Most restricted value is 0. - - - @@ -193,9 +190,6 @@ The following diagram shows the Policy configuration service provider in tree fo - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -234,9 +228,6 @@ The following diagram shows the Policy configuration service provider in tree fo
Most restricted value is 0. - - - @@ -278,9 +269,6 @@ The following diagram shows the Policy configuration service provider in tree fo > [!NOTE] > This policy will only block UI/UX-based methods for adding non-Microsoft accounts. Even if this policy is enforced, you can still provision non-MSA accounts using the [EMAIL2 CSP](email2-csp.md). - - - @@ -319,9 +307,6 @@ The following diagram shows the Policy configuration service provider in tree fo
Most restricted value is 0. - - - @@ -358,9 +343,6 @@ The following diagram shows the Policy configuration service provider in tree fo - 0 – Disabled. - 1 (default) – Manual start. - - - @@ -396,9 +378,6 @@ The following diagram shows the Policy configuration service provider in tree fo
The default value is an empty string, which allows all email accounts on the device to sync email. Otherwise, the string should contain a pipe-separated list of domains that are allowed to sync email on the device. For example, "contoso.com|fabrikam.net|woodgrove.gov". - - - @@ -413,9 +392,6 @@ If you disable or do not configure this policy setting, ActiveX controls prompt Note: Wild card characters cannot be used when specifying the host URLs. - - - ADMX Info: @@ -432,8 +408,6 @@ ADMX Info: This policy setting allows you to enable or disable Microsoft Application Virtualization (App-V) feature. Reboot is needed for disable to take effect. - - ADMX Info: @@ -450,8 +424,6 @@ ADMX Info: Enables Dynamic Virtualization of supported shell extensions, browser helper objects, and ActiveX controls. - - ADMX Info: @@ -468,8 +440,6 @@ ADMX Info: Enables automatic cleanup of appv packages that were added after Windows10 anniversary release. - - ADMX Info: @@ -486,8 +456,6 @@ ADMX Info: Enables scripts defined in the package manifest of configuration files that should run. - - ADMX Info: @@ -504,8 +472,6 @@ ADMX Info: Enables a UX to display to the user when a publishing refresh is performed on the client. - - ADMX Info: @@ -532,9 +498,6 @@ Data Cache Limit: This value specifies the maximum size in megabytes (MB) of the Data Block Size: This value specifies the maximum size in bytes to transmit to the server at once on a reporting upload, to avoid permanent transmission failures when the log has reached a significant size. The default value is 65536. When transmitting report data to the server, one block at a time of application records that is less than or equal to the block size in bytes of XML data will be removed from the cache and sent to the server. Each block will have the general Client data and global package list data prepended, and these will not factor into the block size calculations; the potential exists for an extremely large package list to result in transmission failures over low bandwidth or unreliable connections. - - - ADMX Info: @@ -551,8 +514,6 @@ ADMX Info: Specifies the file paths relative to %userprofile% that do not roam with a user's profile. Example usage: /FILEEXCLUSIONLIST='desktop;my pictures'. - - ADMX Info: @@ -569,8 +530,6 @@ ADMX Info: Specifies the registry paths that do not roam with a user profile. Example usage: /REGISTRYEXCLUSIONLIST=software\classes;software\clients. - - ADMX Info: @@ -587,8 +546,6 @@ ADMX Info: Specifies how new packages should be loaded automatically by App-V on a specific computer. - - ADMX Info: @@ -605,8 +562,6 @@ ADMX Info: Migration mode allows the App-V client to modify shortcuts and FTA's for packages created using a previous version of App-V. - - ADMX Info: @@ -623,8 +578,6 @@ ADMX Info: Specifies the location where symbolic links are created to the current version of a per-user published package. Shortcuts, file type associations, etc. are created pointing to this path. If empty, symbolic links are not used during publishing. Example: %localappdata%\Microsoft\AppV\Client\Integration. - - ADMX Info: @@ -641,8 +594,6 @@ ADMX Info: Specifies the location where symbolic links are created to the current version of a globally published package. Shortcuts, file type associations, etc. are created pointing to this path. If empty, symbolic links are not used during publishing. Example: %allusersprofile%\Microsoft\AppV\Client\Integration. - - ADMX Info: @@ -677,9 +628,6 @@ User Publishing Refresh Interval: Specifies the publishing refresh interval usin User Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23, Day 0-31). - - - ADMX Info: @@ -714,9 +662,6 @@ User Publishing Refresh Interval: Specifies the publishing refresh interval usin User Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23, Day 0-31). - - - ADMX Info: @@ -751,9 +696,6 @@ User Publishing Refresh Interval: Specifies the publishing refresh interval usin User Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23, Day 0-31). - - - ADMX Info: @@ -788,9 +730,6 @@ User Publishing Refresh Interval: Specifies the publishing refresh interval usin User Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23, Day 0-31). - - - ADMX Info: @@ -825,9 +764,6 @@ User Publishing Refresh Interval: Specifies the publishing refresh interval usin User Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23, Day 0-31). - - - ADMX Info: @@ -844,8 +780,6 @@ ADMX Info: Specifies the path to a valid certificate in the certificate store. - - ADMX Info: @@ -862,8 +796,6 @@ ADMX Info: This setting controls whether virtualized applications are launched on Windows 8 machines connected via a metered network connection (e.g. 4G). - - ADMX Info: @@ -880,8 +812,6 @@ ADMX Info: Specifies the CLSID for a compatible implementation of the IAppvPackageLocationProvider interface. - - ADMX Info: @@ -898,8 +828,6 @@ ADMX Info: Specifies directory where all new applications and updates will be installed. - - ADMX Info: @@ -916,8 +844,6 @@ ADMX Info: Overrides source location for downloading package content. - - ADMX Info: @@ -934,8 +860,6 @@ ADMX Info: Specifies the number of seconds between attempts to reestablish a dropped session. - - ADMX Info: @@ -952,8 +876,6 @@ ADMX Info: Specifies the number of times to retry a dropped session. - - ADMX Info: @@ -970,8 +892,6 @@ ADMX Info: Specifies that streamed package contents will be not be saved to the local hard disk. - - ADMX Info: @@ -988,8 +908,6 @@ ADMX Info: If enabled, the App-V client will support BrancheCache compatible HTTP streaming. If BranchCache support is not desired, this should be disabled. The client can then apply HTTP optimizations which are incompatible with BranchCache - - ADMX Info: @@ -1006,8 +924,6 @@ ADMX Info: Verifies Server certificate revocation status before streaming using HTTPS. - - ADMX Info: @@ -1024,8 +940,6 @@ ADMX Info: Specifies a list of process paths (may contain wildcards) which are candidates for using virtual components (shell extensions, browser helper objects, etc). Only processes whose full path matches one of these items can use virtual components. - - ADMX Info: @@ -1119,9 +1033,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z ``` - - - @@ -1161,9 +1072,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Most restricted value is 0. - - - @@ -1202,9 +1110,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Most restricted value is 0. - - - @@ -1244,9 +1149,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Most restricted value is 0. - - - @@ -1288,9 +1190,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Most restricted value is 0. - - - @@ -1329,9 +1228,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Most restricted value is 0. - - - @@ -1370,9 +1266,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Most restricted value is 0. - - - @@ -1426,9 +1319,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Value evaluation rule - The information for PolicyManager is opaque. There is no most restricted value evaluation. Whenever there is a change to the value, the device parses the node value and enforces specified policies. - - - @@ -1465,9 +1355,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z - 0 (default) – Enable launch of apps. - 1 – Disable launch of apps. - - - @@ -1515,9 +1402,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Most restricted value is 1. - - - @@ -1556,9 +1440,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Most restricted value is 1. - - - @@ -1597,9 +1478,6 @@ PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxEZWZhdWx0QXNzb2NpYXRpb25z
