Securing Teamviewer host

I am creating a Teamviewer .reg file to be rolled out with Group Policy
I need help to achieve the following:

1. No passwords to be displayed when the end user opens Teamviewer host. Reason for this is that we dont want the end user to be able to give out the details to anyone to be able to connect.
2. IT dept can connect to anyone without end user confirmation 
3. When the remote support company connects with their teamviewer account the end user needs to confirm all connections.

Hope someone can help me with this. I am struggling to achieve options 2 and 3.

Thanks