUpdate
HKLM\Software\Policies\Microsoft\Windows NT\Printers!V4DriverDisallowPrinterExtension
HKLM\Software\Policies\Microsoft\Windows NT\Printers!MXDWUseLegacyOutputFormatMSXPS
HKLM\Software\Policies\Microsoft\Windows NT\Printers!RegisterSpoolerRemoteRpcEndPoint
HKLM\Software\Policies\Microsoft\Windows NT\Printers\Wizard!Auto Publishing
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PruneDownlevel
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PruningInterval
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PruningPriority
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PruningRetries
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PruningRetryLog
HKLM\Software\Policies\Microsoft\Windows NT\Printers!PublishPrinters
HKLM\Software\Policies\Microsoft\Windows NT\Printers!VerifyPublishedState
HKLM\Software\Policies\Microsoft\Windows NT\Printers!Immortal
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Programs!NoProgramsCPL
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Programs!NoProgramsAndFeatures
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Programs!NoInstalledUpdates
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Programs!NoDefaultPrograms
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Programs!NoWindowsMarketplace
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Programs!NoGetPrograms
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Programs!NoWindowsFeatures
HKLM\Software\Policies\Microsoft\Windows\PswdSync!LoggingLevel
HKLM\Software\Policies\Microsoft\Windows\PswdSync!MaxRetries_state, HKLM\Software\Policies\Microsoft\Windows\PswdSync!MaxRetries
HKLM\Software\Policies\Microsoft\Windows\PswdSync!SNISPasswordSyncEnable
HKLM\Software\Policies\Microsoft\Windows\PswdSync!UpdateRetryInterval_state, HKLM\Software\Policies\Microsoft\Windows\PswdSync!Update Retry Inter
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingConforming!ServiceTypeBestEffort
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingConforming!ServiceTypeControlledLoad
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingConforming!ServiceTypeGuaranteed
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingConforming!ServiceTypeNetworkControl
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingConforming!ServiceTypeQualitative
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingNonConforming!ServiceTypeBestEffort
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingNonConforming!ServiceTypeControlledLoad
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingNonConforming!ServiceTypeGuaranteed
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingNonConforming!ServiceTypeNetworkControl
HKLM\Software\Policies\Microsoft\Windows\Psched\DiffservByteMappingNonConforming!ServiceTypeQualitative
HKLM\Software\Policies\Microsoft\Windows\Psched!MaxOutstandingSends
HKLM\Software\Policies\Microsoft\Windows\Psched!NonBestEffortLimit
HKLM\Software\Policies\Microsoft\Windows\Psched!TimerResolution
HKLM\Software\Policies\Microsoft\Windows\Psched\UserPriorityMapping!ServiceTypeBestEffort
HKLM\Software\Policies\Microsoft\Windows\Psched\UserPriorityMapping!ServiceTypeControlledLoad
HKLM\Software\Policies\Microsoft\Windows\Psched\UserPriorityMapping!ServiceTypeGuaranteed
HKLM\Software\Policies\Microsoft\Windows\Psched\UserPriorityMapping!ServiceTypeNetworkControl
HKLM\Software\Policies\Microsoft\Windows\Psched\UserPriorityMapping!ServiceTypeNonConforming
HKLM\Software\Policies\Microsoft\Windows\Psched\UserPriorityMapping!ServiceTypeQualitative
HKLM\SOFTWARE\Policies\Microsoft\Windows\Reliability Analysis\WMI!WMIEnable
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI\{3af8b24a-c441-4fa4-8c5c-bed591bfa867}!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\Mic
HKLM\SOFTWARE\Policies\Microsoft\Windows\WinRE!DisableSetup
HKLM\Software\Policies\Microsoft\Windows NT\Reliability!TimeStampEnabled, HKLM\Software\Policies\Microsoft\Windows NT\Reliability!TimeStampInterval
HKLM\Software\Policies\Microsoft\PCHealth\ErrorReporting!IncludeShutdownErrs
HKLM\Software\Policies\Microsoft\Windows NT\Reliability!SnapShot
HKLM\Software\Policies\Microsoft\Windows NT\Reliability!ShutdownReasonOn, HKLM\Software\Policies\Microsoft\Windows NT\Reliability!ShutdownReasonU
HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!LoggingEnabled
HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!CreateEncryptedOnlyTickets
HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!UseBandwidthOptimization, HKLM\Software\policies\Microsoft\Windows NT\Terminal Servi
HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!UseCustomMessages, HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!S
HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!fAllowToGetHelp, HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!fAllowF
HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!fAllowUnsolicited, HKLM\Software\policies\Microsoft\Windows NT\Terminal Services!fAllow
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices!RebootTimeinSeconds_state, HKCU\Software\Policies\Microsoft\Windows\Removab
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices!RebootTimeinSeconds_state, HKLM\Software\Policies\Microsoft\Windows\Removab
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Read
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Read
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Write
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Write
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56308-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Execute
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\Custom\Deny_Read!Deny_Read, HKCU\Software\Policies\Microsoft\Windows\Remo
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\Custom\Deny_Read!Deny_Read, HKLM\Software\Policies\Microsoft\Windows\Remo
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\Custom\Deny_Write!Deny_Write, HKCU\Software\Policies\Microsoft\Windows\Remo
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\Custom\Deny_Write!Deny_Write, HKLM\Software\Policies\Microsoft\Windows\Remo
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56311-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Read
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56311-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Read
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56311-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Write
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56311-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Write
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f56311-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Execute
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Read
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Read
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Write
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Write
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Execute
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices!Deny_All
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices!Deny_All
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630b-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Read
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630b-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Read
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630b-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Write
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630b-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Write
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{53f5630b-b6bf-11d0-94f2-00a0c91efb8b}!Deny_Execute
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{6AC27878-A6FA-4155-BA85-F98F491D4F33}!Deny_Read, HKCU\Software\Polici
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{6AC27878-A6FA-4155-BA85-F98F491D4F33}!Deny_Read, HKLM\Software\Polici
HKCU\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{6AC27878-A6FA-4155-BA85-F98F491D4F33}!Deny_Write, HKCU\Software\Policie
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices\{6AC27878-A6FA-4155-BA85-F98F491D4F33}!Deny_Write, HKLM\Software\Policie
HKLM\Software\Policies\Microsoft\Windows\RemovableStorageDevices!AllowRemoteDASD
HKLM\Software\Policies\Microsoft\Windows NT\Rpc!EnableAuthEpResolution
HKLM\Software\Policies\Microsoft\Windows NT\Rpc!ExtErrorInformation, HKLM\Software\Policies\Microsoft\Windows NT\Rpc!ExtErrorInfoExceptions
HKLM\Software\Policies\Microsoft\Windows NT\Rpc!IgnoreDelegationFailure
HKLM\Software\Policies\Microsoft\Windows NT\Rpc!MinimumConnectionTimeout
HKLM\Software\Policies\Microsoft\Windows NT\Rpc!RestrictRemoteClients
HKLM\Software\Policies\Microsoft\Windows NT\Rpc!StateInformation
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!MaxGPOScriptWait
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!HideLegacyLogonScripts
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!HideLogoffScripts
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!RunLogonScriptSync
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!RunLogonScriptSync
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!HideLogonScripts
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!RunComputerPSScriptsFirst
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!RunUserPSScriptsFirst
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!RunUserPSScriptsFirst
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!HideShutdownScripts
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!RunStartupScriptSync
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!HideStartupScripts
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!Allow-LogonScript-NetbiosDisabled
HKLM\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics!ValidateTrust
HKLM\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics!EnableDiagnostics
HKLM\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnosticsProvider\Policy!EnableQueryRemoteServer
HKLM\SOFTWARE\Policies\Microsoft\Windows\ScheduledDiagnostics!EnabledExecution, HKLM\SOFTWARE\Policies\Microsoft\Windows\ScheduledDiagnos
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!HideUNCTab
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search!HideUNCTab
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!AllowIndexingEncryptedStoresOrItems
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!DisableBackoff
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventRemoteQueries
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventIndexOnBattery
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventModifyingIndexedLocations
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventModifyingIndexedLocations
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!AllowUsingDiacritics
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!AlwaysUseAutoLangDetection
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!AutoIndexSharedFolders
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!FavoriteLocations
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventUsingAdvancedIndexingOptions
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventIndexingOfflineFiles
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventIndexingUncachedExchangeFolders
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!EnableIndexingDelegateMailboxes
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!EnableThrottlingOnlineMailboxes, HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventIndexingOutlook
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventIndexingEmailAttachments
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!RichAttachmentPreviews
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventIndexingPublicFolders
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!DataDirectory
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PrimaryIntranetSearchScopeUrl
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!SecondaryIntranetSearchScopeUrl
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreviewPaneLocation
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!SearchResultIconSize
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!PreventIndexingLowDiskSpaceMB
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search\PreventUnwantedAddins
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!DisableWebSearch
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search\PreventIndexingCertainPaths
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search\PreventIndexingCertainPaths
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search\DefaultIndexedPaths
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search\DefaultIndexedPaths
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search\DefaultExcludedPaths
HKCU\SOFTWARE\Policies\Microsoft\Windows\Windows Search\DefaultExcludedPaths
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search!ExcludedExtensionsMultiline0, HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Se
HKCU\SOFTWARE\Policies\Microsoft\Windows\Explorer!DisableSearchHistory
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search\OCR!SelectOCRLangs, HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search\O
HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search\OCR!OCREveryPage
HKLM\Software\Policies\Microsoft\Windows NT\Security Center!SecurityCenterInDomain
HKCU\Software\Policies\Microsoft\Windows\LocationAndSensors!DisableSensors
HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors!DisableSensors
HKCU\Software\Policies\Microsoft\Windows\LocationAndSensors!DisableLocation
HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors!DisableLocation
HKCU\Software\Policies\Microsoft\Windows\LocationAndSensors!DisableLocationScripting
HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors!DisableLocationScripting
HKLM\Software\Policies\Microsoft\Windows\Server\ServerManager!DoNotOpenAtLogon
HKLM\Software\Policies\Microsoft\Windows\Server\ServerManager!RefreshIntervalEnabled, HKLM\Software\Policies\Microsoft\Windows\Server\ServerMana
HKLM\Software\Policies\Microsoft\Windows\Server\InitialConfigurationTasks!DoNotOpenAtLogon
HKLM\Software\Policies\Microsoft\Windows NT\CurrentVersion\MYS!DisableShowAtLogon
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Servicing, HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Servicing, HKLM\Software
HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableSettingSync, HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableSettingSyncUs
HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableApplicationSettingSync, HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableApp
HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableCredentialsSettingSync, HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableCre
HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisablePersonalizationSettingSync, HKLM\Software\Policies\Microsoft\Windows\SettingSync!Disable
HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableWindowsSettingSync, HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableWind
HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableDesktopThemeSettingSync, HKLM\Software\Policies\Microsoft\Windows\SettingSync!Disabl
HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableWebBrowserSettingSync, HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableW
HKLM\Software\Policies\Microsoft\Windows\SettingSync!DisableSyncOnPaidNetwork
HKLM\Software\Policies\Microsoft\Windows NT\Setup!ServicePackSourcePath
HKLM\Software\Policies\Microsoft\Windows NT\Setup!SourcePath
HKLM\Software\Policies\Microsoft\Windows\TabletPC!PreventHandwritingDataSharing
HKCU\Software\Policies\Microsoft\Windows\TabletPC!PreventHandwritingDataSharing
HKCU\Software\Policies\Microsoft\Windows NT\SharedFolders!PublishDfsRoots
HKCU\Software\Policies\Microsoft\Windows NT\SharedFolders!PublishSharedFolders
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoInplaceSharing
HKLM\Software\Policies\Microsoft\Windows\HomeGroup!DisableHomeGroup
HKCU\Software\Policies\Microsoft\Windows\System!DisableCMD
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!DisableRegistryTools
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!RestrictRun, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Restr
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisallowRun, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Disa
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!RestrictWelcomeCenter
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar!TurnOffSidebar
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar!TurnOffSidebar
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar!TurnOffUnsignedGadgets
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar!TurnOffUnsignedGadgets
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar!TurnOffUserInstalledGadgets
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Windows\Sidebar!TurnOffUserInstalledGadgets
HKCU\Software\Policies\Microsoft\Windows\SideShow!DeleteDataOnLogoff
HKLM\Software\Policies\Microsoft\Windows\SideShow!DeleteDataOnLogoff
HKCU\Software\Policies\Microsoft\Windows\SideShow!Disabled
HKLM\Software\Policies\Microsoft\Windows\SideShow!Disabled
HKCU\Software\Policies\Microsoft\Windows\SideShow!AutoWakeDisabled
HKLM\Software\Policies\Microsoft\Windows\SideShow!AutoWakeDisabled
HKCU\Software\Policies\Microsoft\Windows\SideShow!SetPIN, HKCU\Software\Policies\Microsoft\Windows\SideShow!PIN, HKCU\Software\Policies\Microsof
HKLM\Software\Policies\Microsoft\Windows\SideShow!SetPIN, HKLM\Software\Policies\Microsoft\Windows\SideShow!PIN, HKLM\Software\Policies\Microsof
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!AllowCertificatesWithNoEKU
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!AllowIntegratedUnblock
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!FilterDuplicateCerts
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!ForceReadingAllCertificates
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!AllowSignatureOnlyKeys
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!AllowTimeInvalidCertificates
HKLM\SOFTWARE\Policies\Microsoft\Windows\CertProp!CertPropEnabled
HKLM\SOFTWARE\Policies\Microsoft\Windows\CertProp!RootCertificateCleanupOption
HKLM\SOFTWARE\Policies\Microsoft\Windows\CertProp!EnableRootCertificatePropagation
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!IntegratedUnblockPromptString
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!ReverseSubject
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!DisallowPlaintextPin
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!X509HintsNeeded
HKLM\SOFTWARE\Policies\Microsoft\Windows\ScPnP!EnableScPnP
HKLM\SOFTWARE\Policies\Microsoft\Windows\ScPnP!ScPnPNotification
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider!EnumerateECCCerts
HKLM\Software\Policies\Microsoft\Windows\Server for NIS!LoggingLevel
HKLM\Software\Policies\Microsoft\Windows\Server for NIS!PushInterval_state, HKLM\Software\Policies\Microsoft\Windows\Server for NIS!PushInterval
HKLM\Software\Policies\SNMP\Parameters\ValidCommunities
HKLM\Software\Policies\SNMP\Parameters\PermittedManagers
HKLM\Software\Policies\SNMP\Parameters\TrapConfiguration\public
HKCU\SOFTWARE\Policies\Microsoft\SoundRecorder!Soundrec
HKLM\SOFTWARE\Policies\Microsoft\SoundRecorder!Soundrec
HKLM\SOFTWARE\Policies\Microsoft\Windows\FCI!EnableManualUX
HKLM\SOFTWARE\Policies\Microsoft\Windows\FCI!CentralClassificationList
HKLM\SOFTWARE\Policies\Microsoft\Windows\ADR\AccessDenied!Enabled, HKLM\SOFTWARE\Policies\Microsoft\Windows\ADR\AccessDenied!ErrorMess
HKLM\SOFTWARE\Policies\Microsoft\Windows\Explorer!EnableShellExecuteFileStreamCheck
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!ClearRecentProgForNewUserInStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStartMenuMyGames
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSearchComputerLinkInStartMenu
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoSearchEverywhereLinkInStartMenu
HKCU\Software\Policies\Microsoft\Windows\Explorer!AddSearchInternetLinkInStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSearchFilesInStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSearchInternetInStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSearchProgramsInStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSearchCommInStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoUserFolderInStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!ForceRunOnStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!QuickLaunchEnabled
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!ClearRecentDocsOnExit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!ForceStartMenuLogOff
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!GreyMSIAds
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!Intellimenus
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!LockTaskbar
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!MemCheckBoxInRunDlg
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoAutoTrayNotify
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSMBalloonTip
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoChangeStartMenu
HKCU\Software\Policies\Microsoft\Windows\Explorer!ClearTilesOnExit
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoClose
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoCommonGroups
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoFavoritesMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoFind
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStartMenuMFUprogramsList
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSMHelp
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoInstrumentation
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStartMenuMorePrograms
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoNetworkConnections
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStartMenuPinnedList
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoRecentDocsHistory
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoRecentDocsMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoResolveSearch
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoResolveTrack
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoRun
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSetFolders
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSetTaskbar
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSMConfigurePrograms
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSMMyDocs
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStartMenuMyMusic
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStartMenuNetworkPlaces
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSMMyPictures
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStartMenuSubFolders
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSimpleStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!HideClock
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoTaskGrouping
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoToolbarsOnTaskbar
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoTrayContextMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoTrayItemsDisplay
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoUserNameInStartMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoWindowsUpdate
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStartMenuEjectPC
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!StartMenuLogOff
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoStartMenuHomegroup
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoStartMenuDownloads
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoStartMenuRecordedTV
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoStartMenuVideos
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoUninstallFromStart
HKCU\Software\Policies\Microsoft\Windows\Explorer!PowerButtonAction
HKCU\Software\Policies\Microsoft\Windows\Explorer!ShowRunAsDifferentUserInStart
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\WSRM!AccountingEnabled
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\WSRM!EmailIds
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\WSRM!RecordWriteInterval
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\WSRM!SMTPServer
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore!DisableConfig
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore!DisableSR
HKCU\software\policies\microsoft\TabletTip\1.7!DisableACIntegration
HKLM\software\policies\microsoft\TabletTip\1.7!DisableACIntegration
HKCU\software\policies\microsoft\TabletTip\1.7!DisableEdgeTarget
HKLM\software\policies\microsoft\TabletTip\1.7!DisableEdgeTarget
HKCU\software\policies\microsoft\TabletTip\1.7!HideIPTIPTarget
HKLM\software\policies\microsoft\TabletTip\1.7!HideIPTIPTarget
HKCU\software\policies\microsoft\TabletTip\1.7!HideIPTIPTouchTarget
HKLM\software\policies\microsoft\TabletTip\1.7!HideIPTIPTouchTarget
HKCU\software\policies\microsoft\TabletTip\1.7!PasswordSecurityState, HKCU\software\policies\microsoft\TabletTip\1.7!PasswordSecurity
HKLM\software\policies\microsoft\TabletTip\1.7!PasswordSecurityState, HKLM\software\policies\microsoft\TabletTip\1.7!PasswordSecurity
HKCU\software\policies\microsoft\TabletTip\1.7!PRCGesture
HKLM\software\policies\microsoft\TabletTip\1.7!PRCGesture
HKCU\software\policies\microsoft\TabletTip\1.7!IncludeRareChar
HKLM\software\policies\microsoft\TabletTip\1.7!IncludeRareChar
HKCU\software\policies\microsoft\TabletTip\1.7!ScratchOutState, HKCU\software\policies\microsoft\TabletTip\1.7!ScratchOut
HKLM\software\policies\microsoft\TabletTip\1.7!ScratchOutState, HKLM\software\policies\microsoft\TabletTip\1.7!ScratchOut
HKCU\software\policies\microsoft\TabletTip\1.7!DisablePrediction
HKLM\software\policies\microsoft\TabletTip\1.7!DisablePrediction
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!DisableInkball
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!DisableInkball
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!DisableJournal
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!DisableJournal
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!DisableNoteWriterPrinting
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!DisableNoteWriterPrinting
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!DisableSnippingTool
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!DisableSnippingTool
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!TurnOffPenFeedback
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!TurnOffPenFeedback
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!PreventButtonBackEscapeMapping
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!PreventButtonBackEscapeMapping
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!PreventButtonApplicationLaunch
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!PreventButtonApplicationLaunch
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!PreventButtonPressAndHold
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!PreventButtonPressAndHold
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!TurnOffButtons
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!TurnOffButtons
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!PreventFlicksLearningMode
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!PreventFlicksLearningMode
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!PreventFlicks
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!PreventFlicks
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!HideSCAPower
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!HideSCANetwork
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!HideSCAVolume
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!HideSCAHealth
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!TaskbarLockAll
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!TaskbarNoAddRemoveToolbar
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!TaskbarNoDragToolbar
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!TaskbarNoNotification
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!TaskbarNoRedock
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!TaskbarNoResize
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!TaskbarNoThumbnail
HKCU\Software\Policies\Microsoft\Windows\Explorer!TaskbarNoPinnedList
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoSystraySystemPromotion
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoBalloonFeatureAdvertisements
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoRemoteDestinations
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoPinningToTaskbar
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoPinningToDestinations
HKCU\Software\Policies\Microsoft\Windows\Explorer!TaskbarNoMultimon
HKCU\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Allow Browse
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Allow Browse
HKCU\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Disable Advanced
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Disable Advanced
HKCU\Software\Policies\Microsoft\Windows\Task Scheduler5.0!DragAndDrop
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler5.0!DragAndDrop
HKCU\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Execution
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Execution
HKCU\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Property Pages
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Property Pages
HKCU\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Task Creation
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Task Creation
HKCU\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Task Deletion
HKLM\Software\Policies\Microsoft\Windows\Task Scheduler5.0!Task Deletion
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!ISATAP_State
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!ISATAP_RouterName
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!6to4_State
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!6to4_RouterName
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!6to4_RouterNameResolutionInterval
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!Teredo_State
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!Teredo_ServerName
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!Teredo_RefreshRate
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!Teredo_ClientPort
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition!Teredo_DefaultQualified
HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition\IPHTTPS\IPHTTPSInterface!IPHTTPS_ClientState, HKLM\Software\Policies\Microsoft\Windo
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters!EnableWsd
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters!EnableIPAutoConfigurationLimits
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fEnableTimeZoneRedirection
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableClip
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fNoRemoteDesktopWallpaper
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fTurnOffSingleAppMode
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fAllowUnlistedRemotePrograms
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fAllowDesktopCompositionOnServer
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!ParticipateInLoadBalancing
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!RedirectOnlyDefaultClientPrinter
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!RedirectOnlyDefaultClientPrinter
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!RemoteAppLogoffTimeLimit
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!RemoteAppLogoffTimeLimit
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fNoFontSmoothing
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\TSAppSrv\VirtualIP!VIPAdapter
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\TSAppSrv\VirtualIP!PromptOnIPLeaseFail
HKLM\SOFTWARE\Policies\Microsoft\Windows\Session Manager\Quota System!EnableCpuQuota
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\TSAppSrv\TSMSI!Enable
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\TSAppSrv\VirtualIP!EnableVirtualIP, HKLM\SOFTWARE\Policies\Microsoft\Windows NT
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!bEnumerateHWBeforeSW
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!ImageQuality
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!GraphicsProfile
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fServerEnableRDP8
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!SelectNetworkDetect
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!SelectTransport
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client!fClientDisableUDP
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!DisablePasswordSaving
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!DisablePasswordSaving
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MinEncryptionLevel
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fPromptForPassword
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!SecurityLayer
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!UserAuthentication
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!CertTemplateName
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!AllowExplicitLogonMethod, HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Termin
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!UseProxy, HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!Allow
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!AllowExplicitProxyName, HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableAutoReconnect
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!ColorDepth
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxMonitors
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDenyTSConnections
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxXResolution, HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fNoRemoteDesktopWallpaper
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableForcibleLogoff
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!KeepAliveEnable, HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Service
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!LicenseServers
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableTerminalServerTooltip
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!LicensingMode
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxInstanceCount
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoDisconnect
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoNTSecurity
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\AllUserInstallAgent!LogonWaitForPackageRegistration
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!Shadow
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!Shadow
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fSingleSessionPerUser
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fInheritInitialProgram, HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Ser
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!InitialProgram, HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!W
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fWritableTSCCPermTab
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fTurnOffSingleAppMode
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!WFHomeDirUNC, HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Service
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!WFProfilePath
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!WFDontAppendUserNameToProfile
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!DeleteRoamingUserProfile, HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Termin
HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services!fSecureLicensing
HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services!fPreventLicenseUpgrade
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableCam
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!AllowedAudioQualityMode
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableAudioCapture
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableClip
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableCcm
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fForceClientLptDef
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!UseUniversalPrinterDriverFirst
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!UseUniversalPrinterDriverFirst
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableCdm
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableLPT
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisablePNPRedir
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableCpm
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fPolicyFallbackPrintDriver, HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Termina
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fEnableSmartCard
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fEnableTimeZoneRedirection
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fEncryptRPCTraffic
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!SessionDirectoryActive
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!SessionDirectoryClusterName
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!SessionDirectoryExposeServerIP
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!SessionDirectoryLocation
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fResetBroken
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fResetBroken
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxDisconnectionTime
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxDisconnectionTime
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxIdleTime
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxIdleTime
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxConnectionTime
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxConnectionTime
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!DeleteTempDirsOnExit
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!PerSessionTempDir
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!AllowUnsignedFiles
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!AllowUnsignedFiles
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!AllowSignedFiles
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!AllowSignedFiles
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!TrustedCertThumbprints
HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!TrustedCertThumbprints
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!PromptForCredsOnClient
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!AuthenticationLevel
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!ImageQuality
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!GraphicsProfile
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!MaxCompressionLevel
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!VisualExperiencePolicy
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client!fUsbRedirectionEnableMode
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fEnableVirtualizedGraphics
HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services\!VGOptimization_CaptureFrameRate, HKLM\Software\Policies\Microsoft\Windows NT\Term
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fEnableVirtualizedGraphics
HKCU\SOFTWARE\Policies\Microsoft\Workspaces!DefaultConnectionURL
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!SelectNetworkDetect
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!SelectTransport
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client!fClientDisableUDP
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisableThumbnails
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisableThumbnailsOnNetworkFolders
HKCU\Software\Policies\Microsoft\Windows\Explorer!DisableThumbsDBOnNetworkFolders
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!TurnOffTouchInput
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!TurnOffTouchInput
HKCU\SOFTWARE\Policies\Microsoft\TabletPC!TurnOffPanning
HKLM\SOFTWARE\Policies\Microsoft\TabletPC!TurnOffPanning
HKLM\Software\Policies\Microsoft\TPM!ActiveDirectoryBackup, HKLM\Software\Policies\Microsoft\TPM, HKLM\Software\Policies\Microsoft\TPM!RequireActiv
HKLM\Software\Policies\Microsoft\TPM!OSManagedAuthLevel
HKLM\SOFTWARE\Policies\Microsoft\Tpm\BlockedCommands!Enabled, HKLM\SOFTWARE\Policies\Microsoft\Tpm\BlockedCommands\List
HKLM\Software\Policies\Microsoft\TPM\BlockedCommands!IgnoreDefaultList
HKLM\Software\Policies\Microsoft\TPM\BlockedCommands!IgnoreLocalList
HKLM\Software\Policies\Microsoft\Tpm!StandardUserAuthorizationFailureDuration, HKLM\Software\Policies\Microsoft\Tpm!StandardUserAuthorizationFailure
HKLM\Software\Policies\Microsoft\Tpm!StandardUserAuthorizationFailureIndividualThreshold, HKLM\Software\Policies\Microsoft\Tpm!StandardUserAuthoriza
HKLM\Software\Policies\Microsoft\Tpm!StandardUserAuthorizationFailureTotalThreshold, HKLM\Software\Policies\Microsoft\Tpm!StandardUserAuthorization
HKCU\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupLauncher
HKLM\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupLauncher
HKCU\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupToDisk
HKLM\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupToDisk
HKCU\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupToNetwork
HKLM\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupToNetwork
HKCU\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupToOptical
HKLM\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupToOptical
HKCU\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupUI
HKLM\Software\Policies\Microsoft\Windows\Backup\Client!DisableBackupUI
HKCU\Software\Policies\Microsoft\Windows\Backup\Client!DisableRestoreUI
HKLM\Software\Policies\Microsoft\Windows\Backup\Client!DisableRestoreUI
HKCU\Software\Policies\Microsoft\Windows\Backup\Client!DisableSystemBackupUI
HKLM\Software\Policies\Microsoft\Windows\Backup\Client!DisableSystemBackupUI
HKLM\Software\Policies\Microsoft\Windows\System!AddAdminGroupToRUP
HKLM\Software\Policies\Microsoft\Windows\System!CompatibleRUPSecurity
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!ConnectHomeDirToRoot
HKLM\Software\Policies\Microsoft\Windows\System!DeleteRoamingCache
HKLM\Software\Policies\Microsoft\Windows\System!SlowLinkDetectEnabled
HKLM\Software\Policies\Microsoft\Windows\System!SlowLinkUIEnabled
HKCU\Software\Policies\Microsoft\Windows\System!ExcludeProfileDirs
HKLM\Software\Policies\Microsoft\Windows\System!LeaveAppMgmtData
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!EnableProfileQuota, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKLM\Software\Policies\Microsoft\Windows\System!LocalProfile
HKLM\Software\Policies\Microsoft\Windows\System!ProfileDlgTimeOut
HKLM\Software\Policies\Microsoft\Windows\System!ProfileErrorAction
HKLM\Software\Policies\Microsoft\Windows\System!ProfileUnloadTimeout
HKLM\Software\Policies\Microsoft\Windows\System!ReadOnlyProfile
HKLM\Software\Policies\Microsoft\Windows\System!SlowLinkProfileDefault
HKLM\Software\Policies\Microsoft\Windows\System!UserProfileMinTransferRate, HKLM\Software\Policies\Microsoft\Windows\System!SlowLinkTimeOut
HKLM\Software\Policies\Microsoft\Windows\System!CleanupProfiles
HKCU\Software\Policies\Microsoft\Windows\System!CscSuspendDirs
HKLM\Software\Policies\Microsoft\Windows\System!DisableForceUnload
HKLM\Software\Policies\Microsoft\Windows\System!WaitForNetwork
HKLM\Software\Policies\Microsoft\Windows\System!MachineProfilePath
HKLM\Software\Policies\Microsoft\Windows\System!UploadHiveMethod, HKLM\Software\Policies\Microsoft\Windows\System!UploadHiveInterval, HKLM\Soft
HKLM\Software\Policies\Microsoft\Windows\System!AllowUserInfoAccess, HKLM\Software\Policies\Microsoft\Windows\System!AllowUserInfoAccess
HKLM\Software\Policies\Microsoft\Windows\System!PrimaryComputerEnabledRUP
HKLM\Software\Policies\Microsoft\Windows\System!HomeDirLocation, HKLM\Software\Policies\Microsoft\Windows\System!HomeDir, HKLM\Software\Policie
HKLM\Software\Policies\Microsoft\FVE!ActiveDirectoryBackup, HKLM\Software\Policies\Microsoft\FVE!RequireActiveDirectoryBackup, HKLM\Software\Policie
HKLM\SOFTWARE\Policies\Microsoft\FVE!UseRecoveryPassword, HKLM\SOFTWARE\Policies\Microsoft\FVE!UseRecoveryDrive
HKLM\SOFTWARE\Policies\Microsoft\FVE!DefaultRecoveryFolderPath
HKLM\SOFTWARE\Policies\Microsoft\FVE!EncryptionMethod
HKLM\SOFTWARE\Policies\Microsoft\FVE!EncryptionMethodNoDiffuser
HKLM\Software\Policies\Microsoft\FVE!MorBehavior
HKLM\Software\Policies\Microsoft\FVE!UseEnhancedPin
HKLM\Software\Policies\Microsoft\FVE!OSPassphrase, HKLM\Software\Policies\Microsoft\FVE!OSPassphraseComplexity, HKLM\Software\Policies\Microsoft
HKLM\Software\Policies\Microsoft\FVE!TPMAutoReseal
HKLM\Software\Policies\Microsoft\FVE!DisallowStandardUserPINReset
HKLM\Software\Policies\Microsoft\FVE!IdentificationField, HKLM\Software\Policies\Microsoft\FVE!IdentificationFieldString, HKLM\Software\Policies\Microsoft\
HKLM\Software\Policies\Microsoft\FVE!CertificateOID
HKLM\Software\Policies\Microsoft\FVE!OSUseEnhancedBcdProfile, HKLM\Software\Policies\Microsoft\FVE, HKLM\Software\Policies\Microsoft\FVE!OSBcdA
HKLM\SOFTWARE\Policies\Microsoft\FVE!OSRecovery, HKLM\SOFTWARE\Policies\Microsoft\FVE!OSManageDRA, HKLM\SOFTWARE\Policies\Microsoft\F
HKLM\SOFTWARE\Policies\Microsoft\FVE!OSEncryptionType, HKLM\SOFTWARE\Policies\Microsoft\FVE!OSEncryptionType
HKLM\SOFTWARE\Policies\Microsoft\FVE!EnableNonTPM, HKLM\SOFTWARE\Policies\Microsoft\FVE!UsePartialEncryptionKey, HKLM\SOFTWARE\Policie
HKLM\SOFTWARE\Policies\Microsoft\FVE!UseAdvancedStartup, HKLM\SOFTWARE\Policies\Microsoft\FVE!EnableBDEWithNoTPM, HKLM\SOFTWARE\Po
HKLM\SOFTWARE\Policies\Microsoft\FVE!OSManageNKP
HKLM\SOFTWARE\Policies\Microsoft\FVE\PlatformValidation!Enabled, HKLM\SOFTWARE\Policies\Microsoft\FVE\PlatformValidation!0, HKLM\SOFTWARE\P
HKLM\SOFTWARE\Policies\Microsoft\FVE\OSPlatformValidation_BIOS!Enabled, HKLM\SOFTWARE\Policies\Microsoft\FVE\OSPlatformValidation_BIOS!0, H
HKLM\SOFTWARE\Policies\Microsoft\FVE\OSPlatformValidation_UEFI!Enabled, HKLM\SOFTWARE\Policies\Microsoft\FVE\OSPlatformValidation_UEFI!0, H
HKLM\Software\Policies\Microsoft\FVE!MinimumPIN
HKLM\SOFTWARE\Policies\Microsoft\FVE!OSHardwareEncryption, HKLM\SOFTWARE\Policies\Microsoft\FVE!OSAllowSoftwareEncryptionFailover, HKLM\S
HKLM\Software\Policies\Microsoft\FVE!OSEnablePrebootInputProtectorsOnSlates
HKLM\Software\Policies\Microsoft\FVE!OSAllowSecureBootForIntegrity
HKLM\SOFTWARE\Policies\Microsoft\FVE!FDVRecovery, HKLM\SOFTWARE\Policies\Microsoft\FVE!FDVRecoveryPassword, HKLM\SOFTWARE\Policies\M
HKLM\Software\Policies\Microsoft\FVE!FDVPassphrase, HKLM\Software\Policies\Microsoft\FVE!FDVEnforcePassphrase, HKLM\Software\Policies\Microsoft\
HKLM\System\CurrentControlSet\Policies\Microsoft\FVE!FDVDenyWriteAccess
HKLM\Software\Policies\Microsoft\FVE!FDVDiscoveryVolumeType, HKLM\Software\Policies\Microsoft\FVE!FDVNoBitLockerToGoReader
HKLM\Software\Policies\Microsoft\FVE!FDVAllowUserCert, HKLM\Software\Policies\Microsoft\FVE!FDVEnforceUserCert
HKLM\SOFTWARE\Policies\Microsoft\FVE!FDVEncryptionType, HKLM\SOFTWARE\Policies\Microsoft\FVE!FDVEncryptionType
HKLM\SOFTWARE\Policies\Microsoft\FVE!FDVHardwareEncryption, HKLM\SOFTWARE\Policies\Microsoft\FVE!FDVAllowSoftwareEncryptionFailover, HKLM
HKLM\SOFTWARE\Policies\Microsoft\FVE!RDVRecovery, HKLM\SOFTWARE\Policies\Microsoft\FVE!RDVRecoveryPassword, HKLM\SOFTWARE\Policies\M
HKLM\Software\Policies\Microsoft\FVE!RDVConfigureBDE, HKLM\Software\Policies\Microsoft\FVE!RDVAllowBDE, HKLM\Software\Policies\Microsoft\FVE!RD
HKLM\Software\Policies\Microsoft\FVE!RDVPassphrase, HKLM\Software\Policies\Microsoft\FVE!RDVEnforcePassphrase, HKLM\Software\Policies\Microsoft
HKLM\System\CurrentControlSet\Policies\Microsoft\FVE!RDVDenyWriteAccess, HKLM\Software\Policies\Microsoft\FVE!RDVDenyCrossOrg
HKLM\Software\Policies\Microsoft\FVE!RDVDiscoveryVolumeType, HKLM\Software\Policies\Microsoft\FVE!RDVNoBitLockerToGoReader
HKLM\Software\Policies\Microsoft\FVE!RDVAllowUserCert, HKLM\Software\Policies\Microsoft\FVE!RDVEnforceUserCert
HKLM\SOFTWARE\Policies\Microsoft\FVE!RDVEncryptionType, HKLM\SOFTWARE\Policies\Microsoft\FVE!RDVEncryptionType
HKLM\SOFTWARE\Policies\Microsoft\FVE!RDVHardwareEncryption, HKLM\SOFTWARE\Policies\Microsoft\FVE!RDVAllowSoftwareEncryptionFailover, HKLM
HKLM\Software\Policies\Microsoft\W32Time\Config!FrequencyCorrectRate, HKLM\Software\Policies\Microsoft\W32Time\Config!HoldPeriod, HKLM\Software\
HKLM\Software\Policies\Microsoft\W32time\Parameters!NtpServer, HKLM\Software\Policies\Microsoft\W32time\Parameters!Type, HKLM\Software\Policies\M
HKLM\Software\Policies\Microsoft\W32time\TimeProviders\NtpClient!Enabled
HKLM\Software\Policies\Microsoft\W32Time\TimeProviders\NtpServer!Enabled
HKLM\Software\Policies\Microsoft\Windows\WcmSvc\GroupPolicy!fBlockNonDomain
HKLM\Software\Policies\Microsoft\Windows\WcmSvc\GroupPolicy!fMinimizeConnections
HKLM\Software\Policies\Microsoft\Windows\WcmSvc\GroupPolicy!fBlockRoaming
HKLM\Software\Policies\Microsoft\Windows\WcmSvc\GroupPolicy!fDisablePowerManagement
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI!DataRetentionBySizeEnabled, HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI!DirSizeLimit
HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI!ScenarioExecutionEnabled, HKLM\SOFTWARE\Policies\Microsoft\Windows\WDI!EnabledScenarioExec
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Windows!TurnOffWinCal
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Windows!TurnOffWinCal
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\WAU!Disabled
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\WAU!Disabled
HKLM\Software\Policies\Microsoft\Windows\Backup\Server!OnlySystemBackup
HKLM\Software\Policies\Microsoft\Windows\Backup\Server!NoBackupToDisk
HKLM\Software\Policies\Microsoft\Windows\Backup\Server!NoBackupToNetwork
HKLM\Software\Policies\Microsoft\Windows\Backup\Server!NoBackupToOptical
HKLM\Software\Policies\Microsoft\Windows\Backup\Server!NoRunNowBackup
HKCU\Software\Policies\Microsoft\Windows\WindowsColorSystem!ProhibitInstallUninstall
HKLM\Software\Policies\Microsoft\Windows\WindowsColorSystem!ProhibitInstallUninstall
HKCU\Software\Policies\Microsoft\Windows\WCN\UI!DisableWcnUi
HKLM\Software\Policies\Microsoft\Windows\WCN\UI!DisableWcnUi
HKLM\Software\Policies\Microsoft\Windows\WCN\Registrars!EnableRegistrars, HKLM\Software\Policies\Microsoft\Windows\WCN\Registrars!DisableUPnPRe
HKLM\Software\Policies\Microsoft\Windows Defender\Scan!CheckForSignaturesBeforeRunningScan
HKLM\Software\Policies\Microsoft\Windows Defender!DisableAntiSpyware
HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet!SpyNetReporting, HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet!SpyNetReport
HKLM\Software\Policies\Microsoft\Windows Defender\Real-time Protection!DisableRealtimeMonitoring
HKLM\Software\Policies\Microsoft\Windows Defender!DisableRoutinelyTakingAction
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Comdlg32!NoBackButton
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Comdlg32!NoFileMru
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Comdlg32!NoPlacesBar
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\comdlg32\Placesbar!Place0, HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\comdlg
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!ClassicShell
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!ConfirmFileDelete
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!EnforceShellExtensionSecurity
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!LinkResolveIgnoreLinkInfo
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!MaxRecentDocs
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoThumbnailCache
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoCDBurning
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoChangeAnimation
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoChangeKeyboardNavigationIndicators
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoDFSTab
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoDrives
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Network!NoEntireNetwork
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoFileMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoFolderOptions
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoHardwareTab
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoManageMyComputerVerb
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSharedDocuments
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoNetConnectDisconnect
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoRecycleFiles
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoRunasInstallPrompt
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoSecurityTab
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoShellSearchButton
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoViewContextMenu
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoViewOnDrive
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoWinKeys
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoComputersNearMe
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!PromptRunasInstallNetPath
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!RecycleBinSize
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!PreXPSP2ShellProtocolBehavior
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!PreXPSP2ShellProtocolBehavior
HKCU\Software\Policies\Microsoft\Windows\Explorer!NoSearchInternetTryHarderButton
HKCU\Software\Policies\Microsoft\Windows\Explorer!TryHarderPinnedOpenSearch, HKCU\Software\Policies\Microsoft\Windows\Explorer!OpenSearch0, HKC
HKCU\Software\Policies\Microsoft\Windows\Explorer!TryHarderPinnedLibrary, HKCU\Software\Policies\Microsoft\Windows\Explorer!Library0, HKCU\Software
HKLM\Software\Policies\Microsoft\Windows\Explorer!CheckSameSourceAndTargetForFRAndDFS
HKCU\Software\Policies\Microsoft\Windows\Explorer!DisableKnownFolders, HKCU\Software\Policies\Microsoft\Windows\Explorer\DisableKnownFolders
HKCU\Software\Policies\Microsoft\Windows\Explorer!HideContentViewModeSnippets
HKCU\Software\Policies\Microsoft\Windows\Explorer!DisableIndexedLibraryExperience
HKCU\Software\Policies\Microsoft\Windows\Explorer!DisableSearchBoxSuggestions
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisableBindDirectlyToPropertySetStorage
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!DisableBindDirectlyToPropertySetStorage
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStrCmpLogical
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoStrCmpLogical
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0!180E
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0!180E
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0!180E
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0!180E
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0!180F
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0!180F
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0!180F
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0!180F
HKLM\Software\Policies\Microsoft\Windows\Explorer!DefaultLibrariesLocation
HKCU\Software\Policies\Microsoft\Windows\Explorer!DefaultLibrariesLocation
HKLM\Software\Policies\Microsoft\Windows\System!EnableSmartScreen, HKLM\Software\Policies\Microsoft\Windows\System!EnableSmartScreen
HKLM\Software\Policies\Microsoft\Windows\Explorer!ShowLockOption
HKLM\Software\Policies\Microsoft\Windows\Explorer!ShowSleepOption
HKLM\Software\Policies\Microsoft\Windows\Explorer!ShowHibernateOption
HKLM\Software\Policies\Microsoft\Windows\Explorer!NoNewAppAlert
HKLM\Software\Policies\Microsoft\Windows\Explorer!ExplorerRibbonStartsMinimized, HKLM\Software\Policies\Microsoft\Windows\Explorer!ExplorerRibbonS
HKCU\Software\Policies\Microsoft\Windows\Explorer!ExplorerRibbonStartsMinimized, HKCU\Software\Policies\Microsoft\Windows\Explorer!ExplorerRibbonS
HKLM\Software\Policies\Microsoft\Windows\System!DefaultAssociationsConfiguration
HKLM\Software\Policies\Microsoft\Windows\Explorer!EnableShellShortcutIconRemotePath
HKLM\Software\Policies\Microsoft\Windows NT\Windows File Protection!SFCDllCacheDir
HKLM\Software\Policies\Microsoft\Windows NT\Windows File Protection!SfcQuota
HKLM\Software\Policies\Microsoft\Windows NT\Windows File Protection!SfcScan
HKLM\Software\Policies\Microsoft\Windows NT\Windows File Protection!SfcShowProgress
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\ICFv4!BypassFirewall
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFirew
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications!AllowUserPrefMerge
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile!EnableFirewall
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile!DoNotAllowExceptions
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewa
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings!AllowOutboundDestinationUnreachable, HKLM\SOFTWARE\Policies\Mic
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging!LogDroppedPackets, HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile!DisableNotifications
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\D
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts!AllowUserPrefMerge
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewa
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFire
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile!DisableUnicastResponsesToMulticastBroadcast
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFi
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFire
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications!AllowUserPrefMerge
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile!EnableFirewall
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile!DoNotAllowExceptions
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFirew
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings!AllowOutboundDestinationUnreachable, HKLM\SOFTWARE\Policies\M
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Logging!LogDroppedPackets, HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewa
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile!DisableNotifications
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts!AllowUserPrefMerge
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsFirew
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\RemoteDesktop!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsF
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile!DisableUnicastResponsesToMulticastBroadcast
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\UPnPFramework!Enabled, HKLM\SOFTWARE\Policies\Microsoft\WindowsF
HKCU\SOFTWARE\Policies\Microsoft\Windows Mail!ManualLaunchAllowed
HKLM\SOFTWARE\Policies\Microsoft\Windows Mail!ManualLaunchAllowed
HKCU\SOFTWARE\Policies\Microsoft\Windows Mail!DisableCommunities
HKLM\SOFTWARE\Policies\Microsoft\Windows Mail!DisableCommunities
HKLM\Software\Policies\Microsoft\WMDRM!DisableOnline
HKLM\Software\Policies\Microsoft\WindowsMediaPlayer!DisableAutoUpdate
HKLM\Software\Policies\Microsoft\WindowsMediaPlayer!GroupPrivacyAcceptance
HKLM\Software\Policies\Microsoft\WindowsMediaPlayer!DontUseFrameInterpolation
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!PreventCDDVDMetadataRetrieval
HKLM\Software\Policies\Microsoft\WindowsMediaPlayer!PreventLibrarySharing
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!PreventMusicFileMetadataRetrieval
HKLM\Software\Policies\Microsoft\WindowsMediaPlayer!QuickLaunchShortcut
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!PreventRadioPresetsRetrieval
HKLM\Software\Policies\Microsoft\WindowsMediaPlayer!DesktopShortcut
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!EnableScreenSaver
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!PreventCodecDownload
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!DoNotShowAnchor
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!HidePrivacyTab
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!HideSecurityTab
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!SetAndLockSkin, HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!DefaultSkin
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer\Protocols\HTTP!ProxyPolicy, HKCU\Software\Policies\Microsoft\WindowsMediaPlayer\Protocols\HTT
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer\Protocols\MMS!ProxyPolicy, HKCU\Software\Policies\Microsoft\WindowsMediaPlayer\Protocols\MMS
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer\Protocols\RTSP!ProxyPolicy, HKCU\Software\Policies\Microsoft\WindowsMediaPlayer\Protocols\RT
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!HideNetworkTab
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!NetworkBufferingPolicy, HKCU\Software\Policies\Microsoft\WindowsMediaPlayer!BufferingType, HK
HKCU\Software\Policies\Microsoft\WindowsMediaPlayer\Protocols!WindowsMediaStreamingProtocols, HKCU\Software\Policies\Microsoft\WindowsMediaPlay
HKLM\Software\Policies\Microsoft\Messenger\Client!PreventAutoRun
HKCU\Software\Policies\Microsoft\Messenger\Client!PreventAutoRun
HKLM\Software\Policies\Microsoft\Messenger\Client!PreventRun
HKCU\Software\Policies\Microsoft\Messenger\Client!PreventRun
HKLM\Software\Policies\Microsoft\Windows\WinRM\Client!AllowBasic
HKLM\Software\Policies\Microsoft\Windows\WinRM\Client!AllowUnencryptedTraffic
HKLM\Software\Policies\Microsoft\Windows\WinRM\Client!AllowDigest
HKLM\Software\Policies\Microsoft\Windows\WinRM\Client!AllowNegotiate
HKLM\Software\Policies\Microsoft\Windows\WinRM\Client!AllowKerberos
HKLM\Software\Policies\Microsoft\Windows\WinRM\Client!AllowCredSSP
HKLM\Software\Policies\Microsoft\Windows\WinRM\Client!TrustedHosts, HKLM\Software\Policies\Microsoft\Windows\WinRM\Client!TrustedHostsList
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!AllowAutoConfig, HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!IPv4Filter, HKLM\
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!HttpCompatibilityListener
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!HttpsCompatibilityListener
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!AllowBasic
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!AllowUnencryptedTraffic
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!DisableRunAs
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!AllowNegotiate
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!AllowKerberos
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!AllowCredSSP
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!CBTHardeningLevelStatus, HKLM\Software\Policies\Microsoft\Windows\WinRM\Service!CbtHard
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS!AllowRemoteShellAccess
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS!IdleTimeout, HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS!MaxConcurrentUsers
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS!MaxMemoryPerShellMB
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS!MaxProcessesPerShell
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS!ShellTimeOut
HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS!MaxShellsPerUser
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer!NoAutoUpdate
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!NoAUShutdownOption
HKCU\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!NoAUShutdownOption
HKCU\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!NoAUAsDefaultShutdownOption
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!NoAUAsDefaultShutdownOption
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\WindowsUpdate!DisableWindowsUpdateAccess, HKCU\Software\Microsoft\Windows\CurrentVer
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!NoAutoUpdate, HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!AUOptions
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!UseWUServer, HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate!WUServer, HK
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!DetectionFrequencyEnabled, HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\A
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate!ElevateNonAdmins
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!AutoInstallMinorUpdates
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!IncludeRecommendedUpdates
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!EnableFeaturedSoftware
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!AUPowerManagement
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!NoAutoRebootWithLoggedOnUsers
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!RebootRelaunchTimeoutEnabled, HKLM\Software\Policies\Microsoft\Windows\WindowsUpd
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!RebootWarningTimeoutEnabled, HKLM\Software\Policies\Microsoft\Windows\WindowsUpda
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU!RescheduleWaitTimeEnabled, HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate!TargetGroupEnabled, HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate!TargetGroup
HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate!AcceptTrustedPublisherCerts
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!DisableShutdownNamedPipe
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!ShutdownSessionTimeout
HKLM\Software\Policies\Microsoft\Windows\System!HiberbootEnabled
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!DisplayLastLogonInfo
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!DontDisplayLogonHoursWarnings
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!LogonHoursAction
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!SoftwareSASGeneration
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System!ReportControllerMissing
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!ReportControllerMissing
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System!Shell
HKLM\Software\Policies\Microsoft\Windows\System!AllowBlockingAppsAtShutdown
HKCU\Software\Policies\Microsoft\WindowsStore!RemoveWindowsStore
HKLM\Software\Policies\Microsoft\WindowsStore!RemoveWindowsStore
HKLM\Software\Policies\Microsoft\WindowsStore!EnableWindowsStoreOnWTG
HKLM\Software\Policies\Microsoft\WindowsStore\WindowsUpdate!AutoDownload
HKLM\Software\Policies\Microsoft\Windows\Wireless\NetCost!Cost
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\SearchExtensions!InternetExtensionName, HKCU\Software\Microsoft\Windows\CurrentV
HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications!NoTileApplicationNotification
HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications!NoToastApplicationNotification
HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications!NoToastApplicationNotificationOnLockScreen
HKCU\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications!NoCloudApplicationNotification
HKLM\Software\Policies\Microsoft\Windows\WwanSvc\NetCost!Cost3G
HKLM\Software\Policies\Microsoft\Windows\WwanSvc\NetCost!Cost4G
Supported On
At least Windows Vista
Windows Server 2003, Windows XP, and Windows 2000 only
At least Windows Server 2003
At least Windows Server 2008 R2 or Windows 7
At least Windows Server 2012, Windows 8 or Windows RT
At least Windows XP Professional with SP2
At least Windows 2000
Windows XP or Windows Server 2003, or computers with BITS 1.5 installed.
Windows XP SP2 or Windows Server 2003 SP1, or computers with BITS 2.0 installed.
Windows 7 or computers with BITS 3.5 installed.
Windows 8 or Windows Server 2012 or Windows RT or computers with BITS 5 installed.
at least Windows NetMeeting v3.0
At least Windows Server 2003 operating systems or Windows XP Professional
At least Windows 2000 Service Pack 1
Windows Server 2008, Windows Server 2003, Windows Vista, and Windows XP
At least Windows Server 2012, Windows 8 or Windows RT or at least Internet Explorer 10
At least Windows Server 2012, Windows 8 or Windows RT or at least Internet Explorer 10
Windows 2000 only
Windows Server 2003 and Windows XP only
Windows Server 2008, Windows 7, and Windows Vista
Windows Server 2008, Windows Server 2003, Windows Vista, and Windows XP SP2
Windows Server 2008 with Desktop Experience installed or Windows Vista
Windows Server 2008 with Desktop Experience installed or Windows Vista
Windows XP Professional only