Most restricted value is 1. - - - @@ -1614,8 +1492,6 @@ If you disable this policy setting, Windows marks file attachments with their zo If you do not configure this policy setting, Windows marks file attachments with their zone information. - - ADMX Info: @@ -1638,8 +1514,6 @@ If you disable this policy setting, Windows shows the check box and Unblock butt If you do not configure this policy setting, Windows hides the check box and Unblock button. - - ADMX Info: @@ -1662,8 +1536,6 @@ If you disable this policy setting, Windows does not call the registered antivir If you do not configure this policy setting, Windows does not call the registered antivirus programs when file attachments are opened. - - ADMX Info: @@ -1719,9 +1591,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -1760,9 +1629,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -1801,9 +1667,6 @@ ADMX Info:
The default for this policy must be on for consumer devices (defined as local or Microsoft account connected device) and off for enterprise devices (such as cloud domain-joined, cloud domain-joined in an on-premise only environment, cloud domain-joined in a hybrid environment, and BYOD). - - - @@ -1816,8 +1679,6 @@ If you enable this policy setting, AutoPlay is not allowed for MTP devices like If you disable or do not configure this policy setting, AutoPlay is enabled for non-volume devices. - - ADMX Info: @@ -1847,8 +1708,6 @@ b) Revert back to pre-Windows Vista behavior of automatically executing the auto If you disable or not configure this policy setting, Windows Vista or later will prompt the user whether autorun command is to be run. - - ADMX Info: @@ -1879,8 +1738,6 @@ If you disable or do not configure this policy setting, AutoPlay is enabled. Note: This policy setting appears in both the Computer Configuration and User Configuration folders. If the policy settings conflict, the policy setting in Computer Configuration takes precedence over the policy setting in User Configuration. - - ADMX Info: @@ -1927,9 +1784,6 @@ ADMX Info: - 6 -XTS 128 - 7 - XTS 256 - - - @@ -1970,9 +1824,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -2013,9 +1864,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -2052,9 +1900,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default)– Allowed. - - - @@ -2090,9 +1935,6 @@ ADMX Info:
If this policy is not set or it is deleted, the default local radio name is used. - - - @@ -2126,9 +1968,6 @@ ADMX Info:
The default value is an empty string. - - - @@ -2147,9 +1986,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -2195,9 +2031,6 @@ ADMX Info: 3. Click **Settings** in the drop down list, and select **View Advanced Settings**. 4. Verify the setting **Save form entries** is greyed out. - - - @@ -2242,9 +2075,6 @@ ADMX Info:
When this policy is set to 0 (not allowed), the Microsoft Edge for Windows 10 Mobile tile will appear greyed out, and clicking on the tile will display a message indicating theat Internet browsing has been disabled by your administrator. - - - @@ -2290,9 +2120,6 @@ ADMX Info: 3. Click **Settings** in the drop down list, and select **View Advanced Settings**. 4. Verify the setting **Cookies** is greyed out. - - - @@ -2335,9 +2162,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -2383,9 +2207,6 @@ ADMX Info: 3. Click **Settings** in the drop down list, and select **View Advanced Settings**. 4. Verify the setting **Send Do Not Track requests** is greyed out. - - - @@ -2422,9 +2243,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -2461,9 +2279,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -2500,9 +2315,6 @@ ADMX Info: - 0 – Adobe Flash content is automatically loaded and run by Microsoft Edge. - 1 (default) – Users must click the content, click a Click-to-Run button, or have the site appear on an auto-allow list before Microsoft Edge loads and runs Adobe Flash content. - - - @@ -2541,9 +2353,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -2562,9 +2371,6 @@ By default, the Microsoft compatibility list is enabled and can be viewed by vis
Most restricted value is 0. - - - @@ -2610,9 +2416,6 @@ By default, the Microsoft compatibility list is enabled and can be viewed by vis 3. Click **Settings** in the drop down list, and select **View Advanced Settings**. 4. Verify the settings **Offer to save password** and **Manage my saved passwords** are greyed out. - - - @@ -2658,9 +2461,6 @@ By default, the Microsoft compatibility list is enabled and can be viewed by vis 3. Click **Settings** in the drop down list, and select **View Advanced Settings**. 4. Verify the setting **Block pop-ups** is greyed out. - - - @@ -2678,9 +2478,6 @@ By default, the Microsoft compatibility list is enabled and can be viewed by vis
Most restricted value is 0. - - - @@ -2719,9 +2516,6 @@ By default, the Microsoft compatibility list is enabled and can be viewed by vis
Most restricted value is 0. - - - @@ -2767,9 +2561,6 @@ By default, the Microsoft compatibility list is enabled and can be viewed by vis 3. Click **Settings** in the drop down list, and select **View Advanced Settings**. 4. Verify the setting **Help protect me from malicious sites and download with SmartScreen Filter** is greyed out. - - - @@ -2791,9 +2582,6 @@ By default, the Microsoft compatibility list is enabled and can be viewed by vis 2. Close the Microsoft Edge window. 3. Open Microsoft Edge and start typing the same URL in address bar. Verify that it does not auto-complete from history. - - - @@ -2817,9 +2605,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -2841,9 +2626,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -2884,9 +2666,6 @@ Employees cannot remove these search engines, but they can set any one as the de - Not configured. The device checks for updates from Microsoft Update. - Set to a URL location of the enterprise site list. - - - @@ -2919,9 +2698,6 @@ Employees cannot remove these search engines, but they can set any one as the de > [!IMPORTANT] > This policy (introduced in Windows 10, version 1507) was deprecated in Windows 10, version 1511 by [Browser/EnterpriseModeSiteList](#browser-enterprisemodesitelist). - - - @@ -2961,9 +2737,6 @@ Employees cannot remove these search engines, but they can set any one as the de
The default value is an empty string. Otherwise, the string should contain the URL of the webpage users will see the first time Microsoft Edge is run. For example, “contoso.com”. - - - @@ -3005,10 +2778,6 @@ Employees cannot remove these search engines, but they can set any one as the de > [!NOTE] > Turning this setting off, or not configuring it, sets your default Start pages to the webpages specified in App settings. - - - - @@ -3045,9 +2814,6 @@ Employees cannot remove these search engines, but they can set any one as the de - 0 (default) – Users can access the about:flags page in Microsoft Edge. - 1 – Users can't access the about:flags page in Microsoft Edge. - - - @@ -3063,9 +2829,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 1. - - - @@ -3081,9 +2844,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 1. - - - @@ -3122,9 +2882,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Turning this setting on stops users from ignoring the Windows Defender SmartScreen Filter warnings and blocks them from going to the site. Turning this setting off, or not configuring it, lets users ignore the Windows Defender SmartScreen Filter warnings about potentially malicious websites and to continue to the site. - - - @@ -3161,9 +2918,6 @@ Employees cannot remove these search engines, but they can set any one as the de - 0 (default) – Off. - 1 – On. - - - @@ -3204,9 +2958,6 @@ Employees cannot remove these search engines, but they can set any one as the de - 0 (default) – The localhost IP address is shown. - 1 – The localhost IP address is hidden. - - - @@ -3249,9 +3000,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -3274,9 +3022,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -3319,9 +3064,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -3371,9 +3113,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -3460,9 +3196,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -3500,9 +3233,6 @@ Employees cannot remove these search engines, but they can set any one as the de - 1 (default) – Allow the cellular data channel. The user can turn it off. - 2 - Allow the cellular data channel. The user cannot turn it off. - - - @@ -3550,9 +3280,6 @@ Employees cannot remove these search engines, but they can set any one as the de 2. Click on the SIM (next to the signal strength icon) and select **Properties**. 3. On the Properties page, select **Data roaming options**. - - - @@ -3592,9 +3319,6 @@ Employees cannot remove these search engines, but they can set any one as the de - 1 (default) - Allow (CDP service available). - 0 - Disable (CDP service not available). - - - @@ -3637,9 +3361,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -3684,9 +3405,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -3725,9 +3443,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -3766,9 +3481,6 @@ Employees cannot remove these search engines, but they can set any one as the de
