Prwo Gpss

Group Policy Object Settings
This spreadsheet lists the default Group Policy object (GPO) settings for computer and user configurations included with the Group Policy snap-in. The
settings you see on your computer will vary according to the components and services on your network and in your Administrative Template. You can
view these settings in the spreadsheet by using the default Administrative Template, System.adm.
This spreadsheet lists the settings exactly as they appear in the Group Policy snap-in tree, including the changes contained in Microsoft® Windows®
XP Professional. Some folders do not have settings; instead, they are locations into which you can import settings from other snap-ins, such as the IP
Security Policy Management snap-in. You can use this spreadsheet as a template for creating and tracking your own GPOs and settings, which will
help you develop and maintain your desktop management solution.
For detailed explanations of all these settings, see Group Policy Help or the Group Policy snap-in Extended View.
Active Directory
GPO Name name of Group Policy
object
Domain containing
Domain Group Policy object
Version of Group
GPO Version Policy object To use this setting, the
target must be running
Snap-in Location Setting Name Requires at Least: Set
thisto:
software or this Notes Active dir
version of the Windows name of G
operating system. Object
Computer Configuration Domain c
Group Pol
Administrative Templates-System Version o
Policy Ob
Display Shutdown Event Tracker Windows XP
Specify Windows Service Pack installation

file location Windows XP
Remove Boot / Shutdown / Logon / Logoff
status messages Windows 2000
Verbose vs normal status messages Windows 2000

Value of p
Restrict these programs from being setting
launched from Help Windows XP
Turn off Autoplay Windows 2000

Do not automatically encrypt files moved to
encrypted folders Windows 2000
Download missing COM components
(Computer) Windows 2000
Specify Windows Installation file location Windows XP
System\User Profiles
Delete cached copies of roaming profiles Windows 2000
Do not detect slow network connections Windows 2000

Slow network connection timeout for user
profiles Windows 2000
Wait for remote user profile Windows 2000
Prompt user when slow link is detected Windows 2000
Timeout for dialog boxes Windows 2000
Log users off when roaming profile fails Windows 2000

Maximum retries to unload and update user
profile Windows 2000
Add the Administrator security group to
roaming user profiles Windows 2000 SP2
Prevent Roaming Profile Changes from
propagating to the server Windows XP
Only allow local user profiles Windows XP
System\Scripts
Run logon scripts synchronously Windows 2000
Run startup scripts asynchronously Windows 2000
Run startup scripts visible Windows 2000
Run shutdown scripts visible Windows 2000
Maximum wait time for Group Policy scripts Windows 2000
System\Logon
Always use classic logon Windows XP

Don't display the Getting Started welcome
screen at logon Windows 2000
Run these programs at user logon Windows 2000
Do not process the run once list Windows 2000
Do not process the legacy run list Windows 2000

Always wait for the network at computer
startup and logon Windows XP
System\Disk Quotas
Enable disk quotas Windows 2000
Enforce disk quota limit Windows 2000
Default quota limit and warning level Windows 2000
Log event when quota limit exceeded Windows 2000

Log event when quota warning level
exceeded Windows 2000
Apply policy to removable media Windows 2000
System\Net Login
Expected dial-up delay on logon Windows XP
Site Name Windows XP
Negative DC Discovery Cache Setting Windows XP

Initial DC Discovery Retry Setting for
Background Callers Windows XP
Maximum DC Discovery Retry Interval
Setting for Background Callers Windows XP
Final DC Discovery Retry Setting for
Positive Periodic DC Cache Refresh for
Positive Periodic DC Cache Refresh for
Non-Background Callers Windows XP
Scavenge Interval Windows XP
Contact PDC on logon failure Windows XP
System\Net Login\DC Locator DNS Records

Dynamic Registration of the DC Locator
DNS Records Windows XP
DC Locator DNS records not registered by
the DCs Windows XP
Refresh Interval of the DC Locator DNS
Records Windows XP
Weight Set in the DC Locator DNS SRV
Records Windows XP
Priority Set in the DC Locator DNS SRV
Records Windows XP
TTL Set in the DC Locator DNS Records Windows XP

Automated Site Coverage by the DC
Locator DNS SRV Records Windows XP
Sites Covered by the DC Locator DNS SRV
Records Windows XP
Sites Covered by the GC Locator DNS SRV
Records Windows XP
Sites Covered by the Application Directory
Partition Locator DNS SRV Records Windows XP
Location of the DCs hosting a domain with
single label DNS name Windows XP
System\Group Policy
Turn off background refresh of group policy Windows 2000
Group Policy refresh interval for computers Windows 2000

Group Policy refresh interval for domain
controllers Windows 2000
User Group Policy loopback processing
mode Windows 2000
Group Policy slow link detection Windows 2000
Turn off Resultant Set of Policy Logging Windows XP

Remove users ability to invoke machine
policy refresh Windows XP
Disallow Interactive Users from generating
Resultant Set of Policy data Windows XP
Registry policy processing Windows 2000