At least Windows Server 2003 operating systems or Windows XP Professional with SP2
At least Internet Explorer 6 Service Pack 1
At least Windows Server 2003 operating systems with SP1 or Windows XP Professional with SP2
At least Windows Server 2003 operating systems, Windows XP Professional Service Pack 1, or Windows 2000 Service Pack 3
Windows Server 2008, Windows Server 2003, Windows 7, Windows Vista, and Windows XP
Windows Server 2003 only
At least Internet Explorer 5.0
At least Internet Explorer 10.0 on Windows 8
At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
At least Internet Explorer 6.0 in Windows 2003 Service Pack 1
Only Internet Explorer 6.0 in Windows 2003 Service Pack 1
At least Internet Explorer 6.0 in Windows 2003 Service Pack 1. Not supported on Windows Vista
At least Internet Explorer 6.0 in Windows 2003 Service Pack 1. Not supported on Windows Vista
Only Internet Explorer 4.0
Only Internet Explorer 5.0 through Internet Explorer 8.0
Only Internet Explorer 5.0 and Internet Explorer 6.0
At least Internet Explorer 7.0. Not supported on Windows Vista
At least Internet Explorer 7.0 in Windows Vista
Only Internet Explorer 6.0 in Windows XP Service Pack 2 or Windows Server 2003 Service Pack 1 through IE8 inclusive
Windows 2000 only
Windows 2000 only
Windows Server 2008 R2 and Windows 7
At least Windows Server 2003 R2

Windows Installer v4.0
Microsoft Windows XP or Windows 2000 with Windows Installer v2.0