Most restricted value is 0. - - - @@ -3779,9 +3491,6 @@ This policy setting configures secure access to UNC paths. If you enable this policy, Windows only allows access to the specified UNC paths after fulfilling additional security requirements. - - - ADMX Info: @@ -3806,8 +3515,6 @@ Note: The user's domain password will be cached in the system vault when using t To configure Windows Hello for Business, use the Administrative Template policies under Windows Hello for Business. - - ADMX Info: @@ -3830,8 +3537,6 @@ If you disable or don't configure this policy setting, a domain user can set up Note that the user's domain password will be cached in the system vault when using this feature. - - ADMX Info: @@ -3856,8 +3561,6 @@ By default, the password reveal button is displayed after a user types a passwor The policy applies to all Windows components and applications that use the Windows system controls, including Internet Explorer. - - ADMX Info: @@ -3878,8 +3581,6 @@ If you enable this policy setting, all local administrator accounts on the PC wi If you disable this policy setting, users will always be required to type a user name and password to elevate. - - ADMX Info: @@ -3924,9 +3625,6 @@ ADMX Info: - 0 (default) – Not allowed. - 1– Allowed. - - - @@ -3958,9 +3656,6 @@ ADMX Info:
Lists the Cryptographic Cipher Algorithms allowed for SSL connections. Format is a semicolon delimited list. Last write win. - - - @@ -3999,9 +3694,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -4040,10 +3732,6 @@ ADMX Info: > [!NOTE] > This policy is not recommended for use in Windows 10. - - - - @@ -4062,9 +3750,6 @@ If this policy setting is enabled, a drop-down list box presenting possible cost If this policy setting is disabled or is not configured, the cost of 3G connections is Fixed by default. - - - ADMX Info: @@ -4091,9 +3776,6 @@ If this policy setting is enabled, a drop-down list box presenting possible cost If this policy setting is disabled or is not configured, the cost of 4G connections is Fixed by default. - - - ADMX Info: @@ -4142,9 +3824,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4185,9 +3864,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4228,9 +3904,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4271,9 +3944,6 @@ ADMX Info: - 0 (default) – Not allowed. - 1 – Allowed. - - - @@ -4314,9 +3984,6 @@ ADMX Info: - 0 (default) – Not allowed. - 1 – Allowed. - - - @@ -4357,9 +4024,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4400,9 +4064,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4443,9 +4104,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4486,9 +4144,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4529,9 +4184,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4572,9 +4224,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4615,9 +4264,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4658,9 +4304,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -4700,9 +4343,6 @@ ADMX Info:
The default value is 50. - - - @@ -4742,9 +4382,6 @@ ADMX Info:
The default value is 0, which keeps items in quarantine, and does not automatically remove them. - - - @@ -4780,9 +4417,6 @@ ADMX Info:
llows an administrator to specify a list of file type extensions to ignore during a scan. Each file type in the list must be separated by a **|**. For example, "lib|obj". - - - @@ -4818,9 +4452,6 @@ ADMX Info:
Allows an administrator to specify a list of directory paths to ignore during a scan. Each path in the list must be separated by a **|**. For example, "C:\\Example|C:\\Example1". - - - @@ -4862,9 +4493,6 @@ ADMX Info:
Each file type must be separated by a **|**. For example, "C:\\Example.exe|C:\\Example1.exe". - - - @@ -4906,9 +4534,6 @@ ADMX Info: - 1 – PUA Protection on. Detected items are blocked. They will show in history along with other threats. - 2 – Audit mode. Windows Defender will detect potentially unwanted applications, but take no action. You can review information about the applications Windows Defender would have taken action against by searching for events created by Windows Defender in the Event Viewer. - - - @@ -4954,9 +4579,6 @@ ADMX Info: - 1 – Monitor incoming files. - 2 – Monitor outgoing files. - - - @@ -4997,9 +4619,6 @@ ADMX Info: - 1 (default) – Quick scan - 2 – Full scan - - - @@ -5045,9 +4664,6 @@ ADMX Info:
The default value is 120 - - - @@ -5099,9 +4715,6 @@ ADMX Info: - 7 – Sunday - 8 – No scheduled scan - - - @@ -5147,9 +4760,6 @@ ADMX Info:
The default value is 120. - - - @@ -5191,9 +4801,6 @@ ADMX Info:
The default value is 8. - - - @@ -5236,9 +4843,6 @@ ADMX Info: - 2 – Never send. - 3 – Send all samples automatically. - - - @@ -5292,9 +4896,6 @@ ADMX Info: - 8 – User defined - 10 – Block - - - @@ -5332,9 +4933,6 @@ ADMX Info:
The default value is 10. - - - @@ -5372,9 +4970,6 @@ ADMX Info:
The default value is 0 (FALSE). - - - @@ -5419,9 +5014,6 @@ ADMX Info: - 99 - Simple download mode with no peering. Delivery Optimization downloads using HTTP only and does not attempt to contact the Delivery Optimization cloud services. Added in Windows 10, version 1607. - 100 - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607. - - - @@ -5460,10 +5052,6 @@ ADMX Info: > [!NOTE] > You must use a GUID as the group ID. - - - - @@ -5501,9 +5089,6 @@ ADMX Info:
The default value is 259200 seconds (3 days). - - - @@ -5541,9 +5126,6 @@ ADMX Info:
The default value is 20. - - - @@ -5581,9 +5163,6 @@ ADMX Info:
The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads. - - - @@ -5621,9 +5200,6 @@ ADMX Info:
The default value is 0, which permits unlimited possible bandwidth (optimized for minimal usage of upload bandwidth). - - - @@ -5661,9 +5237,6 @@ ADMX Info:
The default value is 500. - - - @@ -5700,9 +5273,6 @@ ADMX Info:
The default value is 0. The value 0 (zero) means "not limited" and the cloud service default value will be used. - - - @@ -5743,10 +5313,6 @@ ADMX Info:
The default value is 32 GB. - - - - @@ -5784,10 +5350,6 @@ ADMX Info:
The default value is 100 MB. - - - - @@ -5825,9 +5387,6 @@ ADMX Info:
The default value is 4 GB. - - - @@ -5865,9 +5424,6 @@ ADMX Info:
By default, %SystemDrive% is used to store the cache. - - - @@ -5907,9 +5463,6 @@ ADMX Info:
The default value is 20. - - - @@ -5947,9 +5500,6 @@ ADMX Info:
The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads. - - - @@ -5962,8 +5512,6 @@ By default, a user can change the location of their individual profile folders l If you enable this setting, users are unable to type a new location in the Target box. - - ADMX Info: @@ -5984,8 +5532,6 @@ If you enable this policy setting, Windows is prevented from installing a device If you disable or do not configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings. - - ADMX Info: @@ -6006,8 +5552,6 @@ If you enable this policy setting, Windows is prevented from installing or updat If you disable or do not configure this policy setting, Windows can install and update devices as allowed or prevented by other policy settings. - - ADMX Info: @@ -6060,9 +5604,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -6110,10 +5651,6 @@ ADMX Info: > [!IMPORTANT] > If this policy is set to 1 (Allowed), the value set by **DeviceLock/ScreenTimeOutWhileLocked** is ignored. To ensure enterprise control over the screen timeout, set this policy to 0 (Not allowed) and use **DeviceLock/ScreenTimeOutWhileLocked** to set the screen timeout period. - - - - @@ -6156,9 +5693,6 @@ ADMX Info:
For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). - - - @@ -6209,8 +5743,6 @@ ADMX Info: - - @@ -6287,9 +5819,6 @@ ADMX Info: > - MaxDevicePasswordFailedAttempts > - MaxInactivityTimeDeviceLock - - - @@ -6334,9 +5863,6 @@ ADMX Info:
For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). - - - @@ -6383,9 +5909,6 @@ ADMX Info:
For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). - - - @@ -6423,9 +5946,6 @@ ADMX Info:
Value type is a string, which is the full image filepath and filename. - - - @@ -6463,9 +5983,6 @@ ADMX Info:
Value type is a string, which is the AppID. - - - @@ -6517,9 +6034,6 @@ The number of authentication failures allowed before the device will be wiped. A
For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). - - - @@ -6562,9 +6076,6 @@ The number of authentication failures allowed before the device will be wiped. A
For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). - - - @@ -6605,9 +6116,6 @@ The number of authentication failures allowed before the device will be wiped. A - An integer X where 0 <= X <= 999. - 0 (default) - No timeout is defined. The default of "0" is Windows Phone 7.5 parity and is interpreted by as "No timeout is defined." - - - @@ -6710,9 +6218,6 @@ The number of authentication failures allowed before the device will be wiped. A
For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx) and [KB article](https://support.office.com/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca). - - - @@ -6760,9 +6265,6 @@ The number of authentication failures allowed before the device will be wiped. A
For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx) and [KB article](https://support.office.com/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca). - - - @@ -6775,8 +6277,6 @@ By default, users can enable a slide show that will run after they lock the mach If you enable this setting, users will no longer be able to modify slide show settings in PC Settings, and no slide show will ever start. - - ADMX Info: @@ -6827,9 +6327,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -6874,9 +6371,6 @@ ADMX Info: 1. Configure the setting for an app which has GDI DPI scaling enabled via MDM or any other supported mechanisms. 2. Run the app and observe blurry text. - - - @@ -6921,9 +6415,6 @@ ADMX Info: 1. Configure the setting for an app which uses GDI. 2. Run the app and observe crisp text. - - - @@ -6959,9 +6450,6 @@ ADMX Info:
The default value is an empty string. Otherwise, the value should contain the URL of an endpoint. For example, "https://azuretenant.contoso.com/adfs". - - - @@ -6997,9 +6485,6 @@ ADMX Info:
The default value is an empty string. Otherwise, the value should contain a GUID. For example, "E1CF1107-FF90-4228-93BF-26052DD2C714". - - - @@ -7035,9 +6520,6 @@ ADMX Info:
The default value is an empty string. Otherwise, the value should contain a URL. For example, "http://MicrosoftEnterpriseCloudPrint/CloudPrint". - - - @@ -7073,9 +6555,6 @@ ADMX Info:
The default value is an empty string. Otherwise, the value should contain the URL of an endpoint. For example, "https://cloudprinterdiscovery.contoso.com". - - - @@ -7111,9 +6590,6 @@ ADMX Info:
For Windows Mobile, the default value is 20. - - - @@ -7149,9 +6625,6 @@ ADMX Info:
The default value is an empty string. Otherwise, the value should contain a URL. For example, "http://MopriaDiscoveryService/CloudPrint". - - - @@ -7174,8 +6647,6 @@ If you enable this policy setting, you can add specific event types to a list by If you disable or do not configure this policy setting, then the default consent settings that are applied are those specified by the user in Control Panel, or in the Configure Default Consent policy setting. - - ADMX Info: @@ -7196,8 +6667,6 @@ If you enable this policy setting, Windows Error Reporting does not send any pro If you disable or do not configure this policy setting, the Turn off Windows Error Reporting policy setting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings takes precedence. If Turn off Windows Error Reporting is also either disabled or not configured, user settings in Control Panel for Windows Error Reporting are applied. - - ADMX Info: @@ -7222,8 +6691,6 @@ If you do not configure this policy setting, users can change this setting in Co See also the Configure Error Reporting policy setting. - - ADMX Info: @@ -7244,8 +6711,6 @@ If you enable this policy setting, any additional data requests from Microsoft i If you disable or do not configure this policy setting, then consent policy settings in Computer Configuration/Administrative Templates/Windows Components/Windows Error Reporting/Consent take precedence. - - ADMX Info: @@ -7266,8 +6731,6 @@ If you enable this policy setting, Windows Error Reporting does not display any If you disable or do not configure this policy setting, Windows Error Reporting displays the user interface for critical errors. - - ADMX Info: @@ -7290,8 +6753,6 @@ If you disable or do not configure this policy setting and a log file reaches it Note: Old events may or may not be retained according to the "Backup log automatically when full" policy setting. - - ADMX Info: @@ -7312,8 +6773,6 @@ If you enable this policy setting, you can configure the maximum log file size t If you disable or do not configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes. - - ADMX Info: @@ -7334,8 +6793,6 @@ If you enable this policy setting, you can configure the maximum log file size t If you disable or do not configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes. - - ADMX Info: @@ -7356,8 +6813,6 @@ If you enable this policy setting, you can configure the maximum log file size t If you disable or do not configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes. - - ADMX Info: @@ -7407,9 +6862,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -7456,9 +6908,6 @@ ADMX Info:
An enterprise employee customer is going through OOBE and enjoys Cortana’s help in this process. The customer is happy to learn during OOBE that Cortana can help them be more productive, and chooses to set up Cortana before OOBE finishes. When their setup is finished, they are immediately ready to engage with Cortana to help manage their schedule and more. - - - @@ -7499,9 +6948,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -7544,9 +6990,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -7587,9 +7030,6 @@ ADMX Info: - 0 – SIM card dialog prompt is not displayed. - 1 (default) – SIM card dialog prompt is displayed. - - - @@ -7632,9 +7072,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -7671,9 +7108,6 @@ ADMX Info: - 0 – Sync settings is not allowed. - 1 (default) – Sync settings allowed. - - - @@ -7696,9 +7130,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -7739,9 +7170,6 @@ ADMX Info: - 0 – Task switching not allowed. - 1 (default) – Task switching allowed. - - - @@ -7782,9 +7210,6 @@ ADMX Info: - 0 – Third-party suggestions not allowed. - 1 (default) – Third-party suggestions allowed. - - - @@ -7827,9 +7252,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -7879,9 +7301,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -7924,9 +7343,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -7945,9 +7361,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -7967,9 +7380,6 @@ The Windows welcome experience feature introduces onboard users to Windows; for
Most restricted value is 0. - - - @@ -8006,9 +7416,6 @@ Enables or disables Windows Tips / soft landing. - 0 – Disabled. - 1 (default) – Enabled. - - - @@ -8050,9 +7457,6 @@ Enables or disables Windows Tips / soft landing. - 1 (default) – Windows spotlight enabled. - 2 – placeholder only for future extension. Using this value has no effect. - - - @@ -8093,9 +7497,6 @@ Enables or disables Windows Tips / soft landing. - 0 (default) – Feedback notifications are not disabled. The actual state of feedback notifications on the device will then depend on what GP has configured or what the user has configured locally. - 1 – Feedback notifications are disabled. - - - @@ -8104,9 +7505,6 @@ Enables or disables Windows Tips / soft landing.
