deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'main' into vp-csp-auto2

Browse Source
This commit is contained in:
Liz Long 2023-01-04 18:24:07 -05:00 committed by GitHub
commit 15e753e80f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/deployment/do/waas-delivery-optimization-setup.md
View File

@ -92,8 +92,6 @@ To do this with MDM, go to **./Device/Vendor/MSFT/Policy/Config/DeliveryOptimiza
Many devices now come with large internal drives. You can set Delivery Optimization to take better advantage of this space (especially if you have large numbers of devices) by changing the minimum file size to cache. If you have more than 30 devices in your local network or group, change it from the default 50 MB to 10 MB. If you have more than 100 devices (and are running Windows 10, version 1803 or later), set this value to 1 MB.
[//]: # (default of 50 aimed at consumer)
To do this in Group Policy, go to **Computer Configuration\Administrative Templates\Windows Components\Delivery Optimization** and set **Minimum Peer Caching Content File Size** to 10 (if you have more than 30 devices) or 1 (if you have more than 100 devices).
To do this with MDM, go to **./Device/Vendor/MSFT/Policy/Config/DeliveryOptimization/** and set [DOMinFileSizeToCache](/windows/client-management/mdm/policy-csp-deliveryoptimization#dominfilesizetocache) to 100 (if you have more than 30 devices) or 1 (if you have more than 100 devices).

1
windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Accounts: Administrator account status
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Accounts: Administrator account status** security policy setting.

1
windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Accounts: Block Microsoft accounts
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, management, and security considerations for the **Accounts: Block Microsoft accounts** security policy setting.

1
windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Accounts: Guest account status - security policy setting
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Accounts: Guest account status** security policy setting.

1
windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Accounts: Limit local account use of blank passwords to console logon only
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Accounts: Limit local account use of blank passwords to console logon only** security policy setting.

1
windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Accounts: Rename administrator account
**Applies to**
- Windows 11
- Windows 10
This security policy reference topic for the IT professional describes the best practices, location, values, and security considerations for this policy setting.

1
windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Accounts: Rename guest account - security policy setting
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Accounts: Rename guest account** security policy setting.

1
windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Audit: Audit the use of Backup and Restore privilege
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Audit: Audit the use of Backup and Restore privilege** security policy setting.

1
windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings** security policy setting.

1
windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Audit: Shut down system immediately if unable to log security audits
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, management practices, and security considerations for the **Audit: Shut down system immediately if unable to log security audits** security policy setting.

1
windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax** security policy setting.

1
windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Devices: Allow undock without having to log on
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Devices: Allow undock without having to log on** security policy setting.

1
windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Devices: Allowed to format and eject removable media
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Devices: Allowed to format and eject removable media** security policy setting.

1
windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Devices: Prevent users from installing printer drivers
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Devices: Prevent users from installing printer drivers** security policy setting.

1
windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md
View File

@ -20,6 +20,7 @@ ms.technology: itpro-security
# Devices: Restrict CD-ROM access to locally logged-on user only
**Applies to**
- Windows 11
- Windows 10
Describes the best practices, location, values, and security considerations for the **Devices: Restrict CD-ROM access to locally logged-on user only** security policy setting.

1
windows/security/threat-protection/security-policy-settings/security-options.md
View File

@ -19,6 +19,7 @@ ms.topic: conceptual
# Security Options
**Applies to**
- Windows 11
- Windows 10
Provides an introduction to the **Security Options** settings for local security policies and links to more information.

4
windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
View File

@ -70,6 +70,10 @@ One attribute:
- The setting needs to be placed in the order of ASCII values (first by Provider, then Key, then ValueName)
### Multiple policy considerations
Similar to executable files, COM objects must pass each policy on the system to be allowed by WDAC. For example, if the COM object under evaluation passes most but not all of your WDAC policies, the COM object will not be allowed. If you are using a combination of base and supplemental policies, the COM object just needs to be allowlisted in either the base policy or one of the supplemental policies.
### Examples
Example 1: Allows registration of all COM object GUIDs in any provider