Microsoft Windows Server 2003, Windows XP, and Windows 2000 Service Pack 1 operating systems only
Microsoft Windows XP Professional with SP2 and Windows Server 2003 family only
At least Windows Server 2003 operating systems Service Pack 1, Windows XP Professional Service Pack 2, or Windows 2000 Service Pack 5
At least Windows 7 or Windows Server 2008 R2*
Windows Vista only
Windows Vista only
Windows Vista only
Windows Vista only
At least Microsoft Windows 7 or Windows Server 2008 family
Supported Windows Vista through Windows 7
Windows 2000 only
Windows Server 2008 and Windows Vista
Supported Windows XP SP1 through Windows Server 2008 RTM
Windows Vista only
Any version of Microsoft Windows with Windows Search 4.0 or later
Microsoft Windows Vista, or any version of Windows with Windows Search 4.0 or later
Microsoft Windows XP, Windows Server 2003 with Windows Search version 3.01, or any version of Microsoft Windows with Windows Search 4.0 or later
Microsoft Windows 8 or later
Any version of Microsoft Windows with Windows Search 4.0
Microsoft Windows XP, or Windows Server 2003 with Windows Search version 4.0 or later
Microsoft Windows Vista or later
Microsoft Windows XP, Windows Server 2003 with Windows Search version 3.01, or any version of Microsoft Windows with Windows Search 4.0
Windows Server 2008 and Windows Server 2008 R2 operating systems only
Windows Vista only
At least Windows Vista Service Pack 1
Windows Vista only
Windows Vista only
Windows Server 2008, Windows Server 2003, Windows Vista, Windows XP, and Windows 2000
Windows Server 2008, Windows Server 2003, Windows 7, Windows Vista, Windows XP, and Windows 2000
Windows XP Professional Service Pack 1 or At least Windows 2000 Service Pack 3
Windows Vista only
Windows Vista only
Windows Vista only
Windows Vista only
Windows Vista only
At least Windows Vista Service Pack 1
Windows Server 2008 R2 only
At least Windows Server 2012 with RDSH role installed
Windows 7 with Service Pack 1
At least Windows XP and Windows Server 2003 only
At least Windows Server 2003 with Service Pack 1
At least Windows 2000 Terminal Services
At least Windows 2000 Terminal Services
At least Windows 8 Enterprise or Windows Server 2012
Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows 7, Windows Vista, and Windows XP
Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows 7, Windows Vista, and Windows XP
At least Windows Server 2008 or Windows 7
Windows Server 2003 with Service Pack 1 only
At least Windows Server 2003, Enterprise Edition
At least Windows Vista with Service Pack 1
Windows 7 or Windows Server 2008 R2 (and their subsequent Service Packs) only
At least Windows 7 with Service Pack 1 or Windows Server 2008 R2 with Service Pack 1
At least Windows 8 or Windows RT
Windows Vista Service Pack 1
Windows Vista only
Windows Vista only
At least Windows Server 2003 operating systems, Windows XP Professional Service Pack 1, or Windows 2000 Service Pack 4
Windows Vista only
Windows Vista only
Windows Media Player 9 Series and later.
Windows Media Player 11 for Windows XP or Windows Media Player 11 for Windows Vista or later.
Windows Media Player for Windows XP and later.
Windows 7, Windows Server 2008 R2, Windows Vista, Windows XP SP2
At least Windows XP Professional Service Pack 1 or Windows 2000 Service Pack 3, excluding Windows RT
Windows 7, Windows Server 2008 R2, Windows Vista, Windows Server 2003, Windows XP SP2, Windows XP SP1 , Windows 2000 SP4, Windows 2000 SP3
At least Windows Server 2003 operating systems or Windows XP Professional with SP1, excluding Windows RT
Help Text
This policy setting determines which ActiveX installation sites standard users in your organization can use to install ActiveX controls on their computers. When
This policy setting controls the installation of ActiveX controls for sites in Trusted zone. If you enable this policy setting, ActiveX controls are installed according
Specifies the category of programs that appears when users open the "Add New Programs" page.If you enable this setting, only the programs in the category
Removes the "Add a program from CD-ROM or floppy disk" section from the Add New Programs page. This prevents users from using Add or Remove Progra
Removes the "Add programs from Microsoft" section from the Add New Programs page. This setting prevents users from using Add or Remove Programs to c
Prevents users from viewing or installing published programs.This setting removes the "Add programs from your network" section from the Add New Programs
Removes the Add New Programs button from the Add or Remove Programs bar. As a result, users cannot view or change the attached page.The Add New Pr
Prevents users from using Add or Remove Programs.This setting removes Add or Remove Programs from Control Panel and removes the Add or Remove Pr
Removes the Set Program Access and Defaults button from the Add or Remove Programs bar. As a result, users cannot view or change the associated page
Removes the Change or Remove Programs button from the Add or Remove Programs bar. As a result, users cannot view or change the attached page.The C
Prevents users from using Add or Remove Programs to configure installed services.This setting removes the "Set up services" section of the Add/Remove Wi
Removes links to the Support Info dialog box from programs on the Change or Remove Programs page.Programs listed on the Change or Remove Programs
Removes the Add/Remove Windows Components button from the Add or Remove Programs bar. As a result, users cannot view or change the associated pag
This policy setting prevents a Federation Service in Active Directory Federation Services (AD FS) from being installed or run.If you enable this policy setting, i
Specifies whether to prevent the MS-DOS subsystem (ntvdm.exe) from running on this computer. This setting affects the launching of 16-bit applications in the
This policy controls the visibility of the Program Compatibility property page shell extension. This shell extension is visible on the property context-menu of an
The policy controls the state of the Application Telemetry engine in the system.Application Telemetry is a mechanism that tracks anonymous usage of specific
The policy controls the state of the Switchback compatibility engine in the system. Switchback is a mechanism that provides generic compatibility mitigations to
This policy controls the state of the application compatibility engine in the system.The engine is part of the loader and looks through a compatibility database
This setting exists only for backward compatibility, and is not valid for this version of Windows. To configure the Program Compatibility Assistant, use the 'T
This policy setting controls the state of the Program Compatibility Assistant (PCA). The PCA monitors applications run by the user. When a potential compa
This policy setting controls the state of Steps Recorder.Steps Recorder keeps a record of steps taken by the user. The data generated by Steps Recorder can
This policy setting controls the state of the Inventory Collector. The Inventory Collector inventories applications, files, devices, and drivers on the system a
This policy setting allows you to manage the installation of app packages that do not originate from the Windows Store.If you enable this policy setting, you ca
This policy setting allows you to manage the deployment operations of app packages when the user is logged in under special profiles.Deployment operation
This policy setting allows you to minimize the risk involved when a packaged app launches the default app for a file. Because desktop apps run at a higher int
This policy setting allows you to minimize the risk involved when a packaged app launches the default app for a file. Because desktop apps run at a higher int
This policy setting allows you to minimize the risk involved when a packaged app launches the default app for a protocol. Because desktop apps run at a high
This policy setting allows you to minimize the risk involved when a packaged app launches the default app for a protocol. Because desktop apps run at a high
This policy setting allows you to manage the behavior for notifying registered antivirus programs. If multiple programs are registered, they will all be notified.
This policy setting allows you to configure the logic that Windows uses to determine the risk for file attachments.Preferring the file handler instructs Windows t
This policy setting allows you to manage whether Windows marks file attachments with information about their zone of origin (such as restricted, Internet, intra
This policy setting allows you to manage whether users can manually remove the zone information from saved file attachments by clicking the Unblock button
This policy setting allows you to manage the default risk level for file types. To fully customize the risk level for file attachments, you may also need to configur
This policy setting allows you to configure the list of high-risk file types. If the file attachment is in the list of high-risk file types and is from the restricted zo
This policy setting allows you to configure the list of low-risk file types. If the attachment is in the list of low-risk file types, Windows will not prompt the user be
This policy setting allows you to configure the list of moderate-risk file types. If the attachment is in the list of moderate-risk file types and is from the restricte
This policy setting sets the default behavior for Autorun commands. Autorun commands are generally stored in autorun.inf files. They often launch the in
This policy setting sets the default behavior for Autorun commands. Autorun commands are generally stored in autorun.inf files. They often launch the in
This policy setting allows you to prevent AutoPlay from remembering user's choice of what to do when a device is connected. If you enable this policy se
This policy setting allows you to prevent AutoPlay from remembering user's choice of what to do when a device is connected. If you enable this policy se
This policy setting allows you to turn off the Autoplay feature. Autoplay begins reading from a drive as soon as you insert media in the drive. As a result
This policy setting allows you to turn off the Autoplay feature. Autoplay begins reading from a drive as soon as you insert media in the drive. As a result
This policy setting disallows AutoPlay for MTP devices like cameras or phones. If you enable this policy setting, AutoPlay is not allowed for MTP devices
This policy setting disallows AutoPlay for MTP devices like cameras or phones. If you enable this policy setting, AutoPlay is not allowed for MTP devices
This policy setting allows or prevents the Windows Biometric Service to run on this computer. If you enable or do not configure this policy setting, the Wi
This policy setting determines whether users can log on or elevate User Account Control (UAC) permissions using biometrics. By default, local users will be a
This policy setting determines whether users with a domain account can log on or elevate User Account Control (UAC) permissions using biometrics.By defau
This policy setting specifies the number of seconds a pending fast user switch event will remain active before the switch is initiated. By default, a fast user s
This policy setting specifies the number of days a pending BITS job can remain inactive before the job is considered abandoned. By default BITS will wait 90 d
This policy setting limits the amount of time that Background Intelligent Transfer Service (BITS) will take to download the files in a BITS job. The time li
This policy setting limits the network bandwidth that Background Intelligent Transfer Service (BITS) uses for background transfers. (This policy setting does no
This policy setting limits the network bandwidth that Background Intelligent Transfer Service (BITS) uses for background transfers during the work and nonwor
This policy setting limits the network bandwidth that Background Intelligent Transfer Service (BITS) uses for background transfers during the maintenance day
This policy setting determines if the Background Intelligent Transfer Service (BITS) peer caching feature is enabled on a specific computer. By default, the file
This policy setting limits the maximum age of files in the Background Intelligent Transfer Service (BITS) peer cache. In order to make the most efficient use of
This policy setting limits the maximum amount of disk space that can be used for the BITS peer cache, as a percentage of the total system disk size. BITS will
This policy setting specifies whether the computer will act as a BITS peer caching client. By default, when BITS peer caching is enabled, the computer acts as
This policy setting specifies whether the computer will act as a BITS peer caching server. By default, when BITS peer caching is enabled, the computer acts a
This policy setting limits the network bandwidth that BITS uses for peer cache transfers (this setting does not affect transfers from the origin server).
This policy setting defines the default behavior that the Background Intelligent Transfer Service (BITS) uses for background transfers when the system i
This policy setting limits the number of BITS jobs that can be created for all users of the computer. By default, BITS limits the total number of jobs that can be
This policy setting limits the number of BITS jobs that can be created by a user. By default, BITS limits the total number of jobs that can be created by a user to
This policy setting limits the number of files that a BITS job can contain. By default, a BITS job is limited to 200 files. You can use this setting to raise or lower
This policy setting limits the number of ranges that can be added to a file in a BITS job. By default, files in a BITS job are limited to 500 ranges per file. You can
This setting affects whether the BITS client is allowed to use Windows Branch Cache. If the Windows Branch Cache component is installed and enabled on a
If you enable this setting all Customer Experience Improvement Program uploads are redirected to Microsoft Operations Manager server.If you disable this se
This policy setting will enable tagging of Windows Customer Experience Improvement data when a study is being conducted.If you enable this setting then Wi
This policy setting determines the cipher suites used by the Secure Socket Layer (SSL).If you enable this policy setting, SSL ciphe
This policy setting directs the system to search Active Directory for missing Component Object Model (COM) components that a program requires.Many Wind
This policy setting directs the system to search Active Directory for missing Component Object Model (COM) components that a program requires.Many Wind
Disables the application sharing feature of NetMeeting completely. Users will not be able to host or view shared applications.
Prevents users from allowing others in a conference to control what they have shared. This enforces a read-only mode; the other participants cannot change
Prevents users from sharing anything themselves. They will still be able to view shared applications/desktops from others.
Prevents users from sharing command prompts. This prevents users from inadvertently sharing out applications, since command prompts can be used to lau
Prevents users from sharing the whole desktop. They will still be able to share individual applications.
Prevents users from sharing Explorer windows. This prevents users from inadvertently sharing out applications, since Explorer windows can be used to launc
Prevents users from sharing applications in true color. True color sharing uses more bandwidth in a conference.
Disables the audio feature of NetMeeting. Users will not be able to send or receive audio.
Prevents user from changing the DirectSound audio setting. DirectSound provides much better audio quality, but older audio hardware may not support it.
Disables full duplex mode audio. Users will not be able to listen to incoming audio while speaking into the microphone. Older audio hardware does not perfor
Prevents users from receiving video. Users will still be able to send video provided they have the hardware."
Prevents users from sending video if they have the hardware. Users will still be able to receive video from others.
Limits the bandwidth audio and video will consume when in a conference. This setting will guide NetMeeting to choose the right formats and send rate so that
Make the automatic acceptance of incoming calls persistent.
Disables the Chat feature of NetMeeting.
Disables the T.126 whiteboard feature of NetMeeting.
Disables the 2.x whiteboard feature of NetMeeting.The 2.x whiteboard is available for compatibility with older versions of NetMeeting only.Deployers who do n
Disables the remote desktop sharing feature of NetMeeting. Users will not be able to set it up or use it for controlling their computers remotely.
Configures NetMeeting to download settings for users each time it starts.The settings are downloaded from the URL listed in the "Configuration URL:" text box
Prevents users from adding directory (ILS) servers to the list of those they can use for placing calls.
Prevents users from turning on automatic acceptance of incoming calls.This ensures that others cannot call and connect to NetMeeting when the user is not
Prevents users from changing the way calls are placed, either directly or via a gatekeeper server.
Disables the directory feature of NetMeeting.Users will not logon to a directory (ILS) server when NetMeeting starts. Users will also not be able to view or pla
Prevents users from receiving files from others in a conference.
Prevents users from sending files to others in a conference.
Prevents users from viewing directories as Web pages in a browser.
Limits the size of files users can send to others in a conference.
Sets the URL NetMeeting will display when the user chooses the Help Online Support command.
Sets the level of security for both outgoing and incoming NetMeeting calls.
Disables the Advanced Calling button on the General Options page. Users will not then be able to change the call placement method and the servers used.
Hides the Audio page of the Tools Options dialog. Users will not then be able to change audio settings.
Hides the General page of the Tools Options dialog. Users will not then be able to change personal identification and bandwidth settings.
Hides the Security page of the Tools Options dialog. Users will not then be able to change call security and authentication settings.
Hides the Video page of the Tools Options dialog. Users will not then be able to change video settings.
This setting allows you to display or hide specified Control Panel items, such as Mouse, System, or Personalization, from the Control Panel window and the St
This policy setting controls the default Control Panel view, whether by category or icons. If this policy setting is enabled, the Control Panel opens to the icon vi
Disables all Control Panel programs and the PC settings app.This setting prevents Control.exe and SystemSettings.exe, the program files for Control Panel an
This policy setting controls which Control Panel items such as Mouse, System, or Personalization, are displayed on the Control Panel window and the Start sc
Disables the Display Control Panel.If you enable this setting, the Display Control Panel does not run. When users try to start Display, a message appears expl
Removes the Settings tab from Display in Control Panel.This setting prevents users from using Control Panel to add, configure, or change the display settings
Disables the Color (or Window Color) page in the Personalization Control Panel, or the Color Scheme dialog in the Display Control Panel on systems where th
Prevents the Screen Saver dialog from opening in the Personalization or Display Control Panel. This setting prevents users from using Control Panel to ad
Enables desktop screen savers.If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver d
Specifies the screen saver for the user's desktop.If you enable this setting, the system displays the specified screen saver on the user's desktop. Also, this set
Determines whether screen savers used on the computer are password protected.If you enable this setting, all screen savers are password protected. If you d
Specifies how much user idle time must elapse before the screen saver is launched.When configured, this idle time can be set from a minimum of 1 second to
Prevents users from adding or changing the background design of the desktop.By default, users can use the Desktop Background page in the Personalization
Prevents users from changing the sound scheme.By default, users can use the Sounds tab in the Sound Control Panel to add, remove, or change the system
Prevents users from changing the mouse pointers.By default, users can use the Pointers tab in the Mouse Control Panel to add, remove, or change the mous
Prevents users from changing the desktop icons.By default, users can use the Desktop Icon Settings dialog in the Personalization or Display Control Panel to
This setting forces the theme color scheme to be the default color scheme.If you enable this setting, a user cannot change the color scheme of the current des
This setting disables the theme gallery in the Personalization Control Panel.If you enable this setting, users cannot change or save a theme. Elements of a th
Specifies which theme file is applied to the computer the first time a user logs on.If you enable this setting, the theme that you specify will be applied when a n
Prevents users or applications from changing the visual style of the windows and buttons displayed on their screens.When enabled on Windows XP, this settin
This setting allows you to force a specific visual style file by entering the path (location) of the visual style file.This can be a local computer visual style (
Prevents users from changing the size of the font in the windows and buttons displayed on their screens.If this setting is enabled, the "Font size" drop-down lis
This policy setting controls whether the lock screen appears for users.If you enable this policy setting, users that are not required to press CTRL + ALT + DEL
Prevents users from changing the background image shown when the machine is locked.By default, users can change the background image shown when the
Prevents users from changing the look of their start menu background, such as its color or accent.By default, users can change the look of their start menu ba
This policy setting allows an administrator to standardize the account pictures for all users on a system to the default account picture. One application for thi
This policy setting specifies a default logon domain, which might be a different domain than the domain to which the computer is joined. Without this policy set
This policy setting allows the administrator to exclude the specifiedcredential providers from use during authentication.Note: credential providers are used to p
This policy setting allows you to control whether a domain user can sign in using a PIN.If you enable this policy setting, a domain user can set up and sign in w
This policy setting allows you to control whether a domain user can sign in using a picture password.If you enable this policy setting, a domain user can't set u
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).This policy setting applies when server a
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).This policy setting applies when server
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).This policy setting applies when server a
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).If you enable this policy setting, you can
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).If you enable this policy setting, you can
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).If you enable this policy setting, you ca
This policy setting controls whether administrator accounts are displayed when a user attempts to elevate a running application. By default, administrator acco
This policy setting requires the user to enter Microsoft Windows credentials using a trusted path, to prevent a Trojan horse or other types of malicious code fr
This policy setting allows you to configure the display of the password reveal button in password entry user experiences.If you enable this policy setting, the
This policy setting allows you to configure the display of the password reveal button in password entry user experiences.If you enable this policy setting, the
This policy setting prevents users from changing their Windows password on demand.If you enable this policy setting, the 'Change Password' button on the W
This policy setting prevents users from locking the system.While locked, the desktop is hidden and the system cannot be used. Only the user who locked the s
This policy setting prevents users from starting Task Manager.Task Manager (taskmgr.exe) lets users start and stop programs; monitor the performance of the
This policy setting disables or removes all menu items and buttons that log the user off the system.If you enable this policy setting, users will not see the Log
Allows you to specify that local computer administrators can supplement the "Define Activation Security Check exemptions" list.If you enable this policy setting
Allows you to view and change a list of DCOM server application ids (appids) which are exempted from the DCOM Activation security check. DCOM uses two
Enables Active Desktop and prevents users from disabling it.This setting prevents users from trying to enable or disable Active Desktop while a policy controls
Disables Active Desktop and prevents users from enabling it.This setting prevents users from trying to enable or disable Active Desktop while a policy controls
Prevents the user from enabling or disabling Active Desktop or changing the Active Desktop configuration.This is a comprehensive setting that locks down the
Adds and deletes specified Web content items.You can use the "Add" box in this setting to add particular Web-based items or shortcuts to users' desktops. Us
Prevents users from adding Web content to their Active Desktop.This setting removes the "New" button from Web tab in Display in Control Panel. As a result,
Prevents users from removing Web content from their Active Desktop.In Active Desktop, you can add items to the desktop but close them so they are not disp
Prevents users from deleting Web content from their Active Desktop.This setting removes the Delete button from the Web tab in Display in Control Panel. As a
Prevents users from changing the properties of Web content items on their Active Desktop.This setting disables the Properties button on the Web tab in Displa
Removes Active Desktop content and prevents users from adding Active Desktop content. This setting removes all Active Desktop items from the desktop. It a
Permits only bitmap images for wallpaper. This setting limits the desktop background ("wallpaper") to bitmap (.bmp) files. If users select files with other im
Specifies the desktop background ("wallpaper") displayed on all users' desktops.This setting lets you specify the wallpaper on users' desktops and prevents u
Displays the filter bar above the results of an Active Directory search. The filter bar consists of buttons for applying additional filters to search results.If you e
Hides the Active Directory folder in Network Locations.The Active Directory folder displays Active Directory objects in a browse window.If you enable this settin
Specifies the maximum number of objects the system displays in response to a command to browse or search Active Directory. This setting affects all browse
Prevents users from changing the path to their profile folders.By default, a user can change the location of their individual profile folders like Documents, Musi
Removes icons, shortcuts, and other default and user-defined items from the desktop, including Briefcase, Recycle Bin, Computer, and Network Locations.Re
Prevents users from using the Desktop Cleanup Wizard.If you enable this setting, the Desktop Cleanup wizard does not automatically run on a users workstat
Removes the Internet Explorer icon from the desktop and from the Quick Launch bar on the taskbar.This setting does not prevent the user from starting Intern
This setting hides Computer from the desktop and from the new Start menu. It also hides links to Computer in the Web view of all Explorer windows, and it hid
Removes most occurrences of the My Documents icon.This setting removes the My Documents icon from the desktop, from File Explorer, from programs that
Removes the Network Locations icon from the desktop.This setting only affects the desktop icon. It does not prevent users from connecting to the network or b
This setting hides Properties on the context menu for Computer.If you enable this setting, the Properties option will not be present when the user right-clicks M
This policy setting hides the Properties menu command on the shortcut menu for the My Documents icon.If you enable this policy setting, the Properties men
Remote shared folders are not added to Network Locations whenever you open a document in the shared folder.If you disable this setting or do not configure
Removes most occurrences of the Recycle Bin icon.This setting removes the Recycle Bin icon from the desktop, from File Explorer, from programs that use th
Removes the Properties option from the Recycle Bin context menu.If you enable this setting, the Properties option will not be present when the user right-click
Prevents users from saving certain changes to the desktop.If you enable this setting, users can change the desktop, but some changes, such as the position o
Prevents users from manipulating desktop toolbars.If you enable this setting, users cannot add or remove toolbars from the desktop. Also, users cannot drag t
Prevents users from adjusting the length of desktop toolbars. Also, users cannot reposition items or toolbars on docked toolbars.This setting does not prevent
Prevents windows from being minimized or restored when the active window is shaken back and forth with the mouse. If you enable this policy, application
Device compatibility settings.
Driver compatibility settings.
This policy setting allows you to determine how drivers signed by a Microsoft Windows Publisher certificate are ranked with drivers signed by other valid Authe
This policy setting allows you to configure the number of seconds Windows waits for a device installation task to complete. If you enable this policy setting, Wi
This policy setting allows you to prevent Windows from creating a system restore point during device activity that would normally prompt Windows to create a
This policy setting allows you to allow or deny remote access to the Plug and Play interface. If you enable this policy setting, remote connections to the Plug a
This policy setting allows you to determine whether members of the Administrators group can install and update the drivers for any device, regardless of other
This policy setting allows you to specify a list of device setup class globally unique identifiers (GUIDs) for device drivers that Windows is allowed to install. Use
This policy setting allows you to specify a list of device setup class globally unique identifiers (GUIDs) for device drivers that Windows is prevented from instal
This policy setting allows you to specify a list of Plug and Play hardware IDs and compatible IDs for devices that Windows is allowed to install. Use this policy
This policy setting allows you to specify a list of Plug and Play hardware IDs and compatible IDs for devices that Windows is prevented from installing. This po
This policy setting allows you to prevent Windows from installing removable devices. A device is considered removable when the driver for the device to which
This policy setting allows you to prevent the installation of devices that are not specifically described by any other policy setting.If you enable this policy settin
This policy setting establishes the amount of time (in seconds) that the system will wait to reboot in order to enforce a change in device installation restriction p
This policy setting allows you to display a custom message title in a notification when a device installation is attempted and a policy setting prevents the install
This policy setting allows you to display a custom message to users in a notification when a device installation is attempted and a policy setting prevents the in
This policy setting specifies a list of device setup class GUIDs describing device drivers that non-administrator members of the built-in Users group may instal
Determines how the system responds when a user tries to install device driver files that are not digitally signed.This setting establishes the least secure respo
This policy setting prevents redirection of USB devices.If you enable this setting, an alternate driver for USB devices cannot be loaded.If you disable or do not
This policy setting prevents redirection of specific USB devices.If you enable this setting, an alternate driver for the USB device cannot be loaded.If you disabl
This policy setting allows you to turn off "Found New Hardware" balloons during device installation.If you enable this policy setting, "Found New Hardware" ba
Windows has a feature that sends "generic-driver-installed" reports through the Windows Error Reporting infrastructure. This policy allows you to disable the f
Windows has a feature that allows a device driver to request additional software through the Windows Error Reporting infrastructure. This policy allows you to
This setting configures the location that Windows searches for drivers when a new piece of hardware is found.By default, Windows searches the following pla
Specifies whether the administrator will be prompted about going to Windows Update to search for device drivers using the Internet.Note: This setting only ha
Specifies whether the administrator will be prompted about going to Windows Update to search for device drivers using the Internet.Note: This setting only ha
This policy setting allows you to specify the order in which Windows searches source locations for device drivers. If you enable this policy setting, you can sele
This policy setting allows you to specify the search server that Windows uses to find updates for device drivers.If you enable this policy setting, you can s
This policy setting allows you to prevent Windows from retrieving device metadata from the Internet. If you enable this policy setting, Windows does not
This policy setting allows you to configure how often a Distributed File System (DFS) client attempts to discover domain controllers on a network. By default, a
Specifies whether Digital Locker can run.Digital Locker is a dedicated download manager associated with Windows Marketplace and a feature of Windows tha
Specifies whether Digital Locker can run.Digital Locker is a dedicated download manager associated with Windows Marketplace and a feature of Windows tha
This policy setting substitutes custom alert text in the disk diagnostic message shown to users when a disk reports a S.M.A.R.T. fault. If you enable this policy
This policy setting determines the execution level for S.M.A.R.T.-based disk diagnostics. Self-Monitoring And Reporting Technology (S.M.A.R.T.) is a standard
This policy setting turns off the boot and resume optimizations for the hybrid hard disks in the system.If you enable this policy setting, the system does not u
This policy setting turns off power save mode on the hybrid hard disks in the system.If you enable this policy setting, the hard disks are not put into NV cache
This policy setting turns off all support for the non-volatile (NV) cache on all hybrid hard disks in the system. To check if you have hybrid hard disks in the
This policy setting turns off the solid state mode for the hybrid hard disks. If you enable this policy setting, frequently written files such as the file system me
This policy setting turns on and turns off disk quota management on all NTFS volumes of the computer, and prevents users from changing the setting.If you en
This policy setting determines whether disk quota limits are enforced and prevents users from changing the setting.If you enable this policy setting, disk quota
This policy setting specifies the default disk quota limit and warning level for new users of the volume.This policy setting determines how much disk space can
This policy setting determines whether the system records an event in the local Application log when users reach their disk quota limit on a volume, and preve
This policy setting determines whether the system records an event in the Application log when users reach their disk quota warning level on a volume.If you e
This policy setting extends the disk quota policies in this folder to NTFS file system volumes on removable media.If you disable or do not configure this policy
Specifies that Distributed Link Tracking clients in this domain may use the Distributed Link Tracking (DLT) server, which runs on domain controllers. The DLT
Specifies a connection-specific DNS suffix. This policy setting supersedes local connection-specific DNS suffixes, and those configured using DHCP.To use th
Defines the DNS servers to which a computer sends queries when it attempts to resolve names. This policy setting supersedes the list of DNS servers configu
Specifies the primary DNS suffix used by computers in DNS name registration and DNS name resolution.To use this policy setting, click Enabled and enter the
Specifies if a computer performing dynamic DNS registration will register A and PTR resource records with a concatenation of its computer name and a conne
Specifies if DNS client computers will register PTR resource records.By default, DNS clients configured to perform dynamic DNS registration will attempt to re
Specifies if DNS dynamic update is enabled. Computers configured for DNS dynamic update automatically register and update their DNS resource records wi
Specifies whether dynamic updates should overwrite existing resource records that contain conflicting IP addresses.This policy setting is designed for comput
Specifies the interval used by DNS clients to refresh registration of A and PTR resource. This policy setting only applies to computers performing dynamic DNS
Specifies the value of the time to live (TTL) field in A and PTR resource records that are registered by computers to which this policy setting is applied.To spec
Specifies the DNS suffixes to attach to an unqualified single-label name before submission of a DNS query for that name.An unqualified single-label name con
Specifies the security level for dynamic DNS updates.To use this policy setting, click Enabled and then select one of the following values:Unsecure followed by
Specifies if computers may send dynamic updates to zones with a single label name. These zones are also known as top-level domain zones, for example: "c
Specifies if the DNS client performs primary DNS suffix devolution during the name resolution process.With devolution, a DNS client creates queries by appen
Specifies if the devolution level that DNS clients will use if they perform primary DNS suffix devolution during the name resolution process.With devolution, a
Specifies that link local multicast name resolution (LLMNR) is disabled on client computers.LLMNR is a secondary name resolution protocol. With LLMNR, qu
Specifies that computers may attach suffixes to an unqualified multi-label name before sending subsequent DNS queries if the original name query fails.A nam
Specifies that a multi-homed DNS client should optimize name resolution across networks. The setting improves performance by issuing parallel DNS, link loc
Specifies that the DNS client should prefer responses from link local name resolution protocols on non-domain networks over DNS responses when issuing qu
Specifies that NetBIOS over TCP/IP (NetBT) queries are issued for fully qualified domain names. If you enable this policy setting, NetBT queries will be issued
Specifies that responses from link local name resolution protocols received over a network interface that is higher in the binding order are preferred over DNS
Specifies whether the DNS client should convert internationalized domain names (IDNs) to Punycode when the computer is on non-domain networks with no W
Specifies whether the DNS client should convert internationalized domain names (IDNs) to the Nameprep form, a canonical Unicode representation of the stri
This policy setting controls the appearance of window animations such as those found when restoring, minimizing, and maximizing windows. If you enable this
This policy setting controls the appearance of window animations such as those found when restoring, minimizing, and maximizing windows. If you enable this
This policy setting allows you to configure the accessibility of the Flip 3D feature. Flip 3D allows the user to view items on the Windows desktop as they are be
This policy setting allows you to configure the accessibility of the Flip 3D feature. Flip 3D allows the user to view items on the Windows desktop as they are be
This policy setting controls the Start background visuals.If you enable this policy setting, the Start background will use a solid color.If you disable or do not con
This policy setting controls the default color for window frames when the user does not specify a color. If you enable this policy setting and specify a default co
This policy setting controls the default color for window frames when the user does not specify a color. If you enable this policy setting and specify a default co
This policy setting controls the ability to change the color of window frames. If you enable this policy setting, you prevent users from changing the default wind
This policy setting controls the ability to change the color of window frames. If you enable this policy setting, you prevent users from changing the default wind
This policy setting allows you to turn on logging of misconversion for the misconversion report.If you enable this policy setting, misconversion logging is turned
This policy setting allows you to turn off saving the auto-tuning result to file.If you enable this policy setting, the auto-tuning data is not saved to file. If you dis
This policy setting allows you to turn off history-based predictive input.If you enable this policy setting, history-based predictive input is turned off. If you disabl
This policy setting allows you to turn off Open Extended Dictionary.If you enable this policy setting, Open Extended Dictionary is turned off. You cannot add a
This policy setting allows you to turn off Internet search integration.If you enable this policy setting, you cannot add a new search integration configuration file.
This policy setting allows you to turn off the ability to use a custom dictionary.If you enable this policy setting, you cannot add, edit, and delete words in the c
This policy setting allows you to restrict character code range of conversion by setting character filter.If you enable this policy setting, then only the chara
This policy setting allows you to include the Non-Publishing Standard Glyph in the candidate list when Publishing Standard Glyph for the word exists.If you ena
This policy setting allows you to specify which boot-start drivers are initialized based on a classification determined by an Early Launch Antimalware boot-start
If you enable this setting, users will not be allowed to switch between recent apps. The App Switching option in the PC settings app will be disabled as well.If y
This policy setting prevents Windows from keeping track of the apps that are used and searched most frequently. If you enable this policy setting, apps will be
This policy setting prevents File Explorer from encrypting files that are moved to an encrypted folder.If you enable this policy setting, File Explorer will not auto
This policy setting configures whether or not only USB root hub connected Enhanced Storage devices are allowed. Allowing only root hub connected Enhance
This policy setting configures whether or not users can provision certificates on Enhanced Storage certificate silo devices.If you enable this policy setting, user
This policy setting locks Enhanced Storage devices when the computer is locked.This policy setting is supported in Windows Server SKUs only.If you enable t
This policy setting configures whether or not non-Enhanced Storage removable devices are allowed on your computer.If you enable this policy setting, non-En
This policy setting configures whether or not a password can be used to unlock an Enhanced Storage device.If you enable this policy setting, a password cann
This policy setting configures whether or not Windows will activate an Enhanced Storage device.If you enable this policy setting, Windows will not activate una
This policy setting allows you to create a list of IEEE 1667 silos, compliant with the Institute of Electrical and Electronics Engineers, Inc. (IEEE) 1667 specifica
This policy setting allows you to configure a list of Enhanced Storage devices by manufacturer and product ID that are usable on your computer.This policy se
This policy setting configures how errors are reported to Microsoft, and what information is sent when Windows Error Reporting is enabled.This policy setting d
This policy setting controls whether users are shown an error dialog box that lets them report an error.If you enable this policy setting, users are notified in a d
This policy setting turns off Windows Error Reporting, so that reports are not collected or sent to either Microsoft or internal servers within your organizatio
This policy setting turns off Windows Error Reporting, so that reports are not collected or sent to either Microsoft or internal servers within your organizatio
This policy setting prevents the display of the user interface for critical errors.If you enable this policy setting, Windows Error Reporting does not display any G
This policy setting controls whether Windows Error Reporting saves its own events and error messages to the system event log.If you enable this policy settin
This policy setting controls whether Windows Error Reporting saves its own events and error messages to the system event log.If you enable this policy settin
This policy setting controls whether additional data in support of error reports can be sent to Microsoft automatically.If you enable this policy setting, any a
This policy setting controls whether additional data in support of error reports can be sent to Microsoft automatically.If you enable this policy setting, any a
This policy setting determines whether Windows Error Reporting (WER) sends additional, second-level report data even if a CAB file containing data about th
This policy setting determines whether Windows Error Reporting (WER) sends additional, second-level report data even if a CAB file containing data about th
This policy setting determines whether Windows Error Reporting (WER) checks if the computer is running on battery power. By default, when a computer is ru
This policy setting determines whether Windows Error Reporting (WER) checks if the computer is running on battery power. By default, when a computer is ru
This policy setting determines whether Windows Error Reporting (WER) checks for a network cost policy that restricts the amount of data that is sent over the
This policy setting determines whether Windows Error Reporting (WER) checks for a network cost policy that restricts the amount of data that is sent over the
This policy setting controls whether errors in general applications are included in reports when Windows Error Reporting is enabled.If you enable this policy se
This policy setting controls Windows Error Reporting behavior for errors in general applications when Windows Error Reporting is turned on.If you enable this
This policy setting specifies applications for which Windows Error Reporting should always report errors.To create a list of applications for which Windows Erro
This policy setting controls whether errors in the operating system are included Windows Error Reporting is enabled.If you enable this policy setting, Windows
This policy setting controls the behavior of the Windows Error Reporting archive.If you enable this policy setting, you can configure Windows Error Reporting a
This policy setting controls the behavior of the Windows Error Reporting archive.If you enable this policy setting, you can configure Windows Error Reporting a
This policy setting specifies a corporate server to which Windows Error Reporting sends reports (if you do not want to send error reports to Microsoft).If you e
This policy setting limits Windows Error Reporting behavior for errors in general applications when Windows Error Reporting is turned on.If you enable this po
This policy setting limits Windows Error Reporting behavior for errors in general applications when Windows Error Reporting is turned on.If you enable this po
This policy setting determines the behavior of the Windows Error Reporting report queue.If you enable this policy setting, you can configure report queue beha
This policy setting determines the behavior of the Windows Error Reporting report queue.If you enable this policy setting, you can configure report queue beha
This policy setting determines the consent behavior of Windows Error Reporting for specific event types.If you enable this policy setting, you can add specific
This policy setting determines the consent behavior of Windows Error Reporting for specific event types.If you enable this policy setting, you can add specific
This policy setting determines the behavior of the Configure Default Consent setting in relation to custom consent settings.If you enable this policy setting, the
This policy setting determines the behavior of the Configure Default Consent setting in relation to custom consent settings.If you enable this policy setting, the
This policy setting determines the default consent behavior of Windows Error Reporting.If you enable this policy setting, you can set the default consent handl
This policy setting determines the default consent behavior of Windows Error Reporting.If you enable this policy setting, you can set the default consent handl
This policy setting allows you to configure the server address, refresh interval, and issuer certificate authority (CA) of a target Subscription Manager.If yo
This policy setting controls resource usage for the forwarder (source computer) by controlling the events/per second sent to the Event Collector.If you enable t
This policy setting controls Event Log behavior when the log file reaches its maximum size and takes effect only if the "Retain old events" policy setting is enab
This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string.If you enable this policy s
This policy setting controls Event Log behavior when the log file reaches its maximum size.If you enable this policy setting and a log file reaches its maximum
This policy setting controls the location of the log file. The location of the file must be writable by the Event Log service and should only be accessible to admin
This policy setting specifies the maximum size of the log file in kilobytes.If you enable this policy setting, you can configure the maximum log file size to be be
This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string. You cannot configure wr
This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string.If you enable this policy s
This policy setting turns on logging.If you enable or do not configure this policy setting, then events can be written to this log.If the policy setting is disabled,
This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string.If you enable this policy
This is the program that will be invoked when the user clicks the events.asp link.
This specifies the command line parameters that will be passed to the events.asp program
This is the URL that will be passed to the Description area in the Event Properties dialog box. Change this value if you want to use a different Web server to h
This policy setting configures File Explorer to always display the menu bar.Note: By default, the menu bar is not displayed in File Explorer.If you enable this po
This policy setting allows administrators to prevent users from adding new items such as files or folders to the root of their Users Files folder in File Explorer.If
This policy is similar to settings directly available to computer users. Disabling animations can improve usability for users with some visual disabilities as well
Disabling data execution prevention can allow certain legacy plug-in applications to function without terminating Explorer.
Disabling heap termination on corruption can allow certain legacy plug-in applications to function without terminating Explorer immediately, although Explorer m
Sets the target of the More Information link that will be displayed when the user attempts to run a program that is blocked by policy.
This policy setting controls whether the PC will boot to Windows To Go if a USB device containing a Windows To Go workspace is connected, and controls wh
Specifies whether the PC can use the hibernation sleep state (S4) when started from a Windows To Go workspace.If you enable this setting, Windows, when
Specifies whether the PC can use standby sleep states (S1-S3) when starting from a Windows To Go workspace.If you enable this setting, Windows, when sta
This policy setting allows you to turn off File History.If you enable this policy setting, File History cannot be activated to create regular, automatic backups.If you
This policy setting allows you to configure the recovery behavior for corrupted files to one of three states:Regular: Detection, troubleshooting, and recovery of
This policy setting configures the maximum age of a file share shadow copy. File share shadow copies that are older than this age will be deleted by the File S
Determines whether the RPC protocol messagese used by VSS for SMB2 File Shares feature is enabled.VSS for SMB2 File Shares feature enables VSS awa
Symbolic links can introduce vulnerabilities in certain applications. To mitigate this issue, you can selectively enable or disable the evaluation of these types
Compression can add to the processing overhead of filesystem operations. Enabling this setting will prevent access to and creation of compressed files.
Encryption can add to the processing overhead of filesystem operations. Enabling this setting will prevent access to and creation of encrypted files
Encrypting the page file prevents malicious users from reading data that has been paged to disk, but also adds processing overhead for filesystem operations
These settings provide control over whether or not short names are generated during file creation. Some applications require short names for compatibility, b
Delete notification is a feature that notifies the underlying storage device of clusters that are freed due to a file delete operation.A value of 0, the default, will en
TXF deprecated features included savepoints, secondary RM, miniversion and roll forward. Please enable it if you want to use the APIs.
This policy setting allows the administrator to define whether Folder Redirection should use localized names for the All Programs, Startup, My Music, My Pic
This policy setting allows you to control whether all redirected shell folders, such as Contacts, Documents, Desktop, Favorites, Music, Pictures, Videos, Start M
This policy setting allows you to control whether individual redirected shell folders are available offline by default.For the folders affected by this setting, users
This policy setting allows the administrator to define whether Folder Redirection should use localized names for the All Programs, Startup, My Music, My Pic
This policy setting controls whether the contents of redirected folders is copied from the old location to the new location or simply renamed in the Offline Files
This policy setting controls whether folders are redirected on a user's primary computers only. This policy setting is useful to improve logon performance and t
This policy setting controls whether folders are redirected on a user's primary computers only. This policy setting is useful to improve logon performance and t
This policy setting shows or hides the Details Pane in File Explorer.If you enable this policy setting and configure it to hide the pane, the Details Pane in File
Hides the Preview Pane in File Explorer.If you enable this policy setting, the Preview Pane in File Explorer is hidden and cannot be turned on by the user.If yo
This policy setting permits or prohibits the Diagnostic Policy Service (DPS) from automatically resolving any heap corruption problems.If you enable this policy
Manages download of game box art and ratings from the Windows Metadata Services.If you enable this setting, game information including box art and rating
Tracks the last play time of games in the Games folder.If you enable this setting the last played time of games will not be recorded in Games folder. This settin
Manages download of game update information from Windows Metadata Services.If you enable this setting, game update information will not be downloaded.
This policy setting prevents a user from selecting a supplemental custom locale as their user locale. The user is restricted to the set of locales that are installe
This policy setting prevents a user from selecting a supplemental custom locale as their user locale. The user is restricted to the set of locales that are installe
This policy setting restricts the permitted system locales to the specified list. If the list is empty, it locks the system locale to its current value. This policy
This policy prevents automatic copying of user input methods to the system account for use on the sign-in screen. The user is restricted to the set of inpu
This policy setting restricts users on a computer to the specified list of user locales. If the list is empty, it locks all user locales to their current values. This
This policy setting restricts users on a computer to the specified list of user locales. If the list is empty, it locks all user locales to their current values. This
This policy setting prevents users from changing their user geographical location (GeoID).If you enable this policy setting, users cannot change their GeoID.If
This policy setting prevents users from changing their user geographical location (GeoID).If you enable this policy setting, users cannot change their GeoID.If
This policy setting prevents the user from customizing their locale by changing their user overrides.Any existing overrides in place when this policy is enabled
This policy setting prevents the user from customizing their locale by changing their user overrides.Any existing overrides in place when this policy is enabled
This policy setting removes the Administrative options from the Region settings control panel. Administrative options include interfaces for setting system loca
This policy setting removes the option to change the user's geographical location (GeoID) from the Region settings control panel.This policy setting is used on
This policy setting removes the option to change the user's menus and dialogs (UI) language from the Language and Regional Options control panel.This poli
This policy setting removes the regional formats interface from the Region settings control panel.This policy setting is used only to simplify the Regional and L
This policy setting restricts the Windows UI language for all users.This is a policy setting for computers with more than one UI language installed.If you enable
This policy setting restricts the Windows UI language for specific users.This policy setting applies to computers with more than one UI language installed.If you
This policy setting controls which UI language is used for computers with more than one UI language installed.If you enable this policy setting, the UI language
This policy setting restricts users to the specified language by disabling the menus and dialog box controls in the Region settings control panel. If the specifi
This policy turns off the offer text predictions as I type option. This does not, however, prevent the user or an application from changing the setting progra
This policy turns off the insert a space after selecting a text prediction option. This does not, however, prevent the user or an application from changing th
This policy turns off the autocorrect misspelled words option. This does not, however, prevent the user or an application from changing the setting progra
This policy turns off the highlight misspelled words option. This does not, however, prevent the user or an application from changing the setting programm
This policy setting controls whether the LPRemove task will run to clean up language packs installed on a machine but are not used by any users on tha
This policy setting determines how programs interpret two-digit years.This policy setting affects only the programs that use this Windows feature to interpret tw
This policy setting turns off the automatic learning component of handwriting recognition personalization. Automatic learning enables the collection and
This policy setting turns off the automatic learning component of handwriting recognition personalization. Automatic learning enables the collection and
This policy setting allows Microsoft Windows to process user Group Policy settings asynchronously when logging on through Remote Desktop Services. Async
Enabling this setting will cause the Group Policy Client to connect to the same domain controller for DFS shares as is being used for Active Directory.
This policy setting prevents the Group Policy Client Service from stopping when idle.
This policy setting allows an administrator to define the Direct Access connection to be considered a fast network connection for the purposes of applying and
This policy directs Group Policy processing to skip processing any client side extension that requires synchronous processing (that is, whether computers wait
This policy setting prevents Local Group Policy Objects (Local GPOs) from being applied.By default, the policy settings in Local GPOs are applied before any
This policy setting specifies how long Group Policy should wait for network availability notifications during startup policy processing. If the startup policy pro
This policy setting allows user-based policy processing, roaming user profiles, and user object logon scripts for interactive logons across forests.This policy se
This policy setting determines when software installation policies are updated.This policy setting affects all policy settings that use the software installatio
This policy setting determines when disk quota policies are updated.This policy setting affects all policies that use the disk quota component of Group Policy
This policy setting determines when encryption policies are updated.This policy setting affects all policies that use the encryption component of Group Policy,
This policy setting determines when folder redirection policies are updated.This policy setting affects all policies that use the folder redirection component o
This policy setting determines when Internet Explorer Maintenance policies are updated.This policy setting affects all policies that use the Internet Explorer
This policy setting determines when IP security policies are updated.This policy setting affects all policies that use the IP security component of Group Polic
This policy setting determines when registry policies are updated.This policy setting affects all policies in the Administrative Templates folder and any other
This policy setting determines when policies that assign shared scripts are updated.This policy setting affects all policies that use the scripts component of
This policy setting determines when security policies are updated.This policy setting affects all policies that use the security component of Group Policy, suc
This policy setting determines when policies that assign wireless network settings are updated.This policy setting affects all policies that use the wireless
This policy setting determines when policies that assign wired network settings are updated.This policy setting affects all policies that use the wired networ
This policy setting controls the ability of users to view their Resultant Set of Policy (RSoP) data.By default, interactively logged on users can view their own
This policy setting controls the ability of users to view their Resultant Set of Policy (RSoP) data.By default, interactively logged on users can view their own
Prevents the system from updating the Administrative Templates source files automatically when you open the Group Policy Object Editor. Administrators mig
This policy setting prevents Group Policy from being updated while the computer is in use. This policy setting applies to Group Policy for computers, users, an
This policy setting allows you to control a user's ability to invoke a computer policy refresh.If you enable this policy setting, users are not able to invoke a refre
This policy setting prevents administrators from viewing or using Group Policy preferences.A Group Policy administration (.adm) file can contain both true sett
This policy setting determines which domain controller the Group Policy Object Editor snap-in uses.If you enable this setting, you can which domain controller
This policy setting defines a slow connection for purposes of applying and updating Group Policy.If the rate at which data is transferred from the domain contro
This policy setting defines a slow connection for purposes of applying and updating Group Policy.If the rate at which data is transferred from the domain contro
This policy setting specifies how often Group Policy for computers is updated while the computer is in use (in the background). This setting specifies a backgro
This policy setting specifies how often Group Policy is updated on domain controllers while they are running (in the background). The updates specified by this
This policy setting specifies how often Group Policy for users is updated while the computer is in use (in the background). This setting specifies a background
This policy setting allows you to set the default display name for new Group Policy objects.This setting allows you to specify the default name for new Group
This policy setting allows you to create new Group Policy object links in the disabled state.If you enable this setting, you can create all new Group Policy objec
This policy setting lets you always use local ADM files for the Group Policy snap-in.By default, when you edit a Group Policy Object (GPO) using the Group Po
This setting allows you to enable or disable Resultant Set of Policy (RSoP) logging on a client computer.RSoP logs information on Group Policy settings that h
This policy setting directs the system to apply the set of Group Policy objects for the computer to any user who logs on to a computer affected by this setting.
This policy setting specifies how long Group Policy should wait for workplace connectivity notifications during startup policy processing. If the startup policy
This policy setting allows you to configure when preference items in the Applications preference extension are updated.If you enable this policy setting, you
This policy setting allows you to configure the level of detail recorded by event logging for the Applications preference extension, and to turn on tracing for th
This policy setting allows you to configure when preference items in the Data Sources preference extension are updated.If you enable this policy setting, yo
This policy setting allows you to configure the level of detail recorded by event logging for the Data Sources preference extension, and to turn on tracing for t
This policy setting allows you to configure when preference items in the Devices preference extension are updated.If you enable this policy setting, you can
This policy setting allows you to configure the level of detail recorded by event logging for the Devices preference extension, and to turn on tracing for the Dev
This policy setting allows you to configure when preference items in the Drive Maps preference extension are updated.If you enable this policy setting, you
This policy setting allows you to configure the level of detail recorded by event logging for the Drive Maps preference extension, and to turn on tracing for the
This policy setting allows you to configure when preference items in the Environment preference extension are updated.If you enable this policy setting, you
This policy setting allows you to configure the level of detail recorded by event logging for the Environment preference extension, and to turn on tracing for th
This policy setting allows you to configure when preference items in the Files preference extension are updated.If you enable this policy setting, you can co
This policy setting allows you to configure the level of detail recorded by event logging for the Files preference extension, and to turn on tracing for the Files
This policy setting allows you to configure when preference items in the Folder Options preference extension are updated.If you enable this policy setting, y
This policy setting allows you to configure the level of detail recorded by event logging for the Folder Options preference extension, and to turn on tracing for
This policy setting allows you to configure when preference items in the Folders preference extension are updated.If you enable this policy setting, you can
This policy setting allows you to configure the level of detail recorded by event logging for the Folders preference extension, and to turn on tracing for the Fol
This policy setting allows you to configure when preference items in the Ini Files preference extension are updated.If you enable this policy setting, you ca
This policy setting allows you to configure the level of detail recorded by event logging for the Ini Files preference extension, and to turn on tracing for the I
This policy setting allows you to configure when preference items in the Internet Settings preference extension are updated.If you enable this policy setting
This policy setting allows you to configure the level of detail recorded by event logging for the Internet preference extension, and to turn on tracing for the In
This policy setting allows you to configure when preference items in the Local Users and Groups preference extension are updated.If you enable this policy s
This policy setting allows you to configure the level of detail recorded by event logging for the Local User and Local Group preference extension, and to turn o
This policy setting allows you to configure when preference items in the Network Options preference extension are updated.If you enable this policy setting,
This policy setting allows you to configure the level of detail recorded by event logging for the Network Options preference extension, and to turn on tracing fo
This policy setting allows you to configure when preference items in the Network Shares preference extension are updated.If you enable this policy setting,
This policy setting allows you to configure the level of detail recorded by event logging for the Network Shares preference extension, and to turn on tracing for
This policy setting allows you to configure when preference items in the Power Options preference extension are updated.If you enable this policy setting, y
This policy setting allows you to configure the level of detail recorded by event logging for the Power Options preference extension, and to turn on tracing for
This policy setting allows you to configure when preference items in the Printers preference extension are updated.If you enable this policy setting, you can
This policy setting allows you to configure the level of detail recorded by event logging for the Printers preference extension, and to turn on tracing for the Pr
This policy setting allows you to configure when preference items in the Regional Options preference extension are updated.If you enable this policy setting
This policy setting allows you to configure the level of detail recorded by event logging for the Regional Options preference extension, and to turn on tracing fo
This policy setting allows you to configure when preference items in the Registry preference extension are updated.If you enable this policy setting, you can
This policy setting allows you to configure the level of detail recorded by event logging for the Registry preference extension, and to turn on tracing for the Re
This policy setting allows you to configure when preference items in the Scheduled Tasks preference extension are updated.If you enable this policy setting,
This policy setting allows you to configure the level of detail recorded by event logging for the Scheduled Tasks preference extension, and to turn on tracing fo
This policy setting allows you to configure when preference items in the Services preference extension are updated.If you enable this policy setting, you can
This policy setting allows you to configure the level of detail recorded by event logging for the Services preference extension, and to turn on tracing for the Se
This policy setting allows you to configure when preference items in the Shortcuts preference extension are updated.If you enable this policy setting, you ca
This policy setting allows you to configure the level of detail recorded by event logging for the Shortcuts preference extension, and to turn on tracing for the S
This policy setting allows you to configure when preference items in the Start Menu preference extension are updated.If you enable this policy setting, you c
This policy setting allows you to configure the level of detail recorded by event logging for the Start Menu preference extension, and to turn on tracing for the
This policy setting allows you to permit or prohibit use of Application snap-ins (Application preference item types). When prohibited, no Application preference
This policy setting allows you to permit or prohibit use of the Applications preference extension. When a preference extension is prohibited, it does not appear
This policy setting allows you to permit or prohibit use of the Control Panel Settings item and all preference extensions listed in the Group Policy Management
This policy setting allows you to permit or prohibit use of the Data Sources preference extension. When a preference extension is prohibited, it does not appea
This policy setting allows you to permit or prohibit use of the Devices preference extension. When a preference extension is prohibited, it does not appear in th
This policy setting allows you to permit or prohibit use of the Drive Maps preference extension. When a preference extension is prohibited, it does not appear
This policy setting allows you to permit or prohibit use of the Environment preference extension. When a preference extension is prohibited, it does not appea
This policy setting allows you to permit or prohibit use of the Files preference extension. When a preference extension is prohibited, it does not appear in the G
This policy setting allows you to permit or prohibit use of the Folders preference extension. When a preference extension is prohibited, it does not appear in th
This policy setting allows you to permit or prohibit use of the Folder Options preference extension. When a preference extension is prohibited, it does not appe
This policy setting allows you to permit or prohibit use of the Ini Files preference extension. When a preference extension is prohibited, it does not appear in th
This policy setting allows you to permit or prohibit use of the Internet Settings preference extension. When a preference extension is prohibited, it does not ap
This policy setting allows you to permit or prohibit use of the Local Users and Groups preference extension. When a preference extension is prohibited, it doe
This policy setting allows you to permit or prohibit use of the Network Options preference extension. When a preference extension is prohibited, it does not ap
This policy setting allows you to permit or prohibit use of the Network Shares preference extension. When a preference extension is prohibited, it does not app
This policy setting allows you to permit or prohibit use of the Power Options preference extension. When a preference extension is prohibited, it does not appe
This policy setting allows you to permit or prohibit use of the Printers preference extension. When a preference extension is prohibited, it does not appear in th
This policy setting allows you to permit or prohibit use of the Regional Options preference extension. When a preference extension is prohibited, it does not ap
This policy setting allows you to permit or prohibit use of the Registry preference extension. When a preference extension is prohibited, it does not appear in t
This policy setting allows you to permit or prohibit use of the Scheduled Tasks preference extension. When a preference extension is prohibited, it does not ap
This policy setting allows you to permit or prohibit use of the Services preference extension. When a preference extension is prohibited, it does not appear in t
This policy setting allows you to permit or prohibit use of the Shortcuts preference extension. When a preference extension is prohibited, it does not appear in
This policy setting allows you to permit or prohibit use of the Start Menu preference extension. When a preference extension is prohibited, it does not appear i
This policy setting allows you to permit or prohibit use of the Control Panel Settings item and all preference extensions listed in the Group Policy Management
This policy setting allows you to permit or prohibit use of the Preferences tab. When prohibited, the Preferences tab does not appear when you view a prefere
This policy setting allows you to restrict certain HTML Help commands to function only in HTML Help (.chm) files within specified folders and their subfolders. A
This policy setting allows you to restrict programs from being run from online Help. If you enable this policy setting, you can prevent specifie
This policy setting allows you to restrict programs from being run from online Help. If you enable this policy setting, you can prevent specifie
This policy setting allows you to exclude HTML Help Executable from being monitored by software-enforced Data Execution Prevention. Data Execution
This policy setting specifies whether active content links in trusted assistance content are rendered. By default, the Help viewer renders trusted assistance co
This policy setting specifies whether users can provide ratings for Help content.If you enable this policy setting, ratings controls are not added to Help content.
This policy setting specifies whether users can participate in the Help Experience Improvement program. The Help Experience Improvement program collects
This policy setting specifies whether users can search and view content from Windows Online in Help and Support. Windows Online provides the most up-to-d
This policy setting defines whether Wi-Fi hotspots are probed for Wireless Internet Service Provider roaming (WISPr) protocol support.If a Wi-Fi hotspot supp
This policy setting allows you to manage whether HotStart buttons can be used to launch applications.If you enable this policy setting, applications cannot be l
This policy setting allows you to manage whether HotStart buttons can be used to launch applications.If you enable this policy setting, applications cannot be l
This policy setting specifies whether Windows can access the Internet to accomplish tasks that require Internet resources.If you enable this setting, all of the th
This policy setting specifies whether Windows can access the Internet to accomplish tasks that require Internet resources.If you enable this setting, all of the th
This policy setting specifies whether to automatically update root certificates using the Windows Update website. Typically, a certificate is used when you use a
This policy setting specifies whether to allow printing over HTTP from this client.Printing over HTTP allows a client to print to printers on the intranet as well as
This policy setting specifies whether to allow printing over HTTP from this client.Printing over HTTP allows a client to print to printers on the intranet as well as
This policy setting specifies whether to allow this client to download print driver packages over HTTP.To set up HTTP printing, non-inbox drivers need to be do
This policy setting specifies whether to allow this client to download print driver packages over HTTP.To set up HTTP printing, non-inbox drivers need to be do
This policy setting specifies whether Windows searches Windows Update for device drivers when no local drivers for a device are present.If you enable this p
This policy setting specifies whether "Events.asp" hyperlinks are available for events within the Event Viewer application.The Event Viewer normally makes all
This policy setting specifies whether to show the "Did you know?" section of Help and Support Center.This content is dynamically updated when users who are
This policy setting specifies whether users can perform a Microsoft Knowledge Base search from the Help and Support Center.The Knowledge Base is an onl
This policy setting specifies whether the Internet Connection Wizard can connect to Microsoft to download a list of Internet Service Providers (ISPs).If you ena
This policy setting specifies whether the Windows Registration Wizard connects to Microsoft.com for online registration.If you enable this policy setting, it blo
This policy setting controls whether or not errors are reported to Microsoft.Error Reporting is used to report information about a system or application that has
This policy setting allows you to remove access to Windows Update.If you enable this policy setting, all Windows Update features are removed. This includes
This policy setting specifies whether Search Companion should automatically download content updates during local and Internet searches.When users searc
This policy setting specifies whether to use the Microsoft Web service for finding an application to open a file with an unhandled file association.When a user o
This policy setting specifies whether to use the Microsoft Web service for finding an application to open a file with an unhandled file association.When a user o
This policy setting specifies whether to use the Store service for finding an application to open a file with an unhandled file type or protocol association.When a
This policy setting specifies whether to use the Store service for finding an application to open a file with an unhandled file type or protocol association.When a
This policy setting specifies whether Windows should download a list of providers for the web publishing and online ordering wizards.These wizards allow use
This policy setting specifies whether Windows should download a list of providers for the web publishing and online ordering wizards.These wizards allow use
This policy setting specifies whether the "Order Prints Online" task is available from Picture Tasks in Windows folders.The Order Prints Online Wizard is used
This policy setting specifies whether the "Order Prints Online" task is available from Picture Tasks in Windows folders.The Order Prints Online Wizard is used
This policy setting specifies whether the tasks "Publish this file to the Web," "Publish this folder to the Web," and "Publish the selected items to the Web" are
This policy setting specifies whether the tasks "Publish this file to the Web," "Publish this folder to the Web," and "Publish the selected items to the Web" are
This policy setting specifies whether Windows Messenger collects anonymous information about how Windows Messenger software and service is used.With
This policy setting specifies whether Windows Messenger collects anonymous information about how Windows Messenger software and service is used.With
This policy setting turns off the Windows Customer Experience Improvement Program. The Windows Customer Experience Improvement Program collects inf
This policy setting turns off the active tests performed by the Windows Network Connectivity Status Indicator (NCSI) to determine whether your computer is co
"This policy setting prevents installation of Internet Information Services (IIS) on this computer. If you enable this policy setting, Internet Information Services (
Designates the Audio/Video Player ActiveX control as administrator-approved.This control is used for playing sounds, videos, and other media.If you enable th
Designates the Microsoft Network (MSN) Carpoint automatic pricing control as administrator-approved.This control enables enhanced pricing functionality on
This ActiveX control enables users to edit HTML text and see a faithful rendition of how the text would look in the browser. There are two versions of the contro
Designates Shockwave flash as an administrator approved control.If you enable this policy, this control can be run in security zones in which you specify that a
Designates a set of Microsoft Network (MSN) Investor controls as administrator-approved.These controls enable users to view updated lists of stocks on their
Designates a set of Microsoft ActiveX controls used to manipulate pop-up menus in the browser as administrator-approved.If you enable this policy, these con
Designates the Microsoft Agent ActiveX control as administrator-approved.Microsoft Agent is a set of software services that supports the presentation of softw
Designates the Microsoft Chat ActiveX control as administrator-approved.This control is used by Web authors to build text-based and graphical-based Chat co
Designates a set of MSNBC controls as administrator-approved.These controls enable enhanced browsing of news reports on the MSNBC Web site.If you en
Designates NetShow File Transfer Control as an administrator approved control.If you enable this policy, this control can be run in security zones in which you
Designates Microsoft Scriptlet Component as an administrator approved control. It is an Active X control which is used to render HTML pages.If you enable th
Designates Microsoft Survey Control as an administrator approved control.If you enable this policy, this control can be run in security zones in which you spec
This policy setting allows you to turn off the flip ahead feature.When turned on, flip ahead allows users to quickly flip to the next page of a website by swiping a
This policy setting allows you to turn off the flip ahead feature.When turned on, flip ahead allows users to quickly flip to the next page of a website by swiping a
This policy setting allows you to manage whether users receive a dialog requesting permission for active content on a CD to run.If you enable this policy settin
This policy setting allows you to manage whether users receive a dialog requesting permission for active content on a CD to run.If you enable this policy settin
This policy setting allows you to manage whether Internet Explorer will check revocation status of servers' certificates. Certificates are revoked when they hav
This policy setting allows you to manage whether Internet Explorer will check revocation status of servers' certificates. Certificates are revoked when they hav
This policy setting prevents the text on the screen from being rendered through the ClearType technology that enhances the readability of text on LCD display
This policy setting prevents the text on the screen from being rendered through the ClearType technology that enhances the readability of text on LCD display
This policy setting allows you to turn Caret Browsing on or off. Caret Browsing allows users to browse to a webpage by using the keyboard to move the cursor
This policy setting allows you to turn Caret Browsing on or off. Caret Browsing allows users to browse to a webpage by using the keyboard to move the cursor
Enhanced Protected Mode provides additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. For computers
Enhanced Protected Mode provides additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. For computers
This policy setting prevents ActiveX controls from running in Protected Mode when Enhanced Protected Mode is enabled. When a user has an ActiveX contro
This policy setting prevents ActiveX controls from running in Protected Mode when Enhanced Protected Mode is enabled. When a user has an ActiveX contro
This policy setting allows you to configure how Internet Explorer sends the Do Not Track (DNT) header.If you enable this policy setting, Internet Explorer sen
This policy setting allows you to configure how Internet Explorer sends the Do Not Track (DNT) header.If you enable this policy setting, Internet Explorer sen
This policy setting allows you to manage whether Internet Explorer uses HTTP 1.1.If you enable this policy setting, Internet Explorer uses HTTP 1.1.If you disa
This policy setting allows you to manage whether Internet Explorer uses HTTP 1.1.If you enable this policy setting, Internet Explorer uses HTTP 1.1.If you disa
This policy setting allows you to manage whether Internet Explorer uses HTTP 1.1 through proxy connections.If you enable this policy setting, Internet Explore
This policy setting allows you to manage whether Internet Explorer uses HTTP 1.1 through proxy connections.If you enable this policy setting, Internet Explore
This policy setting allows you to turn off support for Transport Layer Security (TLS) 1.0, TLS 1.1, TLS 1.2, Secure Sockets Layer (SSL) 2.0, or SSL 3.0 in the
This policy setting allows you to turn off support for Transport Layer Security (TLS) 1.0, TLS 1.1, TLS 1.2, Secure Sockets Layer (SSL) 2.0, or SSL 3.0 in the
This policy setting prevents the user from using the Reset Internet Explorer Settings feature. Reset Internet Explorer Settings allows the user to reset all settin
This policy setting prevents the user from using the Reset Internet Explorer Settings feature. Reset Internet Explorer Settings allows the user to reset all settin
This policy setting allows you to manage whether Internet Explorer checks for digital signatures (which identifies the publisher of signed software and verifies i
This policy setting allows you to manage whether Internet Explorer checks for digital signatures (which identifies the publisher of signed software and verifies i
This policy setting allows you to manage whether Internet Explorer will launch COM add-ons known as browser helper objects, such as toolbars. Browser help
This policy setting allows you to manage whether Internet Explorer will launch COM add-ons known as browser helper objects, such as toolbars. Browser help
This policy setting allows you to manage whether users can automatically download and install Web components (such as fonts) that can installed by Internet
This policy setting allows you to manage whether users can automatically download and install Web components (such as fonts) that can installed by Internet
This policy setting allows you to manage whether users can download and install self-installing program files (non-Internet Explorer components) that are regis
This policy setting allows you to manage whether users can download and install self-installing program files (non-Internet Explorer components) that are regis
This policy setting allows you to manage whether Internet Explorer checks the Internet for newer versions. When Internet Explorer is set to do this, the checks
This policy setting allows you to manage whether Internet Explorer checks the Internet for newer versions. When Internet Explorer is set to do this, the checks
This policy setting allows you to manage whether software, such as ActiveX controls and file downloads, can be installed or run by the user even though the s
This policy setting allows you to manage whether software, such as ActiveX controls and file downloads, can be installed or run by the user even though the s
This policy setting allows you to manage whether Internet Explorer will display animated pictures found in Web content. Generally only animated GIF files are
This policy setting allows you to manage whether Internet Explorer will display animated pictures found in Web content. Generally only animated GIF files are
This policy setting allows you to manage whether Internet Explorer will play sounds found in web content. Generally only sound files such as MIDI files are affe
This policy setting allows you to manage whether Internet Explorer will play sounds found in web content. Generally only sound files such as MIDI files are affe
This policy setting allows you to manage whether Internet Explorer will display videos found in Web content. Generally only embedded video files are affected
This policy setting allows you to manage whether Internet Explorer will display videos found in Web content. Generally only embedded video files are affected
This policy setting specifies whether you will accept requests from Web sites for Profile Assistant information.If you enable this policy setting, Profile Assistant
This policy setting specifies whether you will accept requests from Web sites for Profile Assistant information.If you enable this policy setting, Profile Assistant
This policy setting allows you to manage whether Internet Explorer will save encrypted pages that contain secure (HTTPS) information such as passwords and
This policy setting allows you to manage whether Internet Explorer will save encrypted pages that contain secure (HTTPS) information such as passwords and
This policy setting allows you to manage whether Internet Explorer deletes the contents of the Temporary Internet Files folder after all browser windows are clo
This policy setting allows you to manage whether Internet Explorer deletes the contents of the Temporary Internet Files folder after all browser windows are clo
This policy setting shows the Content Advisor setting on the Content tab of the Internet Options dialog box.If you enable this policy setting, Internet Explorer di
This policy setting shows the Content Advisor setting on the Content tab of the Internet Options dialog box.If you enable this policy setting, Internet Explorer di
This policy setting allows you to turn on inline AutoComplete in Internet Explorer and File Explorer. The AutoComplete feature provides suggestions for what th
This policy setting let you turn off Inline AutoComplete in File Explorer. Inline AutoComplete provides suggestions for what you type by automatically completin
This policy allows the user to go directly to an intranet site for a one-word entry in the Address bar.If you enable this policy setting, Internet Explorer goes direc
This policy allows the user to go directly to an intranet site for a one-word entry in the Address bar.If you enable this policy setting, Internet Explorer goes direc
This policy setting allows you to turn on your script debugger, if one is installed. Website developers use script debuggers to test programs and scripts on their
This policy setting specifies whether, when there is a problem connecting with an Internet server, to provide a detailed description with hints about how to corre
This policy setting specifies if, as you move from one Web page to another, Internet Explorer fades out of the page you are leaving and fades into the page to
This policy setting specifies whether to display script errors when a page does not appear properly because of problems with its scripting. This feature is off by
This policy setting specifies whether smooth scrolling is used to display content at a predefined speed.If you enable this policy setting, smooth scrolling is turn
This policy setting specifies how you want links on webpages to be underlined.If you enable this policy setting, a user cannot choose when to underline links. Y
Restricts the amount of information downloaded for offline viewing.If you enable this policy, you can set limits to the size and number of pages that users ca
Prevents users from adding channels to Internet Explorer.Channels are Web sites that are updated automatically on your computer, according to a schedule s
Prevents users from specifying that Web pages can be downloaded for viewing offline. When users make Web pages available for offline viewing, they can vi
Prevents channel providers from recording information about when their channel pages are viewed by users who are working offline.If you enable this policy, i
Prevents users from viewing the Channel bar interface. Channels are Web sites that are automatically updated on their computer according to a schedule spe
Prevents users from adding, editing, or removing schedules for offline viewing of Web pages and groups of Web pages that users have subscribed to.A subsc
Prevents users from editing an existing schedule for downloading Web pages for offline viewing.When users make Web pages available for offline viewing, th
Prevents users from disabling channel synchronization in Microsoft Internet Explorer.Channels are Web sites that are automatically updated on your compute
Prevents users from clearing the preconfigured settings for Web pages to be downloaded for offline viewing.When users make Web pages available for offline
Disables existing schedules for downloading Web pages for offline viewing.When users make Web pages available for offline viewing, they can view content w
Prevents content from being downloaded from Web sites that users have subscribed to.When users make Web pages available for offline viewing, they can v
This policy setting prevents the user from specifying the code download path for each computer. The Internet Component Download service exposes a functio
This policy setting prevents the user from choosing the default text size in Internet Explorer.If you enable this policy setting, the user cannot choose the defaul
Removes the Advanced tab from the interface in the Internet Options dialog box.If you enable this policy, users are prevented from seeing and changing adva
Removes the Advanced tab from the interface in the Internet Options dialog box.If you enable this policy, users are prevented from seeing and changing adva
Removes the Connections tab from the interface in the Internet Options dialog box.If you enable this policy, users are prevented from seeing and changing co
Removes the Connections tab from the interface in the Internet Options dialog box.If you enable this policy, users are prevented from seeing and changing co
If you enable this policy setting, users are prevented from seeing and changing ratings, certificates, AutoComplete, Wallet, and Profile Assistant settings.If you
If you enable this policy setting, users are prevented from seeing and changing ratings, certificates, AutoComplete, Wallet, and Profile Assistant settings.If you
Removes the General tab from the interface in the Internet Options dialog box.If you enable this policy, users are unable to see and change settings for the ho
Removes the General tab from the interface in the Internet Options dialog box.If you enable this policy, users are unable to see and change settings for the ho
Removes the Privacy tab from the interface in the Internet Options dialog box.If you enable this policy, users are prevented from seeing and changing default
Removes the Privacy tab from the interface in the Internet Options dialog box.If you enable this policy, users are prevented from seeing and changing default
Removes the Programs tab from the interface in the Internet Options dialog box.If you enable this policy, users are prevented from seeing and changing defau
Removes the Programs tab from the interface in the Internet Options dialog box.If you enable this policy, users are prevented from seeing and changing defau
Removes the Security tab from the interface in the Internet Options dialog box.If you enable this policy, it prevents users from seeing and changing settings fo
Removes the Security tab from the interface in the Internet Options dialog box.If you enable this policy, it prevents users from seeing and changing settings fo
This policy setting allows you to manage whether Internet Explorer converts Unicode domain names to internationalized domain name (IDN) format (Punycod
This policy setting allows you to manage whether Internet Explorer converts Unicode domain names to internationalized domain name (IDN) format (Punycod
This policy setting allows you to manage whether Internet Explorer uses 8-bit Unicode Transformation Format (UTF-8) for mailto links.If you enable this policy
This policy setting allows you to manage whether Internet Explorer uses 8-bit Unicode Transformation Format (UTF-8) for mailto links.If you enable this policy
This policy setting prevents the user from ignoring Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate errors that interrupt browsing (such as
This policy setting prevents the user from ignoring Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate errors that interrupt browsing (such as
This policy setting specifies whether to use 8-bit Unicode Transformation Format (UTF-8), a standard that defines characters so they are readable in any lang
This policy setting prevents the user from specifying the background color in Internet Explorer.If you enable this policy setting, the user cannot specify the bac
This policy setting prevents the user from specifying the text color in Internet Explorer.If you enable this policy setting, the user cannot specify the text color in
This policy setting prevents the user from using Windows colors as a part of the display settings.If you enable this policy setting, Windows colors are turned of
This policy setting prevents the user from specifying a URL that contains update information about cipher strength. When the user logs on to a secure page, th
This policy setting determines whether the Internet Connection Wizard was completed. If the Internet Connection Wizard was not completed, this policy setting
This policy setting allows you to manage a list of add-ons to be allowed or denied by Internet Explorer. Add-ons in this case are controls like ActiveX Controls,
This policy setting allows you to manage a list of add-ons to be allowed or denied by Internet Explorer. Add-ons in this case are controls like ActiveX Controls,
This policy setting allows you to ensure that any Internet Explorer add-ons not listed in the 'Add-on List' policy setting are denied. Add-ons in this case are con
This policy setting allows you to ensure that any Internet Explorer add-ons not listed in the 'Add-on List' policy setting are denied. Add-ons in this case are con
This policy setting allows you to manage whether processes respect add-on management user preferences (as reflected by Add-on Manager) or policy setting
This policy setting allows you to manage whether processes respect add-on management user preferences (as reflected by Add-on Manager) or policy setting
This policy setting allows you to manage whether the listed processes respect add-on management user preferences (as entered into Add-on Manager) or pol
This policy setting allows you to manage whether the listed processes respect add-on management user preferences (as entered into Add-on Manager) or pol
For each zone, the Binary and Scripted Behavior security restrictions may be configured to allow only a list of admin-approved behaviors. This list may be con
For each zone, the Binary and Scripted Behavior security restrictions may be configured to allow only a list of admin-approved behaviors. This list may be con
This policy setting allows you to manage whether Internet Explorer 9 can install ActiveX controls and other binaries signed with MD2 and MD4 signing technol
This policy setting allows you to manage whether Internet Explorer 9 can install ActiveX controls and other binaries signed with MD2 and MD4 signing technol
Internet Explorer contains dynamic binary behaviors: components that encapsulate specific functionality for the HTML elements to which they are attached. Th
Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a Web server.This p
This policy setting allows you to manage whether the Notification bar is displayed for processes other than the Internet Explorer processes when file or code in
This policy setting allows you to manage whether the Notification bar is displayed for processes other than the Internet Explorer processes when file or code in
This policy setting allows you to manage whether the Notification bar is displayed for Internet Explorer processes when file or code installs are restricted. By d
This policy setting allows you to manage whether the Notification bar is displayed for Internet Explorer processes when file or code installs are restricted. By d
This policy setting allows you to manage whether the Notification bar is displayed for specific processes when file or code installs are restricted. By default, the
This policy setting allows you to manage whether the Notification bar is displayed for specific processes when file or code installs are restricted. By default, the
Internet Explorer places zone restrictions on each Web page it opens, which are dependent upon the location of the Web page (Internet, Intranet, Local Mach
This policy setting determines whether Internet Explorer MIME sniffing will prevent promotion of a file of one type to a more dangerous file type.If you enable t
This policy setting determines whether Internet Explorer MIME sniffing will prevent promotion of a file of one type to a more dangerous file type.This policy set
This policy setting determines whether Internet Explorer MIME sniffing will prevent promotion of a file of one type to a more dangerous file type.This policy set
The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail.I
The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail.T
The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail.T
Internet Explorer may be configured to prevent active content obtained through restricted protocols from running in an unsafe manner. This policy setting cont
File Explorer and Internet Explorer may be configured to prevent active content obtained through restricted protocols from running in an unsafe manner. This p
File Explorer and Internet Explorer may be configured to prevent active content obtained through restricted protocols from running in an unsafe manner. This p
This policy setting defines whether a reference to an object is accessible when the user navigates within the same domain or to a new domain.If you enable th
This policy setting defines whether a reference to an object is accessible when the user navigates within the same domain or to a new domain.This policy sett
This policy setting defines whether a reference to an object is accessible when the user navigates within the same domain or to a new domain.This policy sett
Internet Explorer places restrictions on each Web page it opens. The restrictions are dependent upon the location of the Web page (Internet, Intranet, Local M
This policy setting enables applications hosting the Web Browser Control to block automatic prompting of ActiveX control installation.If you enable this policy s
This policy setting enables blocking of ActiveX control installation prompts for Internet Explorer processes.If you enable this policy setting, prompting for Active
This policy setting enables blocking of ActiveX control installation prompts for Internet Explorer processes.If you enable this policy setting, prompting for Active
This policy setting enables applications hosting the Web Browser Control to block automatic prompting of file downloads that are not user initiated.If you enab
This policy setting enables blocking of file download prompts that are not user initiated.If you enable this policy setting, file download prompts that are not user
This policy setting enables blocking of file download prompts that are not user initiated.If you enable this policy setting, file download prompts that are not user
Internet Explorer allows scripts to programmatically open, resize, and reposition windows of various types. The Window Restrictions security feature restricts p
For each zone, the Network Protocol Lockdown security restriction may be configured to prevent active content obtained through restricted protocols from run
This policy setting allows you to manage the crash detection feature of add-on Management.If you enable this policy setting, a crash in Internet Explorer will e
This policy setting allows you to manage the crash detection feature of add-on Management.If you enable this policy setting, a crash in Internet Explorer will e
This policy setting turns off Automatic Crash Recovery.If you enable this policy setting, Automatic Crash Recovery does not prompt the user to recover his or h
This policy setting turns off Automatic Crash Recovery.If you enable this policy setting, Automatic Crash Recovery does not prompt the user to recover his or h
This policy setting allows you to manage whether a user has access to the Reopen Last Browsing Session feature in Internet Explorer.If you enable this policy
This policy setting allows you to manage whether a user has access to the Reopen Last Browsing Session feature in Internet Explorer.If you enable this policy
This policy setting allows you to manage whether users have the ability to allow or deny add-ons through Add-On Manager.If you enable this policy setting, use
This policy setting allows you to manage whether users have the ability to allow or deny add-ons through Add-On Manager.If you enable this policy setting, use
This policy setting allows you to add a specific list of search providers to the user's default list of search providers. Normally, search providers can be added f
This policy setting allows you to add a specific list of search providers to the user's default list of search providers. Normally, search providers can be added f
This policy setting allows you to turn on or turn off the earlier menus (for example, File, Edit, and View) in Internet Explorer.If you enable this policy setting, th
This policy setting allows you to turn on or turn off the earlier menus (for example, File, Edit, and View) in Internet Explorer.If you enable this policy setting, th
This policy setting allows you to manage whether a user has access to the Favorites bar in Internet Explorer.If you enable this policy setting, the Favorites bar
This policy setting allows you to manage whether a user has access to the Favorites bar in Internet Explorer.If you enable this policy setting, the Favorites bar
Prevents automatic proxy scripts, which interact with a server to automatically configure users' proxy settings, from being stored in the users' cache.If you ena
Prevents branding of Internet programs, such as customization of Internet Explorer and Outlook Express logos and title bars, by another party.If you enable th
Prevents users from changing settings on the Advanced tab in the Internet Options dialog box.If you enable this policy, users are prevented from changing adv
This policy setting allows you to customize the Internet Explorer version string as reported to web servers in the HTTP User Agent header.If you enable this po
This policy setting allows you to customize the Internet Explorer version string as reported to web servers in the HTTP User Agent header.If you enable this po
Specifies that Automatic Detection will be used to configure dial-up settings for users.Automatic Detection uses a DHCP (Dynamic Host Configuration Protoco
This policy setting prevents the user from using the "Fix settings" functionality related to Security Settings Check.If you enable this policy setting, the user cann
This policy setting prevents the user from using the "Fix settings" functionality related to Security Settings Check.If you enable this policy setting, the user cann
This policy setting prevents the user from managing a filter that warns the user if the website being visited is known for fraudulent attempts to gather personal
This policy setting prevents the user from managing a filter that warns the user if the website being visited is known for fraudulent attempts to gather personal
This policy setting allows the user to enable the SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gathe
This policy setting allows the user to enable the SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gathe
This policy setting prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to g
This policy setting prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to g
This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter prevents the user from browsing to or down
This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter prevents the user from browsing to or down
This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter warns the user about executable files that In
This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter warns the user about executable files that In
This policy setting turns off the Security Settings Check feature, which checks Internet Explorer security settings to determine when the settings put Internet Ex
This policy setting turns off the Security Settings Check feature, which checks Internet Explorer security settings to determine when the settings put Internet Ex
This policy setting positions the menu bar above the navigation bar. The navigation bar contains icons for a variety of features, including browsing web pages,
This policy setting prevents the user from changing the level of pop-up filtering. The available levels are as follows: High: Block all pop-ups. Medium: Bl
This policy setting prevents the user from changing the level of pop-up filtering. The available levels are as follows: High: Block all pop-ups. Medium: Bl
Specifies that error messages will be displayed to users if problems occur with proxy scripts.If you enable this policy, error messages will be displayed when th
This policy setting logs information that is blocked by new features in Internet Explorer. The logged compatibility information is displayed in the Windows Even
This policy setting logs information that is blocked by new features in Internet Explorer. The logged compatibility information is displayed in the Windows Even
This policy setting allows you to enforce full-screen mode, which disables the navigation bar, the menu bar, and the Command bar. Starting with Windows 8, th
This policy setting allows you to enforce full-screen mode, which disables the navigation bar, the menu bar, and the Command bar. Starting with Windows 8, th
This policy settings disables the Import/Export Settings wizard. This wizard allows you to import settings from another browser, import settings from a file, or ex
This policy settings disables the Import/Export Settings wizard. This wizard allows you to import settings from another browser, import settings from a file, or ex
This policy setting allows you to disable browser geolocation support. This will prevent websites from requesting location data about the user.If you enable this
This policy setting allows you to disable browser geolocation support. This will prevent websites from requesting location data about the user.If you enable this
This policy setting turns off Adobe Flash in Internet Explorer and prevents applications from using Internet Explorer technology to instantiate Flash objects. If y
This policy setting turns off Adobe Flash in Internet Explorer and prevents applications from using Internet Explorer technology to instantiate Flash objects. If y
This policy setting prevents the user from zooming in to or out of a page to better see the content.If you enable this policy setting, applications that host MSHT
This policy setting prevents the user from zooming in to or out of a page to better see the content.If you enable this policy setting, applications that host MSHT
Prevents users from configuring unique identities by using Identity Manager.Identity Manager enables users to create multiple accounts, such as e-mail accou
This policy setting allows you to configure whether newly installed add-ons are automatically activated in the Internet Explorer 9 browser. Any add-ons that we
This policy setting allows you to configure whether newly installed add-ons are automatically activated in the Internet Explorer 9 browser. Any add-ons that we
This policy setting prevents Internet Explorer from displaying a notification when the average time to load all the user's enabled add-ons exceeds the threshold
This policy setting prevents Internet Explorer from displaying a notification when the average time to load all the user's enabled add-ons exceeds the threshold
This policy setting controls the ActiveX Filtering feature for websites that are running ActiveX controls. The user can choose to turn off ActiveX Filtering for spe
This policy setting controls the ActiveX Filtering feature for websites that are running ActiveX controls. The user can choose to turn off ActiveX Filtering for spe
Allows Administrators to enable and disable the Media Explorer Bar and set the auto-play default.The Media Explorer Bar plays music and video content from
This policy setting prevents the user from performing actions which will delete browsing history. For more information on browsing history Group Policy setting
This policy setting prevents the user from performing actions which will delete browsing history. For more information on browsing history Group Policy setting
This policy setting prevents the user from deleting form data. This feature is available in the Delete Browsing History dialog box.If you enable this policy setting
This policy setting prevents the user from deleting form data. This feature is available in the Delete Browsing History dialog box.If you enable this policy setting