Placeholder only. Currently not supported. - - - @@ -8119,8 +7517,6 @@ If you enable this policy setting, the user can add and remove search providers, If you disable or do not configure this policy setting, the user can configure their list of search providers unless another policy setting restricts such configuration. - - ADMX Info: @@ -8141,8 +7537,6 @@ If you enable this policy setting, ActiveX Filtering is enabled by default for t If you disable or do not configure this policy setting, ActiveX Filtering is not enabled by default for the user. The user can turn ActiveX Filtering on or off. - - ADMX Info: @@ -8169,8 +7563,6 @@ Value - A number indicating whether Internet Explorer should deny or allow the a If you disable this policy setting, the list is deleted. The 'Deny all add-ons unless specifically allowed in the Add-on List' policy setting will still determine whether add-ons not in this list are assumed to be denied. - - ADMX Info: @@ -8193,8 +7585,6 @@ If you disable this policy setting, Enhanced Protected Mode will be turned off. If you do not configure this policy, users will be able to turn on or turn off Enhanced Protected Mode on the Advanced tab of the Internet Options dialog. - - ADMX Info: @@ -8215,8 +7605,6 @@ If you turn this setting on, users can see and use the Enterprise Mode option fr If you disable or don't configure this policy setting, the menu option won't appear and users won't be able to run websites in Enterprise Mode. - - ADMX Info: @@ -8237,8 +7625,6 @@ If you enable this policy setting, Internet Explorer downloads the website list If you disable or don't configure this policy setting, Internet Explorer opens all websites using Standards mode. - - ADMX Info: @@ -8259,8 +7645,6 @@ If you enable this policy setting, the user can add and remove sites from the li If you disable or do not configure this policy setting, the user can add and remove sites from the list. - - ADMX Info: @@ -8282,8 +7666,6 @@ If you disable this policy setting, Internet Explorer uses an Internet Explorer If you do not configure this policy setting, Internet Explorer uses an Internet Explorer 7 user agent string (with an additional string appended) for local intranet content. Additionally, all local intranet Standards Mode pages appear in Internet Explorer 7 Standards Mode. This option results in the greatest compatibility with existing webpages, but newer content written to common Internet standards may be displayed incorrectly. This option matches the default behavior of Internet Explorer. - - ADMX Info: @@ -8310,8 +7692,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8338,8 +7718,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8366,8 +7744,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8394,8 +7770,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8422,8 +7796,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8450,8 +7822,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8478,8 +7848,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8500,8 +7868,6 @@ If you enable this policy setting, Internet Explorer goes directly to an intrane If you disable or do not configure this policy setting, Internet Explorer does not go directly to an intranet site for a one-word entry in the Address bar. - - ADMX Info: @@ -8528,8 +7894,6 @@ Value - A number indicating the zone with which this site should be associated f If you disable or do not configure this policy, users may choose their own site-to-zone assignments. - - ADMX Info: @@ -8552,8 +7916,6 @@ If you disable this policy setting, the entry points and functionality associate If you do not configure this policy setting, the user can turn on and turn off the Suggested Sites feature. - - ADMX Info: @@ -8580,8 +7942,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8608,8 +7968,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8635,8 +7993,6 @@ Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets. - - ADMX Info: @@ -8659,8 +8015,6 @@ If you disable, or do not configure this policy setting, Flash is turned on for Note that Adobe Flash can still be disabled through the "Add-on List" and "Deny all add-ons unless specifically allowed in the Add-on List" policy settings, even if this policy setting is disabled, or not configured. However, if Adobe Flash is disabled through the "Add-on List" and "Deny all add-ons unless specifically allowed in the Add-on List" policy settings and not through this policy setting, all applications that use Internet Explorer technology to instantiate Flash object can still do so. For more information, see "Group Policy Settings in Internet Explorer 10" in the Internet Explorer TechNet library. - - ADMX Info: @@ -8681,8 +8035,6 @@ If you enable this policy setting, SmartScreen Filter warnings block the user. If you disable or do not configure this policy setting, the user can bypass SmartScreen Filter warnings. - - ADMX Info: @@ -8703,8 +8055,6 @@ If you enable this policy setting, SmartScreen Filter warnings block the user. If you disable or do not configure this policy setting, the user can bypass SmartScreen Filter warnings. - - ADMX Info: @@ -8727,8 +8077,6 @@ If you disable this policy setting, the user must participate in the CEIP, and t If you do not configure this policy setting, the user can choose to participate in the CEIP. - - ADMX Info: @@ -8749,8 +8097,6 @@ If you enable this policy setting, the user cannot set the Feed Sync Engine to d If you disable or do not configure this policy setting, the user can set the Feed Sync Engine to download an enclosure through the Feed property page. A developer can change the download setting through the Feed APIs. - - ADMX Info: @@ -8773,8 +8119,6 @@ If you disable or do not configure this policy setting, the user can select whic Note: SSL 2.0 is off by default and is no longer supported starting with Windows 10 Version 1607. SSL 2.0 is an outdated security protocol, and enabling SSL 2.0 impairs the performance and functionality of TLS 1.0. - - ADMX Info: @@ -8799,8 +8143,6 @@ Starting with Windows 8, the "Welcome to Internet Explorer" webpage is not avail If you disable or do not configure this policy setting, Internet Explorer may run the First Run wizard the first time the browser is started after installation. - - ADMX Info: @@ -8825,8 +8167,6 @@ If you disable this policy setting, flip ahead with page prediction is turned on If you don't configure this setting, users can turn this behavior on or off, using the Settings charm. - - ADMX Info: @@ -8847,8 +8187,6 @@ If you enable this policy setting, a user cannot set a custom default home page. If you disable or do not configure this policy setting, the Home page box is enabled and users can choose their own home page. - - ADMX Info: @@ -8869,8 +8207,6 @@ If you enable this policy setting, the user will not be able to configure proxy If you disable or do not configure this policy setting, the user can configure proxy settings. - - ADMX Info: @@ -8891,8 +8227,6 @@ If you enable this policy setting, the user cannot change the default search pro If you disable or do not configure this policy setting, the user can change the default search provider. - - ADMX Info: @@ -8915,8 +8249,6 @@ If you disable or do not configure this policy setting, the user can add seconda Note: If the Disable Changing Home Page Settings policy is enabled, the user cannot add secondary home pages. - - ADMX Info: @@ -8939,8 +8271,6 @@ If you disable this policy or do not configure it, Internet Explorer checks ever This policy is intended to help the administrator maintain version control for Internet Explorer by preventing users from being notified about new versions of the browser. - - ADMX Info: @@ -8967,8 +8297,6 @@ Note: The "Disable the Security page" policy (located in \User Configuration\Ad Also, see the "Security zones: Use only machine settings" policy. - - ADMX Info: @@ -8995,8 +8323,6 @@ Note: The "Disable the Security page" policy (located in \User Configuration\Adm Also, see the "Security zones: Use only machine settings" policy. - - ADMX Info: @@ -9019,8 +8345,6 @@ If you disable or don't configure this policy setting, Internet Explorer continu For more information, see "Outdated ActiveX Controls" in the Internet Explorer TechNet library. - - ADMX Info: @@ -9047,8 +8371,6 @@ If you disable or don't configure this policy setting, the list is deleted and I For more information, see "Outdated ActiveX Controls" in the Internet Explorer TechNet library. - - ADMX Info: @@ -9071,8 +8393,6 @@ If you disable this policy setting, local sites which are not explicitly mapped If you do not configure this policy setting, users choose whether to force local sites into the Intranet Zone. - - ADMX Info: @@ -9095,8 +8415,6 @@ If you disable this policy setting, network paths are not necessarily mapped int If you do not configure this policy setting, users choose whether network paths are mapped into the Intranet Zone. - - ADMX Info: @@ -9119,8 +8437,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -9143,8 +8459,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt. - - ADMX Info: @@ -9165,8 +8479,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt. - - ADMX Info: @@ -9189,8 +8501,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, HTML fonts can be downloaded automatically. - - ADMX Info: @@ -9213,8 +8523,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, Web sites from less privileged zones can open new windows in, or navigate into, this zone. - - ADMX Info: @@ -9237,8 +8545,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will execute unsigned managed components. - - ADMX Info: @@ -9261,8 +8567,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -9287,8 +8591,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -9311,8 +8613,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -9337,8 +8637,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted. - - ADMX Info: @@ -9361,8 +8659,6 @@ If you disable this policy setting, users cannot open windows and frames to acce If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains. - - ADMX Info: @@ -9385,8 +8681,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -9409,8 +8703,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, users will receive a prompt when a site instantiates an ActiveX control they do not have installed. - - ADMX Info: @@ -9431,8 +8723,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, users will receive a file download dialog for automatic download attempts. - - ADMX Info: @@ -9455,8 +8745,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, HTML fonts can be downloaded automatically. - - ADMX Info: @@ -9479,8 +8767,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, Web sites from less privileged zones can open new windows in, or navigate into, this zone. - - ADMX Info: @@ -9503,8 +8789,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will execute unsigned managed components. - - ADMX