Implementing 5 services using AD group policy (GPO) at DHL Sharad

Services
Table of Contents

Table of Contents
1.........................................................................................................................Project Definition
......................................................................................................................................1

1.1 Objective.........................................................................................................................1

1.2 Overall objective.............................................................................................................1

1.3 Proposed approach and method.....................................................................................1

2.................................................................................................................2.0 Literature Review

......................................................................................................................................2

Introduction....................................................................................................................2

2.1 Implementing global proxy for all machines....................................................................3

2.2 Software blacklisting........................................................................................................5

2.3 Implementing screen saver............................................................................................11

2.4 Implementing Wallpaper...............................................................................................17

2.5 Firefox policy implementation.......................................................................................18

3............................................................................................................................4.1 Project plan

....................................................................................................................................28

4...................................................................................................................................References
....................................................................................................................................29

1
 Project Definition
Objective
i. Management and troubleshoot Group Policy inheritance
ii. Deployment and management of software by the use of Group policy
iii. Create and manage Group Policy objects to have control of security, folders, desktop
settings, and scripts.
Overall objective
Enhancement of configuration policy settings for user and computer objects thus easy control of
the objects.
To overcome security challenges in the use of Group policy, individuals will benefit from the use
of shared services.
DHL Supply Chain, Microsoft, and Blue Yonder merge with their expertise in customer-centered
logistics services, safe global cloud storage, and fast and efficient end-to-end enterprise resource
planning with this partnership they strengthen logistics policy and strategic efficiency for a wide
variety of customers in the market.
Proposed approach and method
Secondary data analysis was used in checking of consequences which arose as a result of new
approaches which involved ad hoc, component reuse and model-based reuse. Data was collected
from different journals, government website & google scholar so that the effect of reuse
approach was determined. Checking of the quality attributes such as specification of a design and
requirements was done. The standards for safety critical software systems and selection of
validation and verification techniques. Quality attributes were emphasized during the research.

There were steps that were taken in order to develop the proposed approach. The steps are listed
below:

1. Previous methods were reviewed.

2. concept of software reuse as well as its relationship was analyzed.
3. Qualities that were to be analyzed were selected.
4. Compare it with other techniques.
5. Analyze the risk factor.
Page 1 of 31
 6. Conduct analysis of the results.

2.0 Literature Review

Introduction
Group Policy refers to a collection of configurations that manage security, monitoring, and other
functional activities in the Windows registry. In partnership with Microsoft, DHL Inventory
Management, the national leader in trade finance and member of the DHL Group, has just
unveiled a new plug & play technologies framework and Blue Yonder is a going to lead artificial
intelligence (AI)-driven virtual service supplier. Even though there are strategies for Active
Directory Group Policy that will assist you to manage your programs and maximize the
efficiency of the Group Policy. The primary domain policy and the current domain controller
policy are not changed.
The main objective of this proposal is to scrutinize the enhancement of configuration policy
settings for user and computer objects. These enhancements will ease control of objects. Further,
security challenges are minimized through the incorporation of Group Policy. Shared services
will benefit individuals. DHL delivery services are crucial across the globe thus the necessity of
improving procurement, service delivery, and organizational aspects. According to Zhan (2011),
group policy is a critical feature in promoting a conducive and efficient working environment for
computerized systems. Therefore, using AD GPO at DHL will bolster all services as explicated
in this paper. The general research process will follow a systematic procedure to analyze
Services implementation using AD group policy (GPO) at DHL Sharad. These aspects are
significant particularly in ensuring all aspects regarding DHL International are incorporated in
diverse studies. Various problem statements and questions will be used to scrutinize operations
and processes in the organization. The implication of group policy is the central factor within this
paper (Srivastava, 2012).
2.1 Implementing global proxy for all machines.
Global Proxy:

2
The configurations of the Global Proxy are designed to ensure that almost all HTTP and HTTPS
network traffic is now only transmitted through it. Which guarantees data protection as both
private and business information is extracted into the Global Proxy Profile.
How to create a global proxy for all DHL machines?
Use the Group Policy Managing tool to construct a bigger Group Policy Object (GPO) in DHL
Shared Services:
 Click Programs > Administrative Software > Group Policy Management was on
the Start menu.
 In the Community Policy Control window, right-click Domain (DHL) under
Domains, afterward and click Create and Connect GPO Here...

