Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
_OE-B-Office16Up
Data collected on: 04.10.2021 14:30:50
General
Details
Domainkit.edu
OwnerKIT\Domain Admins
Created28.09.2021 13:41:16
Modified28.09.2021 13:41:18
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{F2AB0E72-A56E-458E-BFF4-98A05C793277}
GPO StatusComputer settings disabled
Links
LocationEnforcedLink StatusPath
BSI-TestNoEnabledkit.edu/KIT/Staff/SCC/Betrieb/CMK/Rechnerkonten/BSI-Test

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
KIT\Domain AdminsEdit settings, delete, modify securityNo
KIT\Domain ComputersReadNo
KIT\Enterprise AdminsEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
gp-Pack: Privacy and Telemetry/Office 2016/2019 und 365
PolicySettingComment
Das Fenster Microsoft - Ihre Datenschutzoptionen beim ersten Start ausblendenEnabled
Telemetrie Sammeldienst deaktivierenEnabled
Willkommen bei Microsoft Office - Standarddateitypen AuswahlEnabled
Microsoft Access 2016/Application Settings/Security/Trust Center
PolicySettingComment
Disable Trust Bar Notification for unsigned application add-ins and block themEnabledMSSCT
VBA Macro Notification SettingsEnabledMSSCT
Disable all except digitally signed macros
Require macros to be signed by a trusted publisher 
Block certificates from trusted publishers that are only installed in the current user certificate store 
Require Extended Key Usage (EKU) for certificates from trusted publishers 
Microsoft Access 2016/Application Settings/Security/Trust Center/Trusted Locations
PolicySettingComment
Allow Trusted Locations on the networkDisabledMSSCT
Microsoft Excel 2016/Data Recovery
PolicySettingComment
Do not show data extraction options when opening corrupt workbooksEnabledCIS
Microsoft Excel 2016/Excel Options/Advanced
PolicySettingComment
Ask to update automatic linksEnabledCIS
Microsoft Excel 2016/Excel Options/Advanced/Web Options.../General
PolicySettingComment
Load pictures from Web pages not created in ExcelDisabledCIS
Microsoft Excel 2016/Excel Options/Proofing/Autocorrect Options
PolicySettingComment
Internet and network paths as hyperlinksNot Configuredgp-pack
Microsoft Excel 2016/Excel Options/Save
PolicySettingComment
AutoRecover timeEnabledgp-pack
Save AutoRecover info every (minutes):5
PolicySettingComment
Default file formatEnabledCIS
Save Excel files asExcel Workbook (*.xlsx)
PolicySettingComment
Disable AutoRepublishEnabledCIS
Do not show AutoRepublish warning alertDisabledCIS
Microsoft Excel 2016/Excel Options/Security
PolicySettingComment
Force file extension to match file typeEnabledCIS
Always match file type
PolicySettingComment
Scan encrypted macros in Excel Open XML workbooksEnabledCIS
Scan encrypted macros (default)
PolicySettingComment
Turn off file validationDisabledCIS
WEBSERVICE Function Notification SettingsEnabledMSSCT
Disable all with notification
Microsoft Excel 2016/Excel Options/Security/Trust Center
PolicySettingComment
Block macros from running in Office files from the InternetEnabledMSSCT
Disable Trust Bar Notification for unsigned application add-ins and block themDisabledgp-pack
Macro Notification SettingsEnabledCIS
Disable VBA macros with notification
Enable Excel 4.0 macros when VBA macros are enabled 
Require macros to be signed by a trusted publisher 
Block certificates from trusted publishers that are only installed in the current user certificate store 
Require Extended Key Usage (EKU) for certificates from trusted publishers 
PolicySettingComment
Require that application add-ins are signed by Trusted PublisherEnabledCIS
Store macro in Personal Macro Workbook by defaultNot Configuredgp-pack
Trust access to Visual Basic ProjectDisabledCIS
Turn off trusted documentsEnabledCIS
Turn off Trusted Documents on the networkDisabledgp-pack
Microsoft Excel 2016/Excel Options/Security/Trust Center/File Block Settings
PolicySettingComment
dBase III / IV filesEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Dif and Sylk filesEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Excel 2 macrosheets and add-in filesEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Excel 2 worksheetsEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Excel 3 macrosheets and add-in filesEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Excel 3 worksheetsEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Excel 4 macrosheets and add-in filesEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Excel 4 workbooksEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Excel 4 worksheetsEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Excel 95 workbooksNot Configuredgp-pack, PersonalOffice