Info: @@ -9527,8 +8811,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -9553,8 +8835,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -9577,8 +8857,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -9603,8 +8881,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted. - - ADMX Info: @@ -9627,8 +8903,6 @@ If you disable this policy setting, users cannot open windows and frames to acce If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains. - - ADMX Info: @@ -9651,8 +8925,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -9675,8 +8947,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, users will receive a prompt when a site instantiates an ActiveX control they do not have installed. - - ADMX Info: @@ -9697,8 +8967,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, users will receive a file download dialog for automatic download attempts. - - ADMX Info: @@ -9721,8 +8989,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, HTML fonts can be downloaded automatically. - - ADMX Info: @@ -9745,8 +9011,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. - - ADMX Info: @@ -9769,8 +9033,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components. - - ADMX Info: @@ -9793,8 +9055,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -9819,8 +9079,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -9843,8 +9101,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -9869,8 +9125,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, users are queried whether to allow the control to be loaded with parameters or scripted. - - ADMX Info: @@ -9893,8 +9147,6 @@ If you disable this policy setting, users cannot open windows and frames to acce If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains. - - ADMX Info: @@ -9917,8 +9169,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -9941,8 +9191,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt. - - ADMX Info: @@ -9963,8 +9211,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt. - - ADMX Info: @@ -9987,8 +9233,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, HTML fonts can be downloaded automatically. - - ADMX Info: @@ -10011,8 +9255,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. - - ADMX Info: @@ -10035,8 +9277,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components. - - ADMX Info: @@ -10059,8 +9299,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -10085,8 +9323,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -10109,8 +9345,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -10135,8 +9369,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted. - - ADMX Info: @@ -10159,8 +9391,6 @@ If you disable this policy setting, users cannot open windows and frames to acce If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains. - - ADMX Info: @@ -10183,8 +9413,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -10207,8 +9435,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt. - - ADMX Info: @@ -10229,8 +9455,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt. - - ADMX Info: @@ -10253,8 +9477,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, HTML fonts can be downloaded automatically. - - ADMX Info: @@ -10277,8 +9499,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. - - ADMX Info: @@ -10301,8 +9521,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components. - - ADMX Info: @@ -10325,8 +9543,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -10351,8 +9567,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -10375,8 +9589,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -10401,8 +9613,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted. - - ADMX Info: @@ -10425,8 +9635,6 @@ If you disable this policy setting, users cannot open windows and frames to acce If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains. - - ADMX Info: @@ -10449,8 +9657,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -10473,8 +9679,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt. - - ADMX Info: @@ -10495,8 +9699,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt. - - ADMX Info: @@ -10519,8 +9721,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, HTML fonts can be downloaded automatically. - - ADMX Info: @@ -10543,8 +9743,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. - - ADMX Info: @@ -10567,8 +9765,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components. - - ADMX Info: @@ -10591,8 +9787,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -10617,8 +9811,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -10641,8 +9833,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -10667,8 +9857,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted. - - ADMX Info: @@ -10691,8 +9879,6 @@ If you disable this policy setting, users cannot open windows and frames to acce If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains. - - ADMX Info: @@ -10715,8 +9901,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -10739,8 +9923,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt. - - ADMX Info: @@ -10761,8 +9943,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt. - - ADMX Info: @@ -10785,8 +9965,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, users are queried whether to allow HTML fonts to download. - - ADMX Info: @@ -10809,8 +9987,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. - - ADMX Info: @@ -10833,8 +10009,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components. - - ADMX Info: @@ -10857,8 +10031,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -10883,8 +10055,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -10907,8 +10077,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users cannot preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -10933,8 +10101,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted. - - ADMX Info: @@ -10957,8 +10123,6 @@ If you disable this policy setting, users cannot open other windows and frames f If you do not configure this policy setting, users cannot open other windows and frames from different domains or access applications from different domains. - - ADMX Info: @@ -10981,8 +10145,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -11005,8 +10167,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt. - - ADMX Info: @@ -11027,8 +10187,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt. - - ADMX Info: @@ -11051,8 +10209,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, HTML fonts can be downloaded automatically. - - ADMX Info: @@ -11075,8 +10231,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. - - ADMX Info: @@ -11099,8 +10253,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components. - - ADMX Info: @@ -11123,8 +10275,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -11149,8 +10299,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -11173,8 +10321,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -11199,8 +10345,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted. - - ADMX Info: @@ -11223,8 +10367,6 @@ If you disable this policy setting, users cannot open windows and frames to acce If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains. - - ADMX Info: @@ -11247,8 +10389,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -11271,8 +10411,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt. - - ADMX Info: @@ -11293,8 +10431,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt. - - ADMX Info: @@ -11317,8 +10453,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, users are queried whether to allow HTML fonts to download. - - ADMX Info: @@ -11341,8 +10475,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control. - - ADMX Info: @@ -11365,8 +10497,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components. - - ADMX Info: @@ -11389,8 +10519,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -11415,8 +10543,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -11439,8 +10565,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users cannot preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -11465,8 +10589,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted. - - ADMX Info: @@ -11489,8 +10611,6 @@ If you disable this policy setting, users cannot open other windows and frames f If you do not configure this policy setting, users cannot open other windows and frames from different domains or access applications from different domains. - - ADMX Info: @@ -11511,8 +10631,6 @@ If you enable this policy setting, the user cannot configure the list of search If you disable or do not configure this policy setting, the user can configure his or her list of search providers. - - ADMX Info: @@ -11535,8 +10653,6 @@ If you disable this policy setting, users cannot load a page in the zone that us If you do not configure this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. - - ADMX Info: @@ -11559,8 +10675,6 @@ If you disable this policy setting, ActiveX control installations will be blocke If you do not configure this policy setting, users will receive a prompt when a site instantiates an ActiveX control they do not have installed. - - ADMX Info: @@ -11581,8 +10695,6 @@ If you enable this setting, users will receive a file download dialog for automa If you disable or do not configure this setting, users will receive a file download dialog for automatic download attempts. - - ADMX Info: @@ -11605,8 +10717,6 @@ If you disable this policy setting, HTML fonts are prevented from downloading. If you do not configure this policy setting, HTML fonts can be downloaded automatically. - - ADMX Info: @@ -11629,8 +10739,6 @@ If you disable this policy setting, the possibly harmful navigations are prevent If you do not configure this policy setting, a warning is issued to the user that potentially risky navigation is about to occur. - - ADMX Info: @@ -11653,8 +10761,6 @@ If you disable this policy setting, Internet Explorer will not execute unsigned If you do not configure this policy setting, Internet Explorer will execute unsigned managed components. - - ADMX Info: @@ -11677,8 +10783,6 @@ If you disable this policy setting, the user cannot run scriptlets. If you do not configure this policy setting, the user can enable or disable scriptlets. - - ADMX Info: @@ -11703,8 +10807,6 @@ If you do not configure this policy setting, the user can choose whether SmartSc Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content. - - ADMX Info: @@ -11727,8 +10829,6 @@ If you disable this policy setting, users cannot preserve information in the bro If you do not configure this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. - - ADMX Info: @@ -11753,8 +10853,6 @@ If you disable this policy setting, ActiveX controls that cannot be made safe ar If you do not configure this policy setting, users are queried whether to allow the control to be loaded with parameters or scripted. - - ADMX Info: @@ -11777,8 +10875,6 @@ If you disable this policy setting, users cannot open windows and frames to