This brings up the New GPO dialog box.

 Click the OK tab.
To change the status of the GPO
The Proxy Policy GPO will appear in the left pane under the DHL domain once it has been
developed.
 Select the GPO for Proxy Policy.
 Tap the Info tab in the right pane.
 Press the drop-down list to shift the GPO Status to Disabled User Settings.

This alternative allows users to log on faster by limiting the parts of the GPO that are applied.
 To make improvements to the GPO
 Right-click the Proxy Policy GPO in the left pane.
 Select Edit.
The proxy settings must be configured and activated.
In the left pane of the Community Policy window, click:
 Pick Windows Setup
Pick Internet Explorer Maintenance from the drop-down menu.
 Link Pick. (In the panel to the right :)
 Double-click Proxy Settings to open it.

3
  To enable the proxy, check the Enable Proxy Settings box.
Uncheck the box that says "Use the same proxy server for all protocols."
In rows 1. HTTP, 2. Secure, and 3. FTP:
Make sure to search would not use a proxy server for localized (internet) addresses within
Exceptions.
 If any other IP addresses need to disable the proxy server for some reason, make a
note of it in the package.
 Click the OK tab.
To keep the proxy settings secure,
Deactivate the choice for users to switch proxy settings once the proxy settings have been
enabled.
 In the left pane of the Community Policy window:
 Select User Configuration
 Choose from several administrative templates.
 Choose Browser.
 Right-click Disabled modifying proxy settings in the right pane.
 ·Pick Properties.
 Press Enabled.
 After that, press Apply, then OK.
Reasons for Global Proxy:
The global proxy enables DHL's services significantly stronger Enterprise and Internal Security.
That accomplish critical procedures Control traffic anonymously so that your server wouldn't
collapse and Employee Online activity command get
Faster and easier speeds and efficiency in broadband.
2.2 Software blacklisting
Blacklisting of software is a tool used to avoid the operation of such applications or executable
code on a system. The application process blacklisting program of Enterprise edition visa
application Control Plus clarifies blacklisting by allowing policy-based list formation and
upgrading.

4
They might use Group Policy to restrict or enables customers to block simple HTML URLs by
giving priority to security and output. It needs to be noted that managing the list of sites on your
proxy server/firewall in your company is the most productive way to enforce content filtering for
the Internet.

Options on a global scale

You can see a variety of choices in the right-hand pane that can be configured at a global level.

5
We know about protection levels and additional rules and they will come to you in a moment.
But first, right-click on Compliance and pick Properties; you'll see this dialog.

The first choice should be set to "All program files except libraries" in most cases.
It's up to you whether to extend to all users or only local administrators. Make DHL
services devices exempt from the SRP rules if you operate in an environment where
administrators frequently log on to and troubleshoot DHL services devices.

6
The last factor in choosing is whether or not to enforce certificate rules. If you use
certificate-based testing in the Additional Rules section, then you will need to apply
them here. The output caveat refers to the need to check a revocation list of certificates.
(CRL) any time a program is run. It also implies that the CRL (usually stored online)
must be accessible from the DHL services, so it must be accessible from the DHL
services. So, if this option is implemented, environments with blocked internet access

can fail. Pick the choice that best meets your needs. First, right-click and pick Properties
on Specified File Types. This dialog will show you what file extensions the SRP
considers "executable code" to be. Note that, by default, .exe, .dll, and .vbs are
considered executable and cannot be disabled.
The management of Trusted Publishers, the final choice is. This can trigger or disable
the ability for users (Core, Guay & Kothari, 2003).

