Default Domain Policy
Data collected on: 5/29/2009 7:13:26 PM
General
Details
Domainsmallbusiness.local
OwnerSMALLBUSINESS\Domain Admins
Created 5/29/2009 6:21:14 PM
Modified 5/29/2009 6:43:10 PM
User Revisions 0 (AD), 0 (sysvol)
Computer Revisions 5 (AD), 5 (sysvol)
Unique ID {31B2F340-016D-11D2-945F-00C04FB984F9}
GPO Status Enabled
Links
LocationEnforced Link Status Path
smallbusinessNo Enabledsmallbusiness.local

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
WMI Filtering
WMI Filter Name None
Description Not applicable
Delegation
These groups and users have the specified permission for this GPO
Name Allowed Permissions Inherited
NT AUTHORITY\Authenticated Users Read (from Security Filtering) No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS ReadNo
NT AUTHORITY\SYSTEM Edit settings, delete, modify security No
Computer Configuration (Enabled)
Policies
Windows Settings
Security Settings
Account Policies/Password Policy
Policy Setting
Enforce password history 24 passwords remembered
Maximum password age 180 days
Minimum password age 2 days
Minimum password length 8 characters
Password must meet complexity requirements Enabled
Store passwords using reversible encryption Disabled
Account Policies/Account Lockout Policy
Policy Setting
Account lockout threshold 0 invalid logon attempts
Account Policies/Kerberos Policy
Policy Setting
Enforce user logon restrictions Enabled
Maximum lifetime for service ticket 600 minutes
Maximum lifetime for user ticket 10 hours
Maximum lifetime for user ticket renewal 7 days
Maximum tolerance for computer clock synchronization 5 minutes
Local Policies/Security Options
Network Access
Policy Setting
Network access: Allow anonymous SID/Name translation Disabled
Network Security
Policy Setting
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Public Key Policies/Encrypting File System
Certificates
Issued ToIssued By Expiration Date Intended Purposes
AdministratorAdministrator 5/28/2012 6:24:39 PMFile Recovery

For additional information about individual settings, launch Group Policy Object Editor.
Public Key Policies/Trusted Root Certification Authorities
Properties
Policy Setting
Allow users to select new root certification authorities (CAs) to trust Enabled
Client computers can trust the following certificate stores Third-Party Root Certification Authorities and Enterprise Root Certification Authorities
To perform certificate-based authentication of users and computers, CAs must meet the following criteria Registered in Active Directory only
User Configuration (Enabled)
No settings defined.