Internet Explorer Maintenance policy
processing Windows 2000
Software Installation policy processing Windows 2000
Folder Redirection policy processing Windows 2000
Scripts policy processing Windows 2000
Security policy processing Windows 2000

IP Security policy processing Windows 2000
EFS recovery policy processing Windows 2000
Disk Quota policy processing Windows 2000
System\Remote Assistance
Solicited Remote Assistance Windows XP
Offer Remote Assistance Windows XP
System\System Restore
Turn off System Restore Windows XP
Turn off Configuration Windows XP
System\Error Reporting
Display Error Notification Windows XP
Report Errors Windows XP
System\Advanced Error Reporting Settings
Default application reporting settings Windows XP
List of applications to always report error for Windows XP
List of applications to never report for Windows XP
Report operating system errors Windows XP
Report unplanned shutdown events Windows XP
System\Windows File Protection
Set Windows File Protection Scanning Windows XP
Hide the file scan progress window Windows XP
Limit Windows File Protection cache size Windows XP

Specify Windows File Protection cache
location Windows XP
System\Remote Procedure Call
RPC Troubleshooting State Information Windows XP
Propagation of extended error information Windows XP
System\Windows Time Service
Global Configuration Settings Windows XP
System\Windows Time Service\Time Providers
Enable Windows NTP Client Windows XP
Configure Windows NTP Client Windows XP

Enable Windows NTP Server Windows XP
System\Network
Background Intelligent Transfer Service
(BITS) inactive job timeout Windows XP
Set how often a DFS Client discovers DC's Windows XP
System\DNS Client
Primary DNS Suffix Windows 2000
Dynamic Update Windows XP
DNS Suffix Search List Windows XP
Primary DNS Suffix Devolution Windows XP
Register PTR Records Windows XP
Registration Refresh Interval Windows XP
Replace Addresses In Conflicts Windows XP
DNS Servers Windows XP
Connection-Specific DNS Suffix Windows XP

Register DNS Records with Connection-
specific DNS suffix Windows XP
TTL Set in the A and PTR records Windows XP
Update Security Level Windows XP
Update Top Level Domain Zones Windows XP
System\Network\Offline Files
Allow or Disallow use of the Offline Files
feature Windows 2000
Prohibit user configuration of Offline Files Windows 2000

Synchronize all offline files before logging
on Windows 2000
Synchronize all offline files before logging off Windows 2000
Default cache size Windows 2000
Action on server disconnect Windows 2000
Non-default server disconnect actions Windows 2000
Remove "Make Available Offline" Windows 2000
Prevent use of Offline Files folder Windows 2000
Files not cached Windows 2000
Administratively assigned offline files Windows 2000
Turn off reminder balloons Windows 2000

Reminder balloon frequency Windows 2000
Initial reminder balloon lifetime Windows 2000
Reminder balloon lifetime Windows 2000

At logoff, delete local copy of user’s offline
files Windows 2000
Event logging level Windows 2000
Subfolders always available offline Windows 2000
Encrypt the Offline Files Cache Windows XP

Prohibit 'Make Available Offline" for these
files and folders Windows XP
Configure Slow link speed Windows XP
Synchronize offline files before suspend Windows 2000
System\Network\Network Connections
Prohibit use of Internet Connection Sharing
on your DNS domain network Windows 2000
Prohibit use of Internet Connection Firewall
on your DNS domain network Windows XP
Prohibit installation, configuration, and use

Network Bridge on your DNS network Windows XP
IEEE 802.1x Certificate Authority for

Machine Authentication Windows XP
System\SNMP
Communities Windows XP
Permitted Managers Windows XP
Traps for Public community Windows XP
System\Network\QoS Packet Scheduler
Limit reservable bandwidth Windows XP
Limit outstanding packets Windows XP
Set timer resolution Windows XP
System\Network\QoS Packet Scheduler\DSCP value of conforming packets
Best effort service type Windows XP
Controlled load service type Windows XP
Guaranteed service type Windows XP
Network control service type Windows XP
Qualitative service type Windows XP
System\Network\QoS Packet Scheduler\DSCP value of non-conforming packets

System\Network\QoS Packet Scheduler\Layer-2 priority level
Non-conforming packets Windows XP
System\Printers
Allow printers to be published Windows 2000
Allow pruning of published printers Windows 2000

Automatically publish new printers in Active
Directory Windows 2000
Check published state Windows 2000
Computer location Windows 2000

Custom support URL in the Printers folder's
left pane Windows 2000
Directory pruning interval Windows 2000
Directory pruning priority Windows 2000
Directory pruning retry Windows 2000

Disallow installation of printers using kernel-
mode drivers Windows XP
Log directory pruning retry events Windows XP
Pre-populate printer search location text Windows 2000
Printer browsing Windows 2000

Prune printers that are not automatically
republished Windows 2000
Web-based printing Windows 2000
Windows Components
Windows Components\Task Scheduler
Hide Property Pages Windows 2000
Prevent Task Run or End Windows 2000
Prohibit Drag-and-Drop Windows 2000

