trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
a2786ab6a0a8f85015afec1f5c47e464bcba63a9
DetectionLab/Vagrant/resources/GPO/rdp_users/{02BF61B9-4ECA-4D86-B20B-323CF53B1E9F}/gpreport.xml

174 lines
17 KiB
XML
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?xml version="1.0" encoding="utf-16"?>
<GPO xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.microsoft.com/GroupPolicy/Settings">
<Identifier>
<Identifier xmlns="http://www.microsoft.com/GroupPolicy/Types">{D3AAF869-5E70-4C9E-BC4D-F7F86C450D5B}</Identifier>
<Domain xmlns="http://www.microsoft.com/GroupPolicy/Types">windomain.local</Domain>
</Identifier>
<Name>Allow Domain Users RDP</Name>
<IncludeComments>true</IncludeComments>
<CreatedTime>2020-09-28T11:51:49</CreatedTime>
<ModifiedTime>2020-09-28T11:53:00</ModifiedTime>
<ReadTime>2020-09-28T11:54:01.4255528Z</ReadTime>
<SecurityDescriptor>
<SDDL xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">O:S-1-5-21-3036387054-737866085-3744588598-1000G:DUD:PAI(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;;CCDCLCSWRPWPDTLOSDRCWDWO;;;S-1-5-21-3036387054-737866085-3744588598-1000)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;DA)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;S-1-5-21-3036387054-737866085-3744588598-519)(A;CI;LCRPLORC;;;ED)(A;CI;LCRPLORC;;;AU)(A;CI;CCDCLCSWRPWPDTLOSDRCWDWO;;;SY)(A;CIIO;CCDCLCSWRPWPDTLOSDRCWDWO;;;CO)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)</SDDL>
<Owner xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-3036387054-737866085-3744588598-1000</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">WINDOMAIN\vagrant</Name>
</Owner>
<Group xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-3036387054-737866085-3744588598-513</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">WINDOMAIN\Domain Users</Name>
</Group>
<PermissionsPresent xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">true</PermissionsPresent>
<Permissions xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">
<InheritsFromParent>false</InheritsFromParent>
<TrusteePermissions>
<Trustee>
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-3036387054-737866085-3744588598-1000</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">WINDOMAIN\vagrant</Name>
</Trustee>
<Type xsi:type="PermissionType">
<PermissionType>Allow</PermissionType>
</Type>
<Inherited>false</Inherited>
<Applicability>
<ToSelf>true</ToSelf>
<ToDescendantObjects>false</ToDescendantObjects>
<ToDescendantContainers>false</ToDescendantContainers>
<ToDirectDescendantsOnly>false</ToDirectDescendantsOnly>
</Applicability>
<Standard>
<GPOGroupedAccessEnum>Edit, delete, modify security</GPOGroupedAccessEnum>
</Standard>
<AccessMask>0</AccessMask>
</TrusteePermissions>
<TrusteePermissions>
<Trustee>
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-9</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS</Name>
</Trustee>
<Type xsi:type="PermissionType">
<PermissionType>Allow</PermissionType>
</Type>
<Inherited>false</Inherited>
<Applicability>
<ToSelf>true</ToSelf>
<ToDescendantObjects>false</ToDescendantObjects>
<ToDescendantContainers>true</ToDescendantContainers>
<ToDirectDescendantsOnly>false</ToDirectDescendantsOnly>
</Applicability>
<Standard>
<GPOGroupedAccessEnum>Read</GPOGroupedAccessEnum>
</Standard>
<AccessMask>0</AccessMask>
</TrusteePermissions>
<TrusteePermissions>
<Trustee>
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-3036387054-737866085-3744588598-519</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">WINDOMAIN\Enterprise Admins</Name>
</Trustee>
