Windows 10: Group Policy Lockdown: Install Root Certificate

Discus and support Group Policy Lockdown: Install Root Certificate in AntiVirus, Firewalls and System Security to solve the problem; Hello,I am looking to implement a mitigation recommendation from MITRE outlined on the following page:https://attack.mitre.org/techniques/T1553/004/The... Discussion in 'AntiVirus, Firewalls and System Security' started by elothian, May 6, 2021.

  1. ELOTHIAN
    elothian Win User

    Group Policy Lockdown: Install Root Certificate


    Hello,I am looking to implement a mitigation recommendation from MITRE outlined on the following page:https://attack.mitre.org/techniques/T1553/004/The recommendation is to prevent users from installing their own root certificate with non-admin privileges through a change in group policy. The change outlined is as follows:Windows Group Policy can be used to manage root certificates and theFlagsvalue ofHKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\ProtectedRootscan be set to 1 to prevent non-administrator users from making further root installations into their own HKCU certificat

    :)
     
    elothian, May 6, 2021
    #1
  2. ZAGT
    ZAGT Win User

    Win store do not allow to import root certificate

    Dear All,

    could you please tell me, when and what
    was change in Windows policy for importing root certificates in Windows store.

    This is quite new, let's say is it appearing approximately 2 months.

    What in group policy need to be change, that usual user could import root certificate in Win store?

    ( Mozilla Store it imported without the problem, If we run IE as admin, we can imported root certificate manually)

    We would like to have simply advise how our customer could import root certificate
    automatically and not manually as admin?
     
    ZAGT, May 6, 2021
    #2
  3. ALLAN MEJ
    Allan Mej Win User
    GROUP POLICIES IN WINDOWS 10

    You can change Group Policies by opening Group Policy Editor first. You can open it by following these steps:

    • Log in an administrator account. If you are already logged in as an administrator, proceed to step 2.
    • Press Windows + R to open Run.
    • Type gpedit.msc and press Enter.

    After opening Group Policy Editor, you can now make the necessary changes that you want.

    Should you have more concerns, feel free to post.

    Regards.
     
    Allan Mej, May 6, 2021
    #3
  4. JOHNAPPLEGATEVV
    johnapplegateVV Win User

    Group Policy Lockdown: Install Root Certificate

    GROUP POLICIES IN WINDOWS 10

    Just what i needed thank you.
     
    johnapplegateVV, May 6, 2021
    #4
Thema:

Group Policy Lockdown: Install Root Certificate

Loading...

  1. Group Policy Lockdown: Install Root Certificate - Similar Threads - Group Policy Lockdown

  2. group policy

    in Windows 10 Gaming
    group policy: Not run edit group policy.msc https://answers.microsoft.com/en-us/windows/forum/all/group-policy/ebcb26df-8243-4a75-ba90-bf27ce8c3b90

  3. group policy

    in Windows 10 Software and Apps
    group policy: Not run edit group policy.msc https://answers.microsoft.com/en-us/windows/forum/all/group-policy/ebcb26df-8243-4a75-ba90-bf27ce8c3b90

  4. Group policy

    in Windows 10 Customization
    Group policy: Event viewer error.Current job count for user KEN\kenst 60 is equal to or greater than job limit 50 specified through group policy.Increase per user, per computer through group policy.Tried search on internet, but no help.Can anyone tell me how to do this, simply, please?...

  5. Server Root Certificate?

    in AntiVirus, Firewalls and System Security
    Server Root Certificate?: Hello,I have had serious network issues in my home. Former neighbor installed Pineapple in wall before he left. Anyways, I have a HP Omen running windows 10 Pro. It appears somebody has access to the PC by way of remote connection. PC acts as a server. I noticed a “Root...

  6. Installation is blocked by group policy

    in Windows 10 Drivers and Hardware
    Installation is blocked by group policy: Hello everyone! I've plugged in a Keyboard to my computer and found out that it wasn't working properly, none of the keys were reacting when I pressed them. When I went to Settings - Devices, I've found out that under the keyboard there was a message saying "Installation is...

  7. Installation is blocked by Group Policy

    in Windows 10 BSOD Crashes and Debugging
    Installation is blocked by Group Policy: Recently I buyed new keyboard, but when I connect it to my PC, it doesn´t respond. I looked to settings>devices, where it writes: Installation is blocked by Group Policy....

  8. Group Policy

    in Windows 10 Customization
    Group Policy: Hello, I am trying to update/alter a group policy for my work network (20,000 endpoints) remotely through a distribution platform (BigFix). When I have tried to change GP through the registry it gets overwritten. What would be the easiest way to change GP on all endpoints...

  9. Enroll certificates via InTune > Group Policy overrides MDM

    in Windows 10 Customization
    Enroll certificates via InTune > Group Policy overrides MDM: Hello, We want to deploy User Certificates via Intune. Our certification authority is active, the template is ready for issuing and a profile configuration is created. But the enrolment failed. The error in Intune is "Group Policy overrides MDM". The computer is not...

  10. Group Policy

    in Windows 10 Support
    Group Policy: Hello. I have just had a virus that disabled My Firewall through Group edit. Problem is, I don't have group edit. With the store being broken, its bad. Any suggestions. 43965