Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Group Policy Results
DOMAIN\CENSORED_USER_NAME on DOMAIN\W16S-SERVICES
Data collected on: 12/19/2022 11:07:25 AM
Summary
 During last computer policy refresh on 12/19/2022 9:48:34 AM
 
No Errors Detected
A fast link was detected More information...
The following GPOs have special alerts
 
GPO NameAlert
Default Domain PolicyEnforced
Service AccountsEnforced
WSUS - Server GroupEnforced
 During last user policy refresh on 12/19/2022 9:26:29 AM
 
No Errors Detected
A fast link was detected More information...
Computer Details
General
Computer nameDOMAIN\W16S-SERVICES
Domaindomain.local
SiteDefault-First-Site-Name
Organizational Unitdomain.local/Domain Servers
Security Group Membership
show
Component Status
Component NameStatusTime TakenLast Process TimeEvent Log
Group Policy InfrastructureSuccess780 Millisecond(s)12/19/2022 9:48:34 AMView Log
RegistrySuccess78 Millisecond(s)12/16/2022 3:23:02 PMView Log
SecuritySuccess593 Millisecond(s)12/12/2022 7:11:21 PMView Log
Settings
Policies
Windows Settings
Security Settings
Account Policies/Password Policy
PolicySettingWinning GPO
Enforce password history24 passwords rememberedDefault Domain Policy
Maximum password age180 daysDefault Domain Policy
Minimum password age1 daysDefault Domain Policy
Minimum password length7 charactersDefault Domain Policy
Password must meet complexity requirementsEnabledDefault Domain Policy
Store passwords using reversible encryptionDisabledDefault Domain Policy
Account Policies/Account Lockout Policy
PolicySettingWinning GPO
Account lockout duration30 minutesDefault Domain Policy
Account lockout threshold10 invalid logon attemptsDefault Domain Policy
Reset account lockout counter after30 minutesDefault Domain Policy
Local Policies/User Rights Assignment
PolicySettingWinning GPO
Deny log on locallyDOMAIN\Service Accounts - Deny LogonService Accounts
Deny log on through Terminal ServicesDOMAIN\Service Accounts - Deny LogonService Accounts
Local Policies/Security Options
Interactive Logon
PolicySettingWinning GPO
Interactive logon: Prompt user to change password before expiration14 daysDefault Domain Policy
Network Access
PolicySettingWinning GPO
Network access: Allow anonymous SID/Name translationDisabledDefault Domain Policy
Network Security
PolicySettingWinning GPO
Network security: Do not store LAN Manager hash value on next password changeEnabledDefault Domain Policy
Network security: Force logoff when logon hours expireDisabledDefault Domain Policy
Public Key Policies/Certificate Services Client - Auto-Enrollment Settings
PolicySettingWinning GPO
Automatic certificate managementEnabled[Default setting]
OptionSetting
Enroll new certificates, renew expired certificates, process pending certificate requests and remove revoked certificatesDisabled
Update and manage certificates that use certificate templates from Active DirectoryDisabled
Public Key Policies/Encrypting File System
Certificates
Issued ToIssued ByExpiration DateIntended PurposesWinning GPO
AdministratorAdministrator6/29/2122 3:56:26 PMFile RecoveryDefault Domain Policy

For additional information about individual settings, launch the Local Group Policy Object Editor.
Administrative Templates
Policy definitions (ADMX files) retrieved from the local computer.
Windows Components/Windows Update
PolicySettingWinning GPO
Configure Automatic UpdatesEnabledWSUS - Server Group
Configure automatic updating:4 - Auto download and schedule the install
The following settings are only required and applicable if 4 is selected.
Install during automatic maintenance 
Scheduled install day: 1 - Every Sunday
Scheduled install time:03:00
Install updates for other Microsoft productsEnabled
PolicySettingWinning GPO
Enable client-side targetingEnabledWSUS - Server Group
Target group name for this computerServers
PolicySettingWinning GPO
Specify intranet Microsoft update service locationEnabledWSUS - Server Group
Set the intranet update service for detecting updates:http://w22s-wsus.domain.local:8530
Set the intranet statistics server:http://w22s-wsus.domain.local:8530
Set the alternate download server:
(example: https://IntranetUpd01)
Download files with no Url in the metadata if alternate download server is set. 
Do not enforce TLS certificate pinning for Windows Update client for detecting updates.Disabled
Select the proxy behavior for Windows Update client for detecting updates:Only use system proxy for detecting updates (default)
PolicySettingWinning GPO
Turn on recommended updates via Automatic UpdatesEnabledWSUS - Server Group
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingStateWinning GPO
Software\Policies\Microsoft\Windows\WindowsUpdate\AU\ScheduledInstallEveryWeek1WSUS - Server Group
Group Policy Objects
Applied GPOs
Default Domain Policy [{31B2F340-016D-11D2-945F-00C04FB984F9}]
Link Locationdomain.local
Extensions Configured{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}
Security
Registry
EnforcedYes
DisabledNone
Security FiltersNT AUTHORITY\Authenticated Users
RevisionAD (17), SYSVOL (17)
WMI Filter 
Service Accounts [{A87B2D0E-4123-4222-8247-257110CB804E}]
Link Locationdomain.local
Extensions ConfiguredSecurity
EnforcedYes
DisabledNone
Security FiltersNT AUTHORITY\Authenticated Users
RevisionAD (4), SYSVOL (4)
WMI Filter 
WSUS - Server Group [{1896DBB6-0501-4231-AF2A-D9E13EC9AB22}]
Link Locationdomain.local/Domain Servers
Extensions ConfiguredRegistry
EnforcedYes
DisabledNone
Security FiltersNT AUTHORITY\Authenticated Users
RevisionAD (1), SYSVOL (1)
WMI Filter 
Denied GPOs
Local Group Policy [LocalGPO]
Link LocationLocal
Extensions Configured 
EnforcedNo
DisabledNone
Security Filters 
RevisionAD (0), SYSVOL (0)
WMI Filter 
Reason DeniedEmpty
WMI Filters
NameValueReference GPO(s)
None
User Details
General
User nameDOMAIN\CENSORED_USER_NAME
Domaindomain.local
Organizational Unitdomain.local/Domain Users/Admins
Security Group Membership
show
Component Status
Component NameStatusTime TakenLast Process TimeEvent Log
Group Policy InfrastructureSuccess886 Millisecond(s)12/19/2022 9:26:29 AMView Log
Settings
No settings defined.
Group Policy Objects
Applied GPOs
Denied GPOs
Local Group Policy [LocalGPO]
Link LocationLocal
Extensions Configured 
EnforcedNo
DisabledNone
Security Filters 
RevisionAD (0), SYSVOL (0)
WMI Filter 
Reason DeniedEmpty
WMI Filters
NameValueReference GPO(s)
None