7
When the attacker can copy that dll into another system and then add it by modifying the
Registry (which would require admin privileges) to the Security Support Provider list, the
features of tools like mimikatz could be leveraged in a way that would circumvent the
'normal' SRP. Below, after being loaded, we can see that the loaded library exploits a
Windows domain admin password.
When this attack vector is possible, therefore the global options feature "block libraries"
would be the way to defend against it.
The “mimikatz dll “could no further be loaded once the “block libraries” option has been
implemented at the global level, so passwords cannot be intercepted.
We know that this is productive because the kiwissp.log file that contains the dll output is
no longer available on the device Even so, whenever a library is blocked, no data is
written to both the large databases, which is a frustrating function of SRPs. Inside the

8
 user interface, you can get application errors as below, but no logging is kept as to what
has been blocked from downloading.
Instead of users, MDAC policies refer to the system as a whole but add some cutting-edge
new functionality for whitelisting applications: -

 Use codesigning certificate attributes to allow or disallow execution

 Using the executable's advanced features, such as the filename, version, hash, or
metadata
 The application's true credibility, as determined by an online security database
 The parent's duty that launched the application.
.
Reasons for software Blacklisting
The major impact of blacklisting is its efficiency. You simply detect and block access to proven
or suspected threats. All other traffic or applications are made by it. In this way, anti-virus and
anti-malware software that uses signatures works.
The supplier upgrades blacklist implementations, making blacklists practically maintenance-free.
Since this approach relies on identifying recognized threats, the efficacy of the blacklist and its
related responses is determined by how often and how frequently they are reviewed and
modified. With a large number of new malware released each month, keeping a blacklist up to
date can be a daunting job, and the costs of this effort are passed on to consumers through
licensing and renewals (McCabe, Ganji, Koren et. al 2012).
2.3 Implementing screen saver
A screensaver is a software that can be programmed to enable after a time of user inactivity
It was initially used to avoid harm to older monitors but is now used as a way to prevent desktop
content from being accessed while the user is offline.
How to Apply Screen Saver Through Group Policy in a shared DHL service.
We would also analyze How and when to Implement Screen Saver Through Group Policy in a
Shared DHL Service, In certain other organizations, it is customized that after a certain amount
of inactivity on the system, the system locks itself. Unauthorized access to domain systems
would be avoided as a result of this. With the aid of Group Policy, Domain Administrators can
implement this with group policy.
9
Steps
On the C: drive, create a shared folder. Insert your screensaver in this folder, while this
route will show the screensaver on the domain computer. Screensaver files can be reviewed
in the c:\Windows\Winsxs folder with the .scr extension.

Open Server Manager and select Tools > Group Policy Implementation from the
right-hand menu.

Right-click the Domain button and then click Generate a GPO and connect it to
this domain. Enter a DHL service and then press OK.

10
Right-click on the policy you just developed, then right-click Edit.
In a new tab, the Community Policy Management Editor opens, expands User
Settings, expands Rules, expands Administrative Templates, expands the Control
Panel, and then clicks Personalization. We'll customize the setup for the policy
now.

11
Screen saver reset should be double-clicked. Each setting determines the length
of time that the screen saver is displayed after that. Activate these policy settings
by clicking Activated, and then set the time during which the screen saver will
show. Apply it and OK are the next steps.

12
To impose a particular screen saver, double-click the policy setting Compel
specific screen saver. This setting shows the screen saver listed in the policy

setting if allowed. Select Allowed and enter the path to the screen saver file in
the textbox. Apply and OK will be the next steps.

Double-click the Enable Screen Saver setting, then click Enable.

13
Why must I have a screensaver on my workstation?
A screensaver is often a piece of software that can be configured to activate after a duration of
inactivity by the device (when you leave your computer). Initially, it was used to avoid harm to
older displays but is now used as a way to prevent access to desktop content when the user is
offline.

14
2.4 Implementing Wallpaper
Wallpaper belongs to the picture is behind area whereby icons, symbols, and shortcuts are
presented in the sense of programming. The most popular file formats for wallpaper are.jpeg
and.gif, and they can be customized in most operating systems (OSs).
Steps:
 Go to Server Manager>Tools to open the Group Policy Management Console (GPMC)
and pick Group Policy Management.
 When the GPMC initially installs, you'll recognize domain's tree hierarchy. Enlarge the
domain now, and disable the firewall. Right-click on this OU from here, and select the
first option. For DHL services, build a GPO.
 Now type the GPO DHL services name and press the OK button. WallPaper GPO was
chosen:
 Then, right-click the object for the GPO and then click Edit:
 We update the policy dealing with the wallpaper at this stage, but note the number of
different policies that enable us to configure different aspects of our domain users.i.e.
 Expand User Configuration> Policies> Administrative Templates> Desktop> Desktop to
find the Wallpaper.