acce If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains. - - ADMX Info: @@ -11799,8 +10895,6 @@ If you enable this policy setting, the Kerberos client searches the forests in t If you disable or do not configure this policy setting, the Kerberos client does not search the listed forests to resolve the SPN. If the Kerberos client is unable to resolve the SPN because the name is not found, NTLM authentication might be used. - - ADMX Info: @@ -11819,9 +10913,6 @@ If you enable this policy setting, the client computers will request claims, pro If you disable or do not configure this policy setting, the client devices will not request claims, provide information required to create compounded authentication and armor Kerberos messages. Services hosted on the device will not be able to retrieve claims for clients using Kerberos protocol transition. - - - ADMX Info: @@ -11846,9 +10937,6 @@ Note: The Kerberos Group Policy "Kerberos client support for claims, compound au If you disable or do not configure this policy setting, the client computers in the domain enforce the use of Kerberos armoring when possible as supported by the target domain. - - - ADMX Info: @@ -11869,9 +10957,6 @@ If you enable this policy setting, the Kerberos client requires that the KDC's X If you disable or do not configure this policy setting, the Kerberos client requires only that the KDC certificate contain the Server Authentication purpose object identifier in the EKU extensions which can be issued to any server. - - - ADMX Info: @@ -11896,10 +10981,6 @@ If you disable or do not configure this policy setting, the Kerberos client or s Note: This policy setting configures the existing MaxTokenSize registry value in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters, which was added in Windows XP and Windows Server 2003, with a default value of 12,000 bytes. Beginning with Windows 8 the default is 48,000 bytes. Due to HTTP's base64 encoding of authentication context tokens, it is not advised to set this value more than 48,000 bytes. - - - - ADMX Info: @@ -11944,9 +11025,6 @@ ADMX Info: - 0 – Disable Windows license reactivation on managed devices. - 1 (default) – Enable Windows license reactivation on managed devices. - - - @@ -11983,9 +11061,6 @@ ADMX Info: - 0 (default) – Disabled. - 1 – Enabled. - - - @@ -12030,9 +11105,6 @@ ADMX Info: 1. Verify that Settings -> Privacy -> Location -> Location for this device is On/Off as expected. 2. Use Windows Maps Application (or similar) to see if a location can or cannot be obtained. - - - @@ -12071,9 +11143,6 @@ ADMX Info:
The easiest way to verify the policy is to restart the explorer process or to reboot after the policy is applied. And then try to swipe from the right edge of the screen. The desired result is for Action Center to not be invoked by the swipe. You can also enter tablet mode and attempt to swipe from the top of the screen to rearrange. That will also be disabled. - - - @@ -12113,9 +11182,6 @@ ADMX Info:
After the policy is applied, you can verify the settings in the user interface in **System** > **Offline Maps**. - - - @@ -12155,9 +11221,6 @@ ADMX Info:
After the policy is applied, you can verify the settings in the user interface in **System** > **Offline Maps**. - - - @@ -12174,9 +11237,6 @@ ADMX Info: - 0 - Disabled. - 1 (default) - Enabled. - - - @@ -12213,9 +11273,6 @@ ADMX Info: - 0 - message sync is not allowed and cannot be changed by the user. - 1 - message sync is allowed. The user can change this setting. - - - @@ -12232,9 +11289,6 @@ ADMX Info: - 0 - Disabled. - 1 (default) - Enabled. - - - @@ -12266,9 +11320,6 @@ ADMX Info:
Contains a list of Enterprise resource domains hosted in the cloud that need to be protected. Connections to these resources are considered enterprise data. If a proxy is paired with a cloud resource, traffic to the cloud resource will be routed through the enterprise network via the denoted proxy server (on Port 80). A proxy server used for this purpose must also be configured using the **EnterpriseInternalProxyServers** policy. This domain list is a pipe-separated list of cloud resources. Each cloud resource can also be paired optionally with an internal proxy server by using a trailing comma followed by the proxy address. For example, **<*cloudresource*>|<*cloudresource*>|<*cloudresource*>,<*proxy*>|<*cloudresource*>|<*cloudresource*>,<*proxy*>|**. - - - @@ -12309,9 +11360,6 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff ``` - - - @@ -12343,9 +11391,6 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Boolean value that tells the client to accept the configured list and not to use heuristics to attempt to find other subnets. - - - @@ -12377,9 +11422,6 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
This is the comma-separated list of internal proxy servers. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59". These proxies have been configured by the admin to connect to specific resources on the Internet. They are considered to be enterprise network locations. The proxies are only leveraged in configuring the **EnterpriseCloudResources** policy to force traffic to the matched cloud resources through these proxies. - - - @@ -12421,9 +11463,6 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff 2. Call [IdnToAscii](https://msdn.microsoft.com/library/windows/desktop/dd318149.aspx) with IDN\_USE\_STD3\_ASCII\_RULES as the flags. 3. Call [IdnToUnicode](https://msdn.microsoft.com/library/windows/desktop/dd318151.aspx) with no flags set (dwFlags = 0). - - - @@ -12455,9 +11494,6 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
This is a comma-separated list of proxy servers. Any server on this list is considered non-enterprise. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59". - - - @@ -12489,9 +11525,6 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Boolean value that tells the client to accept the configured list of proxies and not try to detect other work proxies. - - - @@ -12523,9 +11556,6 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
List of domain names that can used for work or personal resource. - - - @@ -12566,9 +11596,6 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff - 0 (default)– enable notification mirroring. - 1 – disable notification mirroring. - - - @@ -12581,8 +11608,6 @@ If you enable or do not configure this policy setting, Windows uses standby stat If you disable this policy setting, standby states (S1-S3) are not allowed. - - ADMX Info: @@ -12603,8 +11628,6 @@ If you enable or do not configure this policy setting, the user is prompted for If you disable this policy setting, the user is not prompted for a password when the system resumes from sleep. - - ADMX Info: @@ -12625,8 +11648,6 @@ If you enable or do not configure this policy setting, the user is prompted for If you disable this policy setting, the user is not prompted for a password when the system resumes from sleep. - - ADMX Info: @@ -12660,8 +11681,6 @@ If you disable this policy setting: -Windows Server 2003 and Windows XP client computers can create a printer connection to any server using Point and Print. -The "Users can only point and print to computers in their forest" setting applies only to Windows Server 2003 and Windows XP SP1 (and later service packs). - - ADMX Info: @@ -12695,8 +11714,6 @@ If you disable this policy setting: -Windows Server 2003 and Windows XP client computers can create a printer connection to any server using Point and Print. -The "Users can only point and print to computers in their forest" setting applies only to Windows Server 2003 and Windows XP SP1 (and later service packs). - - ADMX Info: @@ -12718,8 +11735,6 @@ If you disable this setting, this computer's shared printers cannot be published Note: This settings takes priority over the setting "Automatically publish new printers in the Active Directory". - - ADMX Info: @@ -12766,9 +11781,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -12808,8 +11820,6 @@ ADMX Info:
Most restricted value is 0. - - @@ -12849,9 +11859,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -12891,9 +11898,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -12925,9 +11929,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed access to account information. This setting overrides the default LetAppsAccessAccountInfo policy setting for the specified Windows apps. - - - @@ -12959,9 +11960,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are denied access to account information. This setting overrides the default LetAppsAccessAccountInfo policy setting for the specified Windows apps. - - - @@ -12993,9 +11991,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the account information privacy setting for the listed Windows apps. This setting overrides the default LetAppsAccessAccountInfo policy setting for the specified Windows apps. - - - @@ -13035,9 +12030,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -13069,9 +12061,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed access to the calendar. This setting overrides the default LetAppsAccessCalendar policy setting for the specified Windows apps. - - - @@ -13103,9 +12092,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are denied access to the calendar. This setting overrides the default LetAppsAccessCalendar policy setting for the specified Windows apps. - - - @@ -13137,9 +12123,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the calendar privacy setting for the listed Windows apps. This setting overrides the default LetAppsAccessCalendar policy setting for the specified Windows apps. - - - @@ -13179,9 +12162,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -13213,9 +12193,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed access to call history. This setting overrides the default LetAppsAccessCallHistory policy setting for the specified Windows apps. - - - @@ -13247,9 +12224,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are denied access to call history. This setting overrides the default LetAppsAccessCallHistory policy setting for the specified Windows apps. - - - @@ -13281,9 +12255,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the call history privacy setting for the listed Windows apps. This setting overrides the default LetAppsAccessCallHistory policy setting for the specified Windows apps. - - - @@ -13323,9 +12294,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -13357,9 +12325,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to the camera. This setting overrides the default LetAppsAccessCamera policy setting for the specified apps. - - - @@ -13391,9 +12356,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to the camera. This setting overrides the default LetAppsAccessCamera policy setting for the specified apps. - - - @@ -13425,9 +12387,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the camera privacy setting for the listed apps. This setting overrides the default