{093D7A8E-043E-41D0-B0E1-7D633801A96E} windomain.local Taskbar Layout true 2020-12-17T22:53:24 2020-12-17T23:23:29 2020-12-18T00:53:10.9920543Z O:S-1-5-21-2296914924-2001082525-608774050-1000G:DUD:PAI(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;;CCDCLCSWRPWPDTLOSDRCWDWO;;;S-1-5-21-2296914924-2001082525-608774050-1000)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;DA)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;S-1-5-21-2296914924-2001082525-608774050-519)(A;CI;LCRPLORC;;;ED)(A;CI;LCRPLORC;;;AU)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;SY)(A;CIIO;CCDCLCSWRPWPDTLOSDRCWDWO;;;CO)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) S-1-5-21-2296914924-2001082525-608774050-1000 WINDOMAIN\vagrant S-1-5-21-2296914924-2001082525-608774050-513 WINDOMAIN\Domain Users true false S-1-5-21-2296914924-2001082525-608774050-519 WINDOMAIN\Enterprise Admins Allow false true false true false Edit, delete, modify security 0 S-1-5-9 NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS Allow false true false true false Read 0 S-1-5-21-2296914924-2001082525-608774050-512 WINDOMAIN\Domain Admins Allow false true false true false Edit, delete, modify security 0 S-1-5-18 NT AUTHORITY\SYSTEM Allow false true false true false Edit, delete, modify security 0 S-1-5-21-2296914924-2001082525-608774050-1000 WINDOMAIN\vagrant Allow false true false false false Edit, delete, modify security 0 S-1-5-11 NT AUTHORITY\Authenticated Users Allow false true false true false Apply Group Policy 0 false true 2 2 true Hardened UNC Paths Enabled This policy setting configures secure access to UNC paths. If you enable this policy, Windows only allows access to the specified UNC paths after fulfilling additional security requirements. At least Windows Vista Network/Network Provider Specify hardened network paths. In the name field, type a fully-qualified UNC path for each network resource. To secure all access to a share with a particular name, regardless of the server name, specify a server name of '*' (asterisk). For example, "\\*\NETLOGON". To secure all access to all shares hosted on a server, the share name portion of the UNC path may be omitted. For example, "\\SERVER". In the value field, specify one or more of the following options, separated by commas: 'RequireMutualAuthentication=1': Mutual authentication between the client and server is required to ensure the client connects to the correct server. 'RequireIntegrity=1': Communication between the client and server must employ an integrity mechanism to prevent data tampering. 'RequirePrivacy=1': Communication between the client and the server must be encrypted to prevent third parties from observing sensitive data. Hardened UNC Paths: Enabled true true \\windomain.local RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0 \\dc.windomain.local RequireMutualAuthentication=0,RequireIntegrity=0,RequirePrivacy=0 You should require both Integrity and Mutual Authentication for any UNC paths that host executable programs, script files, or files that control security policies. Consider hosting files that do not require Integrity or Privacy on separate shares from those that absolutely need such security for optimal performance. For additional details on configuring Windows computers to require additional security when accessing specific UNC paths, visit http://support.microsoft.com/kb/3000483. Start Layout Enabled Specifies the Start layout for users. This setting lets you specify the Start layout for users and prevents them from changing its configuration. The Start layout you specify must be stored in an XML file that was generated by the Export-StartLayout PowerShell cmdlet. To use this setting, you must first manually configure a device's Start layout to the desired look and feel. Once you are done, run the Export-StartLayout PowerShell cmdlet on that same device. The cmdlet will generate an XML file representing the layout you configured. Once the XML file is generated and moved to the desired file path, type the fully qualified path and name of the XML file. You can type a local path, such as C:\StartLayouts\myLayout.xml or a UNC path, such as \\Server\Share\Layout.xml. If the specified file is not available when the user logs on, the layout won't be changed. Users cannot customize their Start screen while this setting is enabled. If you disable this setting or do not configure it, the Start screen layout won't be changed and users will be able to customize it. At least Windows Server 2016, Windows 10 Start Menu and Taskbar Start Layout File Enabled \\windomain.local\SYSVOL\windomain.local\scripts\DetectionLabLayout.xml Registry 4 4 true Domain Controllers windomain.local/Domain Controllers true true Servers windomain.local/Servers true true Workstations windomain.local/Workstations true true