Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
MDNT-Hardening-Disable-PowerShellV2
Data collected on: 7/23/2025 10:17:57 PM
General
Details
Domainnorent.local
OwnerNORENT\Jimmy
Created7/21/2025 11:44:20 PM
Modified7/21/2025 11:55:44 PM
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions5 (AD), 5 (SYSVOL)
Unique ID{77b3246d-becb-4f09-98f8-6e9a160d6267}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
None

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
NORENT\Domain AdminsEdit settings, delete, modify securityNo
NORENT\Enterprise AdminsEdit settings, delete, modify securityNo
NORENT\JimmyEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Preferences
Control Panel Settings
Scheduled Tasks
Immediate Task (At least Windows 7) (Name: Disable-PowerShellv2)
Disable-PowerShellv2 (Order: 1)
General
Task
Name Disable-PowerShellv2
Author CONTOSO\administrator
Description Created by Mandiant.
Run only when user is logged on S4U
UserId NT AUTHORITY\System
Run with highest privileges HighestAvailable
Hidden No
Configure for 1.2
Enabled Yes
Actions
1. Start a program
Program/script powershell.exe
Arguments powershell -ExecutionPolicy Bypass -Command Disable-WindowsOptionalFeature -Online -FeatureName MicrosoftWindowsPowerShellV2
Settings
Stop if the computer ceases to be idle No
Restart if the idle state resumes No
Start the task only if the computer is on AC power No
Stop if the computer switches to battery power No
Allow task to be run on demand Yes
Run task as soon as possible after a scheduled start is missed Yes
Stop task if it runs longer than Immediately
If the running task does not end when requested, force it to stop No
If the task is not scheduled to run again, delete it after Immediately
If the task is already running, then the following rule applies IgnoreNew
Common
Options
Stop processing items on this extension if an error occurs on this itemNo
Remove this item when it is no longer appliedNo
Apply once and do not reapplyYes
User Configuration (Enabled)
No settings defined.