file:///c:/users/nsadmin/desktop/default%20domain%20policy.htm

Size: px

Start display at page:

Download "file:///c:/users/nsadmin/desktop/default%20domain%20policy.htm"

Lillian Harrington
5 years ago
Views:

1 Page 1 of 5 Data collected on: 1:22:33 PM General Details Domain Owner Created Modified User Revisions Computer Revisions Unique ID GPO Status naturalsmilesdentistry.com NS\Domain Admins 1/28/ :09:00 PM 1:17:24 PM 37 (AD), 37 (sysvol) 28 (AD), 28 (sysvol) {31B2F D-11D2-945F-00C04FB984F9} Links Location Enforced Link Status Path naturalsmilesdentistry Yes naturalsmilesdentistry.com This list only includes links in the domain of the GPO. Security Filtering The settings in this GPO can only apply to the following groups, users, and computers: NT AUTHORITY\Authenticated Users Delegation These groups and users have the specified permission for this GPO Allowed Permissions Inherited NT AUTHORITY\Authenticated Users Read (from Security Filtering) No NT AUTHORITY\ENTERPRISE DOMAIN Read No CONTROLLERS NT AUTHORITY\SYSTEM Edit settings, delete, modify security No Computer Configuration () Policies Windows s Security s Account Policies/Password Enforce password history Maximum password age Minimum password age Minimum password length Password must meet complexity requirements Store passwords using reversible encryption 24 passwords remembered 0 days 1 days 4 characters Account Policies/Account Lockout Account lockout threshold 0 invalid logon attempts Account Policies/Kerberos Enforce user logon restrictions Maximum lifetime for service ticket 600 minutes

2 Page 2 of 5 Maximum lifetime for user ticket Maximum lifetime for user ticket renewal Maximum tolerance for computer clock synchronization 10 hours 7 days 5 minutes Local Policies/User Rights Assignment Allow log on through Terminal Services BUILTIN\Remote Desktop Users, NS\Domain Users Local Policies/Security Options Network Access Network access: Allow anonymous SID/ translation Network Security Network security: Do not store LAN Manager hash value on next password change Network security: Force logoff when logon hours expire Public Key Policies/Encrypting File System Certificates Issued To Issued By Expiration Date Intended Purposes Administrator Administrator 1/4/ :17:47 PM File Recovery For additional information about individual settings, launch Group Object Editor. Public Key Policies/Trusted Root Certification Authorities Properties Allow users to select new root certification authorities (CAs) to trust Client computers can trust the following certificate stores To perform certificate-based authentication of users and computers, CAs must meet the following criteria Third-Party Root Certification Authorities and Enterprise Root Ce Authorities Registered in Active Directory only Windows Firewall with Advanced Security Global s version 2.10 Disable stateful FTP Disable stateful PPTP IPsec exempt IPsec through NAT Preshared key encoding SA idle time Strong CRL check Inbound Rules Description Remote Desktop (TCP-In) Inbound rule for the Remote Desktop service to allow RDP traffic. [ This rule may contain some elements that cannot be interpreted by current version of GPMC reporting module Program Action Security Authorized computers True System Allow Require authentication

3 Page 3 of 5 Authorized users Protocol 6 Local port 3389 Remote port ICMP settings Local scope Remote scope Profile All Network interface type All Service All programs and services Allow edge traversal False Group Remote Desktop Connection Security s Administrative Templates definitions (ADMX files) retrieved from the local machine. Network/Network Connections/Windows Firewall/Domain Profile Windows Firewall: Allow ICMP exceptions Allow outbound destination unreachable Allow outbound source quench Allow redirect Allow inbound echo request Allow inbound router request Allow outbound time exceeded Allow outbound parameter problem Allow inbound timestamp request Allow inbound mask request Allow outbound packet too big Windows Firewall: Allow inbound remote administration exception Windows Firewall: Allow inbound Remote Desktop exceptions

4 Page 4 of 5 Network/Network Connections/Windows Firewall/Standard Profile Windows Firewall: Allow ICMP exceptions Allow outbound destination unreachable Allow outbound source quench Allow redirect Allow inbound echo request Allow inbound router request Allow outbound time exceeded Allow outbound parameter problem Allow inbound timestamp request Allow inbound mask request Allow outbound packet too big Windows Firewall: Allow inbound remote administration exception Windows Firewall: Allow inbound Remote Desktop exceptions System/Logon

5 Page 5 of 5 Always wait for the network at computer startup and logon System/Power Management/Sleep s Specify the System Hibernate Timeout (Plugged In) System Hibernate Timeout (seconds): 0 Specify the System Sleep Timeout (Plugged In) System Sleep Timeout (seconds): 0 Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections Allow users to connect remotely using Remote Desktop Services User Configuration () Policies Windows s Scripts Logon For this GPO, Script order: Not configured Map Resource Drive.bat Parameters Internet Explorer Maintenance Browser User Interface/Customized Title Bar Title Bar Text Provided by Natural Smiles Dentist

3/20/ :47:14 AM 12/13/ :05:38 AM

3/20/ :47:14 AM 12/13/ :05:38 AM Policy Data collected on: 12/19/2012 12:10:47 PM General Details Domain Owner Created Modified User Revisions Computer Revisions 3/20/2008 10:47:14 AM 12/13/2012 11:05:38 AM 175 (AD), 175 (sysvol) 66 (AD),