Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
SCM Windows 10 - BitLocker
Data collected on: 1/15/2016 6:25:58 AM
General
Details
DomainSecurity.local
OwnerSECURITY\Domain Admins
Created11/12/2015 9:09:22 AM
Modified1/15/2016 6:14:10 AM
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions15 (AD), 15 (SYSVOL)
Unique ID{927A3B4E-8582-4308-B520-9A084941F23F}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
SECURITY\Domain AdminsEdit settings, delete, modify securityNo
SECURITY\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Local Policies/Security Options
Other
PolicySetting
Interactive logon: Machine account lockout threshold10 invalid logon attempts
Administrative Templates
Policy definitions (ADMX files) retrieved from the local computer.
System/Device Installation/Device Installation Restrictions
PolicySettingComment
Prevent installation of devices that match any of these device IDsEnabled
Prevent installation of devices that match any of these Device IDs:
PCI\CC_0C0A
To create a list of devices, click Show. In the Show Contents dialog box, in the Value column,
type a Plug and Play hardware ID or compatible ID
(for example, gendisk, USB\COMPOSITE, USB\Class_ff).
Also apply to matching devices that are already installed.Enabled
PolicySettingComment
Prevent installation of devices using drivers that match these device setup classesEnabled
Prevent installation of devices using drivers for these device setup classes:
{d48179be-ec20-11d1-b6b8-00c04fa372a7}
To create a list of device classes, click Show. In the Show Contents dialog box, in the Value column,
type a GUID that represents a device setup class
(for example, {25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}).
Also apply to matching devices that are already installed.Enabled
System/Power Management/Sleep Settings
PolicySettingComment
Allow standby states (S1-S3) when sleeping (on battery)Disabled
Allow standby states (S1-S3) when sleeping (plugged in)Disabled
Windows Components/BitLocker Drive Encryption
PolicySettingComment
Choose drive encryption method and cipher strengthEnabled
Select the encryption method:AES 256-bit
Windows Components/BitLocker Drive Encryption/Operating System Drives
PolicySettingComment
Allow enhanced PINs for startupEnabled
Allow Secure Boot for integrity validationEnabled
Configure minimum PIN length for startupEnabled
Minimum characters:7
Windows Components/BitLocker Drive Encryption/Removable Data Drives
PolicySettingComment
Deny write access to removable drives not protected by BitLockerEnabled
Do not allow write access to devices configured in another organizationDisabled
User Configuration (Disabled)
No settings defined.