This policy setting prevents users from deleting passwords. This feature is available in the Delete Browsing History dialog box.If you enable this policy setting,
This policy setting prevents users from deleting passwords. This feature is available in the Delete Browsing History dialog box.If you enable this policy setting,
This policy setting prevents the user from deleting cookies. This feature is available in the Delete Browsing History dialog box.If you enable this policy setting,
This policy setting prevents the user from deleting cookies. This feature is available in the Delete Browsing History dialog box.If you enable this policy setting,
This policy setting prevents the user from deleting the history of websites that he or she has visited. This feature is available in the Delete Browsing History dia
This policy setting prevents the user from deleting the history of websites that he or she has visited. This feature is available in the Delete Browsing History dia
This policy setting prevents the user from deleting his or her download history. This feature is available in the Delete Browsing History dialog box.If you enable
This policy setting prevents the user from deleting his or her download history. This feature is available in the Delete Browsing History dialog box.If you enable
This policy setting prevents the user from deleting temporary Internet files. This feature is available in the Delete Browsing History dialog box.If you enable this
This policy setting prevents the user from deleting temporary Internet files. This feature is available in the Delete Browsing History dialog box.If you enable this
This policy setting prevents the user from deleting InPrivate Filtering data. Internet Explorer collects InPrivate Filtering data during browser sessions other than
This policy setting prevents the user from deleting InPrivate Filtering data. Internet Explorer collects InPrivate Filtering data during browser sessions other than
This policy setting prevents the user from deleting ActiveX Filtering and Tracking Protection data. This data is the list of websites on which the user has chosen
This policy setting prevents the user from deleting ActiveX Filtering and Tracking Protection data. This data is the list of websites on which the user has chosen
This policy setting prevents the user from deleting favorites site data. This feature is available in the Delete Browsing History dialog box.If you enable this polic
This policy setting prevents the user from deleting favorites site data. This feature is available in the Delete Browsing History dialog box.If you enable this polic
This policy setting allows the automatic deletion of specified items when the last browser window closes. The preferences selected in the Delete Browsing His
This policy setting allows the automatic deletion of specified items when the last browser window closes. The preferences selected in the Delete Browsing His
This policy setting prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Win
This policy setting prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Win
This policy setting prevents the user from accessing Help in Internet Explorer.If you enable this policy setting, the following occur: The Help menu on
This policy setting prevents the user from accessing Help in Internet Explorer.If you enable this policy setting, the following occur: The Help menu on
This policy setting prevents the Search box from appearing in Internet Explorer. When the Search box is available, it includes all installed search providers an
This policy setting prevents the Search box from appearing in Internet Explorer. When the Search box is available, it includes all installed search providers an
This policy setting allows you to turn off suggestions for all user-installed search providers.If you enable this policy setting, the user cannot view suggestions fo
This policy setting allows you to turn off suggestions for all user-installed search providers.If you enable this policy setting, the user cannot view suggestions fo
This policy setting allows you to prevent the quick pick menu from appearing when a user clicks in the Search box.If you enable this policy setting, when a use
This policy setting allows you to prevent the quick pick menu from appearing when a user clicks in the Search box.If you enable this policy setting, when a use
Prevents Internet Explorer from automatically installing components.If you enable this policy, it prevents Internet Explorer from downloading a component whe
This policy setting allows you to set the rate at which Internet Explorer creates new tab processes. There are two algorithms that Internet Explorer uses.The de
This policy setting allows you to set the rate at which Internet Explorer creates new tab processes. There are two algorithms that Internet Explorer uses.The de
This policy setting allows you to revert to the Internet Explorer 8 behavior of allowing OnUnLoad script handlers to display UI during shutdown. This policy sett
This policy setting allows you to revert to the Internet Explorer 8 behavior of allowing OnUnLoad script handlers to display UI during shutdown. This policy sett
This policy setting allows you to specify what is displayed when the user opens a new tab.If you enable this policy setting, you can choose which page to displ
This policy setting allows you to specify what is displayed when the user opens a new tab.If you enable this policy setting, you can choose which page to displ
This policy setting allows you to manage whether the user has access to Tab Grouping in Internet Explorer.If you enable this policy setting, Tab Grouping is tur
This policy setting allows you to turn off the Quick Tabs functionality in Internet Explorer.If you enable this policy setting, the entry points to Quick Tabs are rem
This policy setting allows you to turn off the Quick Tabs functionality in Internet Explorer.If you enable this policy setting, the entry points to Quick Tabs are rem
This policy setting prevents the user from changing the default search provider for the Address bar and the toolbar Search box.If you enable this policy setting
This policy setting prevents the user from changing the default search provider for the Address bar and the toolbar Search box.If you enable this policy setting
Prevents the Internet Explorer splash screen from appearing when users start the browser.If you enable this policy, the splash screen, which displays the prog
This policy setting allows you to turn off tabbed browsing and related entry points from the Internet Explorer user interface. Starting with Windows 8, this policy
This policy setting allows you to turn off tabbed browsing and related entry points from the Internet Explorer user interface. Starting with Windows 8, this policy
This policy setting allows you to define the user experience related to how pop-up windows appear in tabbed browsing in Internet Explorer.If you enable this p
This policy setting allows you to define the user experience related to how pop-up windows appear in tabbed browsing in Internet Explorer.If you enable this p
Prevents Internet Explorer from checking whether a new version of the browser is available.If you enable this policy, it prevents Internet Explorer from checkin
This policy setting allows you to configure how windows open in Internet Explorer when the user clicks links from other applications.If you enable this policy se
This policy setting allows you to configure how windows open in Internet Explorer when the user clicks links from other applications.If you enable this policy se
Allows Administrators to enable and disable the ability for Outlook Express users to save or open attachments that can potentially contain a virus.If you check
This policy setting allows you to specify a list of web sites that will be allowed to open pop-up windows regardless of the Internet Explorer process's Pop-Up Bl
This policy setting allows you to specify a list of web sites that will be allowed to open pop-up windows regardless of the Internet Explorer process's Pop-Up Bl
If you enable this policy, the user cannot modify the Accessibility options. All options in the "Accessibility" window on the General Tab in the Internet Option
This setting specifies to automatically detect the proxy server settings used to connect to the Internet and customize Internet Explorer. This setting specifies th
This setting specifies to automatically detect the proxy server settings used to connect to the Internet and customize Internet Explorer. This setting specifies th
Prevents users from changing the browser cache settings, such as the location and amount of disk space to use for the Temporary Internet Files folder.If you e
Prevents users from changing the default programs for managing schedules and contacts.If you enable this policy, the Calendar and Contact combo boxes ap
Prevents users from changing certificate settings in Internet Explorer. Certificates are used to verify the identity of software publishers.If you enable this poli
Prevents Microsoft Internet Explorer from checking to see whether it is the default browser.If you enable this policy, the Internet Explorer Should Check to See
This policy setting allows you to choose whether users will be notified if Internet Explorer is not the default web browser.If you enable this policy setting, users
Prevents users from changing the default Web page colors.If you enable this policy, the color settings for Web pages appear dimmed. The settings are located
Prevents users from changing dial-up settings.If you enable this policy, the Settings button on the Connections tab in the Internet Options dialog box appears
Prevents users from changing dial-up settings.If you enable this policy, the Settings button on the Connections tab in the Internet Options dialog box appears
Prevents users from running the Internet Connection Wizard.If you enable this policy, the Setup button on the Connections tab in the Internet Options dialog b
Prevents users from changing font settings.If you enable this policy, users will not be able to change font settings for viewing Web pages. All font settings vis
This AutoComplete feature suggests possible matches when users are filling up forms.If you enable this setting, the user is not suggested matches when filling
This AutoComplete feature can remember and suggest User names and passwords on Forms.If you enable this setting, the user cannot change "User name a
This setting specifies the number of days that Internet Explorer tracks views of pages in the History List. To access the Temporary Internet Files and History Se
This setting specifies the number of days that Internet Explorer tracks views of pages in the History List. To access the Temporary Internet Files and History Se
The Home page specified on the General tab of the Internet Options dialog box is the default Web page that Internet Explorer loads whenever it is run.If you e
Secondary home pages are the default Web pages that Internet Explorer loads in separate tabs from the home page whenever the browser is run. This policy
Secondary home pages are the default Web pages that Internet Explorer loads in separate tabs from the home page whenever the browser is run. This policy
Prevents users from changing language preference settings.If you enable this policy, users will not be able to set language preferences to read websites. Lang
Prevents users from changing the colors of links on Web pages.If you enable this policy, the color settings for links appear dimmed. The settings are located in
Prevents users from changing the default programs for messaging tasks.If you enable this policy, the E-mail, Newsgroups, and Internet Call options in the Inte
You can allow pop-ups from specific websites by adding the sites to the exception list.If you enable this policy setting, the user cannot add websites to or remo
You can allow pop-ups from specific websites by adding the sites to the exception list.If you enable this policy setting, the user cannot add websites to or remo
This policy setting allows you to manage pop-up management functionality in Internet Explorer.If you enable this policy setting, the Control Panel information r
This policy setting allows you to manage pop-up management functionality in Internet Explorer.If you enable this policy setting, the Control Panel information r
Prevents users from changing Profile Assistant settings.If you enable this policy, the My Profile button appears dimmed in the Personal Information area on the
This policy setting specifies if a user can change proxy settings.If you enable this policy setting, the user will not be able to configure proxy settings.If you disab
This policy setting specifies if a user can change proxy settings.If you enable this policy setting, the user will not be able to configure proxy settings.If you disab
Prevents users from changing ratings that help control the type of Internet content that can be viewed.If you enable this policy, the settings in the Content Adv
Prevents users from restoring default settings for home and search pages.If you enable this policy, the Reset Web Settings button on the Programs tab in the
This policy setting is used to manage temporary Internet files and cookies associated with your Internet browsing history, available by clicking Tools, Internet O
This policy setting is used to manage temporary Internet files and cookies associated with your Internet browsing history, available by clicking Tools, Internet O
This AutoComplete feature suggests possible matches when users are entering Web addresses in the browser address bar.If you enable this policy setting, us
This AutoComplete feature suggests possible matches when users are entering Web addresses in the browser address bar.If you enable this policy setting, us
This policy setting allows you to prevent Windows Search AutoComplete from providing results in the Internet Explorer Address bar.Windows Search AutoCom
This policy setting allows you to prevent Windows Search AutoComplete from providing results in the Internet Explorer Address bar.Windows Search AutoCom
This policy setting turns off URL Suggestions. URL Suggestions allow users to autocomplete URLs in the address bar based on common URLs. The list of com
This policy setting turns off URL Suggestions. URL Suggestions allow users to autocomplete URLs in the address bar based on common URLs. The list of com
Disables using the F3 key to search in Internet Explorer and File Explorer.If you enable this policy, the search functionality of the F3 key is disabled. Users c
Makes the Customize button in the Search Assistant appear dimmed.The Search Assistant is a tool that appears in the Search bar to help users search the In
Applies security zone information to all users of the same computer. A security zone is a group of Web sites with the same security level.If you enable this poli
Prevents users from changing security zone settings. A security zone is a group of Web sites with the same security level.If you enable this policy, the Custom
Prevents users from adding or removing sites from security zones. A security zone is a group of Web sites with the same security level.If you enable this policy
Specifies that programs using the Microsoft Software Distribution Channel will not notify users when they install new components. The Software Distribution C
This policy setting allows you to restrict the search providers that appear in the Search box in Internet Explorer to those defined in the list of policy keys for
This policy setting allows you to restrict the search providers that appear in the Search box in Internet Explorer to those defined in the list of policy keys for
This policy setting prevents the user from participating in the Customer Experience Improvement Program (CEIP).If you enable this policy setting, the user ca
This policy setting prevents the user from participating in the Customer Experience Improvement Program (CEIP).If you enable this policy setting, the user ca
This policy setting allows you to configure how new tabs are created by default in Internet Explorer.If you enable this policy setting, the user cannot configur
This policy setting allows you to configure how new tabs are created by default in Internet Explorer.If you enable this policy setting, the user cannot configur
Applies proxy settings to all users of the same computer.If you enable this policy, users cannot set user-specific proxy settings. They must use the zones creat
This policy setting controls whether websites can open new Internet Explorer windows that have no status bar or Address bar.If you enable this policy setting,
This policy setting allows the playing of video and animation through older media players in specified zones. Video and animation playback through the object
This policy setting allows you to manage whether the user can run scriptlets.If you enable this policy setting, the user can run scriptlets.If you disable this polic
This policy setting controls the first-run response that the user sees on a zone-by-zone basis. When the user encounters a new control that has not previously
This policy setting controls whether or not local path information is sent when the user is uploading a file via an HTML form. If the local path information is sen
This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content.If you enable this policy setting, SmartScreen Filter scan
This policy setting determines whether scripted windows are automatically displayed.If you enable this policy setting, scripted windows are displayed.If you dis
This policy setting allows you to manage whether script is allowed to update the status bar within the zone.If you enable this policy setting, script is allowed to
This policy setting allows you to turn on Protected Mode. Protected Mode helps protect Internet Explorer from exploited vulnerabilities by reducing the location
This policy setting controls whether or not the "Open File - Security Warning" message appears when the user tries to open executable files or other potentiall
This policy setting allows you to manage the loading of XAML Browser Applications (XBAPs). These are browser-hosted, ClickOnce-deployed applications bui
This policy setting determines whether a page can control embedded WebBrowser controls via script.If you enable this policy setting, script access to the Web
This policy setting prevents the user's computer from starting Microsoft .NET Framework Setup when the user is browsing to .NET Framework content in Inter
This policy setting allows you to manage the loading of Extensible Application Markup Language (XAML) files. XAML is an XML-based declarative markup lan
This policy setting allows you to manage the loading of XPS files. These files contain a fixed-layout representation of paginated content and are portable acros
This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or A
This policy setting allows you to manage whether script code on pages in the zone is run.If you enable this policy setting, script code on pages in the zone can
This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on websites other than the website that installed the ActiveX co
This policy setting allows you to manage whether a user's browser can be redirected to another Web page if the author of the Web page uses the Meta Refres
This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in a specified region.If you ena
This policy setting allows you to manage dynamic binary and script behaviors: components that encapsulate specific functionality for HTML elements to which
This policy setting allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not
This policy setting allows you to manage whether users can display nonsecure items and manage whether users receive a security information message to dis
This policy setting allows you to manage whether users may download signed ActiveX controls from a page in the zone.If you enable this policy, users can dow
This policy setting allows you to manage whether users may download unsigned ActiveX controls from the zone. Such code is potentially harmful, especially w
This policy setting allows you to manage whether users can drag files or copy and paste files from a source within the zone.If you enable this policy setting, us
This policy setting specifies whether Internet Explorer renders legacy visual filters in this zone.If you enable this policy setting, you can control whether or not I
This policy setting allows you to manage whether file downloads are permitted from the zone. This option is determined by the zone of the page with the link c
This policy setting allows you to manage whether pages of the zone may download HTML fonts.If you enable this policy setting, HTML fonts can be downloade
This policy setting allows you to manage whether users can install Active Desktop items from this zone. The settings for this option are: If you enable this polic
This policy setting allows you to manage permissions for Java applets.If you enable this policy setting, you can choose options from the drop-down box. Custo
This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages
This policy setting allows you to manage settings for logon options.If you enable this policy setting, you can choose from the following logon options.Anonym
This policy setting allows you to manage MIME sniffing for file promotion from one type to another based on a MIME sniff. A MIME sniff is the recognition by In
This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in the same wind
This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in different windo
This policy setting allows you to manage the opening of windows and frames and access of applications across different domains.If you enable this policy set
This policy setting allows you to manage whether a resource hosted on an admin-restricted protocol in the Intranet Zone can run active content such as script,
This policy setting allows you to manage whether users are prompted to select a certificate when no certificate or only one certificate exists.If you enable this p
This policy setting manages whether users will be automatically prompted for ActiveX control installations.If you enable this policy setting, users will receive a
This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive file download
This policy setting allows you to manage whether ActiveX controls and plug-ins can be run on pages from the specified zone.If you enable this policy setting, c
This policy setting allows you to manage whether an ActiveX control marked safe for scripting can interact with a script.If you enable this policy setting, script in
This policy setting allows you to manage ActiveX controls not marked as safe.If you enable this policy setting, ActiveX controls are run, loaded with parameters
This policy setting allows you to manage whether applets are exposed to scripts within the zone.If you enable this policy setting, scripts can access applets au
This policy setting allows you to manage whether .NET Framework components that are signed with Authenticode can be executed from Internet Explorer. The
This policy setting allows you to manage software channel permissions.If you enable this policy setting, you can choose the following options from the drop-do
This policy setting allows you to manage whether data on HTML forms on pages in the zone may be submitted. Forms sent with SSL (Secure Sockets Layer) e
This policy controls whether or not the Cross-Site Scripting (XSS) Filter will detect and prevent cross-site script injections into websites in this zone.If you enab
This policy setting allows you to manage whether .NET Framework components that are not signed with Authenticode can be executed from Internet Explorer.
This policy setting allows you to manage the preservation of information in the browser's history, in favorites, in an XML store, or directly within a Web page sa
This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows that include the title and status bars.If you enable this po
This policy setting allows you to manage whether Web sites from less privileged zones, such as Restricted Sites, can navigate into this zone.If you enable this
This policy setting allows you to manage whether Web sites from less privileged zones, such as Internet sites, can navigate into this zone.If you enable this po
This policy setting specifies whether Internet Explorer renders legacy visual filters in this zone. If you enable this policy setting, you can control whether or not
This policy setting allows you to manage the opening of windows and frames and access of applications across different domains.If you enable this policy sett
This policy setting allows you to manage whether a resource hosted on an admin-restricted protocol in the Trusted Sites Zone can run active content such as
This policy setting allows you to manage whether a resource hosted on an admin-restricted protocol in the Trusted Sites Zone can run active content such as
This policy setting controls whether local sites which are not explicitly mapped into any Security Zone are forced into the local Intranet security zone.If you ena
This policy setting controls whether local sites which are not explicitly mapped into any Security Zone are forced into the local Intranet security zone.If you ena
This policy setting allows you to turn on the certificate address mismatch security warning. When this policy setting is turned on, the user is warned when visi
This policy setting allows you to turn on the certificate address mismatch security warning. When this policy setting is turned on, the user is warned when visi
This template policy setting allows you to configure policy settings in this zone consistent with a selected security level, for example, Low, Medium Low, Mediu
This policy setting controls whether sites which bypass the proxy server are mapped into the local Intranet security zone.If you enable this policy setting, site
This policy setting controls whether sites which bypass the proxy server are mapped into the local Intranet security zone.If you enable this policy setting, site
This policy setting controls whether URLs representing UNCs are mapped into the local Intranet security zone.If you enable this policy setting, all network path
This policy setting controls whether URLs representing UNCs are mapped into the local Intranet security zone.If you enable this policy setting, all network path
This policy setting allows you to manage a list of sites that you want to associate with a particular security zone. These zone numbers have associated securit
This policy setting allows you to manage a list of sites that you want to associate with a particular security zone. These zone numbers have associated securit
This policy setting enables intranet mapping rules to be applied automatically if the computer belongs to a domain.If you enable this policy setting, automatic d
This policy setting enables intranet mapping rules to be applied automatically if the computer belongs to a domain.If you enable this policy setting, automatic d
This policy setting causes a Notification bar notification to appear when intranet content is loaded and the intranet mapping rules have not been configured. Th
This policy setting causes a Notification bar notification to appear when intranet content is loaded and the intranet mapping rules have not been configured. Th
This policy setting prevents the user from specifying the color to which hyperlinks change when the mouse pointer pauses on them.If you enable this policy se
This policy setting prevents the user from specifying the color of webpage links that he or she has not yet clicked. Appropriate color choices can make links ea
This policy setting prevents the user from specifying the color of webpage links that he or she has already clicked. Appropriate color choices can make links ea
This policy setting makes hyperlinks change color when the mouse pointer pauses on them.If you enable this policy setting, the hover color option is turned on
Prevents users from closing Microsoft Internet Explorer and File Explorer.If you enable this policy, the Close command on the File menu will appear dimmed.If
Prevents users from saving Web pages from the browser File menu to their hard disk or to a network share.If you enable this policy, the Save As command on
Prevents users from saving the complete contents that are displayed on or run from a Web page, including the graphics, scripts, linked files, and other elemen
Prevents users from opening a new browser window from the File menu.If this policy is enabled, users cannot open a new browser window by clicking the File
Prevents users from opening a file or Web page from the File menu in Internet Explorer.If you enable this policy, the Open dialog box will not appear when u
Prevents users from sending feedback to Microsoft by clicking the Send Feedback command on the Help menu.If you enable this policy, the Send Feedback c
Prevents users from displaying tips for users who are switching from Netscape.If you enable this policy, the For Netscape Users command is removed from th
Prevents users from viewing or changing the Tip of the Day interface in Microsoft Internet Explorer.If you enable this policy, the Tip of the Day command is rem
Prevents users from running the Internet Explorer Tour from the Help menu in Internet Explorer.If you enable this policy, the Tour command is removed from th
This policy setting prevents the shortcut menu from appearing when a user right-clicks a webpage while using Internet Explorer. Starting with Windows 8, this
Prevents users from adding, removing, editing or viewing the list of Favorite links.The Favorites list is a way to store popular links for future use.If you enabl
Prevents using the shortcut menu to open a link in a new browser window.If you enable this policy, users cannot point to a link, click the right mouse butto
Prevents users from saving a program or file that Microsoft Internet Explorer has downloaded to the hard disk.If you enable this policy, users cannot save a pr
This policy setting allows you to manage whether users can access the Print menu. Starting with Windows 8, this policy setting also allows you to manage whe
This policy setting allows you to manage whether users can access the Print menu. Starting with Windows 8, this policy setting also allows you to manage whe
Prevents users from opening the Internet Options dialog box from the Tools menu in Microsoft Internet Explorer.If you enable this policy, users cannot change
Prevents users from displaying the browser in full-screen (kiosk) mode, without the standard toolbar.If you enable this policy, the Full Screen command on the
Prevents users from viewing the HTML source of Web pages by clicking the Source command on the View menu.If you enable this policy, the Source comman
This policy setting specifies that you want Internet Explorer to automatically resize large images so that they fit in the browser window.If you enable this policy
This policy setting specifies whether graphical images are included when pages are displayed.Sometimes, pages that contain several graphical images are di
This policy setting specifies whether Internet Explorer plays media files that use alternative codecs and that require additional software.If you enable this polic
This policy setting specifies whether Internet Explorer plays media files that use alternative codecs and that require additional software.If you enable this polic
This policy setting specifies whether placeholders appear for graphical images while the images are downloading. This allows items on the page to be position
This policy setting specifies whether you want Internet Explorer to smooth images so that they appear less jagged when displayed.If you enable this policy set
Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Local Computer security zone.If you enable this policy
Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Local Intranet security zone.If you enable this policy, y
Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Trusted Sites security zone.If you enable this policy, yo
Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Internet security zone.If you enable this policy, you can
Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Restricted Sites security zone.If you enable this policy,
This policy setting specifies whether Internet Explorer prints background colors and images when the user prints a webpage. Including background colors and
This policy setting controls whether to have background synchronization for feeds and Web Slices.If you enable this policy setting, the ability to synchronize fe
This policy setting controls whether to have background synchronization for feeds and Web Slices.If you enable this policy setting, the ability to synchronize fe
This policy setting prevents the user from having enclosures (file attachments) downloaded from a feed to the user's computer.If you enable this policy sett
This policy setting prevents the user from having enclosures (file attachments) downloaded from a feed to the user's computer.If you enable this policy sett
This policy setting prevents the user from subscribing to or deleting a feed or a Web Slice.If you enable this policy setting, the menu command to subscribe to
This policy setting prevents the user from subscribing to or deleting a feed or a Web Slice.If you enable this policy setting, the menu command to subscribe to
This policy setting prevents users from having Internet Explorer automatically discover whether a feed or Web Slice is available for an associated webpage.If
This policy setting prevents users from having Internet Explorer automatically discover whether a feed or Web Slice is available for an associated webpage.If
This policy setting prevents the user from using Internet Explorer as a feed reader. This policy setting has no impact on the Windows RSS Platform.If you enab
This policy setting prevents the user from using Internet Explorer as a feed reader. This policy setting has no impact on the Windows RSS Platform.If you enab
This policy setting allows users to have their feeds authenticated through the Basic authentication scheme over an unencrypted HTTP connection.If you enabl
This policy setting allows users to have their feeds authenticated through the Basic authentication scheme over an unencrypted HTTP connection.If you enabl
This policy setting allows you to bypass prompting when a script that is running in any process on the computer attempts to perform a Clipboard operation (de
This policy setting allows you to bypass prompting when a script that is running in any process on the computer attempts to perform a Clipboard operation (de
This policy setting allows you to bypass prompting when a script that is running in the Internet Explorer process attempts to perform a Clipboard operation (de
This policy setting allows you to bypass prompting when a script that is running in the Internet Explorer process attempts to perform a Clipboard operation (de
This policy setting allows you to define applications and processes that can access the Clipboard without prompting the user.Note: Do not enter the Internet Ex
This policy setting allows you to define applications and processes that can access the Clipboard without prompting the user.Note: Do not enter the Internet Ex
This policy setting specifies whether the user can conduct a search on the Address bar.If you enable this policy setting, you must specify which of the followin
This policy setting specifies whether the user can conduct a search on the Address bar.If you enable this policy setting, you must specify which of the followin
This policy setting allows you to specify whether a user can browse to the website of a top result when search is enabled on the Address bar. The possible opt
This policy setting allows you to specify whether a user can browse to the website of a top result when search is enabled on the Address bar. The possible opt
This policy setting allows the user to run natively implemented, scriptable XMLHTTP.If you enable this policy setting, the user can run natively implemented, s
This policy setting allows the user to run natively implemented, scriptable XMLHTTP.If you enable this policy setting, the user can run natively implemented, s
This policy setting allows you to turn on or turn off Data URI support. A Data URI allows web developers to encapsulate images and .css files within the body o
This policy setting allows you to turn on or turn off Data URI support. A Data URI allows web developers to encapsulate images and .css files within the body o
This policy setting allows you to turn off the Data Execution Prevention feature for Internet Explorer on Windows Server 2008, Windows Vista with SP1, and W
This policy setting allows you to hide the reveal password button when Internet Explorer prompts users for a password. The reveal password button is displaye
This policy setting allows you to hide the reveal password button when Internet Explorer prompts users for a password. The reveal password button is displaye
This policy setting allows you to change the default connection limit for HTTP 1.1 from 6 connections per host to a limit of your choice (from 2 through 128).If y
This policy setting allows you to manage whether documents can request data across third-party domains embedded in the page.If you enable this policy setti
This policy setting allows you to manage whether documents can request data across third-party domains embedded in the page.If you enable this policy setti
This policy setting allows you to choose whether websites can request data across domains by using the XDomainRequest object. Note that this policy setting
This policy setting allows you to choose whether websites can request data across domains by using the XDomainRequest object. Note that this policy setting
The WebSocket object allows websites to request data across domains from your browser by using the WebSocket protocol. This policy setting allows adminis
The WebSocket object allows websites to request data across domains from your browser by using the WebSocket protocol. This policy setting allows adminis
This policy setting allows you to change the default limit of WebSocket connections per server. The default limit is 6; you can select a value from 2 through 128
This policy setting allows you to change the default limit of WebSocket connections per server. The default limit is 6; you can select a value from 2 through 128
This policy setting allows Internet Explorer to be started automatically to complete the signup process after the branding is complete for Internet service provid
This policy setting allows you to turn off the toolbar upgrade tool. The toolbar upgrade tool determines whether incompatible toolbars or Browser Helper Objec
This policy setting allows you to turn off the toolbar upgrade tool. The toolbar upgrade tool determines whether incompatible toolbars or Browser Helper Objec
This policy setting allows you to manage whether the user can access Developer Tools in Internet Explorer.If you enable this policy setting, the user cannot ac
This policy setting allows you to manage whether the user can access Developer Tools in Internet Explorer.If you enable this policy setting, the user cannot ac
Prevents users from determining which toolbars are displayed in Microsoft Internet Explorer and File Explorer.If you enable this policy, the list of toolbars, wh
Prevents users from determining which buttons appear on the Microsoft Internet Explorer and File Explorer standard toolbars. The buttons appearing on the to
Specifies which buttons will be displayed on the standard toolbar in Microsoft Internet Explorer.If you enable this policy, you can specify whether or not each b
This policy setting allows you to show or hide the Command bar.If you enable this policy setting, the Command bar is hidden and the user cannot choose to sh
This policy setting allows you to show or hide the Command bar.If you enable this policy setting, the Command bar is hidden and the user cannot choose to sh
This policy setting allows you to show or hide the status bar.If you enable this policy setting, the status bar is hidden and the user cannot choose to show it.If y
This policy setting allows you to show or hide the status bar.If you enable this policy setting, the status bar is hidden and the user cannot choose to show it.If y
This policy setting allows you to lock or unlock the toolbars on the user interface.If you enable this policy setting, the toolbars are locked and the user cannot
This policy setting allows you to lock or unlock the toolbars on the user interface.If you enable this policy setting, the toolbars are locked and the user cannot
This policy setting allows you to lock the Stop and Refresh buttons next to the Back and Forward buttons.If you enable this policy setting, the Stop and Refres
This policy setting allows you to lock the Stop and Refresh buttons next to the Back and Forward buttons.If you enable this policy setting, the Stop and Refres
This policy setting allows you to choose among three different labels for command buttons: show all text labels, show selective text, or show only icons.If y
This policy setting allows you to choose among three different labels for command buttons: show all text labels, show selective text, or show only icons.If y
This policy setting allows you increase the size of icons for command buttons.If you enable this policy setting, icons for command buttons are 20 x 20 pixels an
This policy setting allows you increase the size of icons for command buttons.If you enable this policy setting, icons for command buttons are 20 x 20 pixels an
This policy setting allows you to manage where tabs are displayed.If you enable this policy setting, tabs are displayed on a separate row.If you disable this pol
This policy setting allows you to manage where tabs are displayed.If you enable this policy setting, tabs are displayed on a separate row.If you disable this pol
This policy setting prevents the user from specifying the update check interval. The default value is 30 days.If you enable this policy setting, the user cannot sp
This policy setting prevents the user from changing the default URL for checking updates to Internet Explorer and Internet Tools.If you enable this policy settin
This policy setting allows you to turn off the ActiveX Opt-In prompt. ActiveX Opt-In prevents websites from loading any ActiveX control without prior approval. I
This policy setting allows you to turn off the ActiveX Opt-In prompt. ActiveX Opt-In prevents websites from loading any ActiveX control without prior approval. I
This policy setting allows you to prevent the installation of ActiveX controls on a per-user basis.If you enable this policy setting, ActiveX controls cannot be inst
This policy setting allows you to prevent the installation of ActiveX controls on a per-user basis.If you enable this policy setting, ActiveX controls cannot be inst
This policy setting allows you to specify how ActiveX controls are installed.If you enable this policy setting, ActiveX controls are installed only if the ActiveX Inst
This policy setting allows you to specify how ActiveX controls are installed.If you enable this policy setting, ActiveX controls are installed only if the ActiveX Inst
This policy setting controls the Suggested Sites feature, which recommends websites based on the users browsing activity. Suggested Sites reports a use
This policy setting controls the Suggested Sites feature, which recommends websites based on the users browsing activity. Suggested Sites reports a use
This policy setting allows you to turn off the InPrivate Browsing feature.InPrivate Browsing prevents Internet Explorer from storing data about a user's browsing
This policy setting allows you to turn off the InPrivate Browsing feature.InPrivate Browsing prevents Internet Explorer from storing data about a user's browsing
This policy setting allows you to choose whether or not toolbars and Browser Helper Objects (BHOs) are loaded by default during an InPrivate Browsing sessi
This policy setting allows you to choose whether or not toolbars and Browser Helper Objects (BHOs) are loaded by default during an InPrivate Browsing sessi
This policy setting allows you to turn off the collection of data used by the InPrivate Filtering Automatic mode.The data consists of the URLs of third-party conte
This policy setting allows you to turn off the collection of data used by the InPrivate Filtering Automatic mode.The data consists of the URLs of third-party conte
This policy setting allows you to establish the threshold for InPrivate Filtering Automatic mode.The threshold sets the number of first-party sites that a particula
This policy setting allows you to establish the threshold for InPrivate Filtering Automatic mode.The threshold sets the number of first-party sites that a particula
This policy setting allows you to turn off InPrivate Filtering.InPrivate Filtering helps users control whether third parties can automatically collect information abo
This policy setting allows you to turn off InPrivate Filtering.InPrivate Filtering helps users control whether third parties can automatically collect information abo
This policy setting allows you to establish the threshold for Tracking Protection Automatic mode.The threshold sets the number of first-party sites that a particu
This policy setting allows you to establish the threshold for Tracking Protection Automatic mode.The threshold sets the number of first-party sites that a particu
This policy setting allows you to turn off Tracking Protection.Tracking Protection helps users control whether third parties can automatically collect information
This policy setting allows you to turn off Tracking Protection.Tracking Protection helps users control whether third parties can automatically collect information
This policy setting allows you to add non-default Accelerators.If you enable this policy setting, the specified Accelerators are added to the user's browser. The
This policy setting allows you to add non-default Accelerators.If you enable this policy setting, the specified Accelerators are added to the user's browser. The
This policy setting allows you to add default Accelerators.If you enable this policy setting, the specified Accelerators are added to the user's browser. The user
This policy setting allows you to add default Accelerators.If you enable this policy setting, the specified Accelerators are added to the user's browser. The user
This policy setting allows you to manage whether users can access Accelerators.If you enable this policy setting, users cannot access Accelerators.If you disa
This policy setting allows you to manage whether users can access Accelerators.If you enable this policy setting, users cannot access Accelerators.If you disa
This policy setting restricts the list of Accelerators that the user can access to only the set deployed through Group Policy.If you enable this policy setting, th
This policy setting restricts the list of Accelerators that the user can access to only the set deployed through Group Policy.If you enable this policy setting, th
This policy setting allows you to turn on Internet Explorer 7 Standards Mode. Compatibility View determines how Internet Explorer identifies itself to a web serv
This policy setting allows you to turn on Internet Explorer 7 Standards Mode. Compatibility View determines how Internet Explorer identifies itself to a web serv
This policy setting controls the Compatibility View feature, which allows the user to fix website display problems that he or she may encounter while browsing.I
This policy setting controls the Compatibility View feature, which allows the user to fix website display problems that he or she may encounter while browsing.I
This policy setting controls how Internet Explorer displays local intranet content. Intranet content is defined as any webpage that belongs to the local intranet
This policy setting controls how Internet Explorer displays local intranet content. Intranet content is defined as any webpage that belongs to the local intranet
This policy setting controls the Compatibility View button that appears on the Command bar. This button allows the user to fix website display problems that he
This policy setting controls the Compatibility View button that appears on the Command bar. This button allows the user to fix website display problems that he
This policy setting allows you to add specific sites that must be viewed in Internet Explorer 7 Compatibility View.If you enable this policy setting, the user can a
This policy setting allows you to add specific sites that must be viewed in Internet Explorer 7 Compatibility View.If you enable this policy setting, the user can a
Compatibility View determines how Internet Explorer identifies itself to a web server and determines whether content is rendered in Quirks Mode or the Standa
Compatibility View determines how Internet Explorer identifies itself to a web server and determines whether content is rendered in Quirks Mode or the Standa
This policy controls the website compatibility lists that Microsoft provides. The updated website lists are available on Windows Update.If you enable this policy
This policy controls the website compatibility lists that Microsoft provides. The updated website lists are available on Windows Update.If you enable this policy
This policy setting allows you to manage whether users can pin sites to locations where pinning is allowed, such as the taskbar, the desktop, or File Explorer.If
This policy setting allows you to manage whether users can pin sites to locations where pinning is allowed, such as the taskbar, the desktop, or File Explorer.If
This policy setting sets data storage limits for indexed database and application caches for individual websites. When you set this policy setting, you provide th
This policy setting sets data storage limits for indexed database and application caches for individual websites. When you set this policy setting, you provide th
This policy setting allows websites to store indexed database cache information on client computers.If you enable this policy setting, websites will be able to
This policy setting allows websites to store indexed database cache information on client computers.If you enable this policy setting, websites will be able to
This policy setting sets data storage limits for indexed databases of websites that have been allowed to exceed their storage limit. The Set default storage
This policy setting sets data storage limits for indexed databases of websites that have been allowed to exceed their storage limit. The Set default storage
This policy setting sets the data storage limit for all combined indexed databases for a user. When you set this policy setting, you provide the storage limit in
This policy setting sets the data storage limit for all combined indexed databases for a user. When you set this policy setting, you provide the storage limit in
This policy setting allows websites to store file resources in application caches on client computers.If you enable this policy setting, websites will be able to
This policy setting allows websites to store file resources in application caches on client computers.If you enable this policy setting, websites will be able to
This policy setting sets file storage limits for application caches of websites that have been allowed to exceed their storage limit. The Set default storage li
This policy setting sets file storage limits for application caches of websites that have been allowed to exceed their storage limit. The Set default storage li
This policy setting sets the file storage limit for all combined application caches for a user. When you set this policy setting, you provide the storage limit in
This policy setting sets the file storage limit for all combined application caches for a user. When you set this policy setting, you provide the storage limit in
This policy setting sets the number of days an inactive application cache will exist before it is removed. If the application cache is used before the expiration tim
This policy setting sets the number of days an inactive application cache will exist before it is removed. If the application cache is used before the expiration tim
This policy setting sets the maximum number of resource entries that can be specified in a manifest file associated with an application cache. If the manifest a
This policy setting sets the maximum number of resource entries that can be specified in a manifest file associated with an application cache. If the manifest a
This policy setting sets the maximum size for an individual resource file contained in a manifest file. The manifest file is used to create the application cache. I
This policy setting sets the maximum size for an individual resource file contained in a manifest file. The manifest file is used to create the application cache. I
This policy setting configures what Internet Explorer displays when a new browsing session is started. By default, Internet Explorer displays the home page. In
This policy setting configures what Internet Explorer displays when a new browsing session is started. By default, Internet Explorer displays the home page. In
This policy setting configures Internet Explorer to open Internet Explorer tiles on the desktop.If you enable this policy setting, Internet Explorer opens tiles only
This policy setting configures Internet Explorer to open Internet Explorer tiles on the desktop.If you enable this policy setting, Internet Explorer opens tiles only
This policy setting allows you to choose how links are opened in Internet Explorer: Let Internet Explorer decide, always in Internet Explorer, or always in Intern
This policy setting allows you to choose how links are opened in Internet Explorer: Let Internet Explorer decide, always in Internet Explorer, or always in Intern
This policy setting configures Internet Explorer to automatically install new versions of Internet Explorer when they are available.If you enable this policy settin
Turns off the handwriting recognition error reporting tool.The handwriting recognition error reporting tool enables users to report errors encountered in Tablet P
Turns off the handwriting recognition error reporting tool.The handwriting recognition error reporting tool enables users to report errors encountered in Tablet P
If enabled then new iSNS servers may not be added and thus new targets discovered via those iSNS servers; existing iSNS servers may not be removed. If d
If enabled then new target portals may not be added and thus new targets discovered on those portals; existing target portals may not be removed. If disabled
If enabled then discovered targets may not be manually configured. If disabled then discovered targets may be manually configured. Note: if enabled there ma
If enabled then new targets may not be manually configured by entering the target name and target portal; already discovered targets may be manually config
If enabled then do not allow the initiator iqn name to be changed. If disabled then the initiator iqn name may be changed.
If enabled then only those sessions that are established via a persistent login will be established and no new persistent logins may be created. If disabled then
If enabled then do not allow the initiator CHAP secret to be changed. If disabled then the initiator CHAP secret may be changed.
If enabled then only those connections that are configured for IPSec may be established. If disabled then connections that are configured for IPSec or connec
If enabled then only those sessions that are configured for mutual CHAP may be established. If disabled then sessions that are configured for mutual CHAP o
If enabled then only those sessions that are configured for one-way CHAP may be established. If disabled then sessions that are configured for one-way CHA
This policy setting controls whether the domain controller provides information about previous logons to client computers.If you enable this policy setting, t
This policy setting defines the list of trusting forests that the Key Distribution Center (KDC) searches when attempting to resolve two-part service principal nam
This policy setting allows you to configure a domain controller to support claims and compound authentication for Dynamic Access Control and Kerberos armo
This policy setting allows you to configure at what size Kerberos tickets will trigger the warning event issued during Kerberos authentication. The ticket size w
This policy setting allows you to specify which DNS host names and which DNS suffixes are mapped to a Kerberos realm.If you enable this policy setting, you
This policy setting configures the Kerberos client so that it can authenticate with interoperable Kerberos V5 realms, as defined by this policy setting. If
This policy setting controls the Kerberos client's behavior in validating the KDC certificate for smart card and system certificate logon. If you enable this po
This policy setting defines the list of trusting forests that the Kerberos client searches when attempting to resolve two-part service principal names (SPNs).If yo
This policy setting allows you to configure this server so that Kerberos can decrypt a ticket that contains this system-generated SPN. When an application atte
This policy setting configures the Kerberos client's mapping to KDC proxy servers for domains based on their DNS suffix names.If you enable this policy settin
This policy setting allows you to disable revocation check for the SSL certificate of the targeted KDC proxy server.If you enable this policy setting, revocation
This policy setting controls whether a computer requires that Kerberos message exchanges be armored when communicating with a domain controller.Warnin
This policy setting controls configuring the device's Active Directory account for compound authentication.Support for providing compound authentication whic
This policy setting allows you to set the value returned to applications which request the maximum size of the SSPI context token buffer size. Th
This policy setting controls whether a device will request claims and compound authentication for Dynamic Access Control and Kerberos armoring using Kerbe
This policy setting specifies whether a hash generation service generates hashes, also called content information, for data that is stored in shared folders. Thi
This policy setting specifies whether the BranchCache hash generation service supports version 1 (V1) hashes, version 2 (V2) hashes, or both V1 and V2 has
This policy setting determines whether Diagnostic Policy Service (DPS) diagnoses memory leak problems.If you enable or do not configure this policy setting,
This policy setting changes the operational behavior of the Mapper I/O network protocol driver.LLTDIO allows a computer to discover the topology of a networ
This policy setting changes the operational behavior of the Responder network protocol driver.The Responder allows a computer to participate in Link Layer T
This policy setting turns off the Windows Location Provider feature for this computer. If you enable this policy setting, the Windows Location Provide
This policy setting ignores the customized run list.You can create a customized list of additional programs and documents that the system starts automatically
This policy setting ignores the customized run list.You can create a customized list of additional programs and documents that the system starts automatically
This policy setting ignores customized run-once lists.You can create a customized list of additional programs and documents that are started automatically the
This policy setting ignores customized run-once lists.You can create a customized list of additional programs and documents that are started automatically the
This policy setting forces the user to log on to the computer using the classic logon screen. By default, a workgroup is set to use the simple logon screen. This
This policy setting hides the welcome screen that is displayed on Windows 2000 Professional each time the user logs on.If you enable this policy setting, the w
This policy setting specifies additional programs or documents that Windows starts automatically when a user logs on to the system.If you enable this policy se
This policy setting specifies additional programs or documents that Windows starts automatically when a user logs on to the system.If you enable this policy se
This policy setting determines whether Group Policy processing is synchronous (that is, whether computers wait for the network to be fully initialized during co
This policy setting suppresses system status messages.If you enable this setting, the system does not display a message reminding users to wait while their s
This policy setting hides the welcome screen that is displayed on Windows 2000 Professional each time the user logs on.If you enable this policy setting, the w
This policy setting directs the system to display highly detailed status messages.This policy setting is designed for advanced users who require this informatio
This policy setting allows you to hide the Switch User interface in the Logon UI, the Start menu and the Task Manager.If you enable this policy setting, the Swit
This policy setting turns off the Windows Startup sound and prevents its customization in the Sound item of Control Panel.The Microsoft Windows Startup sou
This policy setting allows you to control whether users see the first sign-in animation when signing in to the PC for the first time.If you enable this policy settin
This policy setting ignores Windows Logon Background.This policy setting may be used to make Windows give preference to a custom logon background. If y
This policy setting prevents connected users from being enumerated on domain-joined computers. If you enable this policy setting, the Logon UI will not enum
This policy setting allows local users to be enumerated on domain-joined computers. If you enable this policy setting, Logon UI will enumerate all local users
This policy setting allows you to prevent app notifications from appearing on the lock screen.If you enable this policy setting, no app notifications are displayed
This policy setting allows or prevents Windows Media Center to run.Windows Media Center is a digital media player and video recorder that allows users to or
This policy setting allows or prevents Windows Media Center to run.Windows Media Center is a digital media player and video recorder that allows users to or
Prevents users from entering author mode.This setting prevents users from opening the Microsoft Management Console (MMC) in author mode, explicitly ope
Lets you selectively permit or prohibit the use of Microsoft Management Console (MMC) snap-ins.-- If you enable this setting, all snap-ins are prohibited, exce
Permits or prohibits use of this snap-in.If you enable this setting, the snap-in is permitted. If you disable the setting, the snap-in is prohibited.If this setting is
This policy setting permits or prohibits the use of this snap-in. If you enable this policy setting, the snap-in is permitted and can be added into the Microsoft Ma
Permits or prohibits use of the Group Policy tab in property sheets for the Active Directory Users and Computers and Active Directory Sites and Services snap
This policy setting permits or prohibits the use of this snap-in.If you enable this policy setting, the snap-in is permitted and can be added into the Microsoft Man
This policy setting turns off Windows Mobility Center.If you enable this policy setting, the user is unable to invoke Windows Mobility Center. The Windows Mob
This policy setting turns off Windows Mobility Center.If you enable this policy setting, the user is unable to invoke Windows Mobility Center. The Windows Mob
This policy setting turns off Windows presentation settings.If you enable this policy setting, Windows presentation settings cannot be invoked.If you disable thi
This policy setting turns off Windows presentation settings.If you enable this policy setting, Windows presentation settings cannot be invoked.If you disable thi
This policy setting allows you to configure Automatic Maintenance activation boundary. The maintenance activation boundary is the daily schduled
This policy setting allows you to configure Automatic Maintenance activation random delay. The maintenance random delay is the amount of time u
This policy setting allows you to configure Automatic Maintenance wake up policy. The maintenance wakeup policy specifies if Automatic Maintena
This policy setting determines the execution level for Microsoft Support Diagnostic Tool.Microsoft Support Diagnostic Tool (MSDT) gathers diagnostic data for
This policy setting restricts the tool download policy for Microsoft Support Diagnostic Tool.Microsoft Support Diagnostic Tool (MSDT) gathers diagnostic data f
This policy setting configures Microsoft Support Diagnostic Tool (MSDT) interactive communication with the support provider. MSDT gathers diagnostic data fo
This policy setting allows you to configure the recovery behavior for corrupted MSI files to one of three states:Prompt for Resolution: Detection, troubleshootin
This policy setting allows users to search for installation files during privileged installations.If you enable this policy setting, the Browse button in the "Use f
This policy setting allows users to install programs from removable media during privileged installations.If you enable this policy setting, all users are permitt
This policy setting allows users to patch elevated products.If you enable this policy setting, all users are permitted to install patches, even when the installati
This policy setting directs Windows Installer to use elevated permissions when it installs any program on the system.If you enable this policy setting, privileges
This policy setting directs Windows Installer to use elevated permissions when it installs any program on the system.If you enable this policy setting, privileges
This policy setting controls Windows Installer's interaction with the Restart Manager. The Restart Manager API can eliminate or reduce the number of system r
This policy setting prevents users from searching for installation files when they add features or components to an installed program. If you enable th
This policy setting controls the ability to turn off all patch optimizations.If you enable this policy setting, all Patch Optimization options are turned off during th
This policy setting controls Windows Installer's processing of the MsiLogging property. The MsiLogging property in an installation package can be used to ena
This policy setting prevents users from installing any programs from removable media.If you enable this policy setting, if a user tries to install a program fro
This policy setting restricts the use of Windows Installer.If you enable this policy setting, you can prevent users from installing software on their systems or
This policy setting prevents users from using Windows Installer to install patches.If you enable this policy setting, users are prevented from using Windows Ins
This policy setting prohibits Windows Installer from generating and saving the files it needs to reverse an interrupted or unsuccessful installation.If you enable
This policy setting prohibits Windows Installer from generating and saving the files it needs to reverse an interrupted or unsuccessful installation.If you enable
This policy setting permits users to change installation options that typically are available only to system administrators.If you enable this policy setting, some
This policy setting controls the ability of non-administrators to install updates that have been digitally signed by the application vendor.Non-administrator upda
This policy setting controls the ability for users or administrators to remove Windows Installer based updates.This policy setting should be used if you need t
This policy setting prevents Windows Installer from creating a System Restore checkpoint each time an application is installed. System Restore enables users
This policy setting allows you to configure user installs. To configure this policy setting, set it to enabled and use the drop-down list to select the behavior you w
This policy setting causes the Windows Installer to enforce strict rules for component upgrades.If you enable this policy setting, strict upgrade rules will be
This policy controls the percentage of disk space available to the Windows Installer baseline file cache. The Windows Installer uses the baseline fil
Specifies the types of events that Windows Installer records in its transaction log for each installation. The log, Msi.log, appears in the Temp directory of
This policy setting allows Web-based programs to install software on the computer without notifying the user.If you disable or do not configure this policy settin
This policy setting specifies the order in which Windows Installer searches for installation files.If you disable or do not configure this policy setting, by defaul
This policy setting saves copies of transform files in a secure location on the local computer.Transform files consist of instructions to modify or customize a pro
This policy setting controls the ability to turn off shared components.If you enable this policy setting, no packages on the system get the shared component fun
This policy setting controls the ability to prevent embedded UI.If you enable this policy setting, no packages on the system can run embedded UI.If you disable
This policy setting allows the Network Access Protection (NAP) client to support the Windows XP version of the 802.1x Enforcement Client component.If you e
Specifies the e-mail address to be used when sending the log files that are generated by NCA to the network administrator. When the user sends the log files
Specifies the string that appears for DirectAccess connectivity when the user clicks the Networking notification area icon. For example, you can specify Cont
Specifies whether an entry for DirectAccess connectivity appears when the user clicks the Networking notification area icon.Set this to Disabled to prevent use
Specifies whether the user has Connect and Disconnect options for the DirectAccess entry when the user clicks the Networking notification area icon.If the us
Specifies whether NCA service runs in Passive Mode or not.Set this to Disabled to keep NCA probing actively all the time. If this setting is not configured, NCA
Specifies resources on your intranet that are normally accessible to DirectAccess clients. Each entry is a string that identifies the type of resource and
Specifies the IPv6 addresses of the endpoints of the Internet Protocol security (IPsec) tunnels that enable DirectAccess. NCA attempts to access the resource
Specifies commands configured by the administrator for custom logging. These commands will run in addition to default log commands.
This policy setting enables you to specify the URL of the corporate website, against which an active probe is performed.
This policy setting enables you to specify the host name of a computer known to be on the corporate network. Successful resolution of this host name to the e
This policy setting enables you to specify the expected address of the host name used for the DNS probe. Successful resolution of the host name to this addr
This policy setting enables you to specify the list of IPv6 corporate site prefixes to monitor for corporate connectivity. Reachability of addresses with any of the
This policy setting enables you to specify the HTTPS URL of the corporate website that clients use to determine the current domain location (i.e. whether the c
This Policy setting enables you to specify passive polling behavior. NCSI polls various measurements throughout the network stack on a frequent interval to d
This policy setting defines whether a domain controller (DC) should attempt to verify the password provided by a client with the PDC emulator if the DC failed
This policy setting determines the amount of time (in seconds) to wait before the first retry for applications that perform periodic searches for domain controll
This policy setting determines the maximum retry interval allowed when applications performing periodic searches for Domain Controllers (DCs) are unable to
This policy setting determines when retries are no longer allowed for applications that perform periodic searches for domain controllers (DC) are unable to find
This policy setting determines when a successful DC cache entry is refreshed. This policy setting is applied to caller programs that periodically attempt to loca
This policy setting specifies the level of debug output for the Net Logon service.The Net Logon service outputs debug information to the log file netlogon.log in
This policy setting specifies the additional time for the computer to wait for the domain controllers (DC) response when logging on to the network.To speci
This policy setting specifies the maximum size in bytes of the log file netlogon.log in the directory %windir%\debug when logging is enabled.By default, the ma
This policy setting specifies the amount of time (in seconds) the DC locator remembers that a domain controller (DC) could not be found in a domain. When a
This policy setting controls whether or not the Netlogon share created by the Net Logon service on a domain controller (DC) should support compatibility in file
This policy setting determines when a successful DC cache entry is refreshed. This policy setting is applied to caller programs that do not periodically attempt
This policy setting determines the interval at which Netlogon performs the following scavenging operations:- Checks if a password on a secure channel needs
This policy setting specifies the Active Directory site to which computers belong.An Active Directory site is one or more well-connected TCP/IP subnets that all
This policy setting controls whether or not the SYSVOL share created by the Net Logon service on a domain controller (DC) should support compatibility in file
This policy setting specifies whether the computers to which this setting is applied attempt DNS name resolution of a single-label domain names.By default, w
This policy setting determines whether domain controllers (DC) will dynamically register DC Locator site-specific SRV records for the closest sites where no D
This policy setting determines which DC Locator DNS records are not registered by the Net Logon service.If you enable this policy setting, select Ena
This policy setting specifies the Refresh Interval of the DC Locator DNS resource records for DCs to which this setting is applied. These DNS records are dyna
This policy setting specifies the value for the Time-To-Live (TTL) field in SRV resource records that are registered by the Net Logon service. These DNS recor
This policy setting specifies the sites for which the global catalogs (GC) should register site-specific GC locator DNS SRV resource records. These records are
This policy setting specifies the Priority field in the SRV resource records registered by domain controllers (DC) to which this setting is applied. These DNS rec
This policy setting specifies the Weight field in the SRV resource records registered by the domain controllers (DC) to which this setting is applied. These DNS
This policy setting specifies the sites for which the domain controllers (DC) that host the application directory partition should register the site-specific, app
This policy setting specifies the sites for which the domain controllers (DC) register the site-specific DC Locator DNS SRV resource records. These records ar
This policy setting determines if dynamic registration of the domain controller (DC) locator DNS resource records is enabled. These DNS records are dynamic
This policy setting enables DC Locator to attempt to locate a DC in the nearest site based on the site link cost if a DC in same the site is not found. In scenari
This policy setting determines the interval for when a Force Rediscovery is carried out by DC Locator.The Domain Controller Locator (DC Locator) service is u
This policy setting detremines the type of IP address that is returned for a domain controller. The DC Locator APIs return the IP address of the DC with the oth
This policy setting controls whether the Net Logon service will allow the use of older cryptography algorithms that are used in Windows NT 4.0. The cryptograp
This policy setting allows you to control the processing of incoming mailslot messages by a local domain controller (DC).Note: To locate a remote DC based o
This policy setting allows you to control the domain controller (DC) location algorithm. By default, the DC location algorithm prefers DNS-based discovery i
This policy setting configures how a domain controller (DC) behaves when responding to a client whose IP address does not map to any configured site.Doma
This policy setting configures whether the computers to which this setting is applied are more aggressive when trying to locate a domain controller (DC).When
Determines whether administrators can add and remove network components for a LAN or remote access connection. This setting has no effect on nonadmin
Determines whether the Advanced Settings item on the Advanced menu in Network Connections is enabled for administrators.The Advanced Settings item let
Determines whether users can configure advanced TCP/IP settings.If you enable this setting (and enable the "Enable Network Connections settings for Admin
Determines whether a user can install and configure the Network Bridge.Important: This settings is location aware. It only applies when a computer is connect
Determines whether administrators can enable and disable the components used by LAN connections.If you enable this setting (and enable the "Enable Netw
Determines whether users can delete all user remote access connections.To create an all-user remote access connection, on the Connection Availability page
Determines whether users can delete remote access connections.If you enable this setting (and enable the "Enable Network Connections settings for Adminis
Determines whether the Remote Acccess Preferences item on the Advanced menu in Network Connections folder is enabled.The Remote Access Preference
Determines whether settings that existed in Windows 2000 Server family will apply to Administrators.The set of Network Connections group settings that existe
This policy setting allows you to manage whether notifications are shown to the user when a DHCP-configured connection is unable to retrieve an IP address
Determines whether Administrators and Network Configuration Operators can change the properties of components used by a LAN connection.This setting de
Determines whether users can enable/disable LAN connections.If you enable this setting, the Enable and Disable options for LAN connections are available to
Determines whether users can change the properties of a LAN connection.This setting determines whether the Properties menu item is enabled, and thus, wh
Determines whether users can use the New Connection Wizard, which creates new network connections.If you enable this setting (and enable the "Enable Ne
Prohibits use of Internet Connection Firewall on your DNS domain network.Determines whether users can enable the Internet Connection Firewall feature on
Determines whether a user can view and change the properties of remote access connections that are available to all users of the computer.To create an all-u
Determines whether users can view and change the properties of components used by a private or all-user remote access connection.This setting determines
Determines whether users can connect and disconnect remote access connections.If you enable this setting (and enable the "Enable Network Connections se
Determines whether users can view and change the properties of their private remote access connections.Private connections are those that are available on
Determines whether nonadministrators can rename all-user remote access connections.To create an all-user connection, on the Connection Availability page
Determines whether users can rename LAN or all user remote access connections.If you enable this setting, the Rename option is enabled for all users. User
Determines whether nonadministrators can rename a LAN connection.If you enable this setting, the Rename option is enabled for LAN connections. Nonadmi
Determines whether users can rename their private remote access connections.Private connections are those that are available only to one user. To create a
Determines whether administrators can enable and configure the Internet Connection Sharing (ICS) feature of an Internet connection and if the ICS service ca
Determines whether users can view the status for an active connection.Connection status is available from the connection status taskbar icon or from the Stat
This policy setting determines whether to require domain users to elevate when setting a network's location.If you enable this policy setting, domain users mus
Specifies whether or not the "local access only" network icon will be shown.When enabled, the icon for Internet access will be shown in the system tray even w
This policy setting determines whether a remote client computer routes Internet traffic through the internal network or whether the client accesses the Internet
This setting does not apply to desktop apps.A semicolon-separated list of Internet proxy server IP addresses. These addresses are categorized as Internet by
This setting does not apply to desktop apps.A semicolon-separated list of intranet proxy server IP addresses. These addresses are categorized as private by
This setting does not apply to desktop apps.A comma-separated list of IP address ranges that are in your corporate network.If you enable this policy setting, i
This setting does not apply to desktop apps.Turns off Windows Network Isolation's automatic proxy discovery in the domain corporate environment.If you enab
This setting does not apply to desktop apps.Turns off Windows Network Isolation's automatic discovery of private network hosts in the domain corporate envi
This policy setting disables the Connect to a Network Projector wizard so that users cannot connect to a network projector. If you enable this policy setting, use
This policy setting disables the Connect to a Network Projector wizard so that users cannot connect to a network projector. If you enable this policy setting, use
This policy setting allows you to select the TCP port that the Network Projector uses to send packets. If you enable this policy setting, you can enter a TCP por
Makes subfolders available offline whenever their parent folder is made available offline.This setting automatically extends the "make available offline" setting
This policy setting lists network files and folders that are always available for offline use. This ensures that the specified files and folders are available offline
This policy setting lists network files and folders that are always available for offline use. This ensures that the specified files and folders are available offline
Determines how computers respond when they are disconnected from particular offline file servers. This setting overrides the default response, a user-specifi
Determines how computers respond when they are disconnected from particular offline file servers. This setting overrides the default response, a user-specifi
Limits the percentage of the computer's disk space that can be used to store automatically cached offline files.This setting also disables the "Amount of disk s
This policy setting determines whether the Offline Files feature is enabled. Offline Files saves a copy of network files on the user's computer for use when the
This policy setting determines whether offline files are encrypted.Offline files are locally cached copies of files from a network share. Encrypting this cache red
Determines which events the Offline Files feature records in the event log.Offline Files records events in the Application log in Event Viewer when it detects er
Determines which events the Offline Files feature records in the event log.Offline Files records events in the Application log in Event Viewer when it detects er
Lists types of files that cannot be used offline.This setting lets you exclude certain types of files from automatic and manual caching for offline use. The syste
Determines whether network files remain available if the computer is suddenly disconnected from the server hosting the files.This setting also disables the "W
Determines whether network files remain available if the computer is suddenly disconnected from the server hosting the files.This setting also disables the "W
Disables the Offline Files folder.This setting disables the "View Files" button on the Offline Files tab. As a result, users cannot use the Offline Files folder to v
Disables the Offline Files folder.This setting disables the "View Files" button on the Offline Files tab. As a result, users cannot use the Offline Files folder to v
Prevents users from enabling, disabling, or changing the configuration of Offline Files.This setting removes the Offline Files tab from the Folder Options dialog
Prevents users from enabling, disabling, or changing the configuration of Offline Files.This setting removes the Offline Files tab from the Folder Options dialog
This policy setting prevents users from making network files and folders available offline.If you enable this policy setting, users cannot designate files to be
This policy setting prevents users from making network files and folders available offline.If you enable this policy setting, users cannot designate files to be
This policy setting allows you to manage a list of files and folders for which you want to block the "Make Available Offline" command.If you enable this policy se
This policy setting allows you to manage a list of files and folders for which you want to block the "Make Available Offline" command.If you enable this policy se
Hides or displays reminder balloons, and prevents users from changing the setting.Reminder balloons appear above the Offline Files icon in the notification ar
Hides or displays reminder balloons, and prevents users from changing the setting.Reminder balloons appear above the Offline Files icon in the notification ar
Deletes local copies of the user's offline files when the user logs off.This setting specifies that automatically and manually cached offline files are retained only
Determines how often reminder balloon updates appear.If you enable this setting, you can select how often reminder balloons updates appear and also preve
Determines how often reminder balloon updates appear.If you enable this setting, you can select how often reminder balloons updates appear and also preve
Determines how long the first reminder balloon for a network status change is displayed.Reminder balloons appear when the user's connection to a network fi
Determines how long the first reminder balloon for a network status change is displayed.Reminder balloons appear when the user's connection to a network fi
Determines how long updated reminder balloons are displayed.Reminder balloons appear when the user's connection to a network file is lost or reconnected,
Determines how long updated reminder balloons are displayed.Reminder balloons appear when the user's connection to a network file is lost or reconnected,
Configures the threshold value at which Offline Files considers a network connection to be "slow". Any network speed below this value is considered to be slow
Determines whether offline files are fully synchronized when users log off.This setting also disables the "Synchronize all offline files before logging off" option
Determines whether offline files are fully synchronized when users log off.This setting also disables the "Synchronize all offline files before logging off" option
Determines whether offline files are fully synchronized when users log on.This setting also disables the "Synchronize all offline files before logging on" option
Determines whether offline files are fully synchronized when users log on.This setting also disables the "Synchronize all offline files before logging on" option
Determines whether offline files are synchonized before a computer is suspended.If you enable this setting, offline files are synchronized whenever the compu
Determines whether offline files are synchonized before a computer is suspended.If you enable this setting, offline files are synchronized whenever the compu
This policy setting allows you to turn on economical application of administratively assigned Offline Files.If you enable or do not configure this policy setting, on
This policy setting controls the network latency and throughput thresholds that will cause a client computers to transition files and folders that are already
This policy setting limits the amount of disk space that can be used to store offline files. This includes the space used by automatically cached files and files th
This policy setting controls when background synchronization occurs while operating in slow-link mode, and applies to any user who logs onto the specified m
This policy setting controls whether files read from file shares over a slow network are transparently cached in the Offline Files cache for future reads. When a
This policy setting enables administrators to block certain file types from being created in the folders that have been made available offline.If you enable this p
This policy setting removes the "Work offline" command from Explorer, preventing users from manually changing whether Offline Files is in online mode or offl
This policy setting removes the "Work offline" command from Explorer, preventing users from manually changing whether Offline Files is in online mode or offl
This policy setting determines whether offline files are synchronized in the background when it could result in extra charges on cell phone or broadband plans.
This setting turns off Microsoft Peer-to-Peer Networking Services in its entirety, and will cause all dependent applications to stop working.Peer-to-Peer protoco
This setting disables PNRP protocol from advertising the computer or from searching other computers on the local subnet in the global cloud.The Peer Name
This policy setting enables or disables PNRP cloud creation.PNRP is a distributed name resolution protocol allowing Internet hosts to publish peer names with
This policy setting limits a node to resolving, but not publishing, names in a specific Peer Name Resolution Protocol (PNRP) cloud.This policy setting forces c
This setting sets the seed server for the global cloud to a specified node in the enterprise. The Peer Name Resolution Protocol (PNRP) allows for distributed r
This setting disables PNRP protocol from advertising the computer or from searching other computers on the local subnet in the link local cloud.The Peer Nam
This setting sets the seed server for the link local cloud to a specified node in the enterprise.The Peer Name Resolution Protocol (PNRP) allows for distributed
This setting disables PNRP protocol from advertising the computer or from searching other computers on the local subnet in the site local cloud.The Peer Nam
This setting sets the seed server for the site local cloud to a specified node in the enterprise.The Peer Name Resolution Protocol (PNRP) allows for distributed
By default, when a Peer Group is created that allows for password-authentication (or the password for such a Group is changed), Peer Grouping validates tha
This policy setting allows you to configure the Family Safety feature.If you enable this policy setting, the Family Safety control panel is visible on a domain join
This policy setting configures the Program Compatibility Assistant (PCA) to diagnose failures with application and driver compatibility. If you enable this policy
This policy setting specifies whether BranchCache is enabled on client computers to which this policy is applied. In addition to this policy setting, you must
This policy setting specifies the default percentage of total disk space that is allocated for the BranchCache disk cache on client computers.If you enable this
This policy setting specifies whether BranchCache hosted cache mode is enabled on client computers to which this policy is applied. In addition to this policy,
This policy setting specifies whether BranchCache distributed cache mode is enabled on client computers to which this policy is applied. In addition to this po
This policy setting is used only when you have deployed one or more BranchCache-enabled file servers at your main office. This policy setting specifies when
This policy setting specifies whether client computers should attempt the automatic configuration of hosted cache mode by searching for hosted cache servers
This policy setting specifies whether BranchCache-capable client computers operate in a downgraded mode in order to maintain compatibility with previous ve
This policy setting specifies whether client computers are configured to use hosted cache mode and provides the computer name of the hosted cache servers
This policy setting specifies the default age in days for which segments are valid in the BranchCache data cache on client computers.If you enable this policy
Turns off Tablet PC Pen Training.If you enable this policy setting, users cannot open Tablet PC Pen Training.If you disable or do not configure this policy settin
Turns off Tablet PC Pen Training.If you enable this policy setting, users cannot open Tablet PC Pen Training.If you disable or do not configure this policy settin
This policy setting removes access to the performance center control panel page.If you enable this policy setting, some settings within the performance contro
This policy setting removes access to the performance center control panel page.If you enable this policy setting, some settings within the performance contro
This policy setting removes access to the performance center control panel solutions to performance problems.If you enable this policy setting, the solutions a
This policy setting removes access to the performance center control panel solutions to performance problems.If you enable this policy setting, the solutions a
This policy setting removes access to the performance center control panel OEM and Microsoft branding links.If you enable this policy setting, the OEM and M
This policy setting removes access to the performance center control panel OEM and Microsoft branding links.If you enable this policy setting, the OEM and M
Determines the execution level for Windows Boot Performance Diagnostics.If you enable this policy setting, you must select an execution level from the dropd
Determines the execution level for Windows Standby/Resume Performance Diagnostics.If you enable this policy setting, you must select an execution level fro
Determines the execution level for Windows System Responsiveness Diagnostics.If you enable this policy setting, you must select an execution level from the
Determines the execution level for Windows Shutdown Performance Diagnostics.If you enable this policy setting, you must select an execution level from the
This policy setting specifies whether to enable or disable tracking of responsiveness events.If you enable this policy setting, responsiveness events are proces
This policy setting specifies the action that Windows takes when battery capacity reaches the critical battery notification level.If you enable this policy setting,
This policy setting specifies the action that Windows takes when battery capacity reaches the low battery notification level.If you enable this policy setting, sele
This policy setting specifies the percentage of battery capacity remaining that triggers the critical battery notification action.If you enable this policy setting, you
This policy setting specifies the percentage of battery capacity remaining that triggers the low battery notification action.If you enable this policy setting, you m
This policy setting turns off the user notification when the battery capacity remaining equals the low battery notification level.If you enable this policy setting, W
This policy setting specifies the action that Windows takes when a user presses the power button.Possible actions include:-Take no action-Sleep-Hibernate-Sh
This policy setting specifies the action that Windows takes when a user presses the sleep button.Possible actions include:-Take no action-Sleep-Hibernate-Sh
This policy setting specifies the action that Windows takes when a user closes the lid on a mobile PC.Possible actions include:-Take no action-Sleep-Hibernat
This policy setting specifies the action that Windows takes when a user presses the Start menu Power button.If you enable this policy setting, select one of the
This policy setting specifies the action that Windows takes when a user presses the power button.Possible actions include:-Take no action-Sleep-Hibernate-Sh
This policy setting specifies the action that Windows takes when a user presses the sleep button.Possible actions include:-Take no action-Sleep-Hibernate-Sh
This policy setting specifies the action that Windows takes when a user closes the lid on a mobile PC.Possible actions include:-Take no action-Sleep-Hibernat
This policy setting specifies the action that Windows takes when a user presses the Start menu Power button.If you enable this policy setting, select one of the
This policy setting specifies the period of inactivity before Windows turns off the hard disk.If you enable this policy setting, you must provide a value, in secon
This policy setting specifies the period of inactivity before Windows turns off the hard disk.If you enable this policy setting, you must provide a value, in secon
This policy setting specifies the active power plan from a specified power plans GUID. The GUID for a custom power plan GUID can be retrieved by using
This policy setting specifies the active power plan from a list of default Windows power plans. To specify a custom power plan, use the Custom Active Power P
This policy setting allows you to configure client computers to lock and prompt for a password when resuming from a hibernate or suspend state.If you enable
This policy setting allows you to turn on the ability for applications and services to prevent the system from sleeping.If you enable this policy setting, an applica
This policy setting allows you to specify the period of inactivity before Windows transitions the system to hibernate.If you enable this policy setting, you must p
This policy setting specifies whether or not the user is prompted for a password when the system resumes from sleep.If you enable or do not configure this po
This policy setting allows you to specify the period of inactivity before Windows transitions the system to sleep.If you enable this policy setting, you must provid
This policy setting allows you to turn off hybrid sleep.If you enable this policy setting, a hiberfile is not generated when the system transitions to sleep (Stand B
This policy setting allows you to turn on the ability for applications and services to prevent the system from sleeping.If you enable this policy setting, an applica
This policy setting allows you to specify the period of inactivity before Windows transitions the system to hibernate.If you enable this policy setting, you must p
This policy setting specifies whether or not the user is prompted for a password when the system resumes from sleep.If you enable or do not configure this po
This policy setting allows you to specify the period of inactivity before Windows transitions the system to sleep.If you enable this policy setting, you must provid
This policy setting allows you to turn off hybrid sleep.If you enable this policy setting, a hiberfile is not generated when the system transitions to sleep (Stand B
This policy setting allows you to manage how long a computer must be inactive before Windows turns off the computers display.If you enable this policy s
This policy setting allows you to manage how long a computer must be inactive before Windows turns off the computers display.If you enable this policy s
This policy setting allows you to specify the period of inactivity before Windows turns off the display.If you enable this policy setting, you must provide a value,
This policy setting allows you to specify the period of inactivity before Windows turns off the display.If you enable this policy setting, you must provide a value,
This policy setting manages whether or not Windows is allowed to use standby states when putting the computer in a sleep state.If you enable this policy setti
This policy setting manages whether or not Windows is allowed to use standby states when putting the computer in a sleep state.If you enable this policy setti
This policy setting allows you to configure whether power is automatically turned off when Windows shutdown completes. This setting does not affect Window
This policy setting allows you to manage automatic sleep with open network files.If you enable this policy setting, the computer automatically sleeps when netw
This policy setting allows you to manage automatic sleep with open network files.If you enable this policy setting, the computer automatically sleeps when netw
This policy setting allows you to specify the period of inactivity before Windows automatically reduces brightness of the display.If you enable this policy settin
This policy setting allows you to specify the period of inactivity before Windows automatically reduces brightness of the display.If you enable this policy settin
This policy setting allows you to specify the brightness of the display when Windows automatically reduces brightness of the display.If you enable this policy se
This policy setting allows you to specify the brightness of the display when Windows automatically reduces brightness of the display.If you enable this policy se
This policy setting allows you to specify if Windows should enable the desktop background slideshow.If you enable this policy setting, desktop background slid
This policy setting allows you to specify if Windows should enable the desktop background slideshow.If you enable this policy setting, desktop background slid
This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user is not present at the computer.If
This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user is not present at the computer.If
This policy setting allows applications and services to prevent automatic sleep.If you enable this policy setting, any application, service, or device driver preven
This policy setting allows applications and services to prevent automatic sleep.If you enable this policy setting, any application, service, or device driver preven
This policy setting specifies the percentage of battery capacity remaining that triggers the reserve power mode.If you enable this policy setting, you must enter
This policy setting lets you configure the script execution policy, controlling which scripts are allowed to run.If you enable this policy setting, the scripts select
This policy setting lets you configure the script execution policy, controlling which scripts are allowed to run.If you enable this policy setting, the scripts select
This policy setting allows you to turn on logging for Windows PowerShell modules. If you enable this policy setting, pipeline execution events for
This policy setting allows you to turn on logging for Windows PowerShell modules. If you enable this policy setting, pipeline execution events for
This policy setting allows you to set the default value of the SourcePath parameter on the Update-Help cmdlet.If you enable this policy setting, the Update-Hel
This policy setting allows you to set the default value of the SourcePath parameter on the Update-Help cmdlet.If you enable this policy setting, the Update-Hel
This policy setting lets you suppress the Restore button in the previous versions property page when the user has selected a previous version of a local file, in
This policy setting lets you suppress the Restore button in the previous versions property page when the user has selected a previous version of a local file, in
This policy setting lets you hide the list of previous versions of files that are on local disks. The previous versions could come from the on-disk restore points o
This policy setting lets you hide the list of previous versions of files that are on local disks. The previous versions could come from the on-disk restore points o
This policy setting lets you suppress the Restore button in the previous versions property page when the user has selected a previous version of a local file.If
This policy setting lets you suppress the Restore button in the previous versions property page when the user has selected a previous version of a local file.If
This policy setting lets you hide the list of previous versions of files that are on file shares. The previous versions come from the on-disk restore points on the f
This policy setting lets you hide the list of previous versions of files that are on file shares. The previous versions come from the on-disk restore points on the f
This setting lets you suppress the Restore button in the previous versions property page when the user has selected a previous version of a file on a file share
This setting lets you suppress the Restore button in the previous versions property page when the user has selected a previous version of a file on a file share
This policy setting lets you hide entries in the list of previous versions of a file in which the previous version is located on backup media. Previous versions c
This policy setting lets you hide entries in the list of previous versions of a file in which the previous version is located on backup media. Previous versions c
Internet printing lets you display printers on Web pages so that printers can be viewed, managed, and used across the Internet or an intranet. If you ena
Determines if print driver components are isolated from applications instead of normally loading them into applications. Isolating print drivers greatly reduces t
By default, the Printers folder includes a link to the Microsoft Support Web page called "Get help with printing". It can also include a link to a Web page supplie
If you enable this policy setting, it sets the maximum number of printers (of each type) that the Add Printer wizard will display on a computer on a managed ne
Allows users to use the Add Printer Wizard to search the network for shared printers.If you enable this setting or do not configure it, when users choose to add
When printing through a print server, determines whether the print spooler on the client will process print jobs itself, or pass them on to the server to do the wo
Determines whether the XPS Rasterization Service or the XPS-to-GDI conversion (XGC) is forced to use a software rasterizer instead of a Graphics Process
Adds a link to an Internet or intranet Web page to the Add Printer Wizard. You can use this setting to direct users to a Web page from which they can ins
Determines whether printers using kernel-mode drivers may be installed on the local computer. Kernel-mode drivers have access to system-wide memory, an
Prevents users from using familiar methods to add local and network printers. If this policy setting is enabled, it removes the Add Printer option from the
If this policy setting is enabled, it prevents users from deleting local and network printers. If a user tries to delete a printer, such as by using the Delete
This policy sets the maximum number of printers (of each type) that the Add Printer wizard will display on a computer on an unmanaged network (when the co
This policy restricts clients computers to use package point and print only.If this setting is enabled, users will only be able to point and print to printers that u
Restricts package point and print to approved servers.This policy setting restricts package point and print connections to approved servers. This setting only a
This policy restricts clients computers to use package point and print only.If this setting is enabled, users will only be able to point and print to printers that u
Restricts package point and print to approved servers.This policy setting restricts package point and print connections to approved servers. This setting only a
If this policy setting is enabled, it specifies the default location criteria used when searching for printers. This setting is a component of the Location
Enables the physical Location Tracking setting for Windows printers.Use Location Tracking to design a location scheme for your enterprise and assign compu
This policy setting controls the client Point and Print behavior, including the security prompts for Windows Vista computers. The policy setting applies only to n
This policy setting controls the client Point and Print behavior, including the security prompts for Windows Vista computers. The policy setting applies only to n
Specifies the Active Directory location where searches for printers begin. The Add Printer Wizard gives users the option of searching Active Directory for
Announces the presence of shared printers to print browse master servers for the domain.On domains with Active Directory, shared printer resources are avai
This policy setting determines whether the print spooler will execute print drivers in an isolated or separate process. When print drivers are loaded in an isolat
This policy setting determines whether the print spooler will override the Driver Isolation compatibility reported by the print driver. This enables executing print
This policy setting allows you to manage where client computers search for Point and Printer drivers.If you enable this policy setting, the client computer will c
This policy determines if v4 printer drivers are allowed to run printer extensions. V4 printer drivers may include an optional, customized user interface kno
Microsoft XPS Document Writer (MXDW) generates OpenXPS (*.oxps) files by default in Windows 8, Windows RT and Windows Server 2012. If you en
This policy controls whether the print spooler will accept client connections.When the policy is unconfigured, the spooler will not accept client connections unti
Determines whether the Add Printer Wizard automatically publishes the computer's shared printers in Active Directory. If you enable this setting or do not c
Determines whether the pruning service on a domain controller prunes printer objects that are not automatically republished whenever the host computer doe
Specifies how often the pruning service on a domain controller contacts computers to verify that their printers are operational. The pruning service perio
Sets the priority of the pruning thread. The pruning thread, which runs only on domain controllers, deletes printer objects from Active Directory if the pri
Specifies how many times the pruning service on a domain controller repeats its attempt to contact a computer before pruning the computer's printers.
Specifies whether or not to log events when the pruning service on a domain controller attempts to contact a computer before pruning the computer's printers.
Determines whether the computer's shared printers can be published in Active Directory. If you enable this setting or do not configure it, users can use
Directs the system to periodically verify that the printers published by this computer still appear in Active Directory. This setting also specifies how often the sy
Determines whether the domain controller can prune (delete from Active Directory) the printers published by this computer. By default, the pruning serv
This setting prevents users from using the Programs Control Panel in Category View and Programs and Features in Classic View. The Programs Control Pane
This setting prevents users from accessing "Programs and Features" to view, uninstall, change, or repair programs that are currently installed on the compute
This setting prevents users from accessing "Installed Updates" page from the "View installed updates" task."Installed Updates" allows users to view and unins
This setting removes the Set Program Access and Defaults page from the Programs Control Panel. As a result, users cannot view or change the associated p
This setting prevents users from access the "Get new programs from Windows Marketplace" task from the Programs Control Panel in Category View, Program
Prevents users from viewing or installing published programs from the network. This setting prevents users from accessing the "Get Programs" page from the
This setting prevents users from accessing the "Turn Windows features on or off" task from the Programs Control Panel in Category View, Programs and Feat
This policy setting allows an administrator to turn on extensive logging for Password Synchronization.If you enable this policy setting, all affected computers
This policy setting allows an administrator to set the number of password synchronization retries that Password Synchronization can attempt, in the event a sy
This policy setting allows an administrator to turn on the Windows to Network Information Service (NIS) password synchronization for UNIX-based user accou
This policy setting allows a Password Synchronization administrator to configure the interval, in seconds, between synchronization retries in the event that a s
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Best Effort service type (ServiceTypeBestEffort). The Pac
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Controlled Load service type (ServiceTypeControlledLoad
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Guaranteed service type (ServiceTypeGuaranteed). The
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Network Control service type (ServiceTypeNetworkContro
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Qualitative service type (ServiceTypeQualitative). The Pa
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Best Effort service type (ServiceTypeBestEffort). The Pac
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Controlled Load service type (ServiceTypeControlledLoad
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Guaranteed service type (ServiceTypeGuaranteed). The
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Network Control service type (ServiceTypeNetworkContro
Specifies an alternate Layer-3 Differentiated Services Code Point (DSCP) value for packets with the Qualitative service type (ServiceTypeQualitative). The Pa
Specifies the maximum number of outstanding packets permitted on the system. When the number of outstanding packets reaches this limit, the Packet Sche
Determines the percentage of connection bandwidth that the system can reserve. This value limits the combined bandwidth reservations of all programs runni
Determines the smallest unit of time that the Packet Scheduler uses when scheduling packets for transmission. The Packet Scheduler cannot schedule packe
Specifies an alternate link layer (Layer-2) priority value for packets with the Best Effort service type (ServiceTypeBestEffort). The Packet Scheduler inserts the
Specifies an alternate link layer (Layer-2) priority value for packets with the Controlled Load service type (ServiceTypeControlledLoad). The Packet Scheduler
Specifies an alternate link layer (Layer-2) priority value for packets with the Guaranteed service type (ServiceTypeGuaranteed). The Packet Scheduler inserts
Specifies an alternate link layer (Layer-2) priority value for packets with the Network Control service type (ServiceTypeNetworkControl). The Packet Scheduler
Specifies an alternate link layer (Layer-2) priority value for packets that do not conform to the flow specification. The Packet Scheduler inserts the correspondi
Specifies an alternate link layer (Layer-2) priority value for packets with the Qualitative service type (ServiceTypeQualitative). The Packet Scheduler inserts th
This policy setting allows the Windows Management Instrumentation (WMI) providers Win32_ReliabilityStabilitymetrics and Win32_ReliabilityRecords to provi
Determines the execution level for Windows Resource Exhaustion Detection and Resolution.If you enable this policy setting, you must select an execution lev
Requirements: Windows 7 Description: This policy setting controls whether users can access the options in Recovery (in Control Panel) to restore the com
This policy setting allows the system to detect the time of unexpected shutdowns by writing the current time to disk on a schedule controlled by the Timestamp
This policy setting controls whether or not unplanned shutdown events can be reported when error reporting is enabled.If you enable this policy setting, error r
This policy setting defines when the Shutdown Event Tracker System State Data feature is activated.The system state data file contains information about the
The Shutdown Event Tracker can be displayed when you shut down a workstation or server. This is an extra set of questions that is displayed when you invok
This policy setting allows you to turn logging on or off. Log files are located in the user's Documents folder under Remote Assistance.If you enable this policy s
This policy setting enables Remote Assistance invitations to be generated with improved encryption so that only computers running this version (or later versio
This policy setting allows you to improve performance in low bandwidth scenarios.This setting is incrementally scaled from "No optimization" to "Full optimizati
This policy setting lets you customize warning messages.The "Display warning message before sharing control" policy setting allows you to specify a custom m
