deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Updated

Browse Source
This commit is contained in:
nimishasatapathy 2021-08-31 20:55:26 +05:30
parent 6c451f8362
commit 0b7421daac
9 changed files with 952 additions and 414 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
windows/client-management/mdm/policy-csp-admx-ciphersuiteorder.md
View File

@ -40,28 +40,34 @@ manager: dansimp
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</table>
@ -78,7 +84,7 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting determines the cipher suites used by the Secure Socket Layer (SSL).
This policy setting determines the cipher suites used by the Secure Socket Layer (SSL).
If you enable this policy setting, SSL cipher suites are prioritized in the order specified.
@ -113,28 +119,34 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</table>
@ -151,7 +163,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting determines the priority order of ECC curves used with ECDHE cipher suites.
This policy setting determines the priority order of ECC curves used with ECDHE cipher suites.
If you enable this policy setting, ECC curves are prioritized in the order specified. Enter one curve name per line.

44
windows/client-management/mdm/policy-csp-admx-com.md
View File

@ -40,28 +40,34 @@ manager: dansimp
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</table>
@ -78,7 +84,7 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting directs the system to search Active Directory for missing Component Object Model (COM) components that a program requires.
This policy setting directs the system to search Active Directory for missing Component Object Model (COM) components that a program requires.
Many Windows programs, such as the MMC snap-ins, use the interfaces provided by the COM components. These programs cannot perform all their functions unless Windows has internally registered the required components.
@ -115,28 +121,34 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</table>
@ -153,7 +165,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting directs the system to search Active Directory for missing Component Object Model (COM) components that a program requires.
This policy setting directs the system to search Active Directory for missing Component Object Model (COM) components that a program requires.
Many Windows programs, such as the MMC snap-ins, use the interfaces provided by the COM components. These programs cannot perform all their functions unless Windows has internally registered the required components.

90
windows/client-management/mdm/policy-csp-admx-controlpanel.md
View File

@ -45,28 +45,34 @@ manager: dansimp
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</table>
@ -83,7 +89,7 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This setting allows you to display or hide specified Control Panel items, such as Mouse, System, or Personalization, from the Control Panel window and the Start screen. The setting affects the Start screen and Control Panel window, as well as other ways to access Control Panel items, such as shortcuts in Help and Support or command lines that use control.exe. This policy has no effect on items displayed in PC settings.
This setting allows you to display or hide specified Control Panel items, such as Mouse, System, or Personalization, from the Control Panel window and the Start screen. The setting affects the Start screen and Control Panel window, as well as other ways to access Control Panel items, such as shortcuts in Help and Support or command lines that use control.exe. This policy has no effect on items displayed in PC settings.
If you enable this setting, you can select specific items not to display on the Control Panel window and the Start screen.
@ -122,28 +128,34 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</table>
@ -160,7 +172,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting controls the default Control Panel view, whether by category or icons.
This policy setting controls the default Control Panel view, whether by category or icons.
If this policy setting is enabled, the Control Panel opens to the icon view.
@ -196,28 +208,34 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</table>
@ -277,28 +295,38 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -315,7 +343,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting controls which Control Panel items such as Mouse, System, or Personalization, are displayed on the Control Panel window and the Start screen. The only items displayed in Control Panel are those you specify in this setting. This setting affects the Start screen and Control Panel, as well as other ways to access Control Panel items such as shortcuts in Help and Support or command lines that use control.exe. This policy has no effect on items displayed in PC settings.
This policy setting controls which Control Panel items such as Mouse, System, or Personalization, are displayed on the Control Panel window and the Start screen. The only items displayed in Control Panel are those you specify in this setting. This setting affects the Start screen and Control Panel, as well as other ways to access Control Panel items such as shortcuts in Help and Support or command lines that use control.exe. This policy has no effect on items displayed in PC settings.
To display a Control Panel item, enable this policy setting and click Show to access the list of allowed Control Panel items. In the Show Contents dialog box in the Value column, enter the Control Panel item's canonical name. For example, enter Microsoft.Mouse, Microsoft.System, or Microsoft.Personalization.

624
windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
View File

File diff suppressed because it is too large Load Diff

27
windows/client-management/mdm/policy-csp-admx-cpls.md
View File

@ -36,28 +36,39 @@ manager: dansimp
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -74,7 +85,7 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting allows an administrator to standardize the account pictures for all users on a system to the default account picture. One application for this policy setting is to standardize the account pictures to a company logo.
This policy setting allows an administrator to standardize the account pictures for all users on a system to the default account picture. One application for this policy setting is to standardize the account pictures to a company logo.
> [!NOTE]
> The default account picture is stored at %PROGRAMDATA%\Microsoft\User Account Pictures\user.jpg. The default guest picture is stored at %PROGRAMDATA%\Microsoft\User Account Pictures\guest.jpg. If the default pictures do not exist, an empty frame is displayed.

81
windows/client-management/mdm/policy-csp-admx-credentialproviders.md
View File

@ -42,28 +42,39 @@ manager: dansimp
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11<th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -80,7 +91,7 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting allows you to control whether a user can change the time before a password is required when a Connected Standby device screen turns off.
This policy setting allows you to control whether a user can change the time before a password is required when a Connected Standby device screen turns off.
If you enable this policy setting, a user on a Connected Standby device can change the amount of time after the device's screen turns off before a password is required when waking the device. The time is limited by any EAS settings or Group Policies that affect the maximum idle time before a device locks. Additionally, if a password is required when a screensaver turns on, the screensaver timeout will limit the options the user may choose.
@ -115,28 +126,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -153,7 +175,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting allows the administrator to assign a specified credential provider as the default credential provider.
This policy setting allows the administrator to assign a specified credential provider as the default credential provider.
If you enable this policy setting, the specified credential provider is selected on other user tile.
@ -188,28 +210,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -226,7 +259,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting allows the administrator to exclude the specified credential providers from use during authentication.
This policy setting allows the administrator to exclude the specified credential providers from use during authentication.
> [!NOTE]
> Credential providers are used to process and validate user credentials during logon or when authentication is required. Windows Vista provides two default credential providers: Password and Smart Card. An administrator can install additional credential providers for different sets of credentials (for example, to support biometric authentication).