Excel 95-97 workbooks and templatesEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Set default file block behaviorEnabledCIS
Blocked files are not opened
PolicySettingComment
Web pages and Excel 2003 XML spreadsheetsEnabledCIS
File block setting:Open/Save blocked, use open policy
Microsoft Excel 2016/Excel Options/Security/Trust Center/Protected View
PolicySettingComment
Do not open files from the Internet zone in Protected ViewDisabledCIS
Do not open files in unsafe locations in Protected ViewDisabledCIS
Set document behavior if file validation failsEnabledCIS
Open in Protected View
Checked: Allow edit. Unchecked: Do not allow edit.Disabled
PolicySettingComment
Turn off Protected View for attachments opened from OutlookDisabledCIS
Microsoft Excel 2016/Excel Options/Security/Trust Center/Trusted Locations
PolicySettingComment
Allow Trusted Locations on the networkEnabledgp-pack
Disable all trusted locationsDisabledgp-pack
Trusted Location #1Enabledgp-pack
Path:%ProgramFiles(x86)%\Microsoft Office\Office16\XLSTART\
Date:
Description:
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #2Enabledgp-pack
Path:%APPDATA%\Microsoft\Excel\XLSTART
Date:
Description:
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #3Enabledgp-pack
Path:%APPDATA%\Microsoft\Templates
Date:
Description:
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #4Enabledgp-pack
Path:%ProgramFiles(x86)%\Microsoft Office\Templates
Date:
Description:
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #5Enabledgp-pack
Path:%ProgramFiles(x86)%\Microsoft Office\Office16\STARTUP
Date:
Description:
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #6Enabledgp-pack
Path:%ProgramFiles(x86)%\Microsoft Office\Office16\Library
Date:
Description:
Allow sub folders:Disabled
Microsoft Excel 2016/Miscellaneous
PolicySettingComment
Do not cache network files locallyDisabledgp-pack
Microsoft Excel 2016/Miscellaneous/Server Settings
PolicySettingComment
Turn off file synchronization via SOAP over HTTPEnabledgp-pack
Sharepoint
Microsoft Office 2016/Document Information Panel
PolicySettingComment
Document Information Panel Beaconing UIEnabledCIS
Always show UI
Microsoft Office 2016/First Run
PolicySettingComment
Disable First Run MovieEnabledgp-pack
Disable Office First Run on application bootEnabledgp-pack
Microsoft Office 2016/Global Options/Customize
PolicySettingComment
Allow roaming of all user customizationsEnabledgp-pack
Disable UI extending from documents and templatesEnabledMSSCT
Disallow in WordEnabled
Disallow in ExcelEnabled
Disallow in PowerPointEnabled
Disallow in AccessEnabled
Disallow in OutlookEnabled
Disallow in PublisherEnabled
Disallow in ProjectDisabled
Disallow in VisioDisabled
Disallow in InfoPathEnabled
Microsoft Office 2016/Global Options/Customize/Shared Workspace
PolicySettingComment
Automatic DiscoveryDisabledgp-pack
Disable user from setting personal site as default locationNot Configuredgp-pack
Microsoft Office 2016/Help
PolicySettingComment
Federated search for helpDisabledgp-pack
Microsoft Office 2016/Improved Error Reporting
PolicySettingComment
Stop reporting error messagesEnabledgp-pack
Stop reporting non-critical errorsEnabledgp-pack
Microsoft Office 2016/Language Preferences/Display Language
PolicySettingComment
Change or delete link to language pack download siteDisabledgp-pack
Change or delete link to the proofing tools download siteDisabledgp-pack
Microsoft Office 2016/Language Preferences/Editing Languages
PolicySettingComment
Primary Editing LanguageEnabledgp-pack
Primary Editing LanguageGerman (Germany)
Microsoft Office 2016/Language Preferences/Editing Languages/Enabled Editing Languages
PolicySettingComment
English (U.K.)Not Configuredgp-pack
English (U.S.)Not Configuredgp-pack
Microsoft Office 2016/Manage Restricted Permissions
PolicySettingComment
Allow users with earlier versions of Office to read with browsers...EnabledCIS
Always expand groups in Office when restricting permission for documentsEnabledCIS
Always require users to connect to verify permissionEnabledCIS
Never allow users to specify groups when restricting permission for documentsEnabledCIS
Prevent users from changing permissions on rights managed contentEnabledCIS
Microsoft Office 2016/Miscellaneous
PolicySettingComment
Block signing into OfficeEnabledgp-pack
KEINE ANMELDUNG AN O365 FÜR DIE LIZENZ MÖGLICH!!