This policy setting allows you to turn on or turn off Solicited (Ask for) Remote Assistance on this computer.If you enable this policy setting, users on this co
This policy setting allows you to turn on or turn off Offer (Unsolicited) Remote Assistance on this computer.If you enable this policy setting, users on t
This policy setting configures the amount of time (in seconds) that the operating system waits to reboot in order to enforce a change in access rights to remova
This policy setting configures the amount of time (in seconds) that the operating system waits to reboot in order to enforce a change in access rights to remova
This policy setting denies read access to the CD and DVD removable storage class.If you enable this policy setting, read access is denied to this removable s
This policy setting denies read access to the CD and DVD removable storage class.If you enable this policy setting, read access is denied to this removable s
This policy setting denies write access to the CD and DVD removable storage class.If you enable this policy setting, write access is denied to this removable s
This policy setting denies write access to the CD and DVD removable storage class.If you enable this policy setting, write access is denied to this removable s
This policy setting denies execute access to the CD and DVD removable storage class.If you enable this policy setting, execute access is denied to this remov
This policy setting denies read access to custom removable storage classes.If you enable this policy setting, read access is denied to these removable storag
This policy setting denies read access to custom removable storage classes.If you enable this policy setting, read access is denied to these removable storag
This policy setting denies write access to custom removable storage classes.If you enable this policy setting, write access is denied to these removable storag
This policy setting denies write access to custom removable storage classes.If you enable this policy setting, write access is denied to these removable storag
This policy setting denies read access to the Floppy Drives removable storage class, including USB Floppy Drives.If you enable this policy setting, read acces
This policy setting denies read access to the Floppy Drives removable storage class, including USB Floppy Drives.If you enable this policy setting, read acces
This policy setting denies write access to the Floppy Drives removable storage class, including USB Floppy Drives.If you enable this policy setting, write acces
This policy setting denies write access to the Floppy Drives removable storage class, including USB Floppy Drives.If you enable this policy setting, write acces
This policy setting denies execute access to the Floppy Drives removable storage class, including USB Floppy Drives.If you enable this policy setting, execute
This policy setting denies read access to removable disks.If you enable this policy setting, read access is denied to this removable storage class.If you disable
This policy setting denies read access to removable disks.If you enable this policy setting, read access is denied to this removable storage class.If you disable
This policy setting denies write access to removable disks.If you enable this policy setting, write access is denied to this removable storage class.If you disa
This policy setting denies write access to removable disks.If you enable this policy setting, write access is denied to this removable storage class.If you disa
This policy setting denies execute access to removable disks.If you enable this policy setting, execute access is denied to this removable storage class.If you
Configure access to all removable storage classes.This policy setting takes precedence over any individual removable storage policy settings. To manage ind
Configure access to all removable storage classes.This policy setting takes precedence over any individual removable storage policy settings. To manage ind
This policy setting denies read access to the Tape Drive removable storage class.If you enable this policy setting, read access is denied to this removable stor
This policy setting denies read access to the Tape Drive removable storage class.If you enable this policy setting, read access is denied to this removable stor
This policy setting denies write access to the Tape Drive removable storage class.If you enable this policy setting, write access is denied to this removable sto
This policy setting denies write access to the Tape Drive removable storage class.If you enable this policy setting, write access is denied to this removable sto
This policy setting denies execute access to the Tape Drive removable storage class.If you enable this policy setting, execute access is denied to this removab
This policy setting denies read access to removable disks, which may include media players, cellular phones, auxiliary displays, and CE devices.If you enable
This policy setting denies read access to removable disks, which may include media players, cellular phones, auxiliary displays, and CE devices.If you enable
This policy setting denies write access to removable disks, which may include media players, cellular phones, auxiliary displays, and CE devices.If you enable
This policy setting denies write access to removable disks, which may include media players, cellular phones, auxiliary displays, and CE devices.If you enable
This policy setting grants normal users direct access to removable storage devices in remote sessions.If you enable this policy setting, remote users can open
This policy setting controls whether RPC clients authenticate with the Endpoint Mapper Service when the call they are making contains authentication informa
This policy setting controls whether the RPC runtime generates extended error information when an error occurs.Extended error information includes the loca
This policy setting controls whether the RPC Runtime ignores delegation failures when delegation is requested.The constrained delegation model, introduced
This policy setting controls the idle connection timeout for RPC/HTTP connections. This policy setting is useful in cases where a network agent like an HTTP
This policy setting controls how the RPC server runtime handles unauthenticated RPC clients connecting to RPC servers.This policy setting impacts all RPC a
This policy setting determines whether the RPC Runtime maintains RPC state information for the system, and how much information it maintains. Basic state
This policy setting determines how long the system waits for scripts applied by Group Policy to run. This setting limits the total time allowed for all logon, logo
This policy setting hides the instructions in logon scripts written for Windows NT 4.0 and earlier. Logon scripts are batch files of instructions that run when t
This policy setting displays the instructions in logoff scripts as they run.Logoff scripts are batch files of instructions that run when the user logs off. By default
This policy setting directs the system to wait for logon scripts to finish running before it starts the File Explorer interface program and creates the desktop.If
This policy setting directs the system to wait for logon scripts to finish running before it starts the File Explorer interface program and creates the desktop.If
This policy setting displays the instructions in logon scripts as they run.Logon scripts are batch files of instructions that run when the user logs on. By default,
This policy setting determines whether Windows PowerShell scripts are run before non-Windows PowerShell scripts during computer startup and shutdown. B
This policy setting determines whether Windows PowerShell scripts are run before non-Windows PowerShell scripts during user logon and logoff. By default, W
This policy setting determines whether Windows PowerShell scripts are run before non-Windows PowerShell scripts during user logon and logoff. By default, W
This policy setting displays the instructions in shutdown scripts as they run.Shutdown scripts are batch files of instructions that run when the user restarts the s
This policy setting lets the system run startup scripts simultaneously.Startup scripts are batch files that run before the user is invited to log on. By default, the
This policy setting displays the instructions in startup scripts as they run.Startup scripts are batch files of instructions that run before the user is invited to l
This policy setting allows user logon scripts to run when the logon cross-forest, DNS suffixes are not configured, and NetBIOS or WINS is disabled. This policy
This policy setting determines whether scripted diagnostics will execute diagnostic packages that are signed by untrusted publishers.If you enable this policy s
This policy setting allows users to access and run the troubleshooting tools that are available in the Troubleshooting Control Panel and to run the troubleshoot
This policy setting allows users who are connected to the Internet to access and search troubleshooting content that is hosted on Microsoft content servers. U
Determines whether scheduled diagnostics will run to proactively detect and resolve system problems.If you enable this policy setting, you must choose an ex
Enabling this policy prevents users from adding UNC locations to the index from the Search and Indexing Options in Control Panel. Any UNC locations that h
Enabling this policy prevents users from adding UNC locations to the index from the Search and Indexing Options in Control Panel. Any UNC locations that h
This policy setting allows encrypted items to be indexed. If you enable this policy setting, indexing will attempt to decrypt and index the content (access restric
If enabled, the search indexer backoff feature will be disabled. Indexing will continue at full speed even when system activity is high. If disabled, backoff logic w
If enabled, clients will be unable to query this computer's index remotely. Thus, when they are browsing network shares that are stored on this computer, they
If enabled, the indexer pauses whenever the computer is running on battery. If disabled, the indexing follows the default behavior. Default is disabled.
If enabled, Search and Indexing Options in Control Panel does not allow opening the Modify Locations dialog. Otherwise it can be opened. Disabled by defaul
If enabled, Search and Indexing Options in Control Panel does not allow opening the Modify Locations dialog. Otherwise it can be opened. Disabled by defaul
This policy setting allows words that contain diacritic characters to be treated as separate words. If you enable this policy setting, words that only differ in diacr
This policy setting determines when Windows uses automatic language detection results, and when it relies on indexing history. If you enable this policy set
This policy setting configures how Windows Search adds shared folders to the search index.If you enable this policy setting, Windows Search is prevented fro
This policy setting allows you to enable or disable the Add/Remove location options on the All Locations menu as well as any defined locations that were made
This policy setting hides or displays the Advanced Options dialog for Search and Indexing Options in the Control Panel.If you enable this policy setting, the Ad
If enabled, files on network shares made available offline are not indexed. Otherwise they are indexed. Disabled by default.
Enabling this policy allows indexing of mail items on a Microsoft Exchange server when Microsoft Outlook is not running in cached mode. The default behavio
Enabling this policy allows indexing of items for online delegate mailboxes on a Microsoft Exchange server. This policy affects only delegate mailboxes that ar
When using Microsoft Office Outlook in online mode, you can enable this policy to control how fast online mail is indexed on a Microsoft Exchange server. The
Enable this policy to prevent indexing of any Microsoft Outlook items. The default is to automatically index Outlook items. If this policy is enabled then the user
Enable this policy setting to prevent the indexing of the content of e-mail attachments. If enabled, indexing service components (including non-Microsoft comp
Enabling this policy defines a semicolon-delimited list of file extensions which will be allowed to have rich attachment previews.When this policy is disabled or
Enable this policy to prevent indexing public folders in Microsoft Office Outlook. When this policy is disabled or not configured, the user has the option to i
Store indexer database in this directory. This directory must be located on a local fixed drive.
Enabling this policy allows you to add a primary intranet search location within Windows Desktop Search. The value of this text should be:name,urlFor examp
Enabling this policy allows you to add intranet search locations in addition to the primary intranet search location defined in the Add Primary Intranet Sea
Enabling this policy allows you to set the location of the preview pane in the Desktop Search results. You can also turn off the preview pane. The four options a
Enabling this policy allows you to specify whether you want large icon or small icon view for your Desktop Search results. The two options are:- Large Icon- Sm
Enabling this policy prevents indexing from continuing after less than the specified amount of hard drive space is left on the same drive as the index locati
Enabling this policy prevents Windows Desktop Search from using iFilters and protocol handlers unless they are specified in the allow list. However, This polic
Enabling this policy removes the option of searching the Web from Windows Desktop Search.When this policy is disabled or not configured, the Web option is
If you enable this policy setting, you specify a list of paths to exclude from indexing. The user cannot enter any path that starts with one of the paths you speci
If you enable this policy setting, you specify a list of paths to exclude from indexing. The user cannot enter any path that starts with one of the paths you speci
Enabling this policy allows you to specify a list of paths to index by default. The user may override these paths and exclude them from indexing.
Enabling this policy allows you to specify a list of paths to index by default. The user may override these paths and exclude them from indexing. On a per-user
Enabling this policy allows you to specify a list of paths to exclude from indexing by default. The user may override these paths and include them in indexing.
Enabling this policy allows you to specify a list of paths to exclude from indexing by default. The user may override these paths and include them in indexing. O
Enabling this policy allows you to edit the list of file types to exclude from indexing. The end user cannot modify this list. You should separate each extension t
This policy setting prevents search queries from being stored in the registry. If you enable this policy setting, search suggestions based on previous searches
This policy setting allows selecting of OCR (Optical Character Recognition) languages that belong to one of the supported code pages. If you enable this polic
This Group Policy setting lets users turn off the performance optimization so that the TIFF IFilter will perform OCR for every page in a TIFF document, wh
This policy setting specifies whether Security Center is turned on or off for computers that are joined to an Active Directory domain. When Security Center is tu
This policy setting turns off the sensor feature for this computer. If you enable this policy setting, the sensor feature is turned off, and all programs o
This policy setting turns off the sensor feature for this computer. If you enable this policy setting, the sensor feature is turned off, and all programs o
This policy setting turns off the location feature for this computer. If you enable this policy setting, the location feature is turned off, and all progr
This policy setting turns off the location feature for this computer. If you enable this policy setting, the location feature is turned off, and all progr
This policy setting turns off scripting for the location feature. If you enable this policy setting, scripts for the location feature will not run. If you disa
This policy setting turns off scripting for the location feature. If you enable this policy setting, scripts for the location feature will not run. If you disa
This policy setting allows you to turn off the automatic display of Server Manager at logon.If you enable this policy setting, Server Manager is not displayed
This policy setting allows you to set the refresh interval for Server Manager. Each refresh provides Server Manager with updated information about which role
This policy setting allows you to turn off the automatic display of the Initial Configuration Tasks window at logon on Windows Server 2008 and Windows Serve
This policy setting allows you to turn off the automatic display of the Manage Your Server page. If you enable this policy setting, the Manage Your Server page
This policy setting specifies the network locations that will be used for the repair of operating system corruption and for enabling optional features that have ha
Prevent syncing to and from this PC. This turns off and disables the "sync your settings" switch on the "sync your settings" page in PC Settings.If you enable t
Prevent the "app settings" group from syncing to and from this PC. This turns off and disables the "app settings" group on the "sync your settings" page in PC
Prevent the "passwords" group from syncing to and from this PC. This turns off and disables the "passwords" group on the "sync your settings" page in PC se
Prevent the "personalize" group from syncing to and from this PC. This turns off and disables the "personalize" group on the "sync your settings" page in PC s
Prevent the "Other Windows settings" group from syncing to and from this PC. This turns off and disables the "Other Windows settings" group on the "sync yo
Prevent the "desktop personalization" group from syncing to and from this PC. This turns off and disables the "desktop personalization" group on the "sync yo
Prevent the "browser" group from syncing to and from this PC. This turns off and disables the "browser" group on the "sync your settings" page in PC settings
Prevent syncing to and from this PC when on metered Internet connections. This turns off and disables "sync your settings on metered connections" switch on
Specifies an alternate location for Windows Service Pack installation files.If you enable this policy setting, enter the fully qualified path to the new location
Specifies an alternate location for Windows installation files.If you enable this policy setting, enter the fully qualified path to the new location in the "Windows
Turns off data sharing from the handwriting recognition personalization tool.The handwriting recognition personalization tool tool enables Tablet PC users to ad
Turns off data sharing from the handwriting recognition personalization tool.The handwriting recognition personalization tool tool enables Tablet PC users to ad
This policy setting determines whether the user can publish DFS roots in Active Directory Domain Services (AD DS).If you enable or do not configure this polic
This policy setting determines whether the user can publish shared folders in Active Directory Domain Services (AD DS).If you enable or do not configure this
This policy setting specifies whether users can share files within their profile. By default users are allowed to share files within their profile to other users on
This policy setting specifies whether users can add computers to a homegroup. By default, users can add their computer to a homegroup on a private network
This policy setting prevents users from running the interactive command prompt, Cmd.exe. This policy setting also determines whether batch files (.cmd and
Disables the Windows registry editor Regedit.exe.If you enable this policy setting and the user tries to start Regedit.exe, a message appears explaining that a
Limits the Windows programs that users have permission to run on the computer.If you enable this policy setting, users can only run programs that you add to
Prevents Windows from running the programs you specify in this policy setting.If you enable this policy setting, users cannot run programs that you add to the
This policy setting prevents the display of the Welcome Center at user logon.If you enable this policy setting, the Welcome Center is not displayed at user log
This policy setting allows you to turn off desktop gadgets. Gadgets are small applets that display information or utilities on the desktop.If you enable this settin
This policy setting allows you to turn off desktop gadgets. Gadgets are small applets that display information or utilities on the desktop.If you enable this settin
This policy setting allows you to restrict the installation of unsigned gadgets. Desktop gadgets can be deployed as compressed files, either digitally signed or
This policy setting allows you to restrict the installation of unsigned gadgets. Desktop gadgets can be deployed as compressed files, either digitally signed or
This policy setting allows you to turn off desktop gadgets that have been installed by the user.If you enable this setting, Windows will not run any user-installed
This policy setting allows you to turn off desktop gadgets that have been installed by the user.If you enable this setting, Windows will not run any user-installed
This policy setting deletes all data stored on Windows SideShow-compatible devices (running Microsoft firmware) when a user logs off from the computer. Thi
This policy setting deletes all data stored on Windows SideShow-compatible devices (running Microsoft firmware) when a user logs off from the computer. Thi
This policy setting turns off Windows SideShow.If you enable this policy setting, the Windows SideShow Control Panel will be disabled and data from Window
This policy setting turns off Windows SideShow.If you enable this policy setting, the Windows SideShow Control Panel will be disabled and data from Window
This policy setting turns off the option to periodically wake the computer to update information on Windows SideShow-compatible devices.If you enable this po
This policy setting turns off the option to periodically wake the computer to update information on Windows SideShow-compatible devices.If you enable this po
This policy setting requires users to enter a default personal identification number (PIN) to unlock and access data on the device after a specified period of in
This policy setting requires users to enter a default personal identification number (PIN) to unlock and access data on the device after a specified period of in
This policy setting lets you allow certificates without an Extended Key Usage (EKU) set to be used for logon.In versions of Windows prior to Windows Vista, sm
This policy setting lets you determine whether the integrated unblock feature will be available in the logon User Interface (UI).In order to use the integrated unb
This policy settings lets you configure if all your valid logon certificates are displayed.During the certificate renewal period, a user can have multiple valid logo
This policy setting allows you to manage the reading of all certificates from the smart card for logon.During logon Windows will by default only read the default
This policy setting lets you allow signature key-based certificates to be enumerated and available for logon.If you enable this policy setting then any certificate
This policy setting permits those certificates to be displayed for logon that are either expired or not yet valid.Under previous versions of Microsoft Windows, ce
This policy setting allows you to manage the certificate propagation that occurs when a smart card is inserted.If you enable or do not configure this policy setti
This policy setting allows you to manage the clean up behavior of root certificates. If you enable this policy setting then root certificate cleanup will occur acco
This policy setting allows you to manage the root certificate propagation that occurs when a smart card is inserted.If you enable or do not configure this policy
This policy setting allows you to manage the displayed message when a smart card is blocked.If you enable this policy setting, the specified message will be d
This policy setting lets you reverse the subject name from how it is stored in the certificate when displaying it during logon. By default the user p
This policy setting prevents plaintext PINs from being returned by Credential Manager. If you enable this policy setting, Credential Manager does not return a p
This policy setting lets you determine whether an optional field will be displayed during logon and elevation that allows a user to enter his or her user name or
This policy setting allows you to control whether Smart Card Plug and Play is enabled.If you enable or do not configure this policy setting, Smart Card Plug an
This policy setting allows you to control whether a confirmation message is displayed when a smart card device driver is installed.If you enable or do not confi
This policy setting allows you to control whether elliptic curve cryptography (ECC) certificates on a smart card can be used to log on to a domain.If you enable
This policy setting allows an administrator to configure extensive logging for computers that are running Server for Network Information Service (NIS).If you en
This policy setting allows a Server for NIS administrator to configure an update interval for pushing Network Information Service (NIS) maps to NIS subordinat
This policy setting configures a list of the communities defined to the Simple Network Management Protocol (SNMP) service.SNMP is a protocol designed to g
This policy setting determines the permitted list of hosts that can submit a query to the Simple Network Management (SNMP) agent running on the client comp
This policy setting allows trap configuration for the Simple Network Management Protocol (SNMP) agent.Simple Network Management Protocol is a protocol d
Specifies whether Sound Recorder can run.Sound Recorder is a feature of Microsoft Windows Vista that can be used to record sound from an audio input dev
Specifies whether Sound Recorder can run.Sound Recorder is a feature of Microsoft Windows Vista that can be used to record sound from an audio input dev
This policy setting controls whether the Classification tab is displayed in the Properties dialog box in File Explorer.The Classification tab enables users to man
This policy setting controls which set of properties is available for classifying files on affected computers.Administrators can define the properties for the organ
This policy setting specifies the message that users see when they are denied access to a file or folder. You can customize the Access Denied message to inc
This Group Policy Setting should be set on Windows clients to enable access-denied assistance for all file types
If you enable this policy setting, the recent programs list in the start menu will be blank for each new user.If you disable or do not configure this policy, the st
If you enable this policy the start menu will not show a link to the Games folder.If you disable or do not configure this policy, the start menu will show a link to
If you enable this policy, the "See all results" link will not be shown when the user performs a search in the start menu search box.If you disable or do not conf
If you enable this policy, a "See more results" / "Search Everywhere" link will not be shown when the user performs a search in the start menu search bo
If you enable this policy, a "Search the Internet" link is shown when the user performs a search in the start menu search box. This button launches the default
If you enable this policy setting the Start menu search box will not search for files.If you disable or do not configure this policy setting, the Start menu will sea
If you enable this policy the start menu search box will not search for internet history or favorites.If you disable or do not configure this policy, the start menu w
If you enable this policy setting the Start menu search box will not search for programs or Control Panel items.If you disable or do not configure this policy set
If you enable this policy the start menu search box will not search for communications.If you disable or do not configure this policy, the start menu will search
If you enable this policy the start menu will not show a link to the user's storage folder.If you disable or do not configure this policy, the start menu will display
If you enable this setting, the Run command is added to the Start menu. If you disable or do not configure this setting, the Run command is not visible on the
This policy setting controls whether the QuickLaunch bar is displayed in the Taskbar.If you enable this policy setting, the QuickLaunch bar will be visible and ca
Clear history of recently opened documents on exit.If you enable this setting, the system deletes shortcuts to recently used document files when the user logs
This policy only applies to the classic version of the start menu and does not affect the new style start menu.Adds the "Log Off <username>" item to the Start
Displays Start menu shortcuts to partially installed programs in gray text.This setting makes it easier for users to distinguish between programs that are fully in
Disables personalized menus.Windows personalizes long menus by moving recently used items to the top of the menu and hiding items that have not been us
This setting affects the taskbar, which is used to switch between running applications.The taskbar includes the Start button, list of currently running tasks, and
Lets users run a 16-bit program in a dedicated (not shared) Virtual DOS Machine (VDM) process.All DOS and 16-bit programs run on Windows 2000 Professi
This setting affects the notification area, also called the "system tray."The notification area is located in the task bar, generally at the bottom of the screen, and
Hides pop-up text on the Start menu and in the notification area.When you hold the cursor over an item on the Start menu or in the notification area, the syste
Prevents users from using the drag-and-drop method to reorder or remove items on the Start menu. Also, it removes context menus from the Start menu.If yo
If you enable this setting, the system deletes tile notifications when the user logs off. As a result, the Tiles in the start view will always show their default cont
This policy setting prevents users from performing the following commands from the Start menu or Windows Security screen: Shut Down, Restart, Sleep, and
Removes items in the All Users profile from the Programs menu on the Start menu.By default, the Programs menu contains items from the All Users profile an
Prevents users from adding the Favorites menu to the Start menu or classic Start menu.If you enable this setting, the Display Favorites item does not appear
This policy setting allows you to remove the Search link from the Start menu, and disables some File Explorer search elements. Note that this does not remov
If you enable this setting, the frequently used programs list is removed from the Start menu.If you disable this setting or do not configure it, the frequently use
This policy setting allows you to remove the Help command from the Start menu.If you enable this policy setting, the Help command is removed from the Start
This policy setting allows you to turn off user tracking.If you enable this policy setting, the system does not track the programs that the user runs, and does
This policy setting allows you to remove the All Programs list from the Start menu.If you enable this policy setting, the "All Programs" item is removed from the
This policy setting allows you to remove Network Connections from the Start Menu.If you enable this policy setting, users are prevented from running Network
If you enable this setting, the "Pinned Programs" list is removed from the Start menu. Users cannot pin programs to the Start menu. In Windows XP and Wind
Prevents the operating system and installed programs from creating and displaying shortcuts to recently opened documents.If you enable this setting, the syst
Removes the Recent Items menu from the Start menu. Removes the Documents menu from the classic Start menu.The Recent Items menu contains links to
This policy setting prevents the system from conducting a comprehensive search of the target drive to resolve a shortcut.If you enable this policy setting, the s
This policy setting prevents the system from using NTFS tracking features to resolve a shortcut.If you enable this policy setting, the system does not try to loca
Allows you to remove the Run command from the Start menu, Internet Explorer, and Task Manager.If you enable this setting, the following changes occur:(1) T
This policy setting allows you to remove programs on Settings menu.If you enable this policy setting, the Control Panel, Printers, and Network and Connection
This policy setting allows you to prevent changes to Taskbar and Start Menu Settings.If you enable this policy setting, The user will be prevented from opening
This policy setting allows you to remove the Default Programs link from the Start menu.If you enable this policy setting, the Default Programs link is removed f
This policy setting allows you to remove the Documents icon from the Start menu and its submenus.If you enable this policy setting, the Documents icon is rem
This policy setting allows you to remove the Music icon from Start Menu.If you enable this policy setting, the Music icon is no longer available from Start Menu
This policy setting allows you to remove the Network icon from Start Menu.If you enable this policy setting, the Network icon is no longer available from Start M
This policy setting allows you to remove the Pictures icon from Start Menu.If you enable this policy setting, the Pictures icon is no longer available from Start M
Hides all folders on the user-specific (top) section of the Start menu. Other items appear, but folders are hidden.This setting is designed for use with redirected
This setting affects the presentation of the Start menu.The classic Start menu in Windows 2000 Professional allows users to begin common tasks, while the n
Prevents the clock in the system notification area from being displayed.If you enable this setting, the clock will not be displayed in the system notification area.
This setting affects the taskbar buttons used to switch between running programs.Taskbar grouping consolidates similar applications when there is no room on
This setting affects the taskbar.The taskbar includes the Start button, buttons for currently running tasks, custom toolbars, the notification area, and the sy
This policy setting allows you to remove access to the context menus for the taskbar.If you enable this policy setting, the menus that appear when you right-cli
This setting affects the notification area (previously called the "system tray") on the taskbar.Description: The notification area is located at the far right end of t
This policy setting allows you to remove the user name label from the Start Menu in Windows XP and Windows Server 2003.If you enable this policy setting,
This policy setting allows you to remove links and access to Windows Update.If you enable this policy setting, users are prevented from connecting to the Wi
If you enable this setting, the "Undock PC" button is removed from the simple Start Menu, and your PC cannot be undocked.If you disable this setting or do no
This policy setting allows you to removes the "Log Off <username>" item from the Start menu and prevents users from restoring it.If you enable this policy sett
If you enable this policy the Start menu will not show a link to Homegroup. It also removes the homegroup item from the Start Menu options. As a result, users
This policy setting allows you to remove the Downloads link from the Start Menu.If you enable this policy setting, the Start Menu does not show a link to the Do
This policy setting allows you to remove the Recorded TV link from the Start Menu.If you enable this policy setting, the Start Menu does not show a link to the
This policy setting allows you to remove the Videos link from the Start Menu.If you enable this policy setting, the Start Menu does not show a link to the Videos
If you enable this setting, users cannot uninstall apps from Start.If you disable this setting or do not configure it, users can access the uninstall command from
Set the default action of the power button on the Start menu.If you enable this setting, the Start Menu will set the power button to the chosen action, and not le
This policy setting shows or hides the "Run as different user" command on the Start application bar.If you enable this setting, users can access the "Run as dif
This policy setting turns the Accounting feature on or off.If you enable this policy setting, Windows System Resource Manager (WSRM) starts accounting vario
This setting assigns the email address(es) to which notifications will be sent. Use a semicolon (;) to separate multiple email addresses.If you enable this settin
This setting directs the Accounting feature to log data on the accounting server at the specified time interval.If you enable this setting, Windows System Reso
This policy setting assigns the address of the SMTP server that sends out notifications.If you enable this policy setting, Windows System Resource Manager (
Allows you to disable System Restore configuration through System Protection.This policy setting allows you to turn off System Restore configuration through
Allows you to disable System Restore.This policy setting allows you to turn off System Restore.System Restore enables users, in the event of a problem, to re
Turns off the integration of application auto complete lists with Tablet PC Input Panel in applications where this behavior is available.Tablet PC Input Panel is a
Turns off the integration of application auto complete lists with Tablet PC Input Panel in applications where this behavior is available.Tablet PC Input Panel is a
Prevents Input Panel tab from appearing on the edge of the Tablet PC screen.Tablet PC Input Panel is a Tablet PC accessory that enables you to use handwri
Prevents Input Panel tab from appearing on the edge of the Tablet PC screen.Tablet PC Input Panel is a Tablet PC accessory that enables you to use handwri
Prevents the Tablet PC Input Panel icon from appearing next to any text entry area in applications where this behavior is available. This policy applies only wh
Adjusts password security settings in Touch Keyboard and Handwriting panel (a.k.a. Tablet PC Input Panel in Windows 7 and Windows Vista). These settings
Adjusts password security settings in Touch Keyboard and Handwriting panel (a.k.a. Tablet PC Input Panel in Windows 7 and Windows Vista). These settings
Switches the gesture set used for editing from the common handheld computer gestures to the Simplified Chinese (PRC) standard gestures.Touch Keyboard a
Switches the gesture set used for editing from the common handheld computer gestures to the Simplified Chinese (PRC) standard gestures.Touch Keyboard a
Includes rarely used Chinese, Kanji, and Hanja characters when handwriting is converted to typed text. This policy applies only to the use of the Microsoft reco
Includes rarely used Chinese, Kanji, and Hanja characters when handwriting is converted to typed text. This policy applies only to the use of the Microsoft reco
Turns off both the more tolerant scratch-out gestures that were added in Windows Vista and the Z-shaped scratch-out gesture that was available in Micro
Turns off both the more tolerant scratch-out gestures that were added in Windows Vista and the Z-shaped scratch-out gesture that was available in Micro
Prevents the Touch Keyboard and Handwriting panel (a.k.a. Tablet PC Input Panel in Windows 7 and Windows Vista) from providing text prediction suggestion
Prevents the Touch Keyboard and Handwriting panel (a.k.a. Tablet PC Input Panel in Windows 7 and Windows Vista) from providing text prediction suggestion
Prevents start of InkBall game.If you enable this policy, the InkBall game will not run.If you disable this policy, the InkBall game will run.If you do not configure t
Prevents start of InkBall game.If you enable this policy, the InkBall game will not run.If you disable this policy, the InkBall game will run.If you do not configure t
Prevents start of Windows Journal.If you enable this policy, the Windows Journal accessory will not run.If you disable this policy, the Windows Journal accesso
Prevents start of Windows Journal.If you enable this policy, the Windows Journal accessory will not run.If you disable this policy, the Windows Journal accesso
Prevents printing to Journal Note Writer.If you enable this policy, the Journal Note Writer printer driver will not allow printing to it. It will remain displayed in the
Prevents printing to Journal Note Writer.If you enable this policy, the Journal Note Writer printer driver will not allow printing to it. It will remain displayed in the
Prevents the snipping tool from running.If you enable this policy setting, the Snipping Tool will not run.If you disable this policy setting, the Snipping Tool will ru
Prevents the snipping tool from running.If you enable this policy setting, the Snipping Tool will not run.If you disable this policy setting, the Snipping Tool will ru
Disables visual pen action feedback, except for press and hold feedback.If you enable this policy, all visual pen action feedback is disabled except for press a
Disables visual pen action feedback, except for press and hold feedback.If you enable this policy, all visual pen action feedback is disabled except for press a
Removes the Back->ESC mapping that normally occurs when menus are visible, and for applications that subscribe to this behavior.If you enable this policy, a
Removes the Back->ESC mapping that normally occurs when menus are visible, and for applications that subscribe to this behavior.If you enable this policy, a
Prevents the user from launching an application from a Tablet PC hardware button.If you enable this policy, applications cannot be launched from a hardware
Prevents the user from launching an application from a Tablet PC hardware button.If you enable this policy, applications cannot be launched from a hardware
Prevents press and hold actions on hardware buttons, so that only one action is available per button.If you enable this policy, press and hold actions are unav
Prevents press and hold actions on hardware buttons, so that only one action is available per button.If you enable this policy, press and hold actions are unav
Turns off Tablet PC hardware buttons.If you enable this policy, no actions will occur when the buttons are pressed, and the buttons tab in Tablet PC Control Pa
Turns off Tablet PC hardware buttons.If you enable this policy, no actions will occur when the buttons are pressed, and the buttons tab in Tablet PC Control Pa
Makes pen flicks learning mode unavailable.If you enable this policy, pen flicks are still available but learning mode is not. Pen flicks are off by default and can
Makes pen flicks learning mode unavailable.If you enable this policy, pen flicks are still available but learning mode is not. Pen flicks are off by default and can
Makes pen flicks and all related features unavailable.If you enable this policy, pen flicks and all related features are unavailable. This includes: pen flicks them
Makes pen flicks and all related features unavailable.If you enable this policy, pen flicks and all related features are unavailable. This includes: pen flicks them
This policy setting allows you to remove the battery meter from the system control area.If you enable this policy setting, the battery meter is not displayed in th
This policy setting allows you to remove the networking icon from the system control area.If you enable this policy setting, the networking icon is not displayed
This policy setting allows you to remove the volume control icon from the system control area.If you enable this policy setting, the volume control icon is not di
This policy setting allows you to remove the Action Center from the system control area.If you enable this policy setting, the Action Center icon is not displayed
This policy setting allows you to lock all taskbar settings.If you enable this policy setting, the user cannot access the taskbar control panel. The user is also una
This policy setting allows you to prevent users from adding or removing toolbars.If you enable this policy setting, the user is not allowed to add or remove any
This policy setting allows you to prevent users from rearranging toolbars.If you enable this policy setting, users are not able to drag or drop toolbars to the task
This policy setting allows you to turn off all notification balloons.If you enable this policy setting, no notification balloons are shown to the user.If you disable or
This policy setting allows you to prevent users from moving taskbar to another screen dock location.If you enable this policy setting, users are not able to drag
This policy setting allows you to prevent users from resizing the taskbar.If you enable this policy setting, users are not be able to resize their taskbar.If you disa
This policy setting allows you to turn off taskbar thumbnails.If you enable this policy setting, the taskbar thumbnails are not displayed and the system uses stan
This policy setting allows you to remove pinned programs from the taskbar.If you enable this policy setting, pinned programs are prevented from being shown
This policy setting allows you to turn off automatic promotion of notification icons to the taskbar.If you enable this policy setting, newly added notification icon
This policy setting allows you to turn off feature advertisement balloon notifications.If you enable this policy setting, certain notification balloons that are mar
This policy setting allows you to control displaying or tracking items in Jump Lists from remote locations.The Start Menu and Taskbar display Jump Lists off of
This policy setting allows you to control pinning programs to the Taskbar.If you enable this policy setting, users cannot change the programs currently pinned
This policy setting allows you to control pinning items in Jump Lists.If you enable this policy setting, users cannot pin files, folders, websites, or other items to
This policy setting allows you to prevent taskbars from being displayed on more than one monitor.If you enable this policy setting, users are not able to show t
Limits newly scheduled to items on the user's Start menu, and prevents the user from changing the scheduled program for existing tasks.This setting removes
Limits newly scheduled to items on the user's Start menu, and prevents the user from changing the scheduled program for existing tasks.This setting removes
This setting removes the "Open advanced properties for this task when I click Finish" checkbox from the last page of the Scheduled Task Wizard. This policy
This setting removes the "Open advanced properties for this task when I click Finish" checkbox from the last page of the Scheduled Task Wizard. This policy
Prevents users from adding or removing tasks by moving or copying programs in the Scheduled Tasks folder.This setting disables the Cut, Copy, Paste, and P
Prevents users from adding or removing tasks by moving or copying programs in the Scheduled Tasks folder.This setting disables the Cut, Copy, Paste, and P
Prevents users from starting and stopping tasks manually.This setting removes the Run and End Task items from the context menu that appears when you rig
Prevents users from starting and stopping tasks manually.This setting removes the Run and End Task items from the context menu that appears when you rig
Prevents users from viewing and changing the properties of an existing task.This setting removes the Properties item from the File menu in Scheduled Tasks
Prevents users from viewing and changing the properties of an existing task.This setting removes the Properties item from the File menu in Scheduled Tasks
Prevents users from creating new tasks.This setting removes the Add Scheduled Task item that starts the New Task Wizard. Also, the system does not respon
Prevents users from creating new tasks.This setting removes the Add Scheduled Task item that starts the New Task Wizard. Also, the system does not respon
Prevents users from deleting tasks from the Scheduled Tasks folder.This setting removes the Delete command from the Edit menu in the Scheduled Tasks fol
Prevents users from deleting tasks from the Scheduled Tasks folder.This setting removes the Delete command from the Edit menu in the Scheduled Tasks fol
This policy setting allows you to configure Intra-Site Automatic Tunnel Addressing Protocol (ISATAP), an address-to-router and host-to-host, host-to-router and
This policy setting allows you to specify a router name or Internet Protocol version 4 (IPv4) address for an ISATAP router.If you enable this policy setting, you c
This policy setting allows you to configure 6to4, an address assignment and router-to-router automatic tunneling technology that is used to provide unicast IPv
This policy setting allows you to specify a 6to4 relay name for a 6to4 host. A 6to4 relay is used as a default gateway for IPv6 network traffic sent by the 6to4 ho
This policy setting allows you to specify the interval at which the relay name is resolved. The 6to4 relay name resolution interval setting has no effect if 6to4 co
This policy setting allows you to configure Teredo, an address assignment and automatic tunneling technology that provides unicast IPv6 connectivity across t
This policy setting allows you to specify the name of the Teredo server. This server name will be used on the Teredo client computer where this policy setting i
This policy setting allows you to configure the Teredo refresh rate.Note: On a periodic basis (by default, every 30 seconds), Teredo clients send a single Route
This policy setting allows you to select the UDP port the Teredo client will use to send packets. If you leave the default of 0, the operating system will select a p
This policy setting allows you to set Teredo to be ready to communicate, a process referred to as qualification. By default, Teredo enters a dormant state when
This policy setting allows you to configure IP-HTTPS, a tunneling technology that uses the HTTPS protocol to provide IP connectivity to a remote network.If yo
This policy setting allows you to configure Window Scaling Heuristics. Window Scaling Heuristics is an algorithm to identify connectivity and throughput proble
This policy setting allows you to configure IP Stateless Autoconfiguration Limits.If you enable or do not configure this policy setting, IP Stateless Autoconfigura
This policy setting allows you to specify whether the client computer redirects its time zone settings to the Remote Desktop Services session.If you enable this
This policy setting specifies whether to prevent the sharing of Clipboard contents (Clipboard redirection) between a remote computer and a client computer du
This policy setting allows you to specify whether desktop wallpaper is displayed to clients when they are connected to a remote server using RDP. You can use
This policy setting allows you to specify whether the desktop is always displayed after a client connects to a remote computer or whether an initial program can
This policy setting allows you to specify whether remote users can start any program on the RD Session Host server when they start a Remote Desktop Servic
This policy setting allows you to specify whether desktop composition is allowed for remote desktop sessions. This policy setting does not apply to RemoteAp
This policy setting allows you to specify whether to use the RD Connection Broker load balancing feature to balance the load between servers in an RD Sessio
This policy setting allows you to specify whether the default client printer is the only printer redirected in Remote Desktop Services sessions.If you enable this
This policy setting allows you to specify whether the default client printer is the only printer redirected in Remote Desktop Services sessions.If you enable this
This policy setting allows you to specify how long a user's RemoteApp session will remain in a disconnected state before the session is logged off from the RD
This policy setting allows you to specify how long a user's RemoteApp session will remain in a disconnected state before the session is logged off from the RD
This policy setting allows you to specify whether font smoothing is allowed for remote connections.Font smoothing provides ClearType functionality for a remo
This policy setting specifies the IP address and network mask that corresponds to the network adapter used for virtual IP addresses. The IP address and netw
This policy setting specifies whether a session uses the IP address of the Remote Desktop Session Host server if a virtual IP address is not available.If you en
Fair Share CPU Scheduling dynamically distributes processor time across all Remote Desktop Services sessions on the same RD Session Host server, based
This policy setting specifies whether Windows Installer RDS Compatibility runs on a per user basis for fully installed applications. Windows Installer allows one
This policy setting specifies whether Remote Desktop IP Virtualization is turned on. By default, Remote Desktop IP Virtualization is turned off.If you enable this
This policy setting enables system administrators to change the graphics rendering for all Remote Desktop Services sessions on a Remote Desktop Session H
This policy setting allows you to specify the visual quality for remote users when connecting to this computer by using Remote Desktop Connection. You can u
This policy setting allows the administrator to configure the RemoteFX experience for Remote Desktop Session Host or Remote Desktop Virtualization Host se
This policy setting allows you to enable Remote Desktop Protocol (RDP) 8.0 on this computer. Please read the following KB article before enabling this Group
This policy setting allows you to specify how the Remote Desktop Protocol will try to detect the network quality (bandwidth and latency).You can choose to disa
This policy setting allows you to specify which protocols can be used for Remote Desktop Protocol (RDP) access to this server.If you enable this policy setting
This policy setting specifies whether the UDP protocol will be used to access servers via Remote Desktop Protocol.If you enable this policy setting, Remote De
Controls whether a user can save passwords using Remote Desktop Connection.If you enable this setting the credential saving checkbox in Remote Desktop
Controls whether passwords can be saved on this computer from Remote Desktop Connection.If you enable this setting the password saving checkbox in Rem
This policy setting specifies whether to require the use of a specific encryption level to secure communications between client computerss and RD Session Ho
This policy setting specifies whether Remote Desktop Services always prompts the client for a password upon connection.You can use this setting to enforce a
This policy setting specifies whether to require the use of a specific security layer to secure communications between clients and RD Session Host servers du
This policy setting allows you to specify whether to require user authentication for remote connections to the RD Session Host server by using Network Level A
This policy setting allows you to specify the name of the certificate template that determines which certificate is automatically selected to authenticate an RD S
Specifies the authentication method that clients must use when attempting to connect to an RD Session Host server through an RD Gateway server. You can
If you enable this policy setting, when Remote Desktop Connection cannot connect directly to a remote computer (an RD Session Host server or a computer w
Specifies the address of the RD Gateway server that clients must use when attempting to connect to an RD Session Host server. You can enforce this policy s
Specifies whether to allow Remote Desktop Connection clients to automatically reconnect to sessions on an RD Session Host server if their network link is tem
This policy setting allows you to specify the maximum color resolution (color depth) for Remote Desktop Services connections. You can use this polic
This policy setting allows you to limit the number of monitors that a user can use to display a Remote Desktop Services session. Limiting the number of monito
This policy setting allows you to configure remote access to computers by using Remote Desktop Services.If you enable this policy setting, users who are m
This policy setting allows you to specify the maximum display resolution that can be used by each monitor used to display a Remote Desktop Services session
Specifies whether desktop wallpaper is displayed to remote clients connecting via Remote Desktop Services.You can use this setting to enforce the removal o
This policy setting determines whether an administrator attempting to connect remotely to the console of a server can log off an administrator currently logged
This policy setting allows you to enter a keep-alive interval to ensure that the session state on the RD Session Host server is consistent with the client state.A
This policy setting allows you to specify the order in which an RD Session Host server attempts to locate Remote Desktop license servers.If you enable this po
This policy setting determines whether notifications are displayed on an RD Session Host server when there are problems with RD Licensing that affect the RD
This policy setting allows you to specify the type of Remote Desktop Services client access license (RDS CAL) that is required to connect to this RD Session
Specifies whether Remote Desktop Services limits the number of simultaneous connections to the server.You can use this setting to restrict the number of Re
This policy setting allows you to remove the "Disconnect" option from the Shut Down Windows dialog box in Remote Desktop Services sessions.You can use
Specifies whether to remove the Windows Security item from the Settings menu on Remote Desktop clients. You can use this setting to prevent inexperienced
This policy setting allows you to specify whether the app registration is completed before showing the Start screen to the user. By default, when a new user sig
This policy setting allows you to specify the level of remote control permitted in a Remote Desktop Services session.You can use this policy setting to select on
This policy setting allows you to specify the level of remote control permitted in a Remote Desktop Services session.You can use this policy setting to select on
This policy setting allows you to restrict users to a single Remote Desktop Services session.If you enable this policy setting, users who log on remotely by usin
Configures Remote Desktop Services to run a specified program automatically upon connection.You can use this setting to specify a program to run automatic
Configures Remote Desktop Services to run a specified program automatically upon connection.You can use this setting to specify a program to run automatic
This policy setting specifies whether to disable the administrator rights to customize security permissions for the Remote Desktop Session Host server. You ca
This policy setting determines whether the desktop is always displayed after a client connects to a remote computer or an initial program can run. It can be use
Specifies whether Remote Desktop Services uses the specified network share or local directory path as the root of the user's home directory for a Remote De
This policy setting allows you to specify the network path that Remote Desktop Services uses for roaming user profiles.By default, Remote Desktop Services s
This policy setting allows you to specify whether Remote Desktop Services uses a mandatory profile for all users connecting remotely to the RD Session Host
This policy setting allows you to limit the size of the entire roaming user profile cache on the local drive. This policy setting only applies to a computer on wh
This policy setting allows you to specify the RD Session Host servers to which a Remote Desktop license server will offer Remote Desktop Services client acc
This policy setting allows you to specify which version of Remote Desktop Services client access license (RDS CAL) a Remote Desktop Services license serv
This policy setting allows you to specify whether users can redirect the remote computer's audio and video output in a Remote Desktop Services session.User
This policy setting allows you to limit the audio playback quality for a Remote Desktop Services session. Limiting the quality of audio playback can improve con
This policy setting allows you to specify whether users can record audio to the remote computer in a Remote Desktop Services session.Users can specify whe
This policy setting specifies whether to prevent the sharing of Clipboard contents (Clipboard redirection) between a remote computer and a client computer du
This policy setting specifies whether to prevent the redirection of data to client COM ports from the remote computer in a Remote Desktop Services session.Yo
This policy setting allows you to specify whether the client default printer is automatically set as the default printer in a session on an RD Session Host server.B
This policy setting allows you to specify whether the Remote Desktop Easy Print printer driver is used first to install all client printers. If you enable or do not c
This policy setting allows you to specify whether the Remote Desktop Easy Print printer driver is used first to install all client printers. If you enable or do not c
This policy setting specifies whether to prevent the mapping of client drives in a Remote Desktop Services session (drive redirection).By default, an RD Sessio
This policy setting specifies whether to prevent the redirection of data to client LPT ports during a Remote Desktop Services session.You can use this setting t
This policy setting allows you to control the redirection of supported Plug and Play devices, such as Windows Portable Devices, to the remote computer in a R
This policy setting allows you to specify whether to prevent the mapping of client printers in Remote Desktop Services sessions.You can use this policy setting
This policy setting allows you to specify the RD Session Host server fallback printer driver behavior.By default, the RD Session Host server fallback printer driv
This policy setting allows you to control the redirection of smart card devices in a Remote Desktop Services session.If you enable this policy setting, Remote
This policy setting determines whether the client computer redirects its time zone settings to the Remote Desktop Services session.If you enable this policy se
Specifies whether a Remote Desktop Session Host server requires secure RPC communication with all clients or allows unsecured communication.You can u
This policy setting allows you to specify whether the RD Session Host server should join a farm in RD Connection Broker. RD Connection Broker tracks user s
This policy setting allows you to specify the name of a farm to join in RD Connection Broker. RD Connection Broker uses the farm name to determine which R
This policy setting allows you to specify the redirection method to use when a client device reconnects to an existing Remote Desktop Services session in a lo
This policy setting allows you to specify the RD Connection Broker server that the RD Session Host server uses to track and redirect user sessions for a load
This policy setting Sspecifies whether to end a Remote Desktop Services session that has timed out instead of disconnecting it.You can use this setting to dire
This policy setting Sspecifies whether to end a Remote Desktop Services session that has timed out instead of disconnecting it.You can use this setting to dire
This policy setting allows you to configure a time limit for disconnected Remote Desktop Services sessions.You can use this policy setting to specify the maxim
This policy setting allows you to configure a time limit for disconnected Remote Desktop Services sessions.You can use this policy setting to specify the maxim
This policy setting allows you to specify the maximum amount of time that an active Remote Desktop Services session can be idle (without user input) before
This policy setting allows you to specify the maximum amount of time that an active Remote Desktop Services session can be idle (without user input) before
This policy setting allows you to specify the maximum amount of time that a Remote Desktop Services session can be active before it is automatically disconn
This policy setting allows you to specify the maximum amount of time that a Remote Desktop Services session can be active before it is automatically disconn
This policy setting specifies whether Remote Desktop Services retains a user's per-session temporary folders at logoff.You can use this setting to maintain a u
This policy setting allows you to prevent Remote Desktop Services from creating session-specific temporary folders.You can use this policy setting to disable t
This policy setting allows you to specify whether users can run unsigned Remote Desktop Protocol (.rdp) files and .rdp files from unknown publishers on the c
This policy setting allows you to specify whether users can run unsigned Remote Desktop Protocol (.rdp) files and .rdp files from unknown publishers on the c
This policy setting allows you to specify whether users can run Remote Desktop Protocol (.rdp) files from a publisher that signed the file with a valid certificate
This policy setting allows you to specify whether users can run Remote Desktop Protocol (.rdp) files from a publisher that signed the file with a valid certificate
This policy setting allows you to specify a list of Secure Hash Algorithm 1 (SHA1) certificate thumbprints that represent trusted Remote Desktop Protocol (.rdp
This policy setting allows you to specify a list of Secure Hash Algorithm 1 (SHA1) certificate thumbprints that represent trusted Remote Desktop Protocol (.rdp
This policy setting determines whether a user will be prompted on the client computer to provide credentials for a remote connection to an RD Session Host se
This policy setting allows you to specify whether the client will establish a connection to the RD Session Host server when the client cannot authenticate the R
This policy setting allows you to specify the visual quality for remote users when connecting to this computer by using Remote Desktop Connection. You can u
This policy setting allows the administrator to configure the RemoteFX experience for Remote Desktop Session Host or Remote Desktop Virtualization Host se
This policy setting allows you to specify which Remote Desktop Protocol (RDP) compression algorithm to use.By default, servers use an RDP compression alg
This policy setting allows you to specify the visual experience that remote users receive in Remote Desktop Services sessions. Remote sessions on the remo
This policy setting allows you to permit RDP redirection of other supported RemoteFX USB devices from this computer. Redirected RemoteFX USB devices w
This policy setting allows you to control the availability of RemoteFX on both a Remote Desktop Virtualization Host (RD Virtualization Host) server and a Re
This policy setting allows you to specify the visual experience that remote users will have in Remote Desktop Connection (RDC) connections that use Remote
This policy setting allows you to configure graphics encoding to use the RemoteFX Codec on the Remote Desktop Session Host server so that the sessio
This policy setting specifies the default connection URL for RemoteApp and Desktop Connections. The default connection URL is a specific connection that ca
This policy setting allows you to specify how the Remote Desktop Protocol will try to detect the network quality (bandwidth and latency).You can choose to disa
This policy setting allows you to specify which protocols can be used for Remote Desktop Protocol (RDP) access to this server.If you enable this policy setting
This policy setting specifies whether the UDP protocol will be used to access servers via Remote Desktop Protocol. If you enable this policy setting, Remote D
This policy setting allows you to configure how File Explorer displays thumbnail images or icons on the local computer.File Explorer displays thumbnail images
This policy setting allows you to configure how File Explorer displays thumbnail images or icons on network folders.File Explorer displays thumbnail images on
Turns off the caching of thumbnails in hidden thumbs.db files.This policy setting allows you to configure File Explorer to cache thumbnails of items residing in n
Turn off Tablet PC touch inputTurns off touch input, which allows the user to interact with their computer using their finger.If you enable this setting, the user wi
Turn off Tablet PC touch inputTurns off touch input, which allows the user to interact with their computer using their finger.If you enable this setting, the user wi
Turn off Panning Turns off touch panning, which allows users pan inside windows by touch. On a compatible PC with a touch digitizer, by default users are
Turn off Panning Turns off touch panning, which allows users pan inside windows by touch. On a compatible PC with a touch digitizer, by default users are
This policy setting allows you to manage the Active Directory Domain Services (AD DS) backup of Trusted Platform Module (TPM) owner information. TPM ow
This policy setting configures how much of the TPM owner authorization information is stored in the registry of the local computer. Depending on the amount o
This policy setting allows you to manage the Group Policy list of Trusted Platform Module (TPM) commands blocked by Windows.If you enable this policy se
This policy setting allows you to enforce or ignore the computer's default list of blocked Trusted Platform Module (TPM) commands.If you enable this policy s
This policy setting allows you to enforce or ignore the computer's local list of blocked Trusted Platform Module (TPM) commands.If you enable this policy set
This policy setting allows you to manage the duration in minutes for counting standard user authorization failures for Trusted Platform Module (TPM) command
This policy setting allows you to manage the maximum number of authorization failures for each standard user for the Trusted Platform Module (TPM). If the n
This policy setting allows you to manage the maximum number of authorization failures for all standard users for the Trusted Platform Module (TPM). If the t
This setting lets you prevent users from running the Backup Status and Configuration program, which links to the file backup, file restore, and Complete PC Ba
This setting lets you prevent users from running the Backup Status and Configuration program, which links to the file backup, file restore, and Complete PC Ba
This setting lets you prevent users from selecting a local disk (internal or external) for storing backups. If you enable this policy setting, users are prevented fro
This setting lets you prevent users from selecting a local disk (internal or external) for storing backups. If you enable this policy setting, users are prevented fro
This policy setting lets you prevent users from selecting a network location for storing backups. If you enable this policy setting, users are blocked from selecti
This policy setting lets you prevent users from selecting a network location for storing backups. If you enable this policy setting, users are blocked from selecti
This policy setting lets you prevent users from selecting optical media (CD/DVD) for storing backups. If you enable this policy setting, users are blocked from s
This policy setting lets you prevent users from selecting optical media (CD/DVD) for storing backups. If you enable this policy setting, users are blocked from s
This setting lets you disable the data file backup functionality. If you enable this policy setting, users cannot back up data files. If you disable or do not configur
This setting lets you disable the data file backup functionality. If you enable this policy setting, users cannot back up data files. If you disable or do not configur
This setting lets you disable file restore functionality. If you enable this policy setting, the file restore program is disabled. If you disable or do not configure this
This setting lets you disable file restore functionality. If you enable this policy setting, the file restore program is disabled. If you disable or do not configure this
This setting lets you disable the creation of system images. If you enable this policy setting, users cannot create system images. If you disab
This setting lets you disable the creation of system images. If you enable this policy setting, users cannot create system images. If you disab
This policy setting adds the Administrator security group to the roaming user profile share.Once an administrator has configured a user's roaming profile, the p
This policy setting disables the more secure default setting for the user's roaming user profile folder.After an administrator has configured a user's roaming pro
This policy setting restores the definitions of the %HOMESHARE% and %HOMEPATH% environment variables to those used in Windows NT 4.0 and earlier.
This policy setting determines whether Windows keeps a copy of a user's roaming profile on the local computer's hard drive when the user logs off. Roaming p
This policy setting disables the detection of slow network connections. Slow link detection measures the speed of the connection between a user's computer a
This policy setting provides users with the ability to download their roaming profile, even when a slow network connection with their roaming profile server is d
This policy setting lets you exclude folders that are normally included in the user's profile. As a result, these folders do not need to be stored by the network
This policy setting determines whether the system retains a roaming user's Windows Installer and Group Policy based software installation data on their profile
This policy setting sets the maximum size of each user profile and determines the system's response when a user profile reaches the maximum size. This poli
This setting determines if roaming user profiles are available on a particular computer. By default, when roaming profile users log on to a computer, their roam
This policy setting controls how long Windows waits for a user response before it uses a default user profile for roaming user profiles.The default user profile
This policy setting will automatically log off a user when Windows cannot load their profile. If Windows cannot access the user profile folder or the profile conta
This policy setting determines how many times the system tries to unload and update the registry portion of a user profile. When the number of trials specified
This policy setting determines if the changes a user makes to their roaming profile are merged with the server copy of their profile.By default, when a user with
This policy setting directs the system to wait for the remote copy of the roaming user profile to load, even when loading is slow. Also, the system waits for the r
This policy setting defines a slow connection for roaming user profiles and establishes thresholds for two tests of network speed. To determine the network pe
This policy setting allows an administrator to automatically delete user profiles on system restart that have not been used within a specified number of days. N
This policy setting allows you to specify which network directories will be synchronized only at logon and logoff via Offline Files. This policy setting is meant to
This policy setting controls whether Windows forcefully unloads the user's registry at logoff, even if there are open handles to the per-user registry keys. Note
This policy setting controls how long Windows waits for a response from the network before logging on a user without a remote home directory and withou syn
This policy setting specifies whether Windows should use the specified network path as the roaming user profile path for all users logging onto this computer.T
This policy setting sets the schedule for background uploading of a roaming user profile's registry file (ntuser.dat). This policy setting controls only the uploadin
This setting prevents users from managing the ability to allow apps to access the user name, account picture, and domain information.If you enable this policy
This policy setting controls on a per-computer basis whether roaming profiles are downloaded on a user's primary computers only. This policy setting is useful
This policy setting allows you to specify the location and root (file share or local path) of a user's home folder for a logon session.If you enable this policy
This policy setting allows you to manage the Active Directory Domain Services (AD DS) backup of BitLocker Drive Encryption recovery information. This provid
This policy setting allows you to control whether the BitLocker Drive Encryption setup wizard can display and specify BitLocker recovery options. This policy is
This policy setting allows you to specify the default path that is displayed when the BitLocker Drive Encryption setup wizard prompts the user to enter the locat
This policy setting allows you to configure the algorithm and cipher strength used by BitLocker Drive Encryption. This policy setting is applied when you turn o
This policy setting allows you to configure the algorithm and cipher strength used by BitLocker Drive Encryption. This policy setting is applied when you
This policy setting controls computer restart performance at the risk of exposing BitLocker secrets. This policy setting is applied when you turn on BitLocker. B
This policy setting allows you to configure whether or not enhanced startup PINs are used with BitLocker.Enhanced startup PINs permit the use of characters
This policy setting specifies the constraints for passwords used to unlock BitLocker-protected operating system drives. If non-TPM protectors are allowed on o
This policy setting allows you to control whether or not platform validation data is refreshed when Windows is started following BitLocker recovery.If you enabl
This policy setting allows you to configure whether or not standard users are allowed to change BitLocker volume PINs, provided they are able to provide the e
This policy setting allows you to associate unique organizational identifiers to a new drive that is enabled with BitLocker. These identifiers are stored as the id
This policy setting allows you to associate an object identifier from a smart card certificate to a BitLocker-protected drive. This policy setting is applied when yo
This policy setting allows you to choose specific Boot Configuration Data (BCD) settings to verify during platform validation.If you enable this policy setting, you
This policy setting allows you to control how BitLocker-protected operating system drives are recovered in the absence of the required startup key information
This policy setting allows you to configure the encryption type used by BitLocker Drive Encryption. This policy setting is applied when you turn on BitLocker. Ch
This policy setting allows you to control whether the BitLocker Drive Encryption setup wizard will be able to set up an additional authentication method that is
This policy setting allows you to configure whether BitLocker requires additional authentication each time the computer starts and whether you are using BitLo
This policy setting controls whether a BitLocker-protected computer that is connected to a trusted wired Local Area Network (LAN) and joined to a domain can
This policy setting allows you to configure how the computer's Trusted Platform Module (TPM) security hardware secures the BitLocker encryption key. This po
This policy setting allows you to configure a minimum length for a Trusted Platform Module (TPM) startup PIN. This policy setting is applied when you turn on B
This policy setting allows you to manage BitLockers use of hardware-based encryption on operating system drives and specify which encryption algorithm
This policy setting allows users to enable authentication options that require user input from the pre-boot environment even if the platform indicates lack of
This policy setting allows you to configure whether Secure Boot will be allowed as the platform integrity provider for BitLocker operating system drives.Secure
This policy setting allows you to control how BitLocker-protected fixed data drives are recovered in the absence of the required credentials. This policy setti
This policy setting specifies whether a password is required to unlock BitLocker-protected fixed data drives. If you choose to permit the use of a password, y
This policy setting determines whether BitLocker protection is required for fixed data drives to be writable on a computer. This policy setting is applied when yo
This policy setting configures whether or not fixed data drives formatted with the FAT file system can be unlocked and viewed on computers running Windows
This policy setting allows you to specify whether smart cards can be used to authenticate user access to the BitLocker-protected fixed data drives on a compu
This policy setting allows you to manage BitLockers use of hardware-based encryption on fixed data drives and specify which encryption algorithms it can
This policy setting allows you to control how BitLocker-protected removable data drives are recovered in the absence of the required credentials. This policy
This policy setting controls the use of BitLocker on removable data drives. This policy setting is applied when you turn on BitLocker.When this policy setting
This policy setting specifies whether a password is required to unlock BitLocker-protected removable data drives. If you choose to allow use of a password, yo
This policy setting configures whether BitLocker protection is required for a computer to be able to write data to a removable data drive.If you enable this polic
This policy setting configures whether or not removable data drives formatted with the FAT file system can be unlocked and viewed on computers running Win
This policy setting allows you to specify whether smart cards can be used to authenticate user access to BitLocker-protected removable data drives on a comp
This policy setting allows you to manage BitLockers use of hardware-based encryption on removable data drives and specify which encryption algorithms
This policy setting allows you to specify Clock discipline and General values for the Windows Time service (W32time) for domain controllers including RODCs
This policy setting specifies a set of parameters for controlling the Windows NTP Client.If you enable this policy setting, you can specify the following para
This policy setting specifies whether the Windows NTP Client is enabled.Enabling the Windows NTP Client allows your computer to synchronize its computer
This policy setting allows you to specify whether the Windows NTP Server is enabled.If you enable this policy setting for the Windows NTP Server, your comp
This policy setting prevents computers from connecting to both a domain based network and a non-domain based network at the same time. If this poli
This policy setting prevents computers from establishing multiple simultaneous connections to either the Internet or to a Windows domain. By default, when th
This policy setting prevents clients from connecting to Mobile Broadband networks when the client is registered on a roaming provider network. If this polic
This policy setting specifies that power management is disabled when the machine enters connected standby mode. If this policy setting is enabled, Wi
This policy setting determines the data retention limit for Diagnostic Policy Service (DPS) scenario data.If you enable this policy setting, you must enter the ma
This policy setting determines the execution level for Diagnostic Policy Service (DPS) scenarios.If you enable this policy setting, you must select an execution
Windows Calendar is a feature that allows users to manage appointments and tasks by creating personal calendars, publishing them, and subscribing to othe
Windows Calendar is a feature that allows users to manage appointments and tasks by creating personal calendars, publishing them, and subscribing to othe
By default, Add features to Windows 8 is available for all administrators. If you enable this policy setting, the wizard will not run.If you disable this policy setting
By default, Add features to Windows 8 is available for all administrators. If you enable this policy setting, the wizard will not run.If you disable this policy setting
This policy setting allows you to manage whether backups of only system volumes is allowed or both OS and data volumes can be backed up.If you enable th
This policy setting allows you to manage whether backups of a machine can run to locally attached storage or not.If you enable this policy setting, machine ad
This policy setting allows you to manage whether backups of a machine can run to a network share or not.If you enable this policy setting, machine administra
This policy setting allows you to manage whether backups of a machine can run to an optical media or not.If you enable this policy setting, machine administra
This policy setting allows you to manage whether run-once backups of a machine can be run or not.If you enable this policy setting, machine administrator/bac
This policy setting affects the ability of users to install or uninstall color profiles.If you enable this policy setting, users cannot install new color profiles or uninst
This policy setting affects the ability of users to install or uninstall color profiles.If you enable this policy setting, users cannot install new color profiles or uninst
This policy setting prohibits access to Windows Connect Now (WCN) wizards. If you enable this policy setting, the wizards are turned off and users have no ac
This policy setting prohibits access to Windows Connect Now (WCN) wizards. If you enable this policy setting, the wizards are turned off and users have no ac
This policy setting allows the configuration of wireless settings using Windows Connect Now (WCN). The WCN Registrar enables the discovery and configura
This policy setting checks for new signatures before running scheduled scans.If you enable this policy setting, the scheduled scan checks for new signatures b
This policy setting turns off Windows Defender.If you enable this policy setting, Windows Defender does not run, and computers are not scanned for malware
This policy setting allows you to configure membership in Microsoft Active Protection Service.Microsoft Active Protection Service is the online community that
This policy setting turns off real-time protection prompts for known malware detection.Windows Defender alerts you when malware or potentially unwanted so
This policy setting allows you to configure whether Windows Defender automatically takes action on all detected threats. The action to be taken on a particula
Hide the Back button in the Open dialog box.This policy setting lets you remove new features added in Microsoft Windows 2000 Professional, so the Open dia
Removes the list of most recently used files from the Open dialog box.If you disable this setting or do not configure it, the "File name" field includes a drop-d
Removes the shortcut bar from the Open dialog box.This setting, and others in this folder, lets you remove new features added in Windows 2000 Professional
Configures the list of items displayed in the Places Bar in the Windows File/Open dialog. If enable this setting you can specify from 1 to 5 items to be displa
This setting allows an administrator to revert specific Windows Shell behavior to classic Shell behavior.If you enable this setting, users cannot configure their
Allows you to have File Explorer display a confirmation dialog whenever a file is deleted or moved to the Recycle Bin.If you enable this setting, a confirmation
This setting is designed to ensure that shell extensions can operate on a per-user basis. If you enable this setting, Windows is directed to only run those s
This policy setting determines whether Windows traces shortcuts back to their sources when it cannot find the target on the user's system.Shortcut files typica
"This policy setting allows you to set the maximum number of shortcuts the system can display in the Recent Items menu on the Start menu.The Recent Items
This policy setting allows you to turn off caching of thumbnail pictures.If you enable this policy setting, thumbnail views are not cached.If you disable or do n
This policy setting allows you to remove CD Burning features. File Explorer allows you to create and modify re-writable CDs if you have a CD writer connected
This policy setting allows you to prevent users from enabling or disabling minor animations in the operating system for the movement of windows, menus, and
Disables the "Hide keyboard navigation indicators until I use the ALT key" option in Display in Control Panel.When this Display Properties option is selected, t
This policy setting allows you to remove the DFS tab from File Explorer.If you enable this policy setting, the DFS (Distributed File System) tab is removed from
This policy setting allows you to hide these specified drives in My Computer.This policy setting allows you to remove the icons representing selected hard drive
Removes all computers outside of the user's workgroup or local domain from lists of network resources in File Explorer and Network Locations.If you enable t
Removes the File menu from My Computer and File Explorer.This setting does not prevent users from using other methods to perform tasks available on the F
This policy setting allows you to prevent users from accessing Folder Options through the View tab on the ribbon in File Explorer. Folder Options allows users
Removes the Hardware tab.This setting removes the Hardware tab from Mouse, Keyboard, and Sounds and Audio Devices in Control Panel. It also removes
Removes the Manage item from the File Explorer context menu. This context menu appears when you right-click File Explorer or My Computer.The Manage it
This policy setting allows you to remove the Shared Documents folder from My Computer.When a Windows client is in a workgroup, a Shared Documents icon
Prevents users from using File Explorer or Network Locations to map or disconnect network drives.If you enable this setting, the system removes the Map Net
When a file or folder is deleted in File Explorer, a copy of the file or folder is placed in the Recycle Bin. Using this setting, you can change this behavior.If you e
Prevents users from submitting alternate logon credentials to install a program.This setting suppresses the "Install Program As Other User" dialog box for loca
Removes the Security tab from File Explorer.If you enable this setting, users opening the Properties dialog box for all file system objects, including folders, file
This policy setting allows you to remove the Search button from the File Explorer toolbar.If you enable this policy setting, the Search button is removed from
Removes shortcut menus from the desktop and File Explorer. Shortcut menus appear when you right-click an item.If you enable this setting, menus do not app
Prevents users from using My Computer to gain access to the content of selected drives.If you enable this setting, users can browse the directory structure of
Turn off Windows+X hotkeys.Keyboards with a Windows key provide users with shortcuts to common shell features. For example, pressing the keyboard sequ
This policy setting allows you to remove computers in the user's workgroup and domain from lists of network resources in File Explorer and Network Locations
Prompts users for alternate logon credentials during network-based installations.This setting displays the "Install Program As Other User" dialog box even whe
Limits the percentage of a volume's disk space that can be used to store deleted files.If you enable this setting, the user has a maximum amount of disk space
This policy setting allows you to configure the amount of functionality that the shell protocol can have. When using the full functionality of this protocol, applica
This policy setting allows you to configure the amount of functionality that the shell protocol can have. When using the full functionality of this protocol, applica
If you enable this policy, the "Internet" "Search again" link will not be shown when the user performs a search in the Explorer window.If you disable this policy,
This policy setting allows you to add Internet or intranet sites to the "Search again" links located at the bottom of search results in File Explorer and the Start
This policy setting allows up to five Libraries or Search Connectors to be pinned to the "Search again" links and the Start menu links. The "Search again" links
This policy setting allows you to prevent data loss when you change the target location for Folder Redirection, and the new and old targets point to the same n
This policy setting allows you to specify a list of known folders that should be disabled. Disabling a known folder will prevent the underlying file or director
This policy setting allows you to turn off the display of snippets in Content view mode.If you enable this policy setting, File Explorer will not display snippets i
This policy setting allows you to turn off Windows Libraries features that need indexed file metadata to function properly. If you enable this policy, some Windo
Disables suggesting recent queries for the Search Box and prevents entries into the Search Box from being stored in the registry for future references.File Exp
Changes the behavior of IShellFolder::BindToObject for IID_IPropertySetStorage to not bind directly to the IPropertySetStorage implementation, and to include
Changes the behavior of IShellFolder::BindToObject for IID_IPropertySetStorage to not bind directly to the IPropertySetStorage implementation, and to include
This policy setting allows you to have file names sorted literally (as in Windows 2000 and earlier) rather than in numerical order. If you enable this policy settin
This policy setting allows you to have file names sorted literally (as in Windows 2000 and earlier) rather than in numerical order. If you enable this policy settin
This policy setting allows you to manage whether OpenSearch queries in this zone can be performed using Search Connectors in File Explorer. Search Conn
This policy setting allows you to manage whether a user may preview an item from this zone or display custom thumbnails in the preview pane in File Explorer
This policy setting allows you to specify a location where all default Library definition files for users/machines reside.If you enable this policy setting, administr
This policy setting allows you to specify a location where all default Library definition files for users/machines reside.If you enable this policy setting, administr
This policy setting allows you to manage the behavior of Windows SmartScreen. Windows SmartScreen helps keep PCs safer by warning users before runnin
Shows or hides lock from the user tile menu. If you enable this policy setting, the lock option will be shown in the User Tile menu.If you disable this policy sett
Shows or hides sleep from the power options menu. If you enable this policy setting, the sleep option will be shown in the Power Options menu (as long as it is
Shows or hides hibernate from the power options menu. If you enable this policy setting, the hibernate option will be shown in the Power Options menu (as lon
This policy removes the end-user notification for new application associations. These associations are based on file types (e.g. *.txt) or protocols (e.g. http:)If t
This policy setting allows you to specify whether the ribbon appears minimized or in full when new File Explorer windows are opened. If you enable this policy
This policy setting allows you to specify whether the ribbon appears minimized or in full when new File Explorer windows are opened. If you enable this policy
This policy specifies the path to a file (e.g. either stored locally or on a network location) that contains file type and protocol default application associations
This policy setting determines whether remote paths can be used for file shortcut (.lnk file) icons.If you enable this policy setting, file shortcut icons are allo
This policy setting specifies an alternate location for the Windows File Protection cache.If you enable this policy setting, enter the fully qualified local path t
This policy setting specifies the maximum amount of disk space that can be used for the Windows File Protection file cache.Windows File Protection adds pro
This policy setting allows you to set when Windows File Protection scans protected files. This policy setting directs Windows File Protection to enumerate and
This policy setting hides the file scan progress window. This window provides status information to sophisticated users, but it might confuse novices.If you ena
Allows unsolicited incoming messages from specified systems that authenticate using the IPsec transport.If you enable this policy setting, you must type a sec
Allows you to view and change the program exceptions list defined by Group Policy. Windows Firewall uses two program exception lists: one is defined by Gro
Allows administrators to use the Windows Firewall component in Control Panel to define a local program exceptions list. Windows Firewall uses two program e
Turns on Windows Firewall.If you enable this policy setting, Windows Firewall runs and ignores the "Computer Configuration\Administrative Templates\Networ
Specifies that Windows Firewall blocks all unsolicited incoming messages. This policy setting overrides all other Windows Firewall policy settings that allow su
Allows inbound file and printer sharing. To do this, Windows Firewall opens UDP ports 137 and 138, and TCP ports 139 and 445.If you enable this policy settin
Defines the set of Internet Control Message Protocol (ICMP) message types that Windows Firewall allows. Utilities can use ICMP messages to determine the
Allows Windows Firewall to record information about the unsolicited incoming messages that it receives.If you enable this policy setting, Windows Firewall writ
Prevents Windows Firewall from displaying notifications to the user when a program requests that Windows Firewall add the program to the program exceptio
Allows you to view and change the inbound port exceptions list defined by Group Policy. Windows Firewall uses two port exception lists: one is defined by Gro
Allows administrators to use the Windows Firewall component in Control Panel to define a local port exceptions list. Windows Firewall uses two port exception
Allows remote administration of this computer using administrative tools such as the Microsoft Management Console (MMC) and Windows Management Instru
Allows this computer to receive inbound Remote Desktop requests. To do this, Windows Firewall opens TCP port 3389.If you enable this policy setting, Windo
Prevents this computer from receiving unicast responses to its outgoing multicast or broadcast messages.If you enable this policy setting, and this computer
Allows this computer to receive unsolicited inbound Plug and Play messages sent by network devices, such as routers with built-in firewalls. To do this, Wind
Allows you to view and change the program exceptions list defined by Group Policy. Windows Firewall uses two program exception lists: one is defined by Gro
Allows administrators to use the Windows Firewall component in Control Panel to define a local program exceptions list. Windows Firewall uses two program e
Turns on Windows Firewall.If you enable this policy setting, Windows Firewall runs and ignores the "Computer Configuration\Administrative Templates\Networ
Specifies that Windows Firewall blocks all unsolicited incoming messages. This policy setting overrides all other Windows Firewall policy settings that allow su
Allows inbound file and printer sharing. To do this, Windows Firewall opens UDP ports 137 and 138, and TCP ports 139 and 445.If you enable this policy settin
Defines the set of Internet Control Message Protocol (ICMP) message types that Windows Firewall allows. Utilities can use ICMP messages to determine the
Allows Windows Firewall to record information about the unsolicited incoming messages that it receives.If you enable this policy setting, Windows Firewall writ
Prevents Windows Firewall from displaying notifications to the user when a program requests that Windows Firewall add the program to the program exceptio
Allows you to view and change the inbound port exceptions list defined by Group Policy. Windows Firewall uses two port exception lists: one is defined by Gro
Allows administrators to use the Windows Firewall component in Control Panel to define a local port exceptions list. Windows Firewall uses two port exception
Allows remote administration of this computer using administrative tools such as the Microsoft Management Console (MMC) and Windows Management Instru
Allows this computer to receive inbound Remote Desktop requests. To do this, Windows Firewall opens TCP port 3389.If you enable this policy setting, Windo
Prevents this computer from receiving unicast responses to its outgoing multicast or broadcast messages.If you enable this policy setting, and this computer
Allows this computer to receive unsolicited inbound Plug and Play messages sent by network devices, such as routers with built-in firewalls. To do this, Wind
Denies or allows access to the Windows Mail application.If you enable this setting, access to the Windows Mail application is denied.If you disable or do not c
Denies or allows access to the Windows Mail application.If you enable this setting, access to the Windows Mail application is denied.If you disable or do not c
Windows Mail will not check your newsgroup servers for Communities support.
Windows Mail will not check your newsgroup servers for Communities support.
Prevents Windows Media Digital Rights Management (DRM) from accessing the Internet (or intranet).When enabled, Windows Media DRM is prevented from
This policy setting allows you to turn off do not show first use dialog boxes.If you enable this policy setting, the Privacy Options and Installation Options dialo
This policy setting allows you to prevent the anchor window from being displayed when Windows Media Player is in skin mode.If you enable this policy setting
This policy setting allows you to prevent video smoothing from occurring.If you enable this policy setting, video smoothing is prevented, which can improve vi
This policy setting allows you to prevent media information for CDs and DVDs from being retrieved from the Internet.If you enable this policy setting, the Playe
This policy setting allows you to prevent media sharing from Windows Media Player.If you enable this policy setting, any user on this computer is prevented f
This policy setting allows you to prevent media information for music files from being retrieved from the Internet.If you enable this policy setting, the Player
This policy setting allows you to prevent a shortcut for the Player from being added to the Quick Launch bar.If you enable this policy setting, the user cannot a
This policy setting allows you to prevent radio station presets from being retrieved from the Internet.If you enable this policy setting, the Player is prevented fro
This policy setting allows you to prevent a shortcut icon for the Player from being added to the user's desktop.If you enable this policy setting, users cannot ad
This policy setting allows a screen saver to interrupt playback.If you enable this policy setting, a screen saver is displayed during playback of digital media ac
This policy setting allows you to prevent Windows Media Player from downloading codecs.If you enable this policy setting, the Player is prevented from autom
Prevents the anchor window from being displayed when Windows Media Player is in skin mode.This policy hides the anchor window when the Player is in skin
This policy setting allows you to hide the Privacy tab in Windows Media Player.If you enable this policy setting, the "Update my music files (WMA and MP3 file
This policy setting allows you to hide the Security tab in Windows Media Player.If you enable this policy setting, the default security settings for the options on
This policy setting allows you to set and lock Windows Media Player in skin mode, using a specified skin.If you enable this policy setting, the Player displays o
This policy setting allows you to specify the HTTP proxy settings for Windows Media Player.If you enable this policy setting, select one of the following proxy t
This policy setting allows you to specify the MMS proxy settings for Windows Media Player.If you enable this policy setting, select one of the following proxy ty
This policy setting allows you to specify the RTSP proxy settings for Windows Media Player.If you enable this policy setting, select one of the following proxy ty
This policy setting allows you to hide the Network tab.If you enable this policy setting, the Network tab in Windows Media Player is hidden. The default network
This policy setting allows you to specify whether network buffering uses the default or a specified number of seconds.If you enable this policy setting, select o
This policy setting allows you to specify that Windows Media Player can attempt to use selected protocols when receiving streaming media from a server runn
This policy setting prevents Windows Messenger from automatically running at logon. If you enable this policy setting, Windows Messenger is not loaded auto
This policy setting prevents Windows Messenger from automatically running at logon. If you enable this policy setting, Windows Messenger is not loaded auto
This policy setting allows you to prevent Windows Messenger from running.If you enable this policy setting, Windows Messenger does not run.If you disable o
This policy setting allows you to prevent Windows Messenger from running.If you enable this policy setting, Windows Messenger does not run.If you disable o
This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses Basic authentication.If you enable this policy setting
This policy setting allows you to manage whether the Windows Remote Management (WinRM) client sends and receives unencrypted messages over the net
This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses Digest authentication.If you enable this policy settin
This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses Negotiate authentication.If you enable this policy se
This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses Kerberos authentication directly.If you enable this p
This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses CredSSP authentication.If you enable this policy se
This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses the list specified in TrustedHostsList to determine if
This policy setting allows you to manage whether the Windows Remote Management (WinRM) service automatically listens on the network for requests on the
This policy setting turns on or turns off an HTTP listener created for backward compatibility purposes in the Windows Remote Management (WinRM) service.
This policy setting turns on or turns off an HTTPS listener created for backward compatibility purposes in the Windows Remote Management (WinRM) service
This policy setting allows you to manage whether the Windows Remote Management (WinRM) service accepts Basic authentication from a remote client.
This policy setting allows you to manage whether the Windows Remote Management (WinRM) service sends and receives unencrypted messages over the n
This policy setting allows you to manage whether the Windows Remote Management (WinRM) service will not allow RunAs credentials to be stored for any pl
This policy setting allows you to manage whether the Windows Remote Management (WinRM) service accepts Negotiate authentication from a remote client.
This policy setting allows you to manage whether the Windows Remote Management (WinRM) service accepts Kerberos credentials over the network. If y
This policy setting allows you to manage whether the Windows Remote Management (WinRM) service accepts CredSSP authentication from a remote client.
This policy setting allows you to set the hardening level of the Windows Remote Management (WinRM) service with regard to channel binding tokens. If y
This policy setting configures access to remote shells.If you enable this policy setting and set it to False, new remote shell connections are rejected by the serv
This policy setting configures the maximum time in milliseconds remote shell will stay open without any user activity until it is automatically deleted.Any value f
This policy setting configures the maximum number of users able to concurrently perform remote shell operations on the system.The value can be any numbe
This policy setting configures the maximum total amount of memory in megabytes that can be allocated by any active remote shell and all its child processes.A
This policy setting configures the maximum number of processes a remote shell is allowed to launch.If you enable this policy setting, you can specify any num
This policy setting is deprecated and has no effect when set to any state: Enabled, Disabled, or Not Configured.
This policy setting configures the maximum number of concurrent shells any user can remotely open on the same system.Any number from 0 to 0x7FFFFFFF
This setting controls automatic updates to a user's computer.Whenever a user connects to the Internet, Windows searches for updates available for the softw
This policy setting allows you to manage whether the 'Install Updates and Shut Down' option is displayed in the Shut Down Windows dialog box.If you enable
This policy setting allows you to manage whether the 'Install Updates and Shut Down' option is displayed in the Shut Down Windows dialog box.If you enable
This policy setting allows you to manage whether the 'Install Updates and Shut Down' option is allowed to be the default choice in the Shut Down Windows dia
This policy setting allows you to manage whether the 'Install Updates and Shut Down' option is allowed to be the default choice in the Shut Down Windows dia
This setting allows you to remove access to Windows Update.If you enable this setting, all Windows Update features are removed. This includes blocking acc
Specifies whether this computer will receive security updates and other important downloads through the Windows automatic updating service. This
Specifies an intranet server to host updates from Microsoft Update. You can then use this update service to automatically update computers on your network.T
Specifies the hours that Windows will use to determine how long to wait before checking for available updates. The exact wait time is determined by using the
This policy setting allows you to control whether non-administrative users will receive update notifications based on the "Configure Automatic Updates" policy s
Specifies whether Automatic Updates should automatically install certain updates that neither interrupt Windows services nor restart Windows.If the status is s
Specifies whether Automatic Updates will deliver both important as well as recommended updates from the Windows Update update service.When this policy
This policy setting allows you to control whether users see detailed enhanced notification messages about featured software from the Microsoft Update servic
Specifies whether the Windows Update will use the Windows Power Management features to automatically wake up the system from hibernation, if there are
Specifies that to complete a scheduled installation, Automatic Updates will wait for the computer to be restarted by any user who is logged on, instead of caus
Specifies the amount of time for Automatic Updates to wait before prompting again with a scheduled restart. If the status is set to Enabled, a schedu
Specifies the amount of time for Automatic Updates to wait before proceeding with a scheduled restart.If the status is set to Enabled, a scheduled restart will o
Specifies the amount of time for Automatic Updates to wait, following system startup, before proceeding with a scheduled installation that was missed previous
Specifies the target group name or names that should be used to receive updates from an intranet Microsoft update service.If the status is set to Enabled, the
This policy setting allows you to manage whether Automatic Updates accepts updates signed by entities other than Microsoft when the update is found on an
This policy setting controls the legacy remote shutdown interface (named pipe). The named pipe remote shutdown interface is needed in order to shutdown th
This policy setting configures the number of minutes the system waits for the hung logon sessions before proceeding with the system shutdown.If you enable
This policy setting controls the use of fast startup. If you enable this policy setting, the system requires hibernate to be enabled.If you disable or do not configu
This policy setting controls whether or not the system displays information about previous logons and logon failures to the user.For local user accounts and d
This policy controls whether the logged on user should be notified when his logon hours are about to expire. By default, a user is notified before logon hours e
This policy controls which action will be taken when the logon hours expire for the logged on user. The actions include lock the workstation, disconnect the use
This policy setting controls whether or not software can simulate the Secure Attention Sequence (SAS).If you enable this policy setting, you have one of four o
This policy controls whether the logged on user should be notified if the logon server could not be contacted during logon and he has been logged on using pr
This policy controls whether the logged on user should be notified if the logon server could not be contacted during logon and he has been logged on using pr
Specifies an alternate user interface.The Explorer program (%windir%\explorer.exe) creates the familiar Windows interface, but you can use this setting to spe
This policy setting specifies whether Windows will allow console applications and GUI applications without visible top-level windows to block or cancel shutdow
Denies or allows access to the Store application.If you enable this setting, access to the Store application is denied. Access to the Store is required for installin
Denies or allows access to the Store application.If you enable this setting, access to the Store application is denied. Access to the Store is required for installin
Allows or denies access to the Store application on Windows To Go workspaces.If you enable this setting, access to the Store application is allowed on the W
Enables or disables the automatic download of updates.If you enable this setting, automatic download of updates is turned off.If you disable or do not configur
This policy setting configures the cost of Wireless LAN (WLAN) connections on the local machine.If this policy setting is enabled, a drop-down list box present
Set up the menu name and URL for the custom Internet search provider.If you enable this setting, the specified menu name and URL will be used for Internet
This policy setting turns off tile notifications. If you enable this policy setting, applications and system features will not be able to update their tile
This policy setting turns off toast notifications for applications. If you enable this policy setting, applications will not be able to raise toast notific
This policy setting turns off toast notifications on the lock screen. If you enable this policy setting, applications will not be able to raise toast notifica
This policy setting blocks applications from using the network to send notifications to update tiles, tile badges, toast, or raw notifications. This policy set
This policy setting configures the cost of 3G connections on the local machine.If this policy setting is enabled, a drop-down list box presenting possible cost va
This policy setting configures the cost of 4G connections on the local machine. If this policy setting is enabled, a drop-down list box presenting possible cos
Reboot Required Logoff Required
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No Yes
No Yes
No Yes
No Yes
Yes No
No Yes
No Yes
No Yes
No Yes
No Yes
No Yes
No Yes
No Yes
No Yes
No Yes
No Yes
No Yes
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No Yes
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No Yes
No Yes
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
Yes No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
Yes No
No No
No No
No No
No No
No Yes
No No
No Yes
No Yes
No Yes
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
No No
Active Directory Schema or Domain Requirements
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
Yes
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
Yes
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
Yes
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
Yes
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
Status Policy Path
Computer Configuration\Windows Settings\Account Policies\Password Policy