Prohibit New Task Creation Windows 2000
Prohibit Task Deletion Windows 2000
Remove Advanced Menu Windows 2000
Prohibit Browse Windows 2000
Windows Components\Windows Installer
Disable Windows Installer Windows 2000
Always install with elevated privileges Windows 2000
Prohibit rollback Windows 2000
Remove browse dialog box for new source Windows 2000
Prohibit patching Windows 2000

Disable IE security prompt for Windows
Installer scripts Windows 2000
Enable user control over installs Windows 2000

Enable user to browse for source while
elevated Windows 2000
Enable user to use media source while
elevated Windows 2000
Enable user to patch elevated products Windows 2000

Allow admin to install from Terminal
Services session Windows 2000
Cache transforms in secure location on
workstation Windows 2000
Logging Windows 2000

Windows 2000 with
Prohibit User Installs Windows Installer 1.5
Turn off creation of System Restore
Checkpoints Windows XP
Windows Components\Windows Messenger
Do not allow Windows Messenger to be run Windows XP

Do not automatically start Windows
Messenger initially Windows XP
Windows Components\Terminal Services
Keep-Alive Messages Windows XP

Enforce Removal of Remote Desktop
Wallpaper Windows XP
Limit number of connections Windows XP
Limit maximum color dept Windows XP
Do not allow new client connections Windows XP

Do not allow local administrators to
customize permissions Windows XP
Remove Windows Security item from the
Start menu Windows 2000
Remove Disconnect item from Shut Down
dialog Windows 2000
Set path for TS Roaming Profiles Windows XP
TS User Home Directory Windows XP
Remote control settings Windows XP
Limit users to one remote session Windows XP
Start a program on connection Windows XP
Windows Components\Terminal Services\Client/Server data redirection
Do not allow clipboard redirection Windows XP
Do not allow smart card device redirection Windows XP
Allow audio redirection Windows XP
Do not allow COM port redirection Windows XP
Do not allow client printer redirection Windows XP
Do not allow LPT port redirection Windows XP
Do not allow drive redirection Windows XP

Do not set default client printer to be default
printer in a session Windows XP
Windows Components\Terminal Services\Encryption and Security

Always prompt client for password upon
connection Windows XP
Set client connection encryption level Windows XP
Windows Components\Terminal Services\Licensing
Prevent License Upgrade Windows XP
Windows ComponentsTerminal Services\Temporary Folders
Do not use temp folders per session Windows XP
Do not delete temp folder upon exit Windows XP
Windows Components\Terminal Services\Session Directory
Session Directory Active Windows XP
Session Directory Server Windows XP
Session Directory Cluster Name Windows XP
Windows Components\Terminal Services\Sessions
Set time limit for disconnected sessions Windows XP
Set time limit for active sessions Windows XP
Set time limit for idle sessions Windows XP
Allow reconnection from original client only Windows XP

Terminate session when time limits are
exceeded Windows XP
User Configuration
Start Menu & Taskbar
Remove user's folders from the Start Menu Windows 2000

Remove links and access to Windows
Update Windows 2000
Remove common program groups from
Start Menu Windows 2000
Remove Documents menu from Start Menu Windows 2000
Remove programs on Settings menu Windows 2000

Remove Network Connections from Start
Menu Windows 2000
Remove Favorites menu from Start Menu Windows 2000
Remove Search menu from Start Menu Windows 2000
Remove Help menu from Start Menu Windows 2000
Remove Run menu from Start Menu Windows 2000
Remove My Pictures icon from Start Menu Windows XP
Remove My Music icon from Start Menu Windows XP

Remove My Network Places icon from Start
Menu Windows XP
Remove My Documents icon from start
menu Windows 2000
Add Logoff to the Start Menu Windows 2000
Remove Logoff on the Start Menu Windows 2000

Remove and prevent access to the Shut
Down command Windows 2000
Remove drag-and-drop context menus on
the Start Menu Windows 2000
Prevent changes to Taskbar and Start Menu
Settings Windows 2000
Remove access to the context menu for
taskbar Windows 2000
Do not keep history of recently opened
documents Windows 2000
Clear history of recently opened documents
on exit Windows 2000
Turn off personalized menus Windows 2000
Turn off user tracking Windows 2000

Add "Run in Separate Memory Space"
check box to Run dialog box" Windows 2000
Do not use the search-based method when
resolving shell shortcuts Windows 2000
Do not use the tracking-based method when
resolving shell shortcuts Windows 2000
Gray unavailable Windows Installer
programs Start Menu shortcuts Windows 2000
Prevent Grouping of taskbar items Windows XP

Turn off notification area cleanup Windows XP
Lock the Taskbar Windows XP
Force classic Start Menu Windows XP
Remove Balloon Tips on Start Menu items Windows XP