Für 2FA müssen BEIDE! zulässig sein, bei "Nur OrgID" erscheint ein Fehler beim Start von Outlook (Feature vom Administrator deaktiviert)
https://technet.microsoft.com/de-de/library/jj715259.aspx
Block signing into OfficeNone allowed
PolicySettingComment
Control BloggingNot Configuredgp-pack
Show OneDrive Sign InDisabledCIS
Suppress recommended settings dialogEnabledgp-pack
Microsoft Office 2016/Office 2016 Converters
PolicySettingComment
Block opening of pre-release versions of file formats new to Excel 2016 through the Compatibility Pack for Office 2016 and Excel 2016 ConverterNot Configuredgp-pack
Block opening of pre-release versions of file formats new to PowerPoint 2016 through the Compatibility Pack for Office 2016 and PowerPoint 2016 ConverterNot Configuredgp-pack
Microsoft Office 2016/Privacy/Trust Center
PolicySettingComment
Allow users to include screenshots and attachments when they submit feedback to MicrosoftDisabledCIS
Allow users to submit feedback to MicrosoftDisabledCIS
Automatically receive small updates to improve reliabilityDisabledCIS
Configure the level of client software diagnostic data sent by Office to MicrosoftEnabledgp-pack
Type of diagnostic data:Neither
PolicySettingComment
Disable Opt-in Wizard on first runEnabledCIS
Enable Customer Experience Improvement ProgramDisabledCIS
Send personal informationDisabledCIS
Microsoft Office 2016/Security Settings
PolicySettingComment
ActiveX Control InitializationDisabledCIS
Automation SecurityEnabledCIS
Set the Automation Security levelMacros enabled (default)
PolicySettingComment
Disable all Trust Bar notifications for security issuesDisabledCIS
Disable password to open UIDisabledCIS
Encryption type for password protected Office 97-2003 filesEnabledCIS
Encryption type:AES Cryptographic Provider, AES-128, 128-bit
PolicySettingComment
Encryption type for password protected Office Open XML filesEnabledCIS
Encryption type:AES Cryptographic Provider, AES-128, 128-bit
PolicySettingComment
Load Controls in Forms3DisabledCIS
Protect document metadata for password protected filesEnabledCIS
Protect document metadata for rights managed Office Open XML FilesEnabledCIS
Set password rules levelEnabledgp-pack
Local length and complexity checks
PolicySettingComment
Suppress hyperlink warningsEnabledCIS
Microsoft Office 2016/Security Settings/Trust Center
PolicySettingComment
Allow mix of policy and user locationsDisabledCIS
Microsoft Office 2016/Security Settings/Trust Center/Trusted Catalogs
PolicySettingComment
Allow Unsecure web add-ins and CatalogsDisabledCIS
Block the Office StoreEnabledCIS
Block Web Add-insEnabledCIS
Microsoft Office 2016/Server Settings
PolicySettingComment
Allow file synchronization via SOAP over HTTP only on domain networksEnabledgp-pack
Disable the Office client from polling the SharePoint Server for published linksEnabledCIS
Disable the user from setting the Personal Site URLEnabledgp-pack
Microsoft Office 2016/Services/Fax
PolicySettingComment
Disable Internet Fax featureDisabledCIS
Microsoft Office 2016/Signing
PolicySettingComment
Legacy format signaturesDisabledCIS
Suppress external signature services menu itemEnabledCIS