Computer Configuration\Windows Settings\Account Policies\Account Lockout Policy
Computer Configuration\Windows Settings\Local Policies\Kerberos Policy
Computer Configuration\Windows Settings\Local Policies\Audit Policy
Computer Configuration\Windows Settings\Local Policies\User Rights Assignment
Computer Configuration\Windows Settings\Local Policies\Security Options
New
New
New
New
Computer Configuration\Windows Settings\Security Settings\Event Log
Computer Configuration\Windows Settings\Security Settings\Restricted Groups
Computer Configuration\Windows Settings\Security Settings\System Services
Computer Configuration\Windows Settings\Security Settings\Registry
Computer Configuration\Windows Settings\Security Settings\File System
Policy Name
Enforce password history

Maximum password age
Minimum password age
Minimum password length
Password must meet complexity requirement
Store passwords using reversible encryption for all users in the domain
Account lockout duration
Account lockout threshold
Reset lockout counter after
Enforce user logon restrictions
Maximum lifetime for service ticket
Maximum lifetime for user ticket
Maximum lifetime for user ticket renewal
Maximum tolerance for computer clock synchronization
Audit account logon events
Audit account management
Audit directory service access
Audit logon events
Audit object access
Audit policy change
Audit privilege use
Audit process tracking
Audit system events
Access this computer from the network
Access Credential Manager as a trusted caller
Act as part of the operating system
Add workstations to a domain
Adjust memory quotas for a process
Allow log on locally
Allow log on through Remote Desktop Services
Backup files and directories
Bypass traverse checking
Change the system time
Change the time zone
Create a pagefile
Create a token object
Create global objects
Create permanent shared objects
Create Symbolic Links
Debug programs
Deny access to this computer from the network
Deny log on as a batch job
Deny log on as a service
Deny log on locally
Deny log on through Remote Desktop Services
Enable computer and user accounts to be trusted for delegation
Force shutdown from a remote system
Generate security audits
Impersonate a client after authentication
Increase a process working set
Increase scheduling priority
Load and unload device drivers
Lock pages in memory
Log on as a batch job
Log on as a service
Log on locally
Manage auditing and security log
Modify an object label
Modify firmware environment values
Perform volume maintenance tasks
Profile single process
Profile system performance
Remove computer from docking station
Replace a process level token
Restore files and directories
Shut down the system
Synchronize directory service data
Take ownership of files or other objects
Accounts: Administrator account status
Accounts: Block Microsoft accounts
Accounts: Guest account status
Accounts: Limit local account use of blank passwords to console logon only
Accounts: Rename administrator account
Accounts: Rename guest account
Audit: Audit the accesss of global system objects
Audit: Audit the use of Backup and Restore privilege
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy categ
Audit: Shut down system immediately if unable to log security audits
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax
Devices: Allow undock without having to log on
Devices: Allowed to format and eject removable media
Devices: Prevent users from installing printer drivers
Devices: Restrict CD-ROM access to locally logged-on user only
Devices: Restrict floppy access to locally logged-on user only
Devices: Unsigned driver installation behavior
Domain controller: Allow server operators to schedule tasks
Domain controller: LDAP server signing requirements
Domain controller: Refuse machine account password changes
Domain member: Digitally encrypt or sign secure channel data (always)
Domain member: Digitally encrypt secure channel data (when possible)
Domain member: Digitally sign secure channel data (when possible)
Domain member: Disable machine account password changes
Domain member: Maximum machine account password age
Domain member: Require strong (Windows 2000 or later) session key
Interactive logon: Do not display last user name
Interactive Logon: Display user information when session is locked
Interactive logon: Do not require CTRL+ALT+DEL
Interactive logon: Machine account lockout threshold
Interactive logon: Machine inactivity limit
Interactive logon: Message text for users attempting to logon
Interactive logon: Message title for users attempting to logon
Interactive logon: Number of previous logons to cache (in case domain controller is not available)
Interactive logon: Prompt user to change password before expiration
Interactive logon: Require Domain Controller authentication to unlock workstation
Interactive logon: Require smart card
Interactive logon: Smart card removal behavior
Microsoft network client: Digitally sign communications (always)
Microsoft network client: Digitally sign communications (if server agrees)
Microsoft network client: Send unencrypted password to third-party SMB servers
Microsoft network server: Amount of idle time required before suspending session
Microsoft network server: Attempt S4U2Self to obtain claim information
Microsoft network server: Digitally sign communications (always)
Microsoft network server: Digitally sign communications (if client agrees)
Microsoft network server: Disconnect clients when logon hours expire
Microsoft network server: Server SPN target name validation level
Network access: Allow anonymous SID/Name translation
Network access: Do not allow anonymous enumeration of SAM accounts
Network access: Do not allow anonymous enumeration of SAM accounts and shares
Network access: Do not allow storage of passwords and credentials for network authentication
Network access: Let Everyone permissions apply to anonymous users
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths
Network access: Remotely accessible registry paths and sub-paths
Network access: Restrict anonymous access to Named Pipes and Shares
Network access: Shares that can be accessed anonymously
Network access: Sharing and security model for local accounts
Network security: Do not store LAN Manager hash value on next password change
Network security: Force logoff when logon hours expire
Network security: LAN Manager authentication level
Network security: LDAP client signing requirements
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers
Network security: Restrict NTLM: Incoming NTLM traffic
Network security: Restrict NTLM: Audit Incoming NTLM Traffic
Network security: Restrict NTLM: NTLM authentication in this domain
Network security: Restrict NTLM: Audit NTLM authentication in this domain
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication
Network security: Restrict NTLM: Add server exceptions in this domain
Network security: Allow LocalSystem NULL session fallback
Network security: Allow Local System to use computer identity for NTLM
Network security: Allow PKU2U authentication requests to this computer to use online identities.
Network security: Configure encryption types allowed for Kerberos
Recovery console: Allow automatic administrative logon
Recovery console: Allow floppy copy and access to all drives and all folders
Shutdown: Allow system to be shut down without having to log on
Shutdown: Clear virtual memory pagefile
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing
System cryptography: Force strong key protection for user keys stored on the computer
System objects: Default owner for objects created by members of the Administrators group
System objects: Require case insensitivity for non-Windows subsystems
System objects: Strengthen default permissions of internal system objects (e.g., Symbolic Links)
System settings: Optional subsystems
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies
User Account Control: Admin Approval Mode for the Built-in Administrator account
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
User Account Control: Behavior of the elevation prompt for standard users
User Account Control: Detect application installations and prompt for elevation
User Account Control: Only elevate executables that are signed and validated
User Account Control: Only elevate UIAccess applications that are installed in secure locations
User Account Control: Run all administrators in Admin Approval Mode
User Account Control: Switch to the secure desktop when prompting for elevation
User Account Control: Virtualize file and registry write failures to per-user locations
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure
Maximum application log size
Maximum security log size
Maximum system log size
Prevent local guests group from accessing application log
Prevent local guests group from accessing security log
Prevent local guests group from accessing system log
Retain application log
Retain security log
Retain system log
Retention method for application log
Retention method for security log
Retention method for system log
Restricted Groups
System Services
Registry
File System
Supported On
At least Windows XP SP2, Windows Server 2003