Remove pinned programs list from the Start
Menu Windows XP
Remove frequent programs list from the
Start Menu Windows XP
Remove All Programs list from the Start
Menu Windows XP
Remove and disable the Turn Off Computer
button Windows XP
Remove the 'Undock PC' button from the
Start Menu Windows XP
Remove user name from Start Menu Windows XP
Remove Clock from system notification area Windows XP

Do not display any custom toolbars in the
taskbar Windows XP
Hide the notification area Windows XP
Desktop
Hide and disable all items in the desktop Windows 2000
Remove My Documents icon from desktop Windows 2000
Remove My Computer icon from desktop Windows XP
Remove Recycle Bin icon from desktop Windows XP

Remove Properties from the My Documents
context menu Windows 2000 SP3
Remove Properties from the My Computer
context menu Windows 2000 SP3
Remove Properties from the Recycle Bin
context menu Windows XP
Hide My Network Places icon on desktop Windows 2000
Hide Internet Explorer icon on desktop Windows 2000

Do not add shares from recently opened
documents to the My Network Places folder Windows 2000
Prohibit user from changing My Documents
path Windows 2000
Prevent adding, dragging, dropping and
closing the Taskbar's toolbars Windows 2000
Prohibit adjusting desktop toolbars Windows 2000
Don't save settings at exit Windows 2000
Remove the Desktop Cleanup Wizard Windows XP
Desktop\Active Desktop
Enable Active Desktop Windows 2000

Disable Active Desktop Windows 2000
Disable all items Windows 2000
Prohibit changes Windows 2000
Prohibit adding items Windows 2000
Prohibit deleting items Windows 2000
Prohibit editing items Windows 2000
Prohibit closing items Windows 2000
Add/Delete items Windows 2000
Active Desktop Wallpaper Windows 2000
Allow only bitmapped wallpaper Windows 2000
Desktop\Active Directory
Maximum size of Active Directory searches Windows 2000
Enable filter in Find dialog box Windows 2000

Only works with
Windows 2000 desktop
Hide Active Directory folder Windows 2000 only operating systems.
Control Panel
Prohibit access to the Control Panel Windows 2000
Hide specified control panel applets Windows 2000
Show only specified control panel applets Windows 2000
Force classic Control Panel Style Windows XP
Control Panel\Add/Remove Programs
Remove Add/Remove Programs Windows 2000
Hide Change or Remove Programs page Windows 2000
Hide Add New Programs page Windows 2000

Hide Add/Remove Windows Components
page Windows 2000
Hide the "Add a program from CD-ROM or
floppy disk" option Windows 2000
Hide the "Add programs from Microsoft"
option Windows 2000
Hide the "Add programs from your network"
option Windows 2000
Go directly to Components wizard Windows 2000
Remove Support Information Windows 2000

Specify default category for Add New
Programs Windows 2000
Control Panel\Display
Remove Display in control panel Windows 2000
Prevent changing wallpaper Windows 2000
Hide Appearance and Themes tab Windows 2000
Hide Settings tab Windows 2000
Hide Desktop Tab Windows 2000
Hide Screen Saver tab Windows 2000
Screen Saver Windows 2000 SP1
Screen Saver executable name Windows 2000 SP1
Password protect the screen saver Windows 2000 SP1
Screen Saver timeout Windows 2000 SP1
Control Panel\Display\Desktop Themes
Remove Theme option Windows XP

Prevent selection of windows and button
styles Windows XP
Prohibit selection of a font size Windows XP
Prohibit Theme color selection Windows XP

Load a specific visual style file or force
Windows Classic Windows XP
Control Panel\Printers
Prevent deletion of printers Windows 2000
Prevent addition of printers Windows 2000
Browse the network to find printers Windows 2000

Default Active Directory path when
searching for printers Windows 2000
Browse a common web site to find printers Windows 2000
Control Panel\Regional and Language Options

Restrict selection of Windows menus and
dialogs language Windows 2000
Shared Folders
Allow DFS roots to be published Windows XP
Allow shared folders to be published Windows XP
Network
Network\Offline Files
Action on server disconnect Windows 2000
Administratively assigned offline files Windows 2000

Remove "Make Available Offline" Windows 2000
Turn off reminder balloons Windows 2000
Prohibit user configuration of Offline Files Windows 2000
Event logging level Windows 2000
Initial reminder balloon lifetime Windows 2000
Non-default server disconnect actions Windows 2000
Prevent use of Offline Files Folder Windows 2000
Reminder balloon frequency Windows 2000
Reminder balloon lifetime Windows 2000

Synchronize all offline files before logging
off Windows 2000
Synchronize all offline files when logging on Windows XP
Synchronize all offline files before Suspend Windows 2000

Prohibit "Make Available Offline" for these
files and folders Windows XP
Do not automatically make redirected
folders available offline Windows XP
Network\NetworkConnections
Ability to change properties of an all user
remote access connection Windows 2000 SP1
Ability to delete all user remote access
connections Windows 2000 SP1
Ability to Enabling/Disable a LAN connection Windows 2000 SP1

Ability to rename all user remote access
connections Windows XP
Ability to rename LAN connections Windows XP