Microsoft Office 2016/Smart Documents (Word, Excel)
PolicySettingComment
Disable Smart Document's use of manifestsEnabledCIS
Microsoft Office 2016/Subscription Activation
PolicySettingComment
Automatically activate Office with federated organization credentialsDisabledCIS
Microsoft Office 2016/Tools | Options | General | Service Options.../Online Content
PolicySettingComment
Online Content OptionsEnabledCIS
Online content optionsDo not allow Office to connect to the Internet
PolicySettingComment
Service Level OptionsEnabledCIS
Service Level OptionsOffice services only
Microsoft Office 2016/Tools | Options | General | Web Options...
PolicySettingComment
Disable web templates in File | New and on the Office Start screenEnabledgp-pack
Hide all Office-provided templates on the Office Start screen and in File | NewEnabledgp-pack
Microsoft Office 2016/Tools | Options | General | Web Options.../Browsers
PolicySettingComment
Allow PNG as an output formatNot Configuredgp-pack
Microsoft Office 2016/Tools | Options | General | Web Options.../Files
PolicySettingComment
Check if Office is the default editor for Web pages created in OfficeDisabledgp-pack
Open Office document directly in Office applicationEnabledgp-pack
Open Office documents as read/write while browsingDisabledCIS
Microsoft Office 2016/Tools | Options | Spelling/Proofing Data Collection
PolicySettingComment
Improve Proofing ToolsDisabledCIS
Microsoft OneNote 2016/OneNote Options/Editing
PolicySettingComment
Include link to source when pasting from the InternetEnabledgp-pack
Microsoft Outlook 2016/Account Settings/Exchange
PolicySettingComment
Authentication with Exchange ServerEnabledCIS
Select the authentication with Exchange server.Kerberos/NTLM Password Authentication
PolicySettingComment
Automatically configure profile based on Active Directory Primary SMTP addressEnabled
Do not allow users to change permissions on foldersNot Configuredgp-pack
Enable RPC encryptionEnabledCIS
Microsoft Outlook 2016/Account Settings/Exchange/Cached Exchange Mode
PolicySettingComment
Download shared non-mail foldersDisabledgp-pack
Microsoft Outlook 2016/Account Settings/Internet Calendars
PolicySettingComment
Automatically download attachmentsDisabledgp-pack
Default Internet Calendar subscriptionsNot Configuredgp-pack
Disable roaming of Internet CalendarsEnabledgp-pack
Do not include Internet Calendar integration in OutlookEnabledCIS
Microsoft Outlook 2016/Account Settings/RSS Feeds
PolicySettingComment
Automatically download enclosuresEnabledgp-pack
Default RSS FeedsNot Configuredgp-pack
Download full text of articles as HTML attachmentsDisabledCIS
Synchronize Outlook RSS Feeds with Common Feed ListDisabledCIS
Turn off RSS featureEnabledCIS
Microsoft Outlook 2016/Account Settings/SharePoint Lists
PolicySettingComment
Default SharePoint listsDisabledgp-pack
Microsoft Outlook 2016/Meeting Workspace
PolicySettingComment
Disable user entries to server listEnabledgp-pack
Check to disable users from adding entries to server listPublish default, disallow others
Microsoft Outlook 2016/Miscellaneous/PST Settings
PolicySettingComment
PST Null Data on DeleteEnabledCIS