296
windows/client-management/mdm/policy-csp-admx-credssp.md
View File

@ -66,28 +66,38 @@ manager: dansimp
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</table>
@ -104,7 +114,7 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies when server authentication was achieved via NTLM.
@ -146,28 +156,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -184,7 +205,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies when server authentication was achieved by using a trusted X509 certificate or Kerberos.
@ -231,28 +252,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -269,7 +301,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the CredSSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the CredSSP component (for example: Remote Desktop Connection).
Some versions of the CredSSP protocol are vulnerable to an encryption oracle attack against the client. This policy controls compatibility with vulnerable clients and servers. This policy allows you to set the level of protection desired for the encryption oracle vulnerability.
@ -311,28 +343,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -349,7 +392,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies when server authentication was achieved via a trusted X509 certificate or Kerberos.
@ -393,28 +436,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -431,7 +485,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies when server authentication was achieved via NTLM.
@ -475,28 +529,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -513,7 +578,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies when server authentication was achieved via a trusted X509 certificate or Kerberos.
@ -557,28 +622,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -595,7 +671,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies when server authentication was achieved via NTLM.
@ -639,28 +715,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -677,7 +764,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
If you enable this policy setting, you can specify the servers to which the user's default credentials cannot be delegated (default credentials are those that you use when first logging on to Windows).
@ -719,28 +806,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -757,7 +855,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
If you enable this policy setting, you can specify the servers to which the user's fresh credentials cannot be delegated (fresh credentials are those that you are prompted for when executing the application).
@ -799,28 +897,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -837,7 +946,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
If you enable this policy setting, you can specify the servers to which the user's saved credentials cannot be delegated (saved credentials are those that you elect to save/remember using the Windows credential manager).
@ -879,28 +988,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -917,7 +1037,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. When running in Restricted Admin or Remote Credential Guard mode, participating apps do not expose signed in or supplied credentials to a remote host. Restricted Admin limits access to resources located on other servers or networks from the remote host because credentials are not delegated. Remote Credential Guard does not limit access to resources because it redirects all requests back to the client device.
When running in Restricted Admin or Remote Credential Guard mode, participating apps do not expose signed in or supplied credentials to a remote host. Restricted Admin limits access to resources located on other servers or networks from the remote host because credentials are not delegated. Remote Credential Guard does not limit access to resources because it redirects all requests back to the client device.
Participating apps:
Remote Desktop Client

52
windows/client-management/mdm/policy-csp-admx-credui.md
View File

@ -39,28 +39,39 @@ manager: dansimp
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -77,7 +88,7 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting requires the user to enter Microsoft Windows credentials using a trusted path, to prevent a Trojan horse or other types of malicious code from stealing the users Windows credentials.
This policy setting requires the user to enter Microsoft Windows credentials using a trusted path, to prevent a Trojan horse or other types of malicious code from stealing the users Windows credentials.
> [!NOTE]
> This policy affects nonlogon authentication tasks only. As a security best practice, this policy should be enabled.
@ -111,28 +122,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>

108
windows/client-management/mdm/policy-csp-admx-ctrlaltdel.md
View File

@ -45,28 +45,39 @@ manager: dansimp
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -83,7 +94,7 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting prevents users from changing their Windows password on demand.
This policy setting prevents users from changing their Windows password on demand.
If you enable this policy setting, the 'Change Password' button on the Windows Security dialog box will not appear when you press Ctrl+Alt+Del.
@ -115,28 +126,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -153,7 +175,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting prevents users from locking the system.
This policy setting prevents users from locking the system.
While locked, the desktop is hidden and the system cannot be used. Only the user who locked the system or the system administrator can unlock it.
@ -188,28 +210,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -226,7 +259,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting prevents users from starting Task Manager.
This policy setting prevents users from starting Task Manager.
Task Manager (**taskmgr.exe**) lets users start and stop programs, monitor the performance of their computers, view and monitor all programs running on their computers, including system services, find the executable names of programs, and change the priority of the process in which programs run.
@ -259,28 +292,39 @@ ADMX Info:
<!--SupportedSKUs-->
<table>
<tr>
<th>Windows Edition</th>
<th>Supported?</th>
<th>Edition</th>
<th>Windows 10</th>
<th>Windows 11</th>
</tr>
<tr>
<td>Home</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Business</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /></td>
<td>Yes</td>
<td>Yes</td>
</tr>
</tr>
<tr>
<td>Education</td>
<td><img src="images/crossmark.png" alt="cross mark" /></td>
<td>No</td>
<td>No</td>
</tr>
</tr>
</table>
@ -297,7 +341,7 @@ ADMX Info:
<!--/Scope-->
<!--Description-->
Available in the latest Windows 10 Insider Preview Build. This policy setting disables or removes all menu items and buttons that log the user off the system.
This policy setting disables or removes all menu items and buttons that log the user off the system.
If you enable this policy setting, users will not see the Log off menu item when they press Ctrl+Alt+Del. This will prevent them from logging off unless they restart or shutdown the computer, or clicking Log off from the Start menu.