Ability to rename LAN connections or
remote access connections Windows 2000 SP1
Enable Windows 2000 Network
Connections policies for Administrators Windows XP
Prohibit access to properties of a LAN
connection Windows 2000 SP1
Prohibit access to properties of components
of a remote access connection Windows 2000 SP1
Prohibit access to the Advanced Settings
item on the Advanced menu Windows 2000 SP1
Prohibit access to the Dial-up Preferences

item on the Advanced menu Windows 2000 SP1
Prohibit access to the New Connection

wizard Windows 2000 SP1
Prohibit adding and removing components
for a LAN or remote access connection Windows 2000 SP1
Prohibit changing properties of a private

Prohibit changing properties of components
of a private remote access connection Windows 2000 SP1
Prohibit connecting and disconnecting a
Prohibit deletion of RAS connections Windows 2000 SP1

Prohibit enabling/disabling components of a
LAN connection Windows 2000 SP1
Prohibit Renaming private remote access
connections Windows 2000 SP1
Prohibit TCP/IP advanced configuration Windows 2000 SP1

Prohibit viewing of status for an active
connection Windows 2000 SP1
System
Only works with
Don't display the Getting Started welcome Windows 2000 desktop
screen at logon Windows 2000 only operating systems.
Century interpretation for Year 2000 Windows 2000
Configure driver search locations Windows XP
Code signing for device drivers Windows 2000
Custom user interface Windows 2000
Prevent access to the command prompt Windows 2000
Prevent access to registry editing tools Windows 2000
Run only allowed Windows applications Windows 2000
Don't run specified Windows applications Windows 2000

Restrict these programs from running
launched from Online Help Windows XP
Turn off Autoplay (HKCU) Windows 2000
Download missing COM components (User) Windows 2000
Windows Automatic Updates Windows XP
System\User Profiles
Connect home directory to root of the share Windows 2000
Limit profile size Windows 2000
Exclude directories in roaming profile Windows 2000
System\Scripts
Run legacy logon scripts hidden Windows 2000
Run logoff scripts visible Windows 2000
Run logon scripts synchronously Windows 2000
Run logon scripts visible Windows 2000
System\Ctrl+Alt+Delete Options
Remove Change Password Windows 2000

Remove Lock Computer Windows 2000
Remove Logoff Windows 2000
Remove Task Manager Windows 2000
System\Logon
Do not progress the legacy run list Windows 2000
Do not progress the run once list Windows 2000
Run these programs at user logon Windows 2000
System\Group Policy
Create new Group Policy Object links
disabled by default Windows 2000
Default name for new Group Policy Objects Windows 2000
Turn off automatic update of ADM files Windows 2000
Enforce Show Policies Only Windows 2000
Group Policy domain controller selection Windows 2000
Group Policy refresh interval for users Windows 2000
Group Policy slow link detection Windows 2000

Disallow Interactive Users from generating
Resultant Set of Policy data Windows XP
System\Power Management
Prompt for password on resume from
hibernate / suspend Windows XP
Windows Components\Windows Explorer

Allow only per user or approved Shell
extensions Windows 2000
Display confirmation dialog when deleting
files Windows XP
Do not move deleted files to the Recycle bin Windows XP
Do not request alternate credentials Windows 2000
Do not track Shell shortcuts during roaming Windows 2000
Hide these specified drives in My Computer Windows 2000

Hides the Manage item on the Windows
Explorer context menu Windows 2000
Maximum allowed Recycle Bin size Windows XP
Maximum number of Recent documents Windows 2000

No "Computers Near Me" in My Network
Places Windows 2000
No "Entire Network" in My Network Places Windows 2000
Prevent access to drives from My Computer Windows 2000

Remove "Map Network Drive" and
"Disconnect Network Drive" Windows 2000
Remove CD Burning features Windows XP
Remove DFS tab Windows 2000
Remove File menu from Windows Explorer Windows 2000
Remove Hardware tab Windows 2000

Remove Search button from Windows
Explorer Windows 2000
Remove Security tab Windows XP

Remove Shared Documents from My
Computer Windows XP
Removes the Folder Options menu item
from the Tools menu Windows 2000
Remove UI to change keyboard navigation
indicator setting Windows 2000
Remove UI to change menu animation
setting Windows 2000
Remove Windows Explorer's default context
menu Windows 2000
Request credentials for network installations Windows 2000
Turn off caching of thumbnail pictures Windows XP
Turn on Classic Shell Windows 2000
Windows Components\Windows Explorer\Common Open File Dialog
Items displayed in Places Bar Windows XP
Hide the common dialog places bar Windows 2000
Hide the common dialog back button Windows 2000
Hide the dropdown list of recent files Windows 2000
Windows Components\Microsoft Management Console
Restrict the user from entering author mode Windows 2000