Microsoft Outlook 2016/Outlook Options
PolicySettingComment
Internet and network paths into hyperlinksNot Configuredgp-pack
Microsoft Outlook 2016/Outlook Options/Delegates
PolicySettingComment
Disable shared mail folder cachingEnabledgp-pack
Store deleted items in owner's mailbox instead of delegate's mailboxEnabledgp-pack
Microsoft Outlook 2016/Outlook Options/Mail Format
PolicySettingComment
Do not allow signatures for e-mail messagesNot Configuredgp-pack
Microsoft Outlook 2016/Outlook Options/Mail Format/Internet Formatting
PolicySettingComment
Outlook Rich Text optionsNot Configuredgp-pack
Plain text optionsNot Configuredgp-pack
Microsoft Outlook 2016/Outlook Options/Other
PolicySettingComment
Make Outlook the default program for E-mail, Contacts, and CalendarEnabledCIS
Microsoft Outlook 2016/Outlook Options/Other/Advanced
PolicySettingComment
Do not allow folders in non-default stores to be set as folder home pagesEnabledCIS
Do not allow Outlook object model scripts to run for public foldersEnabledCIS
Do not allow Outlook object model scripts to run for shared foldersEnabledCIS
Use Unicode format when dragging e-mail message to file systemDisabledCIS
Microsoft Outlook 2016/Outlook Options/Out of Office Assistant
PolicySettingComment
Polling Out-of-office Web serviceDisabledgp-pack
Microsoft Outlook 2016/Outlook Options/Preferences/Calendar Options
PolicySettingComment
Calendar week numbersEnabledgp-pack
Disable Weather BarEnabledgp-pack
Microsoft Outlook 2016/Outlook Options/Preferences/Calendar Options/Office.com Sharing Service
PolicySettingComment
Access to published calendarsDisabledCIS
Path to DAV serverDisabledgp-pack
Prevent publishing to a DAV serverEnabledCIS
Prevent publishing to Office.comEnabledCIS
Restrict level of calendar details users can publishEnabledCIS
Disables 'Full details' and 'Limited details'
PolicySettingComment
Restrict upload methodEnabledCIS
Microsoft Outlook 2016/Outlook Options/Preferences/E-mail Options
PolicySettingComment
Do not allow attachment previewing in OutlookEnabledgp-pack
Message handlingEnabledgp-pack
After moving or deleting an open item:Open the previous item
Close original message when reply or forwardDisabled
Save copies of messages in Sent Items folderEnabled
Autosave unsent every xx minutes (0=No AutoSave):3
Automatically clean up plain text messagesDisabled
PolicySettingComment
Read e-mail as plain textNot Configuredgp-pack
Read signed e-mail as plain textNot Configuredgp-pack
Microsoft Outlook 2016/Outlook Options/Preferences/Junk E-mail
PolicySettingComment
Add e-mail recipients to users' Safe Senders ListsDisabledCIS
Hide Junk Mail UIDisabledCIS
Junk E-mail protection levelEnabledCIS
Select level:High
PolicySettingComment
Overwrite or Append Junk Mail Import ListDisabledgp-pack
Trust e-mail from contactsEnabledCIS
Microsoft Outlook 2016/Outlook Social Connector
PolicySettingComment
Do not download photos from Active DirectoryNot Configuredgp-pack
Turn off Outlook Social ConnectorEnabledCIS
Microsoft Outlook 2016/Security
PolicySettingComment
Allow Active X One Off FormsEnabledCIS
Sets which ActiveX controls to allow.