<Type xsi:type="PermissionType">
<PermissionType>Allow</PermissionType>
</Type>
<Inherited>false</Inherited>
<Applicability>
<ToSelf>true</ToSelf>
<ToDescendantObjects>false</ToDescendantObjects>
<ToDescendantContainers>true</ToDescendantContainers>
<ToDirectDescendantsOnly>false</ToDirectDescendantsOnly>
</Applicability>
<Standard>
<GPOGroupedAccessEnum>Edit, delete, modify security</GPOGroupedAccessEnum>
</Standard>
<AccessMask>0</AccessMask>
</TrusteePermissions>
<TrusteePermissions>
<Trustee>
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-18</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">NT AUTHORITY\SYSTEM</Name>
</Trustee>
<Type xsi:type="PermissionType">
<PermissionType>Allow</PermissionType>
</Type>
<Inherited>false</Inherited>
<Applicability>
<ToSelf>true</ToSelf>
<ToDescendantObjects>false</ToDescendantObjects>
<ToDescendantContainers>true</ToDescendantContainers>
<ToDirectDescendantsOnly>false</ToDirectDescendantsOnly>
</Applicability>
<Standard>
<GPOGroupedAccessEnum>Edit, delete, modify security</GPOGroupedAccessEnum>
</Standard>
<AccessMask>0</AccessMask>
</TrusteePermissions>
<TrusteePermissions>
<Trustee>
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-3036387054-737866085-3744588598-512</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">WINDOMAIN\Domain Admins</Name>
</Trustee>
<Type xsi:type="PermissionType">
<PermissionType>Allow</PermissionType>
</Type>
<Inherited>false</Inherited>
<Applicability>
<ToSelf>true</ToSelf>
<ToDescendantObjects>false</ToDescendantObjects>
<ToDescendantContainers>true</ToDescendantContainers>
<ToDirectDescendantsOnly>false</ToDirectDescendantsOnly>
</Applicability>
<Standard>
<GPOGroupedAccessEnum>Edit, delete, modify security</GPOGroupedAccessEnum>
</Standard>
<AccessMask>0</AccessMask>
</TrusteePermissions>
<TrusteePermissions>
<Trustee>
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-11</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">NT AUTHORITY\Authenticated Users</Name>
</Trustee>
<Type xsi:type="PermissionType">
<PermissionType>Allow</PermissionType>
</Type>
<Inherited>false</Inherited>
<Applicability>
<ToSelf>true</ToSelf>
<ToDescendantObjects>false</ToDescendantObjects>
<ToDescendantContainers>true</ToDescendantContainers>
<ToDirectDescendantsOnly>false</ToDirectDescendantsOnly>
</Applicability>
<Standard>
<GPOGroupedAccessEnum>Apply Group Policy</GPOGroupedAccessEnum>
</Standard>
<AccessMask>0</AccessMask>
</TrusteePermissions>
</Permissions>
<AuditingPresent xmlns="http://www.microsoft.com/GroupPolicy/Types/Security">false</AuditingPresent>
</SecurityDescriptor>
<FilterDataAvailable>true</FilterDataAvailable>
<Computer>
<VersionDirectory>3</VersionDirectory>
<VersionSysvol>3</VersionSysvol>
<Enabled>true</Enabled>
<ExtensionData>
<Extension xmlns:q1="http://www.microsoft.com/GroupPolicy/Settings/Security" xsi:type="q1:SecuritySettings">
<q1:RestrictedGroups>
<q1:GroupName>
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-32-555</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">BUILTIN\Remote Desktop Users</Name>
</q1:GroupName>
<q1:Member>
<SID xmlns="http://www.microsoft.com/GroupPolicy/Types">S-1-5-21-3036387054-737866085-3744588598-513</SID>
<Name xmlns="http://www.microsoft.com/GroupPolicy/Types">WINDOMAIN\Domain Users</Name>
</q1:Member>
</q1:RestrictedGroups>
</Extension>
<Name>Security</Name>
</ExtensionData>
</Computer>
<User>
<VersionDirectory>2</VersionDirectory>
<VersionSysvol>2</VersionSysvol>
<Enabled>true</Enabled>
</User>
</GPO>
Reference in New Issue View Git Blame Copy Permalink