Restrict users to the explicitly permitted list
of snap-ins Windows 2000
Windows Components\Microsoft Management Console\Restricted\Permitted snap-ins
Active Directory Users and Computers Windows 2000
Active Directory Domains and Trusts Windows 2000
Active Directory Sites and Services Windows 2000
Active X Control Windows XP
ASDI Edit Windows XP
Certificates Windows 2000
Component Services Windows 2000

Computer Management Windows 2000
Device Manager Windows 2000
Disk Management Windows 2000
Disk Defragmenter Windows 2000
Distributed File System Windows 2000
Event Viewer Windows 2000
FAX Service Windows 2000
Front Page server extensions Windows XP
Indexing Service Windows 2000
Internet Authentication Service (IAS) Windows 2000
Internet Information Services Windows 2000
IP Security Windows 2000
IP Security Monitor Windows XP
IP Security Policy Management Windows XP
Link to Web Address Windows XP
Local Users and Groups Windows 2000
Performance Logs and Alerts Windows 2000
QoS Admission Control Windows 2000
Remote Desktops Windows XP
Removable Storage Management Windows 2000
Routing and Remote Access Windows 2000
Security Configuration and Analysis Windows 2000
Security Templates Windows 2000
Services Windows 2000
Shared Folders Windows 2000
System Information Windows 2000
Telephony Windows 2000
Terminal Services Configuration Windows 2000
WMI Control Windows 2000
Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Extension snap-ins
AppleTalk Routing Windows 2000

Certification Authority Windows 2000
Connection Sharing (NAT) Windows 2000
DCOM Configuration Extension Windows 2000
Device Manager Windows 2000
DHCP Relay Management Windows 2000
Event Viewer Windows 2000
Extended View (Web View) Windows XP
IAS Logging Windows 2000
IGMP Routing Windows 2000
IP Routing Windows 2000
IPX RIP Routing Windows 2000
IPX Routing Windows 2000
IPX SAP Routing Windows 2000
Logical and Mapped Drives Windows 2000
OSPF Routing Windows 2000
Public Key Policies Windows 2000
RAS Dialin - User Node Windows 2000
Remote Access Windows 2000
Removable Storage Windows 2000
RIP Routing Windows 2000
Routing Windows 2000
Send Console Message Windows 2000
Shared Folders Ext Windows 2000
Service Dependencies Windows 2000
SMTP Protocol Windows 2000
SNMP Windows 2000
System Properties Windows 2000
Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy
Group Policy snap-in Windows 2000
Group Policy Tab for Active Directory Tools Windows 2000
Result Set of Policy Windows XP

Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Group Policy snap-in extensions
Administrative Templates (Computers) Windows 2000
Administrative Templates (Users) Windows 2000
Folder Redirection Windows 2000
Internet Explorer Maintenance Windows 2000
Remote Installation Services Windows 2000
Scripts (Logon/Logoff) Windows 2000
Scripts (Startup/Shutdown) Windows 2000
Security Settings Windows 2000
Software Installation (Computers) Windows 2000
Software Installation (Users) Windows 2000
Windows Components\Microsoft Management Console\Restricted/Permitted snap-ins\Group Policy\Resultant Set of Policy snap-in extensions
Administrative Templates (Computers) Windows XP
Administrative Templates (Users) Windows XP
Folder Redirection Windows XP
Internet Explorer Maintenance Windows XP
Scripts (Startup / Shutdown) Windows XP
Scripts (Logon / Logoff) Windows XP
Security Settings Windows XP
Software Installation (Computers) Windows XP
Software Installation (Users) Windows XP
Windows Components\Task Scheduler
Hide Property Pages Windows 2000
Prevent Task Run or End Windows 2000
Prohibit Drag-and-Drop Windows 2000
Prohibit New Task Creation Windows 2000
Prohibit Task Deletion Windows 2000
Remove Advanced Menu Windows 2000
Prohibit Browse Windows 2000
Windows Components\Windows Installer

Search order Windows 2000

Prevent removable media source for any
install Windows 2000
Windows Components\Terminal Services
Start a program on connection Windows XP
Remote control settings Windows XP
Windows Components\Terminal Services\Sessions
Set time limit for disconnected sessions Windows XP
Set time limit for active sessions Windows XP
Set time limit for idle sessions Windows XP
Allow reconnection from original client only Windows XP
Terminate session when limits are reached Windows XP
Windows Components\Windows Messenger
Do not allow Windows Messenger to be run Windows XP

Do not automatically start Windows
Messenger initially Windows XP
Windows Components\NetMeeting
Enable Automatic Configuration NetMeeting 3.0
Disable Directory services NetMeeting 3.0
Prevent adding Directory servers NetMeeting 3.0
Prevent viewing Web directory NetMeeting 3.0
Set the intranet support Web page NetMeeting 3.0
Set Call Security options NetMeeting 3.0
Prevent changing Call placement method NetMeeting 3.0
Prevent automatic acceptance of Calls NetMeeting 3.0
Prevent sending files NetMeeting 3.0
Prevent receiving files NetMeeting 3.0
Limit the size of sent files NetMeeting 3.0
Disable Chat NetMeeting 3.0
Disable NetMeeting 2.x Whiteboard NetMeeting 3.0
Disable Whiteboard NetMeeting 3.0
Windows Components\NetMeeting\Application Sharing