Load only Outlook Controls
PolicySettingComment
Configure Add-In Trust LevelEnabledCIS
Select Add-In Trust Level:
Trust all loaded and installed COM addins
PolicySettingComment
Disable 'Remember password' for Internet e-mail accountsNot Configuredgp-pack
Do not automatically sign repliesEnabledCIS
Prevent users from customizing attachment security settingsEnabledCIS
Prompt user to choose security settings if default settings failDisabledCIS
Use Protected View for attachments received from internal sendersEnabledgp-pack
Microsoft Outlook 2016/Security/Automatic Picture Download Settings
PolicySettingComment
Automatically download content for e-mail from people in Safe Senders and Safe Recipients ListsDisabledCIS
Block Trusted ZonesEnabledCIS
Display pictures and external content in HTML e-mailEnabledCIS
Do not permit download of content from safe zonesDisabledCIS
Include Internet in Safe Zones for Automatic Picture DownloadDisabledMSSCT
Microsoft Outlook 2016/Security/Cryptography
PolicySettingComment
Do not display 'Publish to GAL' buttonEnabledCIS
Do not provide Continue option on Encryption warning dialog boxesEnabledCIS
Message FormatsEnabledCIS
Support the following message formats:S/MIME and Fortezza
PolicySettingComment
Minimum encryption settingsEnabledCIS
Minimum key size (in bits):168
PolicySettingComment
S/MIME interoperability with external clients:Enabledgp-pack
Behavior for handling S/MIME messages:Handle if possible
PolicySettingComment
S/MIME receipt requests behaviorEnabledCIS
Handle messages with S/MIME receipt requests in the following manner:Never send S/MIME receipts
PolicySettingComment
Send all signed messages as clear signed messagesEnabledCIS
Signature WarningEnabledCIS
Signature WarningAlways warn about invalid signatures
Microsoft Outlook 2016/Security/Cryptography/Signature Status dialog box
PolicySettingComment
Attachment Secure Temporary FolderDisabledCIS
Missing CRLsEnabledCIS
Indicate a missing CRL as a(n):Error
PolicySettingComment
Missing root certificatesEnabledCIS
Indicate a missing root certificate as a(n):Warning
PolicySettingComment
Promote Level 2 errors as errors, not warningsDisabledCIS
Retrieving CRLs (Certificate Revocation Lists)EnabledCIS
When online always retreive the CRL
Microsoft Outlook 2016/Security/Security Form Settings
PolicySettingComment
Outlook Security ModeEnabledgp-pack
Outlook Security Policy:Use Outlook Security Group Policy
Microsoft Outlook 2016/Security/Security Form Settings/Attachment Security
PolicySettingComment
Allow users to demote attachments to Level 2DisabledCIS
Display Level 1 attachmentsDisabledCIS
Do not prompt about Level 1 attachments when closing an itemDisabledCIS
Do not prompt about Level 1 attachments when sending an itemDisabledCIS
Remove file extensions blocked as Level 1DisabledCIS
Remove file extensions blocked as Level 2DisabledCIS
Microsoft Outlook 2016/Security/Security Form Settings/Custom Form Security
PolicySettingComment
Allow scripts in one-off Outlook formsDisabledCIS
Set Outlook object model custom actions execution promptEnabledCIS
When executing a custom action:Automatically Deny
Microsoft Outlook 2016/Security/Security Form Settings/Programmatic Security
PolicySettingComment
Configure Outlook object model prompt when accessing an address bookEnabledCIS
Guard behavior:Automatically Deny
PolicySettingComment
Configure Outlook object model prompt When accessing the Formula property of a UserProperty objectEnabledCIS
Guard behavior:Automatically Deny
PolicySettingComment
Configure Outlook object model prompt when executing Save AsEnabledCIS
Guard behavior:Prompt user based on computer security
PolicySettingComment
Configure Outlook object model prompt when reading address informationEnabledCIS
Guard behavior:Automatically Deny
PolicySettingComment
Configure Outlook object model prompt when responding to meeting and task requestsEnabledCIS
Guard behavior:Automatically Deny