 The Desktop Wallpaper settings will now open. We need to trigger the policy first, by
clicking the Activated option on the left. Next, type the shared wallpaper's UNC route.
Remember to share the folder containing the wallpaper FW-DC1WallPaper and set the
share permissions to allow users to access it.
 We need to apply it now that we have configured our GPO. To do so, simply log off and
then on the DHL Services computer, then type the following command into the domain
controller's command prompt to add the settings right away:
2.5 Firefox policy implementation
This section explains how to distribute the Tracker Browser extension to all PCs in your DHL
services using Active Directory Community Policy Management against Firefox Policy
Templates.
Using community decision management to deploy Keeper Firefox Browser Extension.

15
Steps:
Phase 1: Add Firefox Policy Templates

Download the zip file and extract the Firefox Policy Template file from your domain controller
to your desired location. C: temp is an example (Agarwal, 2014).

https://github.com/mozilla/policy-templates/releases/releases

Phase 2: Adding the. admx and. adml files from Firefox to Community Policy

Navigate to the directory where you extracted a template for the Firefox Policy file and copy the
firefox. admx fil filefirefox.admx file located within the
\policy_templates_v.(version)\windows directory to C:\Windows\PolicyDefinitions
Navigate to the directory in which you extracted the Firefox Policy Template file and copy the
firefox.adml file located within the
\policy_templates_v.(version)\windows\en-US directory to C:\Windows\PolicyDefinitions\en-
US
Phase 3: Create your Firefox Policy

16
  Open the Domain Controller Group Policy Manager and extend your domain -> Group
Policy Objects. If you do not currently have a Group Policy created to use with Firefox
Policies, right-click Group Policy Artifacts to establish a better Policy.

Establishing a New Strategy

Name something appropriate to the policy. "Firefox Policy," for example.
Name of Policy
Right-click the newly created policy and select Edit.

17
Make Changes to a Community Policy

 Select Firefox Policy -> Computer Configuration -> Policies -> Administrative
Templates -> Firefox -> Extensions from the drop-down menu. Then Right-Click and
Edit "Install Extensions"

18
Configure Forced Extensions Installed
Tick the Enable button and click the Display button.

19
Forced Extensions Enablement
To add following text and click OK.
https://addons.mozilla.org/firefox/downloads/file/3632454/keeper_password_manager_digital_
vault-14.4.0-fx.xpi
Adding App ID Keeper Browser Extension
Click OK after you've applied the adjustments.

Applying the Forced Extension Built

Then move to right-clicking and editing the "Prevent disable or uninstall extensions"
Delete the Keeper Browser Extension
Attach the text that follows and press OK.
https://addons.mozilla.org/firefox/downloads/file/3632454/keeper_password_manager_digital_v
ault-14.4.0-fx.xpi
Insert App ID for Keeper Browser Extension
Click OK after you've applied the adjustments.
Implementing the replacement of the Avoid Mounted extension
Disable Firefox Built-in Password Manager by navigating directly within the definitions of the
Firefox Administrative Templates Policy and then right-clicking and modifying both Login Save

20
Offer and Login Save Offer (default) and setting to Disabled, clicking Submit, and then OK
(Bonilla, 2020).
Capabilities Policies for Firefox AutoFill
Disable Firefox Capabilities for AutoFill 12. Exit the Management Editor for Community Policy,
right-click the OU of your choosing, and select Link to Current GPO.
Forced Connect Extensions have been built on PCs
Choose "Firefox Rules" and then press "OK

21
Phase 4: Check Your Firefox PoliciesOpen
Firefox on a target DHL Services computer and go to about: policies to see all policies that have
been implemented. Policies could appear right away if you implemented policy settings on the

local computer.

Why do we need to implement firefox through AD group policy?