At least Windows Vista, Windows Server 2008
Only Windows XP SP2
Windows XP SP2, Windows Server 2003
Windows 8, Windows Server 2012
Only Windows XP SP2, Windows Server 2003
At least Windows 7, Windows Server 2008 R2
Windows XP SP2, Windows Server 2003
Registry Settings
Password Policy security settings are not registry keys.

Account Lockout Policy security settings are not registry keys.
Kerberos Policy security settings are not registry keys.
Audit Policy security settings are not registry keys.
User Rights security settings are not registry keys
Not a registry key
Not a registry key
Not a registry key
MACHINE\System\CurrentControlSet\Control\Lsa\LimitBlankPasswordUse
Not a registry key
Not a registry key
MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects
MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing
MACHINE\System\CurrentControlSet\Control\Lsa\SCENoApplyLegacyAuditPolicy
MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail
MACHINE\SOFTWARE\policies\Microsoft\windows
NT\DCOM\MachineAccessRestriction
MACHINE\SOFTWARE\policies\Microsoft\windows
NT\DCOM\MachineLaunchRestriction
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWitho
utLogon
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateDASD
MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print
Services\Servers\AddPrinterDrivers
MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon\AllocateCDRoms
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies
MACHINE\Software\Microsoft\Driver Signing\Policy
MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl
MACHINE\System\CurrentControlSet\Services\NTDS\Parameters\LDAPServerIntegrit
y
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RefusePassword
Change
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrS
eal
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChan
nel
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChan
nel
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DisablePasswor
dChange
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\MaximumPassw
ordAge
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKe
y
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayL
Machine\Software\Microsoft\Windows\CurrentVersion\Policies\System,
value=DontDisplayLockedUserId
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableCAD
Not a registry key
Not a registry key
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeT
ext
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeC
aption
NT\CurrentVersion\Winlogon\CachedLogonsCount
NT\CurrentVersion\Winlogon\PasswordExpiryWarning
NT\CurrentVersion\Winlogon\ForceUnlockLogon
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ScForceOptio
n
NT\CurrentVersion\Winlogon\ScRemoveOption
MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\Requi
reSecuritySignature
MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\Enabl
eSecuritySignature
MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\Enabl
ePlainTextPassword
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisco
nnect
Not a registry key
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSe
curitySignature
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSec
uritySignature
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableFor
cedLogOff
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\SmbServer
NameHardeningLevel
Not a registry key
MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAM
MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous
MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCreds
MACHINE\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymous
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessio
nPipes
MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPath
s\Machine
MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPath
s\Machine
nShares
nShares
MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuest
MACHINE\System\CurrentControlSet\Control\Lsa\NoLMHash
Not a registry key
MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel
MACHINE\System\CurrentControlSet\Services\LDAP\LDAPClientIntegrity
MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSec
MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSec
MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\RestrictSendingNTLMTraffi
MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\RestrictReceivingNTLMTraff
MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\AuditReceivingNTLMTraffic
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RestrictNTLMInD
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\AuditNTLMInDom
MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\ClientAllowedNTLMServers
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DCAllowedNTLMS
MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\allownullsessionfallback
MACHINE\System\CurrentControlSet\Control\Lsa\UseMachineId
MACHINE\System\CurrentControlSet\Control\Lsa\pku2u\AllowOnlineID
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Par
ameters\SupportedEncryptionTypes
NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevel
NT\CurrentVersion\Setup\RecoveryConsole\SetCommand
MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWit
houtLogon
MACHINE\System\CurrentControlSet\Control\Session Manager\Memory
Management\ClearPageFileAtShutdown
MACHINE\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy
MACHINE\Software\Policies\Microsoft\Cryptography\ForceKeyProtection
MACHINE\System\CurrentControlSet\Control\Lsa\NoDefaultAdminOwner
MACHINE\System\CurrentControlSet\Control\Session
Manager\Kernel\ObCaseInsensitive
MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode
MACHINE\System\CurrentControlSet\Control\Session Manager\SubSystems\optional
MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\AuthenticodeEn
abled
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\FilterAdministratorTo
ken
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBeha
viorAdmin
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBeha
viorUser
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableInstallerDetec
tion
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ValidateAdminCode
Signatures
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableSecureUIAPa
ths
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDe
sktop
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableVirtualization
SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableUIADesktopT
oggle
Event Log security settings are not registry keys.
Restricted Groups policy settings are not registry keys.
System Services policy settings are not registry keys.
not a registry key
File System policy settings are not registry keys.
Help Text
Enforce password history

Maximum
This security password age
setting determines the number of unique new passwords that have to be associated with a user account before an old password can be reused. T
Minimum
This policy security password age
settingadministrators
determines thetoperiod of time (in days) that a password can be used
This enables enhance security by ensuring that old passwords arebefore
not reused the system requires the user to change it. You can set passwo
continually.
can
Minimum be any value between
password 0 and 998 days.
This security setting length
determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 9
Default:
Password
Note:
This It is amust
security securitymeetbest
setting complexity
practicethe
determines requirements
to least
have passwords expire every that30a to 90 days,for depending on yourmay environment. This way, an attacker has a limited1 andamount charo
The minimum password age must be lessnumber than theofMaximum characters password password
age, unless athe
user account
maximum password contain.ageYou is set canto set a value
0, indicating ofthat
between
passwords 14 neve
will
24
Store on domain
passwords controllers.
using reversiblewhether encryption
This
0 on security
Default:
Default: 42. setting
stand-alone determines
servers. passwords must meet complexity requirements.
Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cy
Account
This
a this newsecurity lockout
password. duration
settingFordetermines reason,whether
thispasswords Enforce the operating
password system
history is setstores to 1passwords
by default. using reversible encryption.
If
Note:
7 policy
on domain
By default, iscontrollers.
enabled,
member computers must
followmeet thethe following
configuration minimum
of their domain requirements:controllers.
Account
This
0 on
To maintain lockout
security
stand-alone threshold
setting determines
servers.
the effectiveness the number
of applications
password of minutes
history, a locked-out
do not allow account
passwords remains locked
to be changed out before
immediately automatically
afterfor they becoming
were unlocked.
just changed The enabling
by also available range
the Miu
This
Default: policy provides support for that use
Not contain the user's account name or parts of the user's full name that exceed two consecutive protocols that require knowledge of the user's password
characters authentication purposes. Storing passwords
Reset
This
Be at account
security
least six lockout
setting
characters counter
determines in after
length the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it i
If
1 an
Note:
This account
By default,
on policy
domain lockoutmember
is controllers.
required threshold
when computersis defined,
using followthe theaccount
Challenge-Handshake configuration lockout ofduration
their domain
Authentication must
Protocolbe greater
controllers.
(CHAP) than or equal to the
authentication resetremote
through time. access or Internet Authentication Serv
Contain
Enforce characters
user logon from three
restrictions of the following four categories:
This
0
Failed on security
stand-alone
password setting determines
servers.
attempts against (Athe number of minutes
workstations or member that must elapse afterbeena failed logon attempt before the failed logon attempt counter is reset screen to 0 badsav lo
English
Default:
Default:
uppercase
None,
Disabled. becausecharactersthis policy through
settingZ) only has meaningservers when an that have
Account lockoutlocked using
threshold either CTRL+ALT+DELETE
is specified. or password-protected
Maximum
English
This lifetime
lowercase for service
characters ticket
(a through z)
If
Note:
Default:
Base an security
account
By0.
10 default,
digits
setting
lockout
(0 member
determines
through threshold computers
9) iswhether
defined,
follow the
thisKerberos
the reset time
configuration V5mustKeyofDistribution
be thanCenter
lessdomain
their (KDC)
orcontrollers.
equal to thevalidates
Accountevery lockout request
duration. for a session ticket against the user rights pol
Maximum
This security
Non-alphabetic lifetime
setting fordetermines
charactersuser ticket (for the
example, maximum !, $, #, amount
%) of time (in minutes) that a granted session ticket can be used to access a particular service. The setting
Default:
Default: Enabled.
None, because this policy setting only has meaning when an Account lockout threshold is specified.
Complexity
Maximum requirements
lifetime for user are
ticket enforced
renewal when passwords are changed or created.
This
If a client security presentssettingandetermines
expired session the maximumticket when amountit requestsof timea(in hours) that
connection toaauser's
server,ticket-granting
the server returns ticketan (TGT)
errormay be used.
message. The client must request a new ses
Maximum
connection
This security tolerance
expires
setting for
during computer
determines the theclock
connection.
periodsynchronization
of time (in days) during which a user's ticket-granting ticket (TGT) may be renewed.
Default: 10 hours.
Audit
This security
Default: account
600 logon events
minutes
setting determines
(10 hours).the maximum time difference (in minutes) that Kerberos V5 tolerates between the time on the client clock and the time on the
Default: 7 days.
Auditsecurity
This accountsetting management determines whether
To
Enabled prevent on"replay
domainattacks,"controllers. Kerberos V5 theusesOS timeaudits
stamps eachastime partthis of itscomputer
protocolvalidates
definition. anFor accounts
time stamps credentials.
to work properly, the clocks of the client and the do
Audit
difference
Disabled
This directory
security between service
on stand-alone
setting a access
client clock and the domain controller clock is
servers.whether to audit each event of account management on a computer. Examples
determines less than the maximum time difference that isofspecified in this policy, any
account management events timeinclude:
stamp that is
Account logon events are generated whenever a computer validates the credentials of an account for which it is authoritative. Domain members and non-dom
Audit
so
This
Important
Note: there logonis
security
By noevents
default, corresponding
setting determines logoff event
whether forthe
the account
OS audits logon
userevents.
attempts to access Active Directory objects. Audit is only generated for objects that have system a
A user account ormember
group iscomputers
created, follow
changed, orconfiguration
deleted. of their domain controllers.
Audit
A
This user object
account
security accessis
setting renamed,
isdetermines disabled,
whether or enabled.
If thisadministrator
The
This
A password
policy is
setting setting
is not
set or can defined,
specifyonwhether
persistent
changed.
the
pre Vista to the
administrator
audit OS
platforms. audits
can
only each
Ifspecify
successes,
you instance
whether
configure only this toofaudit
failures,a user
setting only
both attempting
and successes,
successes
then restart to and
log
only on
the to or toor
failures,
failures,
computer, log
both off
tothis
not to
successes this these
audit
setting computer.
andevents
reverts failures, orallto(i.e.
to theatdefault not audit these
neither
value. succes ev
Audit
This
If you policy
security
define change
setting
this policydetermines
setting, whether
you can the
specify OS audits
whether user
to attempts
audit successes, to access audit non-Active
failures, orDirectory
not audit objects.
the event Audit type is only
at all.generated
Success for objects
audits generatethat have
an syste
audit
Log
Default:
If
Default: off events
Success Success.
auditing
5 minutes. are generated
is enabled,whenever an audit entry a logged on user account's
is generated each timelogon any session
account is terminated.accesses
successfully If this policy setting isobject
a Directory defined, thatthehasadministrator
a matching SACL can specify
specifie we
Audit
This privilege
security setting use determines whether
Default:
The
Default: administrator
Success. can specify whether to the
audit OS audits
only each instance
successes, of attempts
only failures, both to change user
successes and rights
failures, assignment
or to not audit policy, auditevents
these policy,ataccount
all (i.e. policy,
neitherorsucces
trust
If
Audit Failure auditing
process is enabled, an audit entry is generated each time any user unsuccessfully attempts to access a Directory object that has a matching SACL sp
tracking
This
The security setting
administrator can determines
specify whether whether to audit each instance only of a user exercising a user right.
If
Success Success onauditing
domain iscontrollers.
enabled, an audittoentry audit isonly successes,
generated each timefailures, any account both successfully
successes and failures,a or
accesses to not audit these
non-Directory objectevents
that has at aallmatching
(i.e. neitherSACL succes
spec
Audit
Default:
This
Noyou system
security
auditing on events
setting
member determines
servers.you whether the OSwhetheraudits process-related events such as process creation, process termination, handle duplication, and indirect
If
If Success define this policy
auditingisisenabled, setting,
enabled,ananaudit can
auditentryspecify
entryisisgenerated
generatedeach to audit
when successes,
an anyattempted audit failures,
change to user or not audit this
rights assignment type of event at all. Success audits generate an aud
If
Access Failurethis auditing
computer from the network time user unsuccessfully attempts to access apolicy, audit policy,
non-Directory object or trust
that haspolicy is successfu
a matching SAC
This
Success
If this securityon
policy setting
domain
setting determines
controllers.
is defined, thewhether the
administrator OS audits
can any
specify of the
whether following
to audit events:
only successes, only failures, both successes and box failures, or to not audit these ev
To
If set
Failure this value to No auditing, in the Properties dialog box for this policy setting, select the Define these policy settings check and clear the Success and
Undefined
Note
This that auditing
user
setting youfor can
right
is used
is
a member
set
determines
enabled,
by
computer.
aCredential
SACL which
an
onaudit file entry
aManager
users system
and
is generated
object
groups
during are using when
allowed
Backup/Restore.
an attempted
the Security
to connect
No tabtoinchange
accounts thatcomputer
the should
to user
object's have
rights assignment
Properties
over the
this dialog as
network.
privilege, box. policy, audit policy, or trust policy is attempted b
Remote
it is only Desktop
assigned Services
to are
Winlogon. not affected
Users by
saved this
cre
If Attempted
Success system is time change
Default:
Act
Default: as part
Attempted Noauditing
auditing.
of the operating
security
enabled,
systemsystem
an audit entry is generated each time the OS performs one of these process-related activities.
startup or shutdown
Default:
Note: No
Remote auditing.
Desktop Services was calledcomponents
Terminal Services in previous versions of Windows Server.
If Attempt
Failure to load
auditing extensible
is enabled, authentication
an audit
Add
Audits
This
Success
Lossworkstations
userareon
of not
right
audited to
generated
allows
domain eventsdomain for use
a process
due
controllers. to
to auditingtheentry
ofimpersonate is generated
following
system any useruser
failure
each
rights,
withouteventimeif the OS fails
success
authentication.
to perform
auditsTheorprocess
failure one of these
audits activities.for Audit privilege use. Enabling auditing of th
are specified
can therefore gain access to the same local resources as that us
Default
No Security
auditing on workstations
log onsize exceeding
member and
servers. servers:
a configurable warning threshold level.
Adjust
Default:
This memory
Administrators
Bypass No
security
traverse quotas
auditing
setting
checking for
determines a process which groups or users can add workstations to a domain.
Processes that require this privilege should use the LocalSystem account, which already includes this privilege, rather than using a separate user account with
Backup
Debug
passwords
Allow
If log Operators
programs
thisprivilege
policyoninsetting
locally
plaintext.is defined, the administrator can specify whether tocan audit
This
This
Users
Create security
a token determines
setting
objectis valid who onlycan onchange
domainthe maximum
controllers. Bymemory
default,that beonly
any authenticated
successes,
consumed user byhas a only failures, both successes and failures, or to not audit these ev
process.
this right and can create up to 10 computer accounts in the dom
Allow
Everyone
Replace
This logprocess
logon onauditing
through
right isRemote
level tokenwhich Desktop auditServices
Caution
If Success
This
Adding
Generateuser right
a computer
security isdetermines
defined enabled,
account
audits in the an
to the
users
Default
domain
can interactively
entry
Domain is generatedlog
allowsController
the computer
each
Groupon to time
toPolicy
thisthe computer.
participate
OS performs
object in(GPO)
Logons
Active and
oneinitiated
inofthe
Directorybased
these byactivities
local pressing
security
networking.
CTRL+ALT+DEL
successfully.
policy of workstations
For
sequence
example, adding
on the attached keyb
and servers.
a workstation to a dom
Back
This up files
security and
setting directories
determines
Back
Default
Default
Assigning
If upon
Failure
Note: This
on
filesdomain
auditing and
userdirectories
workstations
this
privilege iscontrollers:
right and
can servers:
enabled,
is useful beanawhich
security
audit users
entry isorgenerated
Administrators
risk. groups have
Only
but itassign
can eachbethis
permission
userthe
time rightOStotolog on asusers.
trusted
attempts a Remote
inand fails toDesktop
perform Services
one of these client. activities.
Default:
Restore
Administrators
Bypass
Backup Authenticated
files
traverse
Operators andchecking Users for
directories on system
domaintuning, controllers. misused, for example, a denial-of-service attack.
This
Default:user
Authenticated right determines which users can bypass file and directory, registry, and other persistent object permissions for the purposes of backing up the system
Users.
Default:
Default: None.Users
Administrators
Change
Note:
Enterprise
Caution
This user the
Users system
who
Domain
right have time the
Controllers
determines Create
which Computer
users Objects
can traverse permission
directorypermissions on the
trees even though Active Directory
the user computers
mayinnot container
have permissions can also oncreate
the computerdirectory.
traversed accountsThis in the domain
privilege d
Specifically,
Local
On
permissions
Everyone Service
workstation this
on and user
the right is
servers:
computers similar to granting
Administrators,
container have thecreator
Remote
the following
Desktop as the Users. owner oftothe thecomputer
user or group
account. question
If a useron has allpermissions
files and folders
on the oncontainer
the system: and also has the A
Default
Success
Change
Network onon
the domain
domain
Time
Service. controllers:
Zone controllers. Account Operators
This
On
This user
domain
Pre-Windows
Incorrectly right
user Folder/Execute
Administrators
No auditing right determines
controllers:
on2000
editing is defined
member registry
in which
Administrators.
Compatible
the servers.themay users
Accessseverely
Default and groups
Domain damage can
Controlleryour change
Groupthe
system. timeobject
Before
Policy and
makingdate on the
changes
(GPO) andinternal
intothe clock
thelocal
registry, of the
youcomputer.
security should
policy of backUsers
up any
workstations thatvalued
areandassigned
data onthis
servers. theuser right
computer
Traverse File
Create
Backup a pagefile
Operators
List Folder/Read
This user rightright is determines
Data inwhich users Domain
and groups can change
This user
Important
Default
Print on workstations
Operators defined andthe Default
servers: Controller Groupthe timeobject
Policy zone used (GPO) byand
the in computer
the localfor displaying
security policy theoflocal time, which
workstations andisservers.
the computer's syste
Read
Create Attributes
a token object
Administrators
This
Server
This user
user right
Operators.
right determines
isAttributes
defined which
inany the users
Default and groups can call an internal application programming interface (API) to create and change the size of a page file. Th
Read
Default
This
Backup
Extended
on
setting workstations
does
Operators not have and servers:
effect onDomain
Windows Controller
2000 computers Group Policy that object
have not (GPO)
beenand in the to
updated local security
Service Pack policy
2. of the workstations and servers.
Create
Read
This global
Permissions
Administrators
security setting objects
For
Users information
Default: Administrators,aboutdetermines
how Users to specifywhicha accounts
paging filecan size befor used by processes
a given drive, seetoTocreate change a token
the size thatofcanthe then
virtual bememory
used to paging get access file. to any local resources when t
Local
Create
Everyone Service
permanent shared objects
This
Caution
This security rightsetting determines
internally whether users can createUnless global objects that aredo available to allthis sessions. Users
to a can user,still create or objects
processthat arethan
specific
LocaltoSyst
thei
Localuser
Default: is used
Administrators.
Service by the operating system. it is necessary, not assign user right group, other
Create
Default Symbolic
on
This userService domain
right Links
controllers:
determines which
Network
Caution
Assigning
Caution
Administrators this user right can be aaccounts
security risk. can Since
be used thereby processes
is no way to tobe create
sure athat directory
a userobject is backing usingup the object
data, stealingmanager. data, or copying data to be distributed,
Debug
This
Server programs
privilege
Operators determines if the user can create a symbolic link from the computer he is logged on to.
This
Default user
Assigning onright
on domain
this is used
user internally
controllers:
right can be aby the operating system and is right
useful to kernel-mode components that extend the object namespace. Because components th
Default
Assigning
Local access
Deny Service
Administrators
workstations
this touser
thisright
computer
and
can servers: a security
befrom security
the network
risk.
risk. Assign
Administrators Do not this assign user this user onlyrightto to
trusted
any user,users. group, or process that you do not want to take over the system.
This
Backup
Default:user right
Operators.
Administrator
None determines which users can attach a debugger to any process or to the kernel. Developers who are debugging their own applications do not ne
Default:
Authenticated
Default: None.Users
Deny
This
Everyone log on as
security a batch
setting job
determines which users are prevented from accessing a computer over the network. This policy setting supersedes the Access this compu
Caution
Default
WARNING: on domain controllers:Administrators
This privilege should only be given to trusted users. Symbolic links can expose security vulnerabilities in applications that arent designed to hand
Local
Deny Service
log
Administrators
Backup on
Operatorsas a service
This security
Default:
Network Guest
Service setting determines which accounts are prevented from being able to log on as a batch job. This policy setting supersedes the Log on as a batch jo
Assigning
Local
Server
Note Service this user right can be a security risk. Only assign this user right to trusted users.
Operators
Pre-Windows
This security 2000 Compatible
setting determines Access
which service accounts are prevented
Network
This setting
Default: Service
None. can be used in conjunction a symlink filesystem setting thatfrom can registering
be manipulated a process with the as command
a service. This policytosetting
line utility controlsupersedes
the kinds ofthe Log onthat
symlinks as aa
Default:
Service Administrators
Note: This security setting does not apply to the System, Local Service, or Network Service accounts.
Default: None.
Deny log on locally
Deny log on through
This security setting determines Remote Desktop which Services users are prevented from logging on at the computer. This policy setting supersedes the Allow log on locally policy settin
Enable
This computer
security setting anddetermines
user accounts which tousers
be trusted and groups for delegation are prohibited from logging on as a Remote Desktop Services client.
Important
Force
This shutdown
security from a remote system
setting determines which users can set the Trusted for Delegation setting on a user or computer object.
Default:
If you apply None. this security policy to the Everyone group, no one will be able to log on locally.
Generate
This security security
setting auditsdetermines
The user
Important or object that is grantedwhich users are
this privilege mustallowed havetowrite shutaccessdown atocomputerthe account fromcontrol
a remote flagslocation
on the on user the ornetwork.
computerMisuse object.ofAthis serveruserprocess
right can result on
running in
Default:
Impersonate None. a client after authentication
This user
This security right setting
is determines which accounts can be used by a process to add entries
andto the security log. The security log is usedand to trace unauthorized syst
This
log
This user
security
setting right
audits
does is defined
defined haveinany
notworking
in the Default
the effect
Default Domain Controller
onDomain
Windows Controller
2000 computers
Group
Group Policy Policy object
that object
have not
(GPO)
(GPO) beenand
in
in the
updated the to local
local security
security
Service Pack
policy
policy of workstations
2. of workstations and servers.
servers.
Increase
Assigning athis
process privilege to a userset allows programs running on behalf of that user to impersonate a client. Requiring this user right for this kind of impersonation
Default:
Caution
Increase
Default:
This privilegescheduling
Local Service
determines priority which user accounts can increase or decrease the size of a processs working set.
Caution
Network Service.
Increase
On
Load
Misuse of a
workstations
and process
unload
this user and working
device servers:
right, set
drivers
or of Administrators.
thewhichTrusted for Delegation
This securitycontrollers:
On domain setting determines accounts can use setting, a process could
withmakeWritethe network
Property vulnerable
access to anotherto sophisticated
process to increaseattacks using Trojan horse
the execution programs
priority assigned thatto
Assigning this user rightAdministrators, can be a security Server risk.Operators.
Only assign this user right to trusted users.
This
Lock
This
Default:privilege
pages
user indetermines
right memory
Administratorsdetermines onwhich whichuser
domain users accounts
controllers.can dynamicallycan increase load or and decrease the sizedrivers
unload device of a processs
or other code working in toset.
kernel mode. This user right does not apply to Plug
Default: Administrators.
Default:
Log on as a batch jobdetermines which accounts can use a process to keep data in physical memory, which prevents the system from paging the data to virtual
This
Default:
Caution security
Users setting
Log on as a service
Administrators
This security setting allows a user toset beoflogged on by means of a batch-queue facility andinisphysical
provided onlymemory.
for compatibilitypages with olderresident
versionsand of Windows.
Default:
The
Localworking
Assigning None.
Service thisset user of aright process can be is the
a security memory
risk. Do pages not assign currently
this user visiblerightto totheany process
user, group, RAM
or process that you Thesedo not want toare take over the available for
system.
Log
This
Network on locally
securityService setting allows a security principal to log on as a service. Services can be configured to run under the Local System, Local Service, or Networkuse Se
For example,
Warning: when athe
Increasing user submits
working setasize job by formeans
a process of the task scheduler,
decreases the amount the task scheduler
of physical memorylogs that user on
available toasthea rest
batch of user rather than as an interactive
the system.
Default
Service
Manage on workstations
auditing and and
security servers:
log Administrators.
Determines
Default setting:which None. users can log on to the computer.
Modify
Default
Note:
This
Default: By an
on
security object
domain
default, setting
Administrators label
controllers:
services determines that are whichstarted users by can
the Service
specify object Controlaccess Manager have options
auditing the built-in Service group
for individual added such
resources, to theiras access tokens.
files, Active Component
Directory objects, Object Mo
and reg
Important
Administrators
Backupfirmware
Modify Operators. environment values
This
Print
In
This privilege
Operators
addition,
security a userdetermines can also which usera accounts
impersonate antoaccess can modify token ifthe
any integrity
of the labelauditing
following of objects,
conditions such asFor
exist. files, registry keys, or
beprocesses owned byobject
otheraccess
users. Proces
Modifying thissetting
settingdoes may not affect allowcompatibilityuser enable
with clients, file and object
services, access
and applications. in For
general.
compatibility such auditing
information toabout enabled, the
this setting, Audit
see Allow setting
log on locally (h
Perform
This securityvolume setting maintenance
determines taskswho can modify firmware environment values. Firmware environment variables are settings stored in the nonvolatile RAM of n
Default:
The can
You access None
view token
audited thatevents is being in impersonated
the security log is of
forthe thisEventuser.Viewer. A user with this privilege can also view and clear the security log.
Default:
Profile
The single
user, in this process logon session, created the access tokencan by logging on to the network withvolume,
explicit such credentials.
Thisx86-based
On security setting
computers, determines which users and groups runthat maintenance tasks on by a as remote
right is defragmentation.
The
Default:requested
Administrators.level is lessthe than only firmware
Impersonate, environment
such as Anonymous value orcan be modified
Identify. assigning this user the Last Known Good Configuration setting,
Profile
On
Because
This system
OnItanium-based
workstations
security of performance
setting
these computers,
and servers:
determines
factors, users bootwhich
do information
Administrators,
not users
usually can is use
Backup
need stored in
performance
this user nonvolatile
Operators, right. Power RAM.
monitoring Users, Users
tools must
Users,to be assigned
and
monitor Guest.
the this user right
performance of to run bootcfg.exe
nonsystem processes. and to change the Defa
Use
On
Onallcaution
computers,
domain when
controllers: assigning
this user this is
right
Account user required
Operators, right. Users with
toAdministrators,
install orthisupgrade user
Backup right
Windows. can exploreand
Operators, disks and
Print extend files in to memory that contains
Operators. other data. When the exten
Remove
This securitycomputer from
setting determines docking station
which users can use performance monitoring tools toSDK. monitor the performance of system processes.
Default:
For more
Default: Administrators,
information,
Administrators Powerfor
search users.
"SeImpersonatePrivilege" in the Microsoft Platform
Note:
Replace This a security setting
process level does not affect who can modify the system environment variables and user environment variables that are displayed on the Advanc
token
This security setting determines whether a user can undock a portable computer from its docking station without logging on.
Default:
WarningAdministrators.
Restore
Default:
This files and directories
Administrators.
If thissecurity
policy issetting enabled, determines
the user which must log user onaccounts
before removing can call the the CreateProcessAsUser()
portable computer from its application
docking station. programming interface
If this policy (API) so the
is disabled, thatuserone mayservice can star
remove the
If you enable
Shut security
down thesetting this
system setting, programs that previously had the Impersonate privilege may lose it, and they may not run.
This
Default: Network Service, determines LocalUsers, which
Service. users can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and di
Default: Administrators, Power Users
Synchronize
This securitythis directory
setting service data
Specifically, userdetermines
right is similar which users who
to granting theare loggedpermissions
following on locally to to thethe computer
user or group can shut down theon
in question operating
all files andsystem
folders using onthetheShut
system: Down command. M
Take
This ownership
security of files
setting determines or other objects
which users and Operators,
groups have the authority to synchronize all directory service data. This is also known as Active Directory syn
Default
Traverse onFolder/Execute
Workstations: Administrators,
File Backup Users.
Accounts:
This
Writesecurity Administrator account status
setting determines which users can take ownership of any securable object in the system, including Active Directory objects, files and folders, prin
Defaults:
Default onNone. Servers: Administrators, Backup Operators.
Accounts:
This security Block setting Microsoft determines accounts whether the local Administrator account is enabled or disabled.
Caution
Default on Guest
Accounts: Domain controllers:
account status Administrators, Backup Operators, Server Operators, Print Operators.
This
Notes policy setting prevents users from adding new Microsoft accounts on this computer.
Assigning this user right can be a security risk. Since owners users with of objects
this userhave rightfullcan control
overwrite of them,
registryonlysettings,
assign this hideuser
data, right
andtogain trusted users. of system objects,
ownership
Accounts:
This security Limit settinglocaldetermines
account useif of theblank Guest passwords
account isoption, toenabled
consoleor logon only
disabled.
If
If you
you select
try to the
reenable Users the cant add Microsoft
Administrator account accounts
after it has been users will notand
disabled, be able
if the tocurrent
createAdministrator
ne Microsoft accounts password on thisnot
does computer,
meet the switch
password a local account to
requirements
Default:
Accounts: Administrators.
Rename administrator account
This security
Disabling
Default: the
Disabled. setting
Administrator determines account whether can become local accounts a maintenance that are not issue password
under certain protected can be used to log on from locations other than the physical computer
circumstances.
If you select the Users cant add or log on with Microsoft accounts option, existing Microsoft account users will not be able to log on to Windows. Selecting thi
Accounts:
Workstations
This security Rename and servers:
setting guest
determines account
Administrators,
whether a Backup
differentOperators.
accountwill name
Default:
Under
Note: Enabled.
Safe Mode boot, theisdisabled Administrator account onlyisbe associated
enabledSharing ifwith
the the security
machine identifier (SID)
is non-domain for the
forjoined andaccount
thereisare Administrator.
setno toother
Guestlocal
Renaming
active the w
adminis
If you If
Domain
Audit:
the
disable
Audit
Guest
controllers:
the doaccount
oraccess Administrators,
not configure
of global
disabled this
system
Backup and the
policyobjects
security
Operators,
(recommended), option
Serverusers Network willAccess:
Operators. be able to use Microsoft and Security accounts Modelwith local accounts
Windows. Only, network logo
This security
Default: setting determines whether a different account name is associated with the security identifier (SID) for the account "Guest." Renaming the well-kn
Administrator.
Default: Disabled.
Audit:
This Audit the
security
Warning: settinguse of Backup and
determines whetherRestore privilege
to audit the access of global system objects.
Default: Guest.
Audit:
This Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings.
If thissecurity
Computerspolicythat issetting
enabled,
are not determines
it causes
in physically whether
system secure to audit
objects,
locations the
such use asofmutexes,
should allalways
user privileges,
events,
enforcesemaphores including
strong passwordBackup
and DOS anddevices,
policies Restore,
for all to when
be user
local theaccounts.
created Auditwithprivilege
a default use
Otherwise, systempolicy is inwith
access
anyone effect.
control
physi E
Audit:
Windows Shut
If you apply down
thisand
Vista system
securitylater immediately
policy
versions to theof if unableallow
Everyone
Windows to
group,logauditsecurity one audits
no policy willto bebe able
managed to log in onathrough
more Remote
precise wayDesktop
using Services.
audit policy subcategories. Setting audit policy at
If you disableconfiguring
Note: this policy,this thensecurity
use of the Backup or Restore notprivilege is not audited even Windows.
when Audit privilege use is enabled.
using When
DCOM: subcategories
Machine Access without requiringsetting,
Restrictions a change
in Security
changes
toDescriptor
Group will Policy, take
Definition
effect
there is auntil
new you restart
registry value in Windows Vista and later versions, SCENoApplyLegacyAuditPo
This
Notessecurity setting determines whether the system shuts down if it isLanguage
unable to log (SDDL) syntax
security events.
Note: OnDisabled.
Default: Windows versions prior to Windows Vista configuring this security setting, changes will not take effect until you restart Windows. Enabling this setting
DCOM:
If
This Machine
the category level Launch audit Restrictions
policy set here in Security
is or notgroups Descriptor
consistent withDefinition
the events Language
that are(SDDL) currently syntax
being generated, the cause might to be that this registry key is set.
If thispolicy
This security
setting setting
does setting determines
not is enabled,
affect which
logons it that users
causes usethe domainsystem can
to stop
accounts. access if a DCOM
securityapplication
audit cannot remotely
be logged or locally.
for anyThis reason.setting is used
Typically, an control
event fails the to attack surface
be logged of the
when the
Default:
Devices:
It is possibleDisabled.
Allow for undock
applications without having
that use to
remote log on
interactive logons to bypass this setting.
Default:
This
You policy
can Disabled
use setting
this determines
policy setting which
to specify users or groups
access permissions can launch to allorthe
activate
computers DCOMtoapplications
particular remotely
users for or locally.
DCOM This setting
applications in is used
the to control
enterprise. When theyouattack su
specif
If the security log is full and an existing entry cannot be overwritten, and this security option is enabled, the following Stop error appears:
Devices:
Denysecurity
This Allowed
privileges settingontoboth format local
determines and eject
access was removable
and remote media
access.
Note:
You can Remote
use this Desktopsetting to grant whether
Services access calledtoa all
portable
Terminal
the computerscomputer
Services tocan
inusers be undocked
previousof DCOM versions without having
of Windows
applications. Whento log
Server.you on.define
If this thispolicy is enabled,
setting, and specifylogon the is not required
users and an
or groups thate
STOP: C0000244
Devices:
launch, Prevent
remote {Auditlocal
users
launch, Failed}
from installing
activation, printer
and drivers
remote when
activation. connecting to shared printers
The
This registry
security
Default:
An attempt tosettings
Enabled. setting
generate determines
thata are created
security whoaudit is
asallowed
a resulttoofformat
failed. enabling andthe ejectDCOM:removableMachine NTFS Accessmedia. Restrictions
This capability in Security
can be Descriptor
given to: Definition Language (SDDL) synta
existing
Devices:
To recover, registry
Restrict
an settings
CD-ROM
administrator areaccess
no
must longerlogto effective,
locally
on, and
logged-on
archive the iflogyou
user make
only
(optional), changes
clear to the
the log, existing
and reset settings,
this computer
option as accessUntil
desired. permissions for users are not changed. Uso
For
The aregistry
computer
Administrators settings to print that toarea shared
created printer,
as a result the driverof this forpolicy
that shared printer must
take precedence over be theinstalled
previous on the local settings
registry computer. Thisthis
in this security
security
area. Remote setting
setting is reset,
determines
Procedure no
Callwhousers,
is allo
Services
Caution
Devices:
Administrators
The
Note:possible
This security
On Restrict and
values
setting floppy
Interactive
for thisaccess
determines policy to
Users locally
setting
whether alogged-on
are:
CD-ROM user only thistosecurity
is accessible both local and remote users simultaneously.
Default
The onWindows
possible valuesversions
servers: Enabled.
for this Group prior to Windows
Policy setting Vistaare:configuring setting, changes will not take effect until you restart Windows.
Disabling
Devices:
Default on this
Unsigned policy
workstations: may
driver tempt users
installation
Disabled to try
behavior and physically remove the laptop from its docking station using methods other than the external hardware eject but
This

If security
Default:
Blank. This
This setting
policy
represents is determines
not defined
the local whether
and
security only removable
Administrators
policy way floppy
of deletingmedia
have this are
the accessible
ability.
policy enforcement to both local
key. and
This remote
value users
deletes simultaneously.
the policyisand then sets and it as Notisdefined state.
this
Default:
Blank.policyThisisrepresents
Disabled. enabled, itthe allows
localonly security the interactively
policy way of logged-on
deleting user to access
the policy removable
enforcement key.CD-ROM
This value media.
deletes If this
thepolicy
policy and enabled
then sets itnotoone loggedstate.
Not defined on in
Domain
This controller:
security setting Allow server
determines operators
what happens to schedule
when antasksattempt is made to install a device driver (by means of Setup API) that has not been tested by the Win
If
this
SDDL.
Default: policyThisispolicy
isenabled,
the is notit defined
Security allows only
Descriptor andthe interactively
Definition Language logged-on user to to
is notrepresentation access removable
of locally
the groups floppy
and media.you
privileges If this policywhen
specify is enabled
you enableand no one
this is logged on intera
policy.
SDDL.This
Notes

Domain This is theLDAP
controller: Security serverDescriptor
signing
CD-ROM
Definition
requirements
access
Language restricted
representation the
of the groups logged-on user.
and privileges you specify when you enable this policy.
This
The securityare: setting determines if Server Operators are allowed to submit jobs by means of the AT schedule facility.
Notoptions
Default: This policy
Defined. This is is not
the defined
default value. and floppy disk drive access is not restricted to the locally logged-on user.