PolicySettingComment
Configure Outlook object model prompt when sending mailEnabledCIS
Guard behavior:Automatically Deny
Microsoft Outlook 2016/Security/Security Form Settings/Programmatic Security/Trusted Add-ins
PolicySettingComment
Configure trusted add-insDisabledCIS
Microsoft Outlook 2016/Security/Trust Center
PolicySettingComment
Allow hyperlinks in suspected phishing e-mail messagesDisabledCIS
Apply macro security settings to macros, add-ins and additional actionsNot Configuredgp-pack
Security setting for macrosEnabledCIS
Security LevelAlways warn
Microsoft PowerPoint 2016/Miscellaneous
PolicySettingComment
Disable Slide UpdateEnabledCIS
Microsoft PowerPoint 2016/Miscellaneous/Server Settings
PolicySettingComment
Turn off file synchronization via SOAP over HTTPEnabledgp-pack
Microsoft PowerPoint 2016/PowerPoint Options/Advanced
PolicySettingComment
Print in background Enabledgp-pack
Microsoft PowerPoint 2016/PowerPoint Options/Save
PolicySettingComment
Default file formatEnabledCIS
Save PowerPoint files asPowerPoint Presentation (*.pptx)
PolicySettingComment
Save AutoRecover infoEnabledgp-pack
Enable save AutoRecover infoEnabled
AutoRecover save frequency (minutes):5
AutoRecover save location%USERPROFILE%\Application Data\Microsoft\PowerPoint
Microsoft PowerPoint 2016/PowerPoint Options/Security
PolicySettingComment
Make hidden markup visibleEnabledCIS
Run ProgramsEnabledCIS
enable (prompt user before running)
PolicySettingComment
Scan encrypted macros in PowerPoint Open XML presentationsEnabledCIS
Scan encrypted macros (default)
PolicySettingComment
Turn off file validationDisabledCIS
Unblock automatic download of linked imagesDisabledCIS
Microsoft PowerPoint 2016/PowerPoint Options/Security/Trust Center
PolicySettingComment
Block macros from running in Office files from the InternetEnabledMSSCT
Disable Trust Bar Notification for unsigned application add-ins and block themDisabledgp-pack
Require that application add-ins are signed by Trusted PublisherEnabledCIS
Trust access to Visual Basic ProjectDisabledCIS
Turn off trusted documentsEnabledCIS
Turn off Trusted Documents on the networkDisabledgp-pack
VBA Macro Notification SettingsEnabledCIS
Disable all with notification
Require macros to be signed by a trusted publisher 
Block certificates from trusted publishers that are only installed in the current user certificate store 
Require Extended Key Usage (EKU) for certificates from trusted publishers 
Microsoft PowerPoint 2016/PowerPoint Options/Security/Trust Center/File Block Settings
PolicySettingComment
PowerPoint beta convertersNot ConfiguredMSSCT
Set default file block behaviorEnabledCIS
Blocked files are not opened
Microsoft PowerPoint 2016/PowerPoint Options/Security/Trust Center/Protected View
PolicySettingComment
Do not open files from the Internet zone in Protected ViewDisabledCIS
Do not open files in unsafe locations in Protected ViewDisabledCIS
Set document behavior if file validation failsEnabledgp-pack
Open in Protected View
Checked: Allow edit. Unchecked: Do not allow edit.Enabled
PolicySettingComment
Turn off Protected View for attachments opened from OutlookDisabledCIS
Microsoft PowerPoint 2016/PowerPoint Options/Security/Trust Center/Trusted Locations
PolicySettingComment
Allow Trusted Locations on the networkEnabledgp-pack
Disable all trusted locationsDisabledgp-pack
Trusted Location #1Enabledgp-pack
Path:%APPDATA%\Microsoft\Templates
Date:
Description:
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #2Enabledgp-pack
Path:%ProgramFiles(x86)%\Microsoft Office\Templates
Date:
Description:
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #3Enabled
Path:%APPDATA%\Microsoft\Addins
Date:
Description:
Allow sub folders:Disabled
PolicySettingComment
Trusted Location #4Enabledgp-pack
Path:%ProgramFiles(x86)%\Microsoft Office\Document Themes 16
Date:
Description:
Allow sub folders:Disabled
Microsoft Project 2016/Project Options/Security/Trust Center