Disable application Sharing NetMeeting 3.0
Prevent Sharing NetMeeting 3.0
Prevent Desktop Sharing NetMeeting 3.0
Prevent Sharing Command Prompts NetMeeting 3.0
Prevent Sharing Explorer windows NetMeeting 3.0
Prevent Control NetMeeting 3.0
Prevent Application Sharing in true color NetMeeting 3.0
Windows Components\NetMeeting\Audio & Video
Limit the bandwidth of Audio and Video NetMeeting 3.0
Disable Audio NetMeeting 3.0
Disable full duplex Audio NetMeeting 3.0
Prevent changing DirectSound Audio setting NetMeeting 3.0
Prevent sending Video NetMeeting 3.0
Prevent receiving Video NetMeeting 3.0
Windows Components\NetMeeting\Options Page
Hide the General page NetMeeting 3.0
Disable the Advanced Calling button NetMeeting 3.0
Hide the Security page NetMeeting 3.0
Hide the Audio page NetMeeting 3.0
Hide the Video page NetMeeting 3.0
Windows Components\Internet Explorer
Configure Media Explorer Bar Internet Explorer 6.0
Configure Outlook Express Internet Explorer 6.0
Search: Disable Search Customization Internet Explorer 5.01

Search: Disable Find Files via F3 within the
browser" Internet Explorer 5.01
Disable external branding of Internet
Explorer Internet Explorer 5.01
Disable importing and exporting of favorites Internet Explorer 5.01
Disable changing Advanced page settings Internet Explorer 5.01
Disable changing home page settings Internet Explorer 5.01

Use Automatic Detection for dial-up
connections Internet Explorer 5.01
Disable caching of Auto-Proxy scripts Internet Explorer 5.01

Display error message on proxy script
download failure Internet Explorer 5.01
Disable changing Temporary Internet files
settings Internet Explorer 5.01
Disable changing history settings Internet Explorer 5.01
Disable changing color settings Internet Explorer 5.01
Disable changing link color settings Internet Explorer 5.01
Disable changing font settings Internet Explorer 5.01
Disable changing language settings Internet Explorer 5.01
Disable changing accessibility settings Internet Explorer 5.01
Disable Internet Connection wizard Internet Explorer 5.01
Disable changing connection settings Internet Explorer 5.01
Disable changing proxy settings Internet Explorer 5.01

Disable changing Automatic Configuration
Disable changing ratings settings Internet Explorer 5.01
Disable changing certificate settings Internet Explorer 5.01
Disable changing Profile Assistant settings Internet Explorer 5.01
Disable AutoComplete for forms Internet Explorer 5.01

Do not allow AutoComplete to save
passwords Internet Explorer 5.01
Disable changing Messaging settings Internet Explorer 5.01

Disable changing Calendar and Contact
Disable the Reset Web Settings feature Internet Explorer 5.01
Disable changing default browser check Internet Explorer 5.01

Identity Manager: Prevent users from using
Identities Internet Explorer 5.01
Windows Components\Internet Explorer\Internet Control Panel
Disable the General page Internet Explorer 5.01
Disable the Security page Internet Explorer 5.01
Disable the Content page Internet Explorer 5.01
Disable the Connections page Internet Explorer 5.01
Disable the Programs page Internet Explorer 5.01
Disable the Advanced page Internet Explorer 5.01
Windows Components\Internet Explorer\Offline Pages
Disable adding channels Internet Explorer 5.01

Disable removing channels Internet Explorer 5.01
Disable adding schedules for offline pages Internet Explorer 5.01
Disable editing schedules for offline pages Internet Explorer 5.01
Disable removing schedules for offline pages Internet Explorer 5.01
Disable offline page hit logging Internet Explorer 5.01
Disable all scheduled offline pages Internet Explorer 5.01
Disable channel user interface completely Internet Explorer 5.01

Disable downloading of site subscription
content Internet Explorer 5.01
Disable editing and creating of schedule
groups Internet Explorer 5.01
Subscription Limits Internet Explorer 5.01
Windows Components\Internet Explorer\Browser Menu
Hide Favorites menu Internet Explorer 5.01
Disable Context Menu Internet Explorer 5.01
Disable Open in New Window Option Internet Explorer 5.01
Disable Save this program to disk option Internet Explorer 5.01

File menu: Disable closing the browser and
Explorer Internet Explorer 5.01
File menu: Disable new menu option Internet Explorer 5.01
File menu: Disable open menu option Internet Explorer 5.01

File menu: Disable save as web page
complete Internet Explorer 5.01
File menu: Disable save as menu option Internet Explorer 5.01

Help Menu: Remove 'For Netscape Users'
menu option Internet Explorer 5.01
Help Menu: Remove 'Send Feedback' menu
option Internet Explorer 5.01
Help Menu: Remove 'Tip of the Day' menu
Tools Menu: Disable 'Internet options' menu
View Menu: Disable 'Source' menu option Internet Explorer 5.01