1. Infinite experience of Browsing
Any web browser faces a daunting challenge when it comes to accessing several pages in
multiple tabs in a single tab.
2. Easy customization
Firefox can be downloaded for free and is easily compatible with different devices.
The web browser also has basic add-ons that are easy to use and, lastly, easy to incorporate.
3. Tech Help Mozilla Firefox
The FireFox technical support team provides its users with comprehensive assistance. They
assist via phone, e-mail, and Firefox tutorials. Histologically, the Firefox support services look
after your security and privacy. With Firefox, downloading is indeed easy and convenient. The
web browser has an easy-to-use interface.

22
 4. Rich Library Add-On
The experience of using that internet browser is simply improved through ad-on. The catalog of
ad-ons in Mozilla is brought to another level.
The web browser is abundant in features. With far more than 6000 plugins and much more than
500 designs, it is lightweight.
Their work is simple, smooth, and hassle-free because of the accessibility of certain ad-on and
extensions (Mitra, 2006).

23
4.0 Conclusion
DHL is the world's most multinational organization, with operations in over 220 countries and
territories. We can have nearly infinite logistical solutions because we have over 340,000
workers. DHL is part of the Deutsche Post DHL Group, the world's largest logistics group, and is
made up of the following divisions: DHL Paket, DHL Express, DHL Global Forwarding,
Freight, and DHL Supply Chain. In t nutshell, This subject covers implementation services
policies, when and how to use the feature, previous release updates, and additional tools to assist
you in developing and deploying software. Initial deployment at the DHL Supply Chain facility
has shown that the new platform will reduce complexity and speed up the incorporation of
robotic systems into the current warehouse of management. At just about the same time, the
platform allows consumers to choose and incorporate various technology vendors into a single
device with greater ease. The robotics platform is motivated by Blue Yonder's Luminate
Platform, which includes machine-learning (ML)-driven task management capabilities for the
most effective warehouse operations.
Prepare ahead of time. Nothing else is guaranteed to bring consumers off a solution more easily
than making their lives miserable. Until going online, conduct a comprehensive analysis of the
environment to ensure that at least 80-90 percent of the applications are protected.

Project plan
The overall project timeline projection is as per the Gantt chart, as shown in Table 4 below,
starting from March 2021 to Sep 2021, this study takes six months to complete.

The project started with drafting a project proposal and review the project proposal with the
supervisor. Then I will start to draft out a strategy for TMA 1 and initiate a literature review. On
the last week of April, 2021 will have a final review with the supervisor before submission of
TMA 1.

24
After TMA 1 submission, I will continue to develop a questionnaire and review it with the
supervisor before sending it out for a survey. By early May, I will start consolidating the data,
analyze the data collected, and data validation. In the second week of April, I will be attending a
course with Computer Analytics Company to learn and understand How to Build My First
Aquaponics Workshop at the same time to help to find out the complexity of data sharing. Next,
I will be drafting my Final Report following by reviewing it with the supervisor before
submission in September 2021.

25
References
Zhan, Z. (2011). Group Policy for Windows Domain Management [J]. Computer Knowledge
and Technology, 22.
Mitra, S. (2006). A survey of third-party logistics (3PL) service providers in India. IIMB
Management Review, 18(2), 159-174.
McCabe, M. T., Ott, H. M., Ganji, G., Korenchuk, S., Thompson, C., Van Aller, G. S., ... &
Creasy, C. L. (2012). EZH2 inhibition as a therapeutic strategy for lymphoma with
EZH2-activating mutations. Nature, 492(7427), 108-112.
Srivastava, S. C. (2012). Industrial relations and labour laws. Vikas Publishing House.
Agarwal, S. (2014). Neuro-Sell: How Neuroscience can Power Your Sales Success. Journal of
Consumer Marketing.
Kedia, A. (2020). Estimating the effect of online shopping and collection-delivery points on
shopping travel in New Zealand.
Bonilla, D. (2020). Air Power and Freight: The View from the European Union and China.
Springer.
Louckx, Y. (2014). Recommendations for the distribution strategy in changing market
environment: Case: Belgian Brewery Van Honsebrouck in Russia.
Core, J. E., Guay, W. R., & Kothari, S. P. (2003). periodicals publishing articles in Finance and
Accounting. Accounting and Business Research, 33(2).

26