PolicySettingComment
Allow Trusted Locations on the networkDisabledMSSCT
Disable Trust Bar Notification for unsigned application add-ins and block themEnabledMSSCT
VBA Macro Notification SettingsEnabledMSSCT
Disable all except digitally signed macros
Microsoft Publisher 2016/Security
PolicySettingComment
Publisher Automation Security LevelEnabledMSSCT
By UI (prompted)
Microsoft Publisher 2016/Security/Trust Center
PolicySettingComment
Disable Trust Bar Notification for unsigned application add-insEnabledMSSCT
VBA Macro Notification SettingsEnabledMSSCT
Disable all except digitally signed macros
Require macros to be signed by a trusted publisher 
Block certificates from trusted publishers that are only installed in the current user certificate store 
Require Extended Key Usage (EKU) for certificates from trusted publishers 
Microsoft Visio 2016/Visio Options/Security/Trust Center
PolicySettingComment
Allow Trusted Locations on the networkDisabledMSSCT
Block macros from running in Office files from the InternetEnabledMSSCT
Disable Trust Bar Notification for unsigned application add-ins and block themEnabledMSSCT
VBA Macro Notification SettingsEnabledMSSCT
Disable all except digitally signed macros
Require macros to be signed by a trusted publisher 
Block certificates from trusted publishers that are only installed in the current user certificate store 
Require Extended Key Usage (EKU) for certificates from trusted publishers 
Microsoft Word 2016/Miscellaneous/Server Settings
PolicySettingComment
Turn off file synchronization via SOAP over HTTPEnabledgp-pack
Microsoft Word 2016/Review Tab/Language | Set Proofing Language...
PolicySettingComment
Detect language automaticallyDisabledgp-pack
Microsoft Word 2016/Word Options/Advanced
PolicySettingComment
Allow background savesEnabledgp-pack
Print in backgroundEnabledgp-pack
Use CTRL + Click to follow hyperlinkEnabledgp-pack
Microsoft Word 2016/Word Options/Display
PolicySettingComment
Update fields before printingEnabledgp-pack
Update linked data before printingEnabledgp-pack
Microsoft Word 2016/Word Options/General
PolicySettingComment
Open e-mail attachments in Reading ViewDisabledgp-pack
Microsoft Word 2016/Word Options/Save
PolicySettingComment
Default file formatEnabledgp-pack
Save Word files asWord Document (*.docx)
PolicySettingComment
Save AutoRecover infoEnabledgp-pack
Save AutoRecover info every (minutes)5
Microsoft Word 2016/Word Options/Security
PolicySettingComment
Make hidden markup visibleEnabledCIS
Turn off file validationDisabledCIS
Warn before printing, saving or sending a file that contains tracked changes or commentsEnabledCIS
Microsoft Word 2016/Word Options/Security/Trust Center
PolicySettingComment
Block macros from running in Office files from the InternetEnabledMSSCT
Disable Trust Bar Notification for unsigned application add-ins and block themDisabledgp-pack
Require that application add-ins are signed by Trusted PublisherEnabledCIS
Scan encrypted macros in Word Open XML documentsEnabledCIS
Scan encrypted macros (default)
PolicySettingComment
Trust access to Visual Basic ProjectDisabledCIS
Turn off trusted documentsEnabledCIS
Turn off Trusted Documents on the networkDisabledgp-pack
VBA Macro Notification SettingsEnabledCIS
Disable all with notification
Require macros to be signed by a trusted publisher 
Block certificates from trusted publishers that are only installed in the current user certificate store 
Require Extended Key Usage (EKU) for certificates from trusted publishers 
Microsoft Word 2016/Word Options/Security/Trust Center/File Block Settings
PolicySettingComment
Set default file block behaviorEnabledgp-pack
Blocked files are not opened
PolicySettingComment
Word 2 and earlier binary documents and templatesEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment
Word 6.0 binary documents and templatesEnabledCIS
File block setting:Open/Save blocked, use open policy
PolicySettingComment