View Menu: Disable 'Full Screen' menu
Windows Components/Internet Explorer/Toolbars
Configure Toolbar Buttons Internet Explorer 5.01
Disable customizing browser toolbar buttons Internet Explorer 5.01
Disable customizing browser toolbars Internet Explorer 5.01
Windows Components/Internet Explorer/Persistence Behavior

File size limits for Internet zone Internet Explorer 5.01
File size limits for Intranet zone Internet Explorer 5.01
File size limits for Local Machine zone Internet Explorer 5.01
File size limits for Restricted Sites zone Internet Explorer 5.01
File size limits for Trusted Sites Zone Internet Explorer 5.01
Windows components\Internet Explorer\Administrator Approved Controls
Carpoint Internet Explorer 5.01
DHTML Edit Control Internet Explorer 5.01
Investor Internet Explorer 5.01
Media Player Internet Explorer 5.01
Menu Controls Internet Explorer 5.01
Microsoft Agent Internet Explorer 5.01
Microsoft Chat Internet Explorer 5.01
Microsoft Scriptlet Component Internet Explorer 5.01
Microsoft Survey Control Internet Explorer 5.01
MSNBC Internet Explorer 5.01
NetShow File Transfer Control Internet Explorer 5.01
Shockwave Flash Internet Explorer 5.01
Windows Components\Windows Media Player
Windows Components\Windows Media Player\User Interface
Set and Lock Skin Media Player 8.00
Do not Show Anchor Media Player 8.00
Windows Components\Windows Media Player\Playback
Prevent Codec Download Media Player 8.00
Windows Components\Windows Media Player\Networking
Hide Network tab Media Player 8.00
Streaming Media Protocols Media Player 8.00
Configure HTTP Proxy Media Player 8.00
Configure MMS Proxy Media Player 8.00
Configure Network Buffering Media Player 8.00
Windows Components\ Windows Update

Remove access to use all Windows update
Features Windows XP
Windows Components\ Windows Installer

Prevent removable media source for any
install Windows 2000
Search order Windows 2000

Active directory
name of Group Policy
Object
Domain containing
Group Policy Object
Version of Group
Policy Object
Value of policy
Notes for setting
setting

Prwo Gpss

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Prwo Gpss

Загружено:

Авторское право:

Доступные форматы

Group Policy Object Settings

Specify Windows Service Pack installation

Verbose vs normal status messages Windows 2000

Turn off Autoplay Windows 2000

Specify Windows Installation file location Windows XP

Delete cached copies of roaming profiles Windows 2000

Do not detect slow network connections Windows 2000

Wait for remote user profile Windows 2000

Prompt user when slow link is detected Windows 2000

Timeout for dialog boxes Windows 2000

Log users off when roaming profile fails Windows 2000

Only allow local user profiles Windows XP

Run logon scripts synchronously Windows 2000

Run startup scripts asynchronously Windows 2000

Run startup scripts visible Windows 2000

Run shutdown scripts visible Windows 2000

Maximum wait time for Group Policy scripts Windows 2000

Always use classic logon Windows XP

Run these programs at user logon Windows 2000

Do not process the run once list Windows 2000

Do not process the legacy run list Windows 2000

Enable disk quotas Windows 2000

Enforce disk quota limit Windows 2000

Default quota limit and warning level Windows 2000

Log event when quota limit exceeded Windows 2000

Apply policy to removable media Windows 2000

Expected dial-up delay on logon Windows XP

Site Name Windows XP

Negative DC Discovery Cache Setting Windows XP

Scavenge Interval Windows XP

Contact PDC on logon failure Windows XP

System\Net Login\DC Locator DNS Records

TTL Set in the DC Locator DNS Records Windows XP

Turn off background refresh of group policy Windows 2000

Group Policy refresh interval for computers Windows 2000

Group Policy slow link detection Windows 2000

Turn off Resultant Set of Policy Logging Windows XP

Registry policy processing Windows 2000

Software Installation policy processing Windows 2000

Folder Redirection policy processing Windows 2000

Scripts policy processing Windows 2000

Security policy processing Windows 2000

EFS recovery policy processing Windows 2000

Disk Quota policy processing Windows 2000

Solicited Remote Assistance Windows XP

Offer Remote Assistance Windows XP

Turn off System Restore Windows XP

Turn off Configuration Windows XP

Display Error Notification Windows XP

Report Errors Windows XP

System\Advanced Error Reporting Settings

Default application reporting settings Windows XP

List of applications to always report error for Windows XP

List of applications to never report for Windows XP

Report operating system errors Windows XP

Report unplanned shutdown events Windows XP

System\Windows File Protection

Set Windows File Protection Scanning Windows XP

Hide the file scan progress window Windows XP

Limit Windows File Protection cache size Windows XP

System\Remote Procedure Call

RPC Troubleshooting State Information Windows XP

Propagation of extended error information Windows XP