This
Not
This setting
Defined.
security does This
setting notisdetermines
affect
the defaultthe ability value.
whether to add a localserver printer.requires signing to be negotiated with LDAP clients, as follows:
Note:
Silently
This This security
succeed
setting setting
does not affect Administrators. only affects thethe ATLDAPschedule facility; it does not affect the Task Scheduler facility.
Note
Default: This policy is not defined, which means that the system treats it as disabled.
Warn
Note
None: but allow
Data signing is
If the administrator installation
is denied
not required permission in order to to bind with
access DCOM theapplications
server. If thedue client requests
to the changes datamade signing, to DCOMthe server supportsthe
in Windows, it. administrator can use the DCOM:
Do
If thenotadministrator
Require
application allow toinstallation
signature: is denied
Unless
the administrator access
TLS\SSL and users. istobeing
activate doand
Toused, this,thelaunchLDAPthe
open DCOM
data DCOM: applications
signing optiondue
Machine must
Access to be
the changes made
negotiated.
Restrictions to DCOM
in Security in this version
Descriptor Definition of Language
Windows, this (SDDL)policy setti
syntax
Default:
This restores Warncontrol but allow of theinstallation.
DCOM application to the administrator and specified users. To do this, open the DCOM: Machine Launch Restrictions in Security D
Default: This policy is not defined, which has the same effect as None.
Domain controller: Refuse machine account password changes
Domain
This security member: setting Digitally
determines encrypt or signdomain
whether secure controllers
channel data will(always)
refuse requests from member computers to change computer account passwords. By default,
Domain
This member:
security setting Digitally
determines encrypt secureall
whether channel
secure data
channel (when possible)
traffic initiated
If it is enabled, this setting does not allow a domain controller to accept anyby the domain
changes member must
to a computer account'sbe signed password. or encrypted.
Domain
This member:
security Digitally
setting determines sign secure
whether channel
a domain data (when
member possible)
attempts to that,
negotiate
When
Default: a This
computer policyjoins is not a defined,
domain, a computer
which means account
that theissystem created. After
treats whenencryption
it as Disabled. the systemfor all secure
starts, it useschannel the computer traffic that account it initiates.
password to create a secure
Domain
This member:
security setting Disable
determines machine account
whether a password
domain member changes attempts to negotiate signing for all secure channel traffic that it initiates.
When a computer
This setting determines joins awhether domain, oranot computer
all secure account
channel is created.
traffic initiated After that, by the when domainthe system member starts,
meets it uses
minimum the computer account password
security requirements. to create
Specifically a secure
it determin
Domain
Determines
the Domain member: whether
Controller Maximum
a in
domain
which machine
member
case account
the periodically
level of password
signing changes age encryption
and its computer account
depends on password.
the version Ifstarts,
this
of thesetting
Domain isthe enabled,
Controller theand domain member
the settings ofdoes
the not attempt
following twotop
When
This setting determines whether or not the domain member attempts to negotiate encryption for all secure channel traffic that it initiates. If enabled, theadomain
a computer joins a domain, a computer account is created. After that, when the system it uses computer account password to create secure
Domain
This
negotiate member:
security secure setting Require
channeldetermines stronghow
encryption. (Windows often a 2000
domain or later)
member session will key
attempt to change its computer account password.
Default:
Domain
This setting Disabled.
member: determines Digitally encrypt
whether orsecure
not thechannel domain data member (when possible)
attempts to negotiate signing for all secure channel traffic that it initiates. If enabled, the domain me
Interactive
Domain
This security logon:
member: setting Do not display
Digitally
determines sign secure last user
whether channelnamedata
128-bit key (when
strength possible)
is required for encrypted secure channel data.
Default:
This
Notessecurity 30 days.
Enabled. setting determines whether the name of the last user to log on to the computer is displayed in the Windows logon screen.
Default:
Interactive Enabled.
Logon: Display user information
If this policy
Default:
When a Enabled.
computer is enabled, joins athe name
domain, of the lastwhen
a computer user session
to
account successfully is locked on is not displayed in the Logon Screen. .
is created.log After that, when the system starts, it uses the computer account password to create a secure
Important
This security setting should not be enabled. Computer account passwords are used to establish secure channel communications between members and doma
Interactive logon: Do not require CTRL+ALT+DEL
Notes:
If this
This
Notes:
Depending policy
setting is
shoulddisabled, not bethe used name in of
an the
attempt last user
to to
support log on is
dual-boot displayed. scenariosthat thatthe usedomain the same computer account. If youwith want to the
dual-boot
settingstwo of installations tha
This
Interactiveis no on
Theresetting known whatreason
applies version
to Windows for ofdisabling
Windows
2000 is running
computers,
this setting.but on itthe
Besides domain
is not available
unnecessarilycontroller throughreducing the Security
the potential member
Configuration is communicating
confidentiality Manager leveltools of the and
onsecure
these computers.
channel, the parameters
disabling this settin
policylogon:
This Machine account threshold.
If thesecurity setting
Domain determines
member: whether
Digitally encryptpressing or sign CTRL+ALT+DEL
secure channel is data
required before
(always) is aenabled,
user canthen log this
on. policy is assumed to be enabled regardless of its curr
Thethismachine
Default:
If Disabled.
policy islockout
enabled, policy is
theencrypt enforced
policy Domain only onand
member: those machines
Digitally sign that
securehavechannel Bitlocker enabled for protecting OS volumes. Please ensure that appropriate recove
Domain
Interactive
Note: member:
controllers
Domain logon: Digitally
are
Machine
controllers alsoare domain
inactivity ormembers
also Domain sign
limit.
domain secure
members channel
establish data
and establish secure(always) channels
secure withdata
channels other (when
with(when domain possible)
otherpossible) controllers
domain
is assumed
controllersin the same
in
to bedomain
thebesame
enabled asregardless
domain wellas aswell
domainof its current
asits controllers
domain
settin
contro in
If
If this
this policy
Domain policy
member: is
is enabled,
enabledDigitally the
on apolicy
computer,
encrypt secure a user member:
channel is notdata Digitally
required (whensign topossible)secure
press channel
CTRL+ALT+DEL data to log on. Not having is assumed to press to enabled
CTRL+ALT+DEL regardlessleavesofusers current settin
susceptibl
This
Logon security
Interactive information setting
logon: determines
transmitted
Message text overthe number
the
forisusers secure of
attempting failed
channel logonis attempts
always that
encrypted causes the
regardless machine
of whether to be locked
encryption out. of A locked
ALL other out machine
secure channelcan only
traffic be isrecovered
negotiated by o
Some
Windows or all of theinactivity
notices information of athat
logon transmitted
session, and over if to
thethelog on
secure
amount channel
of inactive will be exceeds
time encrypted. theThis policy limit,
inactivity setting then determines
the screen whether
saver will or not run,128-bit
lockingkey thestrength
session.i
If this policy is disabled, any user is required to press CTRL+ALT+DEL before logging on to Windows (unless they are using a smart card for Windows logon).
Interactive
Failed
This password
If thissecurity
setting logon:
setting
is Message
attempts
enabled, specifiesthen title
against a for
thetext users
workstations
message
secure attempting
channel that is to
or will
member logbe
displayed
not on
servers to users
established that whenhave
unless been
they locked
log
128-bit on. using either
encryption can CTRL+ALT+DELETE
be performed. If this setting or password is disabled,protected then screen
the keysav str
Default: not enforced.
Default on domain-computers:
Interactive logon: Number of Disabled.
previous logons to cache (in case domain controller is not available)
This
The
This
Default security
machine
texton setting
lockout
is stand-alone
often used for allows
policy the
is specification
enforced
legal reasons,
computers: Enabled. only of
on a title
those to appear
machines in the
that title
have bar of
Bitlocker the window
enabled that
for contains
protecting
for example, to warn users about the ramifications of misusing company information or to warn them that their actions the
OS Interactive
volumes. logon:
Please Message
ensure text
that the for users
appropriate attemptrec
Default: Disabled.
Interactive
All previous logon:
users' Prompt
logon user to change
information is password
cached locally beforeso that, expiration
in the event that a domain controller is unavailable during subsequent logon attempts, they are a
Default:
Default: No
No message.
message.
Important
Interactive
Determines logon:
how far Require
in advance Domain Controller
(in days) authentication
users are thatunlock
to
Windows cannot connect to a server to confirm yourwarned logon settings. theirYou password
have been is about logged to expire.
on using With this advance
previously stored warning,
accountthe user has time
information. If you tochanged
constructyou ap
In order
Interactive to take advantage
logon: Require of
smart this cardto unlock a locked computer.and
policy on member workstations servers, all domain controllers that constitute the member's domain must be running Win
Logon
Default: information
14 days. must be provided For domain accounts, this security setting determines whether a domain controller must be c
In
If aorder
domain to takecontrolleradvantage of this policy
is unavailable and on domain
a user's logoncontrollers,
information all domain
is not cached,controllers the in usertheissame prompteddomain with asthis wellmessage:
as all trusted domains must run Windows 200
Interactive
This security logon: Smart card removal behavior
setting requires users to log on to a computer using a smart card.
Default: Disabled.
The system
Microsoft cannotclient:
network log you on now
Digitally signbecausecommunicationsthe domain(always) <DOMAIN_NAME> is not available.
This securityare:
The options setting determines what happens when the smart card for a logged-on user is removed from the smart card reader.
Important
Microsoft
In
Thisthissecurity
policynetworksetting,
setting client:
a value Digitally
determines sign communications
of 0whether
disables logon signing
packet caching. (ifisAny
server
requiredvalue agrees)
above
by the SMB 50 only clientcaches component.50 logon attempts.
The
Enabled:options Users are: can to only log on to the computers,
computer using aissmart card.
This setting
Microsoft applies
network client: Windows
Send 2000
unencrypted password but it not
to attempts
connect toavailable through the Security Configuration Manager tools on these computers.
This
Default:
The security
Disabled.
server25 Users setting
message can determines
log
block on to the
(SMB) whether
computer
protocol the SMB any
using
provides client
themethod.
basis for Microsoft to third-party
negotiate SMBpacket
file SMB
and print
serverssigning.
sharing and many other networking operations, such as remote Windo
No Action
Default: Disabled.
Microsoft
If thisserver network
security setting server: Amountthe
is enabled, of idle
Server timeMessagerequiredBlock before(SMB) suspending redirector a session
The
If
Lock
this
Workstation
setting message
is enabled, block the(SMB) Microsoft protocol network providesclientthe willbasis for Microsoft
not communicate fileisand
with
allowed to send and
print sharing
a Microsoft
plaintext
network server manypasswords other networking
unless
to non-Microsoft SMB
that serveroperations, agrees to perform such servers
asSMB remotethat do not
Windo
packet sig
Force
Microsoft
Important Logoff
network server: Attempt S4U2Self to obtain claim information
This
Sending
this security
Disconnect setting
unencryptedif a Remote determines
passwords
Desktop the aamount
isServicessecurity ofrisk.
continuous idle time that must pass in a Server Message Block (SMB) session before the session is suspended
session
If
Default: setting
Disabled. is enabled, the Microsoft network client will ask the server to perform SMB packet signing upon session setup. If packet signing has been enabled
Microsoft
This security
setting network setting
will server:
apply istotothis
anyDigitally
support computers sign communications
clients running
running a aversion
Windows (always)
of Windows
2000 throughprior changes to Windows
in the 8session.
Consumer
registry, butIfthe Preview
security that are trying
setting is notthe to access
viewable aisfile share that require
Administrators
Default:
If you Lockcan
Disabled.
click use
Workstation policy
in thetowhose control
Properties when dialog computer
box be forinthis suspends
policy, the an workstation
inactive SMB client activity resumes, sessionthrough the Security
automatically reestaCo
server
Default:
Microsoft
Important will support
Enabled.
network client
server: principals
Digitally accounts
sign communications may (if required
client a domain
agrees) which has clientiscomputers locked when andthe smart controllers
domain card is removed, runningallowing a version users to leave
of Windows the
priora
This security setting determines whether packet signing is by the SMB server component.
For
If you this policy
click Force setting,
Logoff a value
inDisconnect
the of 0 meansdialog
Properties to disconnect
boxlogon for the an idle
this policy, sessionthecan as quickly
user as is reasonably
is automatically logged possible.
off when Thesmart
the maximum card isvalue removed. is 99999, which is 208 days;
Microsoft
This
Notes
This
For setting
security network
should
setting server:
be set
determines to automatic
whether clients
(default)
the when
SMB so that
server hours
willfile expire
server
negotiate SMB automatically
packet signing evaluate
with whether
clients thatclaimsrequest areTo it.needed for the user.SMB An administrator wou
The thisserverpolicy messageto take effect
block on
(SMB) computers
protocol running
provides Windows
the basis 2000, client-side
for Microsoft filepacket
and print signingsharing must andalsomany be enabled.
other networking enable client-side
operations, such as packet
remote signing,
Windo
Default:This
Computers
Microsoft networkpolicy
that have is not
this defined,
policy set which
will means
not be that
able tothe system
communicate treats it
with as 15
computers minutes that fordo servers
not haveand undefined
server-side for
packet workstations.
signing enabled. By default, server-sid
If you
This
When
All
The
click
security
enabled
Windows Disconnectthisserver:
setting
operating security aServer
ifsystems
determines Remote
setting SPNDesktop
whether
will
support target
cause
both name
Services
toprovides
disconnect
athe validation
Windows
client-side session,
users SMB level
filewho removal
serverare
component to ofexamine
the
connected and smart
a tothe card
the access
server-side disconnects
local computer
token
SMB the
ofmany
an session
outside
andcomponent. authenticated their
To without
usernetwork
take loggingclient
account's
advantage the user
valid
of off.
logon
principal
SMB packetThis
hours.
and allowsThis
determine
signing, the
setti
both ui
If thisserver
Server-side
which
Microsoft setting
have
message
packet
network is enabled,
claim-based client:
block
signing the(SMB)
can
access
Digitally
be
Microsoft protocol
enabled
control
sign network
policy
on
communications
computers
server
applied.
the willbasis
running
not
(always)
for Microsoft
Windows
communicate
- Controls
file
2000
with
whether
and a andprint
Microsoft
or not
sharing
later
the
by setting
network
client-side
Microsoft
client SMB
other
unless networking
network
that client
component
server: operations,
agrees
requires
Digitally such
sign
to perform
packet
as
signing. SMBremote
communicationspacket Windo sig(
Network
Server-side
The
Note:server access:packet
message Allow anonymous
signing
block can be
(SMB) SID/name
enabled
protocol on translation
computers
provides the running Windows NT 4.0 of Service Pack 3 other
and later by setting the following registry value to 1:
When
Microsoft
If
Remote
thisnetwork
this setting policy Desktop
isclient:
is enabled, enabled,Services
Digitallyit causes
the Microsoft
was
sign called
client Terminal
sessions
communications
network
HKLM\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature server with (ifbasis
Services
will the for
server
negotiate
file
in agrees)
SMB previousand printer
Service
SMB -packet to besharing
versions
Controls forcibly
whether
signing
and
Windows
as
many
disconnected
or Server.
not
requested the by networking
when
client-side
the client.the client's
SMB operations,
That logon
component
is,
such
hours
if packet has aspacket
remote
expire.
signing has
Windows
signing
been enabled.
adm
enabled
Default:
Network
If thissecurity
Microsoft access:
settingnetwork is Do
disabled, not allow
server: the
Digitally anonymous
Windows sign file enumeration
server
communications will not of SAM
attempt
(always) accounts
to obtain aidentifier
- Controls claim-enabled
whether or access
not attributes
the token
server-side forSMB the component
client principal. requires packet signing.
This
This setting determines if an anonymous user can request security (SID) for another user.
thissecurity
Default:
If
Microsoft
Default:
Server-side
This
policy network
Enabled
setting
ispolicy
disabled,
on
isdetermines
server: notan
domain
defined,
established
Digitally the
controllers signlevel
which of validation
means
client
communications
only.
that the
session isa allowed
SMB
system
(if clientservertreats
to beperforms
agrees) it as
maintainedNo on
- Controls the
action.
95 after
service
orwhether orprincipal
the client's the name
98. logon
not hours
server-side (SPN)have provided
SMB expired.
component by the SMB client when
has packet signing trying
enabledto e
Network
Disabled
This
Default:
If security
server-side for packet
access:
Automatic.member
setting
SMB Do signing
not
signing allow
servers.
determines
cannot
is anonymous
what
required,
be enabled
additional
a client
on computers
enumerationpermissions
will not be ofable
SAM running
willto accounts
be
Windows
granted
establish and
a forshares
anonymous
session
Windows
with that connections
server unless to the
it computer.
has client-side SMB signing enabled. By default,
If
Onthis
The
Enabled policy
options
Windows for is
are:
domainenabled,
Vista a user with
controllers.
and above: For this knowledgesetting to ofwork,
an administrator's
thewill Smart Card SIDRemoval
could contact Policy a computer thatbehas this policy enabled and use the SID to get the admi
Default
Similarly,
Network
Important
Notes on if Windows
client-side
access: Vista:
SMB
Do determines
not allow Enabled.
signing
storage is required,
of credentials that client orenumeration not be
.NET Passports ablefortonetwork
establish a service
session must
authentication with servers started. that do not have packet signing enabled. By defau
This
Default
Windows security
onallows
If server-side setting
Windows
SMB anonymousXP:and
signing Disabled users
ismember whether
enabled, to servers:
perform anonymous
SMB packet certain activities,
signing will be such of SAM accounts
as enumerating
negotiated with clients and
the thatshares
names have is allowed.
of client-side
domain accounts SMB signing and network enabled. shares. This is convenient, fo
Default
No on
validation workstations
- validation ofcan the permissions
SPN will performancenotapply Disabled.
be performed by
Notes
Network
Using
This
Default
For SMB
on
Windows access:
security packet
setting
domain2000 Let Everyone
signing
determines
controllers:
servers degrade
whether
Enabled.
tousers
negotiate Stored
signing User
with to anonymous
up
Names
Windows toSMB15theandNT
SMB on
users
percentPasswords
4.0
server.
clients,file service
saves
the a following transactions.
passwords, registry credentials,
value must orbe .NET
Toset Passports on thefor
to advantage
1 network later
server use
running when it gains2000 dom
All
This
Windows
Windows security allowsoperating
option anonymous systems
allows additional
support
to both
perform
restrictions
acertain
client-side
to be placedactivities, component
such
on- anonymous as and
enumerating server-side
connections the names SMB
as follows: of component.
domain accounts take and of SMB
shares. packet
This isWindows
signing,
convenient, both fo
Microsoft
Network
All
Validate
Windows network
ifaccess:
provided
operating client:
Namedby Digitally
pipes
client
systems - thethat sign
support
SMBcan communications
be
server
both accessed
awill
client-side
validate (always)
anonymously
SMB
theare SPN Controls
componentprovided whether
andby athe or notclient
server-side
SMB the client-side
SMBand component.
allow SMB
a session component
To take to be requires packet
advantage
established of SMB signing.
if it matches
packet signing,
the SMBboth ser
This
If security
it is enabled, setting
thisclient:determines
setting prevents what additional
thecommunications
Stored User Namespermissions and agrees)granted
Passwords for anonymous
from storing connections to the computer.
Notes
Microsoft
Default:
Enabled:Disabled.
Microsoft network
network
Do not allow client: Digitally
Digitally
enumeration
sign
sign of communications
SAM accounts.
(if server
(always)
This option- -Controls
replaces
- Controls
whether
Everyone or notpasswords
whether theorclient-side
not the and credentials.
client-side
SMB SMB component
component requires has
packet packet
signing.signing enabled.
Network
Microsoft
This
Require
Microsoft access:
security network
match
network setting
fromRemotely
server:
determines
client
client: - accessible
Digitally
the
Digitally SMB sign
which
sign registry
communications
communication
client MUST
communications paths send a
(if(always)
sessions
SPN
server name Controls
(pipes)
agrees) in will
session
- whether
have
Controls setup, orwith
attributes
whether notAuthenticated
and the
and
theor server-side
permissions
SPN
not thename
UsersSMB that
provided
client-side
incomponent
the security
allow
SMB MUST anonymous
componentmatch
permissions
requires thehas packet
access.
SMB
forsigning.
packetserver
resources.
that enabled.
signing is beingfo
Windows
Disabled:
Note:
All When
Windows allows
Noconfiguringanonymous
additional
operating this
systems users
restrictions.
security toRely
support perform
setting,
both acertain
on default
changes
client-side activities,
permissions.
will(always)
(ifnot
SMB take such as enumerating
effect
component untiland you restart the Windows.
a server-side names orSMB of the
domain
component. accounts and network shares. This is convenient,
Microsoft
Microsoft
Network
set,
network
network
access:
anonymous
server:
server:
Remotely
users can
Digitally
Digitally
accessible
only access
sign
sign communications
communications
registry
those paths
resources and
client
subpaths
for which
agrees)
-the
Controls - Controls
anonymous whether whether
user or nothas the
been
not
server-side
explicitly SMB To
server-side
given
take
SMB
component
permission.
advantage
componentrequires ofhasSMB
packet packet
packet signing. signing,
signing both
enabled
This
For
If security
more
Microsoft
server-side
Default:
Microsoft None.
No setting
information
network SMBclient:
validation
network determines
about
signing
server: isStored
Digitally which
required,
Digitally User
sign
sign registry
Names
communications
acommunications
client will keys
and not can be be
Passwords,
(always)
able
(if accessed
client see
to-agrees)
Controls
establish over
Stored -a the network,
User
whether
session
Controls Names
orwithnot
whether regardless
and
the
that of unless
Passwords.
orclient-side
server,
not the the users
SMB
server-side or groups
it component
has client-side
SMB listed
requires
component SMB in thepacketaccess
signing
has control
signing.
enabled.
packet signing Bylistenabled
(ACL)
default,
Default
Microsoft
If on
server-side workstations:
network SMB client:
signing Enabled.
Digitally
is enabled, sign accesscommunications
SMB packet signing (if server
willand beagrees)
negotiated - Controls
with clientswhether that orhave
not the client-side
client-side SMB SMB signingcomponent enabled. has packet signing enabled.
Network
If
If server-side
This
thissecurity
Default access:
policy
on SMB
issetting Restrict
enabled,
server:Disabled. signing
determines
theanonymous
isEveryone
required,
which a client
registry
SID towill
is added Named
paths nottoand be
the Pipes
able
subpaths
token to that Shares
establish
can be aaccessed
is created session
forservice with
over
anonymous that
the server
network, unless
connections. regardless itInhasthis client-side
of
case,the users
anonymousSMB signing
or groups users enabled.
listed
are in abletheBy default,
toaccess
access co
Default:
Microsoft
Using
All SMB
Windows
Similarly, Disabled.
ifnetwork
packet
operating
client-side server:
signingsystems
SMB Digitally
cansigningimpose sign
support communications
upboth
is required, to aa 15 client(always)
percent
client-side
that performance
SMB
will - Controls
notcomponent
be ablehittoon whether
and file ora not
a server-side
establish theSMB server-side
transactions.
session withcomponent.
servers SMB component
thatThisdo not setting requires
haveaffects packetthe packet
serversigning.
signing SMB behavior,
enabled. By defau a
Network
Microsoft
When
If server-side access:
network
enabled, SMB Shares
thisserver:
security
signing thatis can be
Digitally
setting
enabled, sign accessed
communications
restricts
SMB anonymously
anonymous
packet signing (if client
access
will be agrees)
to shares
negotiated - and
Controls
pipes
with whether
to
clients the that orhave
settingsnot the for: server-side
client-side SMB SMB
signing component
enabled. has packet signing enabled
Default:
Important Disabled.
System\\CurrentControlSet\\Control\\ProductOptions
If server-side SMB signingsigning can is required, a performance
client will notup beto able
Using
Network SMB packet
access: Sharing and degrade
security model forthat
local accounts 15 to establish
percent on file a session
servicewith that server unless it has client-side SMB signing enabled. By default,
transactions.
This
Network security
access: setting Named determines
System\\CurrentControlSet\\Control\\Server
Similarly, if client-side SMB pipes signing which
that is
can network
required,
be accessedshares
Applications client canwill
anonymously accessed
not be able by anonymous
to establishusers. a session with servers that do not have packet signing enabled. By defau
System\\CurrentControlSet\\Control\\Print\\Printers
This policy has
Software\\Microsoft\\Windows
If server-side SMB no impact
signing onis domain
enabled, controllers.
NT\\CurrentVersionSMB packet signing will bepassword
negotiated with clients that have client-side SMB signing enabled.
Network
Important
This access:
security: Shares
Do not thatstore can LAN beManager
accessed hash
anonymously
valuethat on next change
Usingsecurity setting determines
System\\CurrentControlSet\\Services\\Eventlog
Default:
Default: SMBNone packet
Enabled. specified.signing can impose how network
up to alogons 15 percent use local
performance accounts hit onare fileauthenticated.
service transactions. If this setting is set to Classic, network logons that use local acc
Software\\Microsoft\\OLAP
Network
Caution security: Force logoffServer when logon hours expire
This
For
If this security
this policyis
setting setting
Software\\Microsoft\\Windowstoset
take todetermines
effect on
Guest only, if,network
at the next
computers
NT\\CurrentVersion\\Print running
logons password
thatWindowsusechange,
local 2000, the LANare
server-side
accounts Manager packet
automatically(LM) hash
signing mapped valuealso
must forthe
to the
beGuest new password
enabled. account. To enable Byis stored.
using The
server-side
the LMSMB
Guest hash is relatively
packet
model, can hw
yousigning
Microsoft
Network network LAN
security:
Software\\Microsoft\\Windows server: ManagerDigitally sign communications
authentication
NT\\CurrentVersion\\Windows level your (if server agrees)
This security
Incorrectly setting
editing thedetermines
registry may whether
severely to disconnect
damage users system.who are Before connected
making to the local
changes to computer
the registry, outside
you should their user backaccount's
up any valued valid logon data on hours. This setti
the computer
Default on domain
This security computers:
System\\CurrentControlSet\\Control\\ContentIndex
Note: setting istonot Classic.
available on earlier versions of
Network
Default
For
This on
Windows security:
security 2000LDAP
Windows
setting Vista:
servers client
determines Enabled signing
negotiate
which requirements
signing
challenge/response with Windows NTWindows.
authentication 4.0 clients, The thesecurity
following setting
registry thatvalue
appears must onbe computers
set to 1 on running
the Windows Windows
level 2000
XP,server:
"Network acc
System\\CurrentControlSet\\Control\\Terminal
Default
When
Default:
Default
on
this stand-alone
policy is
on Windows XP: Disabled. enabled,computers: it causes Guest client only
HKLM\System\CurrentControlSet\Services\lanmanserver\parameters\enableW9xsecuritysignature
Server
sessions with the SMB serverprotocol to be forcibly is used for
disconnectednetwork logons.
when theThis choice
client's logon affectshours theexpire. of authentication pro
Network security: Minimum session security for Server\\UserConfig
NTLM SSP based (including secure RPC) clients
This
Send security setting determines the level of data signing that is requested onnever
behalfuse of clients issuing LDAP BIND domain requests, as follows:
this LM
Important & NTLM responses:
If policy is disabled,
System\CurrentControlSet\Control\ProductOptions
Important
Computers that have anpolicy
thisNTLMv2
Clients
established
set will
use
not
LM
client and
communicate
NTLM authentication
Server\\DefaultUserConfiguration
session is allowed
with to be maintained
computers
and
that doand notafter have
NTLMv2
theclient-side
client's session
logon packet
security;
hours have enabled.
signing expired. controllers
Client-side
accept LM, NTLM, and NT
packet
Network
Send LM security:
& NTLM
Software\\Microsoft\\Windows
This security setting Minimum
-
System\CurrentControlSet\Control\Serveruse
allows session security
session
NT\\CurrentVersion\\Perflib
a client to require for
securitythe NTLM
Applications if
negotiation SSP
negotiated: based
ofare (including
Clients
128-bit use LM
encryption secure RPC)
NTLM
and/or servers
authentication and
NTLMv2 session security. These values are use NTLMv2 session security
dependent if thesigning
server
on
can
the LANsuppo be
M
None:
Send
With The
NTLM
the GuestLDAPresponse
onlyBIND model,
System\\CurrentControlSet\\Services\\SysmonLogrequest
only: Clients
any is
userissued
use who with
NTLMcan the
accessoptions
authentication your that only
computer specified
and overuse theby
NTLMv2the
network caller.
session
(including security if
anonymous the server Internetsupports users) it; domain
can access controllers
your sharedaccept LM,
resources NT
Default:
Windows Enabled.
Software\Microsoft\Windows
Negotiate signing:
2000 If Transport
Service Pack NT\CurrentVersion
Layer
(SP2)toSecurity/Secure
2Clients and above offer Sockets
compatibility Layer (TLS\SSL)
with authentication has nottobeen previous started, the LDAP
versions of BINDThese
Windows, request
such isit;initiated
as Microsoft with the LDAP
Windows NT data
4.0. siM
Send
This security
NTLMv2 setting
response allows
System\\CurrentControlSet\\Services\\CertSvc
Require NTLMv2 session only: a server use
require NTLMv2 the negotiation
authentication of 128-bit
only and
encryption
use NTLMv2 and/or session
NTLMv2 security
session if the
security.
server supports values domain
are dependent
controllers on accept
the LAN LM
Require
This
Note:
Send signature:
setting
NTLMv2 canresponse Thisthe
affect is security:
the
ability same of The
computers connection
as Negotiate running will Windows
signing. failHowever,
if NTLMv2 2000 if protocol
the
Server,LDAP is server's
not negotiated.
Windows intermediate
2000 Professional, saslBindInProgress
Windows XP,theandresponse the Windows does not indicate
Server 2003 thatfamily
LDA
Note: This security settingonly\\refuse
System\\CurrentControlSet\\Services\\Wins
Require 128-bit encryption: The connection
behaves asLM: an Clients will fail
account use NTLMv2
if strong
policy. Forencryptionauthentication
domain (128-bit)
accounts, only andcan
is not
there use
negotiated.
be NTLMv2
only one session
account security
policy.ifThe server
account supports
policy must it; domain
be defined controller
in th
Require
Send NTLMv2
NTLMv2 session
response security:
only\\refuse The LM connection
& NTLM: will
Clients fail if
use message
NTLMv2 integrity is
authentication
servers that are joined to a domain (for example, member computers) also receive the same account policy for their local accounts. However, local account po not negotiated.
only and use NTLMv2 session security if the server supports it; domain
Caution
Require
This
Caution 128-bit
setting doesencryption.
not affect interactiveThe connection logons willthatfailare if strong
performed encryption remotely (128-bit)
by using is not such negotiated.
services as Telnet or Remote Desktop Services. Remote Desktop Se
Default: No requirements.
Important
If youpolicy
Default:
This setNo
Incorrectly the server
requirements.
will
editing have theto Require
noregistry
impactmay signature,
on computers
severely you must also
running
damage Windows
your set the2000.
system. client.
Before Notmaking
settingchangesthe clienttoresults in a loss
the registry, youofshould connection back with up any thevalued
server.data on the computer
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers
Network
This policy security:
settingRestrict allows you NTLM: to deny Incoming or audit NTLM outgoing trafficNTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote s
Network
This security: Restrict NTLM: AuditorIncoming NTLM NTLM Traffic traffic.
If youpolicy selectsetting "Allowallows all" or you do not to deny configure allowthisincoming
policy setting, the client computer can authenticate identities to a remote server by using NTLM authentication.
Network
setting Restrict
allows NTLM:
you to auditNTLM incomingauthentication NTLM in
traffic.this domain
If
If you you select
select "Allow "Audit all," all" or thedoclientnot configure
computerthis logspolicy an event setting, for each the server NTLMwill allow all NTLM
authentication requestauthentication
to a remote requests.
server. This allows you to identify those servers re
Network
setting Restrict
allows NTLM:
you to denyAuditorNTLM allow authentication
NTLM authentication in this domain within a domain from this domain controller. This policy does not affect interactive logon to
If
If you
you select
select "Disable",
"Deny all or do not
domain configurethe
accounts," thisserverpolicywill setting,
deny the
NTLM server will not log events
authentication requests forforincoming
domain NTLM
logon traffic.
and display anYou NTLM
If
Networkyou select security:"DenyRestrict all," theNTLM: client computer Add remote cannot server authenticate
exceptions identities
for NTLM toauthentication
a remote server by using NTLM authentication. can blocked
use the error,"Network but allow
security: loc
This
If you policy
select setting
"Disabled" allows or you
do to audit
not configure NTLMthis authentication
policy setting, in the a domain
domain from this domain
controller will controller.
allow all NTLM pass-through authentication requests within the domain
If
If you select
youpolicy
select "Enable allauditing for domain accounts", the server will log events for NTLM frompass-through authentication
and displayrequests an NTLMthat woulderror.be blocked when the "
Network
This
This policy is"Deny
security: supported
setting Restrict
allows
accounts,"
on NTLM:
youat to least the
Add
create
server
Windowsserver
an this
will
7 or
exception
deny
exceptions
Windows NTLM
list of
authentication
in remote
this
Server domain 2008 R2.
servers
requests
to whichwill clients
incoming traffic
areevents
allowed toNTLM
use NTLM authentication
blocked
if domain.
the "Network Security: Re
If
If you select "Disable" or do not configure policy setting, the domain controller not log for authentication in this
If you
Network
This
select
youpolicy
select
security:
is
"Deny
"Enable
supported
forauditing
Allow
domainfor
LocalSystem
on atare
accounts
least all Windows
accounts",
NULL
to domain
sessionthe
7this
servers"
server
or Windowsfallback will the logdomain
Server events2008
controller
for all NTLM will authentication
deny all NTLM requests authentication that would logonbe attempts
blockedtowhen all servers
the "Networkin the domainSecurit
This
Note:
If you policy
Audit
configure setting
and block
this allows events
policy you to
setting, create
recorded
you an exception
can on
define a listofofremote
computer
list servers
in theservers in this R2.
"NTLMBlock" domain
to which toclients
Log which
located clients
are under are
allowed theallowed
to Applications
use to useauthentication.
NTLM NTLM
and pass-through
Services authentication if the "
Log/Microsoft/Windows/Secu
If you
If you select
select "Deny "Enable forfor domain
domain accounts
account" the todomain
domaincontroller servers," will the denydomain all controller
NTLM will log events
authentication logon for attempts
NTLM authentication
from domain logon
accounts attempts
and for domain
return an NTLMaccount blo
Network
This
Allow policy security:
isevents
tosupportedAllow Local
onNULLat System
least to computer
Windows use computer7 or Windows identity Server for NTLM 2008 R2.
Note:
If you
If you NTLM
Block
configure
do not
fall
thisback
configure
are
policy to
recorded
this setting,
policy
session
on you this
setting, canwhenno define used
exceptions ainlistwith
the LocalSystem.
"NTLMBlock"
ofwill
servers
be in this
applied.
Logdomainlocated to under
which the clientsApplications
are allowed andtoServices
use NTLM Log/Microsoft/Windows/Security-NTLM
authentication.
If
Network
If you select
youpolicy security:
select "Enable
"DenyAllow forfor domain
PKU2U
domain accounts,"
authentication
servers" the therequests
domain domain controller
toNegotiate
thiswill will log
computer events
to use for NTLM
online authentication
identities. logon attempts that use domain accounts when NTLM
This
Note:
The Audit
default setting
events
isconfigure
TRUE allows
are toLocal
uprecorded Windows System
on this Vista services
computer
and FALSE incontroller
that use
the in "NTLMBlock"
Windows
deny
7.to Log
NTLM
use the
locatedauthentication
computerunder the requests
identity when to
Applications all
reverting
andservers in the
to NTLM
Services domain
authentication.and return
Log/Microsoft/Windows/Security-NTLM an NTLM blocked
If
The you do not this policy setting, no exceptions will be applied.
Network
If
This younaming
select format
security:"Enable for
forservers
Configure domain onservers"
encryption this exception
typesthe list iscontroller
allowed
domain theKerberos
for fully qualified
will log domain
events for name
NTLM (FQDN) or NetBIOS
authentication requestsserver name
toable used in
all servers bythe thedomain
application, when listed
NTLM one per
an authe
If
If you youpolicy
select
enable will"Denybe policy
this turned
all," the offdomain
setting,by defaultservices on
controller domain
running will as joined
deny Local allmachines.
NTLM
System This
pass-through
that would
use disallow willthe
authentication
Negotiate use online
requests identities
the computer from to be
its servers
identity. This to
and authenticate
for its
might cause accountsto theand
some domain
return
authentication joined ma
NTLM
requ
The naming
Recovery format Allow
console: for serversautomatic on this exception list
administrative is the fully qualified domain name (FQDN) or NetBIOS server name used by the calling application listed o
logon
This
If
This youpolicy
selectsetting
is"Enable allows
all" on you
the to
atdomain set Windows
the encryption
controller will log types eventsthat Kerberos
for NTLM ispass-through allowed to use. authentication requests from its servers and for its accounts which would
If youpolicy do not supported
configure this policy least setting, services Server 2008
running R2.
as Local System that use Negotiate when reverting to NTLM authentication will authenticate anonym
Recovery
This console: Allow floppy copy and access to all drives and all folders
If
This
Note: notsecurity
selected,
policy
Blockis
setting
supported determines
the encryption on at least type if the
onwill
password
thisnot
Windows be Server for the
allowed. in 2008
Administrator
This R2.setting may account
affect must be givenwith
compatibility before
client access
computers to theorsystem services is granted. If this option
and applications. is enabled,
Multiple selection th
This
Shutdown: policy isevents
Allow supported
system
are recorded
on
to at least
be shut Windows
down
computer
without 7 or having
Windowsthe "NTLMBlock"
to Server
log on 2008 Log R2. located under the Applications and Services Log/Microsoft/Windows/Security-NTLM
EnablingThis
Default: this policy
security option
is not makes the Recoveryadministrative Console SETlogon command available, which allows you to set the following Recovery Console environment varia
This
Note:policy Audit is supported
events are ondefined
recorded at least on and thisautomatic
Windows computer 7 or Windows
in the "NTLMBlock" Server 2008 is
Lognot
R2. allowed.
located under the Applications and Services Log/Microsoft/Windows/Security-NTLM
Shutdown:
This security Clearsetting virtual memory whether
determines pagefile a computer can be shut down without having to log on to Windows.
AllowWildCards: Enable wildcard support for some commands (such as the DEL command).
System
AllowAllPaths:
This cryptography:
security Allow determines
setting Use FIPS
access 140
to allwhether filescompliant
and the folders cryptographic
virtual on the computer.
memory algorithms,
pagefile including encryption, hashing
is shutand signing algorithms
When this policy
AllowRemovableMedia: is enabled, Allowthe filesShut to be Down copied command to removable is available media, onis cleared
the
such Windows when
as a floppy
the system
logon disk.screen.
down.
System
NoCopyPrompt:
For Cryptography:
thememory
Schannel Do notForce
Security prompt strong
Service when key
Provider protection
overwriting (SSP), for user keys stored disables on the computer
Virtual
When this policy support
is disabled, uses a system
the option pagefile
to shut toan
down
this
swap existing
the
security
pages
computer
file.ofsetting
memory
does not diskthe
to appear when weaker Secure
are not Sockets
theyWindows
on SHA512)
the used.
logon OnLayera running(SSL)system,protocols thisand supports
pagefile is ableonly theexclusi
opened Trans
authentication,
System
unauthorized objects: userand
Default
whoonly the
owner
manages Secure for to Hashing
objects
directly created Algorithm
access bythe (SHA1,
members
pagefile. SHA256,
of the SHA384,
Administrators and group for the TLSscreen.
hashing Inrequirements.
this case, users must be to log on to
This security
Default: This policysettingisdeterminesnot definedif and users' theprivate
recover keys consolerequire SET a password
commandtoisbe notused.
available.
Description
Default on workstations: Enabled.
System
For Encrypting
When
This objects:
security
this policysettingRequire
File
is System
enabled,
determinescaseService
it insensitivity
causes
which (EFS),the
security for
system non-Windows
it supports
principal
pagefile the(SID) Triple
to subsystems
be Data
will
cleared
be Encryption
assigned
upon clean
theStandard
OWNER
shutdown. (DES) andenable
of objects
If you Advanced
when the Encryption
thisobject
security Standard
is created
option, the
by a (AES)
hibernation
member encryption
offile algorith
the(hiberfil.sys
Administr
The
Default options are: Disabled.
on servers:
Default:
System objects: Strengthen default permissions of internal system objects (e.g., Symbolic Links)
This
For
Windows
Default: security
Remote XP:
Disabled. setting
Desktop
User determines
SID Services, itwhether supportscase onlyinsensitivity
the Triple DES is enforced
encryption for algorithm
all subsystems. The Win32
for encrypting Remote subsystem Desktop is case
Services insensitive.
networkHowever, communication. the kernel suppo
User input is not required when new keys are stored and used
System
Windows
This settings:
2003 : Optional
Administrators subsystems Group
If thissecurity
User
Note: isRemote
prompted
setting setting
is when
enabled,
Desktop determines
the
case
Services isthe
keyinsensitivity
was firststrength
usedisTerminal
called of the default
enforced for alldiscretionary
Services directory
in previous access
objects,versions control
symbolic list
links,
of Windows (DACL)
and IO
Server.forobjects,
objects.including file objects. Disabling this setting does n
User
System must enter aUse
settings: password
Certificate each Rules time on they use a key
Windows Executables for Software Restriction Policies
Thismore
Active security
Directory settingmaintainsdetermines a global which subsystems
listinfrastructure.
of shared systemcan optionally be started up to device
supportnames, your applications. With this securityInsetting, you can specify beaslocated
many
For
Default:
For BitLocker, information,
Enabled. this policy seeneeds Public tokey be enabled before anyresources,
encryptionsuch key is asgenerated.
DOS Please note mutexes,
that when and semaphores.
this policy is enabled, this way,
BitLockerobjects willcan prevent the c
User security
This Accountsetting Control: Admin Approval
determines if digital Mode certificatesfor the are Built-inprocessedAdministrator when aaccount
user or process attempts to run software with an .exe file name extension. This sec
Default:
If this policy
Default: POSIX.
This ispolicy
enabled, the
is notthis default
defined. DACL is stronger, allowing users who are not administrators to read shared objects but not allowing these users to modify s
effect,
Default:
User you must
Disabled.
Account enable
Control: Behavior security of the setting.
elevation prompt for administrators in Admin Approval Mode
This security setting determines the behavior of Admin Approval mode for the Built-in Administrator account.
Default:
User Enabled.
Account Control: Behavior of
When
Note:
This
The options
certificate
The
security Federalsetting rules are
Information
determines enabled, thethe
Processing elevation
software
behavior Standard prompt
restriction
of the (FIPS)
elevationfor standard
policies 140 will
is acheck
prompt users
security a certificate
implementation
for administrators revocation designedlist (CRL) to makecryptographic
for certifying sure the software's software. certificate
FIPS 140 andvalidated
signatur
This securityare: setting determines the behavior of the elevation prompt for standard users
User
Default: Account
Disabled. Control: Detect application installations and prompt for elevation
The
options
Enabled: Theare:Built-in Administrator will logon in Admin Approval Mode. By default any operation that requires elevation of privilege will prompt the Consent A
The options
User security
Accountsetting are:Control: Only elevate
This determines the executables
behavior of application that are signed and validated
installation detection for the entire system.
Prompt
Disabled: forThe consent:
Built-in AnAdministrator
operation that will requires
logon inelevation
XP compatible of privilege mode will
and prompt
run allthe Consent Admin
applications to selectwith either Permit or Deny. If the Consent Admin sel
User
This Account
Prompt for
securityare: Control:
credentials: Only An elevate
operation UIAccess
that requires
setting will enforce PKI signature checks on any interactive application applicationselevation that of are installed
privilege willin secure
prompt the
thatlocations
user
requests to by
enterdefault
elevationan administrativefull administrative
of privilege. user name
Enterprise
privilege.
and password.can
administrators If the user et
control
The options
User Prompt
Account for credentials:
Control: Run An operation
all users, that
including requires elevation
administrators, of privilege will prompt the Consent Admin to enter their user name and password. If the user en
Default:
This
The
Disabled
security
Automatically
options setting
are: denywill enforce
elevation the requirement
requests: This option thatresults
applications in as an standard
that request
access users.
denied execution
error message with a UIAccess
being returned integrity to thelevel (via a marking
standard user when of UIAccess=true
they try to perform in thei a
Enabled: Application installation packages that require an elevation of privilege to install will be heuristically detected and trigger the configured elevation pro
User
This Account
Elevate
security without Control:
setting prompting: Switch
determines to
This the secure
option
the behavior allows desktop the
of all UAC when
Consent prompting
policies Admin for the tofor elevation
perform
entire system.an operation that requires elevation without consent or credentials. Note: this sc
-Default:
\Program
Enabled: Prompt Files\,
Enforces for including
credentialsPKI subdirectories
therunning (home)
certificate /chain
Automatically validation deny a elevation
ofthat given requests
executable (enterprise)
before it is permitted to run. like Group Policy Software Install (GPSI) or SMS wil
Disabled:
-Default:
User\Windows\system32\
Account Enterprises
Control: Virtualizesstandard file and the users
registry desktops
write request
failures leverage
to per-user delegated
locations installation technologies
This
The security
options Prompt setting
are: for determines
consent whether elevation will prompt on the interactive users desktop or the Secure Desktop.
- \Program
Disabled: Files not
Does (x86)\, enforce including subdirectories
PKI certificate chainfor 64 bit versions
validation before ofgiven
a Windows executable
User
Default:
This Account
Enabled
security Control:
setting (home) Allow
enables UIAccess
/ Disabled
the redirection applications
(enterprise) of legacy to prompt
application for elevation
write failures without usingisthe
to defined
permitted
locations
to run.
secureindesktop. both the registry and file system. This feature mitigates th
The
options
Enabled: are:
Admin Approval Mode and all check other UAC policies are dependent onthat thisrequests
option being enabled. Changing integrity this setting requires a system
Note:
Maximum
Default: Windows application
Disabled enforces log a PKI
size signature on any interactive application execution with UIAccess level regardless of thereboot.
state of thi
This security setting
Virtualization facilitates controls
the whether
running User
ofdefault
pre-Vista Interface (legacy) Accessibility
applications (UIAccess or UIA) programs
that historically failed to run canasautomatically
Standard User. disable the secure desktop
An administrator runningforonly elevation
Windows prom Vi

Enabled:
Disabled: All
Admin elevationApproval requests by will go to the secure desktop
Mode user type and all related UAC policies will be disabled. Note: the Security Center will notify that the overall security of the op
Maximum
The
This options
security security
are:
setting log size
specifies the maximum size of the application event log, which has a theoretical maximum of 4 GB. Practically the limit is lowerUnless (~300MB
If
The you enable
optionsAll this
are: setting, UIA programs including Windows Remote Assistance can automatically disable the secure desktop for elevation prompts. you
Disabled:
Maximum
Default: system
Enabled elevation sizerequests
logspecifies will go to the interactive users desktop
This
security
Enabled:
Notes Ansetting
application the maximum
will only launch with size of the security
UIAccess integrityevent log, which
if it resides in ahas secure a theoretical
location inmaximum the file system. of 4 GB. Practically the limit is lower (~300MB).
If you
Enabled: disable or
Facilitates do not configure
the runtime this setting, of
redirection theapplication
secure desktop write can onlytobe
failures disabled
defined user bylocations
the user for of thebothinteractive
the file system desktop andorregistry.
by disabling the "User Account
Prevent
Default:
This local
Enabled
securityAn guests
setting group
specifies and the ANONYMOUS
maximum LOGIN
size of the users
system from event accessing
log, which application
has a in log
theoretical maximum of 4 GB. Practically the limit is lower (~300MB).
Notes
Disabled:
Log programs
file sizes must application
be a multiple will launch
of 64 KB. with UIAccess
IfWindows
you enterand integrity
a value even if it
that is programs does not
not a multiple reside of 64 KB, a secure location in the file system.
UIA
Prevent
Disabled: local are designed
guests
Applications group towrite
thatand interact
ANONYMOUS
data with
to Computer
protected LOGIN users
locations application
from accessing
will simply on behalf
security
fail application
as they did in of
logevent aEvent
user. This
previous
Viewer will round
setting allowshe UIA logprograms
file size up to a multiple
to bypass the secureof 64 KB. desk
This
Notes security
setting setting
does notdetermines
appear in the if guests
Local are prevented Policy from object.accessing the log. versions of Windows.
Log file
Default:
Event Logsizes
Enabled must
sizeguests and log be a multiple
wrapping of 64
should KB. If
be definedyou enter a
to match value that
the business is not a multiple
and securityof 64 KB, Event
requirements Viewer will
you determined round he log file size up to a multiple of 64 KB.
Prevent
Since
This
Default UIA
settinglocal
security
:For programs
Enableddoes
setting group
must
notdetermines
appear beand able
in ANONYMOUS
the toLocal
if2003
guestsrespond Computer toLOGIN
are prevented prompts Policyusersregarding
from from
object.accessing accessing
security system
the issues,
application logevent
such as the UAC elevation
log. prompt,when designing must
UIA programs your enterprise
be highly trusted. securityInp
Notes
Default:
Log file sizes themust
..\Program Windowsbe a
Files\ Server
multiple
(and of 64
subfolders) family,
KB. If you 16 enter
MB; for
a Windows
value that XPnot
is Professional
a multiple Service
of 64 KB, Pack
Event 1, Viewer
8 MB; for will Windows
round he XP
log Professional,
file size up to 512
a KB. of 64 KB.
multiple
Event
Retain Log size andlog
application log wrapping should be defined to match the business and security requirements you determined when designing your enterprise security p
This
Notes
Default:setting
security
For does
setting
..\Program
the notdetermines
Windows appear
Files (x86)\
Serverin the if(and
guests
2003 Local Computer
are prevented
subfolders,
family, 16 MB; in Policyforfrom
64-bit object.accessing
versions
Windows the application
of Windows
XP Professional only) ServiceeventPack log. 1, 8 MB; for Windows XP Professional, 512 KB.
This setting
..\Windows\System32\
Event Log does
size and not logappear
wrapping in the Local
should beComputer
defined to Policy
match object.the business and security requirements you determined when designing your enterprise security p
Retain
This security
security log
setting determines the number of16 days' worth of events toProfessional
be retained for the application
Notes
Default:
This settingFor does the Windows
notaffects
appear Serverin the 2003 Local family,
Computer MB; for Windows
Policy object. XP Service Pack 1, 8 log MB;iffor theWindows
retentionXP method for the application
Professional, 512 KB. log is By D
This
Retain
The security
system
requirement setting
log to be in a only
protected computers path can runningbe Windows
disabled by 2000
the "Userand Account
WindowsControl: XP. Only elevate UIAccess applications that are installed in secure locatio
This
Set security
this value setting
onlynot if determines
you archive the
theLocalnumber
log atComputer of days' worth
scheduled intervals of events and you to be make retained
sure that for the the security
Maximum logapplication
if the retention log sizemethodis largefor theenoughsecurity log
to accommodateis By Days. the
This
This setting
security does
setting appear
affects in the
only computers running Policy
Windows object. 2000 and Windows XP.
Retention
Default:
Thisthis
While security
this method
Enabled
settingsetting forfordetermines
applies application
Windows to any XP, the
UIAlogDisabled
number
program, for Windows
ofitdays'
will be worth
used 2000ofprimarily
events toinbe retained
certain Windowsfor the system
Remote log security
if the retention
Assistance scenarios. methodThe for
Windowsthe system Remote log Assistance
is By Days. pro
Set
Note: value
This setting only if
does you archive
not appear the log
in the Local at scheduled Computer intervalsPolicy and object.you make sure that the Maximum log size is large enough to accommodate the inte
This
Default:security
Retention method
Enabled setting forforaffects
security
Windows only log
XP, computers
Disabled running
for Windows Windows 2000 2000 and Windows XP.
This
If security
Default:
Set this value
a user None.
requests setting
onlyremote determines
if you archiveassistance the
the log "wrapping"
from atan scheduled method
administrator for
intervals the
andand application
the you remote make log. sure thatsession
assistance the Maximum system log
is established, anysize is largeprompts
elevation enoughappear to accommodate
on the interactive the inte
Notes
Retention
Default:
requires
This security
setting method
Enabled
that the for
setting
does fordetermines
not systemuser
Windows
interactive
appear log
in XP, the
the Disabled
respond
"wrapping"
Local tofor
Computer anWindows
elevation
method Policy for2000
prompt
the
object. on thelog.
security secure desktop. If the interactive user is a standard user, the user does not have the r
If you This
Note: do not archive
setting does thenot application
appearauditing inlog,
theinLocal the Properties
Computer dialog box for this policy, select the Define this policy setting check box, and then click Overwrite eve
A user must
Restricted possess
Groups the Manage and security logPolicy
user right object. to access the security log.
This
Default:
If you
Default:
If security
you archiveNone.
enable
doNone. setting
this
not archive determines
setting, ("User the
Account "wrapping" Control: method
Allow for the
UIAccess system log.
applications to prompt for elevation withoutsetting using check the secure desktop), , requests for elevatio
If you the log the security log,
at scheduled in the Properties
intervals, in the Properties dialog box dialog for boxthis policy,
for this select
policy,the selectDefinethe this
Define policythis policy setting box,
check and then
box, and click
then Overwrite
click Overwrite events
This
If
Thisyou security
do
setting not setting
archive
does not allows
the
change anthe
system administrator
log,
behaviorin the of tothedefine
Properties UAC two
dialog properties
elevation box for
prompt for for
this security-sensitive
policy, select
administrators. the groupsthis
Define ("restricted"
policy groups).
setting check box, and then click Overwrite events
If
If you
you archive
must retain the log all the at scheduled
events in the intervals,
log, in in thethe Properties
Properties dialog dialog box box forforthis this policy,
policy, select
select thethe Define
Define thisthis policy
policy setting
setting check
check box,box,and andthen then click
click DoOverwrite
not overw
The
If youtwo planproperties
archive to the
enable log are at
this Members
scheduled
setting, and
you Member
intervals,
should in
also Of.
the The
review Members
Properties the dialog
effect listof defines
box
the for
"User who
this belongs
policy,
Account and
select
Control: who
the does
Define
Behavior not
this
of belong
policy
the to the
setting
elevation restricted
check
prompt box,
for group.
and
standard The
then Member
click
users" Of listIf
Overwrite
setting.
If you This
Note: mustsettingretain all does thenot events
appear in the in the log,Local in theComputerPropertiesPolicy dialogobject. box for this policy, select the Define this policy setting check box, and then click Do not overw
When
.If you a Restricted
must retain all Groups
the events Policyinisthe enforced,
log, in the anyProperties
current member dialog box of afor restricted
this policy, group that the
select is not
Defineon the thisMembers
policy setting list is check
removed. box,Any anduserthenon theDo
click Members
not overl
Notes
Default: None.
System Services security settings
Registry
Allows ansecurity settingsto define the startup mode (manual, automatic, or disabled) as well as the access permissions (Start, Stop, or Pause) for all system se
administrator
File System
Allows security settings
Default:an administrator
Undefined. to define access permissions (on discretionary access control lists (DACLs)) and audit settings (on system access control lists (SACLs
Allows
Default:an administrator to define access permissions (on discretionary access control lists (DACLs)) and audit settings (on system access control lists (SACLs
Notes Undefined.
Default:
Note: Undefined.
This setting does not appear
This setting does not appear in the in the Local
Local Computer
Computer PolicyPolicy
object.object.
If you choose to set system service startup to Automatic, perform
Note: This setting does not appear in the Local Computer Policy object.adequate testing to verify that the services can start without user intervention.
For performance optimization, set unnecessary or unused services to Manual.
Reboot Required Comments
No
No
No
No
No
No
No
No
No
No clients will get the new setting
after a maximum of 8 hours
No clients
but for will
DCsgetto the newthese
assign setting
after
new a maximum
settings a of 8 hours
Gpupdate
No clients
but foriswill
DCs get
to the newthese
assign setting
/force
after required
a maximum or waiting
of 8 hours for
No newusual
the settings
clients will
5 a the
get Gpupdate
minutesnew
whensetting
the
but forisDCs
/force to assign
required or these
waiting
after
new a maximum
SCE settings
engine of 8
assigns
a hours for
all
Gpupdate
No clients
the foriswill
usual
modified
but DCs5get
to the
minutes
settings. new
assignwhensetting
thesethe
/force
after
SCE a required
maximum
engine or waiting
of 8
assigns hours for
all
No new
the settings
usual a Gpupdate
5 minutes when
modified
but forisDCs
/force settings.
to assign
required thesethe
or waiting for
SCE
new engine
settings assigns
a all
Gpupdate
No the usualsettings.
modified 5 minutes when the
/force is required
SCE engine or waiting
assigns all for
No the usualsettings.
modified 5 minutes when the
SCE engine assigns all
No modified settings.
No
No
No
No
No
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Note: In Windows 2000
Server, Windows 2000
No Logoff required
Professional, Windows XP
No Professional,
Note: See also and
thethe
Windows Server
corresponding 2003 family,
Windows
No Logoff
the required
Task
Server Scheduler
2003 Allow log on
automatically
locally policy grants
setting,this rightin
earlier
No Logoff
as required
thisnecessary.
worksheet.
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No Logoff required
No
No
No
No
No
Yes
Yes
No
Yes
No
No
No
No
No For the policy change to take
effect, the spooler service
No needs to be
No stopped/restarted, but the
system does not have to be
No rebooted.
Yes Restart of service might be
sufficient
No
No
No Important: In order to take
advantage of this policy on
No member workstations and
No servers, all domain controllers
that constitute the members
No domain must be running
Windows NT 4.0 Service Pack
No Important:
6 or higher.This setting applies
to
In Windows
order to take2000 computers,
advantage of
No but
this itpolicy
is noton
available
doma through
No the Security Configuration
Manager tools on these
computers.
No
No
No
No
No
No
No
No Important: This setting
applies to Windows 2000
No Important:
computers,This but itsetting
is not will
apply to any
available computers
through the Security
No Only
runningLogOff is
Windows required for
2000 tools
Configuration
W2K, XPchangesand Manager
W2K3
Yes through
on
Important:
these computers.
For in the
computers.
registry, butonIn this
the
policy to
Vista,
security
take effect
start/restart thecomputers
scpolicysvc
Yes setting
running is not viewable
2000,through
will
the workWindows
or LogOff client-
Yes sideSecurity Configuration
packet signing must also
Manager tool set.
be enabled. For more
Yes information, search for
"Security Settings
No Descriptions" in the Windows
Yes Server
Important:2003 ForHelp.
this policy to
take effect on computers
No running Windows 2000,
No server-side packet signing
must also be enabled. For
No more information, search for
"Security Settings
No Descriptions" in the Windows
No Server
Important:2003 Help.
This policy has no
impact on domain controllers.
No For more information, search
No for "Security Settings
Descriptions" in the Windows
No Server 2003 Help.
Yes
No Important: The Network
access: Remotely
No Important:
accessible On Windows
registry paths XP,
this security
security setting
setting that was
appearscalled
Yes "Network access: Remotely
on computers running
Yes accessible
Windows XP registry paths." to
corresponds If
you configureaccess:
the Network this setting on a
No member
Important:
Remotely ofaccessible
the
ThisWindows
setting only
affects
Server computers
registry 2003
paths family
and running
that is
subpaths
No Important:
Windows
joined aXP Windows
topolicy Professional
domain, 2000
this setting
security
Service Pack 2 setting
(SP2) on
and
No which
is are of
inherited
members not
bythejoined
Wi to a with
computers
above offer
domain. compatibility
No authentication
Important:
This policy willThis to previous
setting
have can
no impact
versionstheofability
on computers
affect Windows,
running such as
of computers
Yes Microsoft
running Windows
WindowsWindows
2000. For NT
2000more4.0.
This setting
Server, Windows
information, can
search affect
2000 the
forwill
No Warning:
ability This
of computers settingrunning
Professional,
"Security
apply to Setting
any Windows XP
Descriptions"
computers
No Windows
Warning:
Professional,
in the Win 2000
Thisand Server,
setting
the will
running
Windows Windows
2000 Pr 2000
apply
Windows
through to changes
any computers
Server 2003
in thefamily
to
running
communicate
registry Windows
but with
the security2000 setting
through
computers
will not bechanges
running
viewable in Windows
the
through
registry
NT
the 4.0 but the
and
Security earlier security
over the
Configuration setting
will
netwonot betool
Manager viewable
set. For through
more
the Security search
information, Configuration for
Manager tool set.De
"Security Setting For more
No
No
No
No
No
No
No
No
No
No
No
No Require restart of recovery
console
Require restart of recovery
No console
No Requires logoff
Yes Vista does NOT require reboot
No
Yes Requires reboot with CNG on
Vista; Does not require reboot
No This policyon
with CAPI does notDoes
Vista; exist not
on
Vista
require reboot on XP, 2003
Yes
with CAPI
Yes
Yes
No
No
No
No
No
No
No
Yes
No
No
No
No Note: This setting does not
appear in the Local Computer
No Note:
Policy This setting does not
object.
No Note: This
Policy setting does not
object.
appear in the
Important: Local Computer
Modifying thisnot
No Notes:
Policy This
object. setting does
setting may affect
No Notes: This setting
compatibility
Policy object. does not
with clients,
appear
services,
This in and
the setting
security Local Computer
applications.
affects For
No Note: This
compatibility
Policy setting
object. does
information not
about
only
appearcomputers
in the running
Local Computer
No This
this
Notes:security
setting,
Windows This setting
see
setting
2000, affects
the does
"Event
Windows not
Policy
only
Log: object.
computers
Maximum running
sec
appear in the and
Server 2003, Local Computer
Windows
No Notes:
Windows
XP.
Policy This setting
2000, does
Windows
object.setting affects not
This
appear
Serversecurity
in thepossess
2003, Local
and Computer
Windows
No A user
Note:
only must
This setting
computers the
does not
running
Policy
XP.
Manage object.
appear
Windows
A user inauditing
must thepossess
2000, Localand
Computer
Windows the
No Note:
ServerThis
security
Policy setting
log
object.
2003, user
andanddoes
right
Windows tonot
Manage
appear
access inauditing
the the Local
security security
Computer
log.
No XP.
Note:
log This
user setting
right does not
to acces
Policy object.
No Note: This
Policy object.setting does not
Policy object.
Note: This setting does not
Note:
PolicyThis setting does not
object.
Note: This
Policy setting does not
object.
Policy object.

Windows Server 2012 and Windows 8 Group Policy Settings

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Windows Server 2012 and Windows 8 Group Policy Settings

Uploaded by

Copyright:

Available Formats

Group Policy Settings Reference

Windows Server 2012 and Windows 8

2012 Microsoft Corporation. All rights reserved.

All other trademarks are property of their respective owners.

At least Windows Vista

At least Windows Vista

At least Windows XP Professional with SP2

Computer Configuration\Windows Settings\Account Policies\Password Policy

Enforce password history

At least Windows XP SP2, Windows Server 2003

Password Policy security settings are not registry keys.

Enforce password history

You might also like