LetAppsAccessCamera policy setting for the specified apps. - - - @@ -13467,9 +12426,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -13501,9 +12457,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to contacts. This setting overrides the default LetAppsAccessContacts policy setting for the specified apps. - - - @@ -13535,9 +12488,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to contacts. This setting overrides the default LetAppsAccessContacts policy setting for the specified apps. - - - @@ -13569,9 +12519,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the contacts privacy setting for the listed apps. This setting overrides the default LetAppsAccessContacts policy setting for the specified apps. - - - @@ -13611,9 +12558,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -13645,9 +12589,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to email. This setting overrides the default LetAppsAccessEmail policy setting for the specified apps. - - - @@ -13679,9 +12620,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to email. This setting overrides the default LetAppsAccessEmail policy setting for the specified apps. - - - @@ -13713,9 +12651,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the email privacy setting for the listed apps. This setting overrides the default LetAppsAccessEmail policy setting for the specified apps. - - - @@ -13755,9 +12690,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -13789,9 +12721,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to location. This setting overrides the default LetAppsAccessLocation policy setting for the specified apps. - - - @@ -13823,9 +12752,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to location. This setting overrides the default LetAppsAccessLocation policy setting for the specified apps. - - - @@ -13857,9 +12783,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the location privacy setting for the listed apps. This setting overrides the default LetAppsAccessLocation policy setting for the specified apps. - - - @@ -13899,9 +12822,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -13933,9 +12853,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed to read or send messages (text or MMS). This setting overrides the default LetAppsAccessMessaging policy setting for the specified apps. - - - @@ -13967,9 +12884,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are not allowed to read or send messages (text or MMS). This setting overrides the default LetAppsAccessMessaging policy setting for the specified apps. - - - @@ -14001,9 +12915,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the messaging privacy setting for the listed apps. This setting overrides the default LetAppsAccessMessaging policy setting for the specified apps. - - - @@ -14043,9 +12954,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -14077,9 +12985,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to the microphone. This setting overrides the default LetAppsAccessMicrophone policy setting for the specified apps. - - - @@ -14111,9 +13016,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to the microphone. This setting overrides the default LetAppsAccessMicrophone policy setting for the specified apps. - - - @@ -14145,9 +13047,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the microphone privacy setting for the listed apps. This setting overrides the default LetAppsAccessMicrophone policy setting for the specified apps. - - - @@ -14187,9 +13086,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -14221,9 +13117,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to motion data. This setting overrides the default LetAppsAccessMotion policy setting for the specified apps. - - - @@ -14255,9 +13148,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to motion data. This setting overrides the default LetAppsAccessMotion policy setting for the specified apps. - - - @@ -14289,9 +13179,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the motion privacy setting for the listed apps. This setting overrides the default LetAppsAccessMotion policy setting for the specified apps. - - - @@ -14331,9 +13218,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -14365,9 +13249,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to notifications. This setting overrides the default LetAppsAccessNotifications policy setting for the specified apps. - - - @@ -14399,9 +13280,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to notifications. This setting overrides the default LetAppsAccessNotifications policy setting for the specified apps. - - - @@ -14433,9 +13311,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the notifications privacy setting for the listed apps. This setting overrides the default LetAppsAccessNotifications policy setting for the specified apps. - - - @@ -14475,9 +13350,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -14509,9 +13381,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed to make phone calls. This setting overrides the default LetAppsAccessPhone policy setting for the specified apps. - - - @@ -14543,9 +13412,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are not allowed to make phone calls. This setting overrides the default LetAppsAccessPhone policy setting for the specified apps. - - - @@ -14577,9 +13443,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the phone call privacy setting for the listed apps. This setting overrides the default LetAppsAccessPhone policy setting for the specified apps. - - - @@ -14619,9 +13482,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -14653,9 +13513,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will have access to control radios. This setting overrides the default LetAppsAccessRadios policy setting for the specified apps. - - - @@ -14687,9 +13544,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will not have access to control radios. This setting overrides the default LetAppsAccessRadios policy setting for the specified apps. - - - @@ -14721,9 +13575,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the radios privacy setting for the listed apps. This setting overrides the default LetAppsAccessRadios policy setting for the specified apps. - - - @@ -14755,9 +13606,6 @@ ADMX Info:
Added in Windows 10, version 1703. Specifies whether Windows apps can access tasks. - - - @@ -14789,9 +13637,6 @@ ADMX Info:
Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to tasks. This setting overrides the default LetAppsAccessTasks policy setting for the specified apps. - - - @@ -14823,9 +13668,6 @@ ADMX Info:
Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to tasks. This setting overrides the default LetAppsAccessTasks policy setting for the specified apps. - - - @@ -14857,9 +13699,6 @@ ADMX Info:
Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the tasks privacy setting for the listed apps. This setting overrides the default LetAppsAccessTasks policy setting for the specified apps. - - - @@ -14899,9 +13738,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -14933,9 +13769,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will have access to trusted devices. This setting overrides the default LetAppsAccessTrustedDevices policy setting for the specified apps. - - - @@ -14967,9 +13800,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will not have access to trusted devices. This setting overrides the default LetAppsAccessTrustedDevices policy setting for the specified apps. - - - @@ -15001,9 +13831,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the 'trusted devices' privacy setting for the listed apps. This setting overrides the default LetAppsAccessTrustedDevices policy setting for the specified apps. - - - @@ -15043,9 +13870,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -15077,9 +13901,6 @@ ADMX Info:
Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will have access to diagnostic information about other running apps. This setting overrides the default LetAppsGetDiagnosticInfo policy setting for the specified apps. - - - @@ -15111,9 +13932,6 @@ ADMX Info:
Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will not have access to diagnostic information about other running apps. This setting overrides the default LetAppsGetDiagnosticInfo policy setting for the specified apps. - - - @@ -15145,9 +13963,6 @@ ADMX Info:
Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the 'get diagnostic info' privacy setting for the listed apps. This setting overrides the default LetAppsGetDiagnosticInfo policy setting for the specified apps. - - - @@ -15189,9 +14004,6 @@ ADMX Info: > [!WARNING] > Be careful when determining which apps should have their background activity disabled. Communication apps normally update tiles and notifications through background processes. Turning off background activity for these types of apps could cause text message, email, and voicemail notifications to not function. This could also cause background email syncing to not function properly. - - - @@ -15223,9 +14035,6 @@ ADMX Info:
Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are able to run in the background. This setting overrides the default LetAppsRunInBackground policy setting for the specified apps. - - - @@ -15257,9 +14066,6 @@ ADMX Info:
Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied the ability to run in the background. This setting overrides the default LetAppsRunInBackground policy setting for the specified apps. - - - @@ -15291,9 +14097,6 @@ ADMX Info:
Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the background apps privacy setting for the listed apps. This setting overrides the default LetAppsRunInBackground policy setting for the specified apps. - - - @@ -15333,9 +14136,6 @@ ADMX Info:
Most restricted value is 2. - - - @@ -15367,9 +14167,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will have access to sync with devices. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps. - - - @@ -15401,9 +14198,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will not have access to sync with devices. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps. - - - @@ -15435,9 +14229,6 @@ ADMX Info:
Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the 'sync with devices' privacy setting for the listed apps. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps. - - - @@ -15456,8 +14247,6 @@ If you disable this policy setting, the user sees the default warning message. If you do not configure this policy setting, the user sees the default warning message. - - ADMX Info: @@ -15480,8 +14269,6 @@ If you disable this policy setting, log files are not generated. If you do not configure this setting, application-based settings are used. - - ADMX Info: @@ -15512,8 +14299,6 @@ The "Select the method for sending email invitations" setting specifies which em If you enable this policy setting you should also enable appropriate firewall exceptions to allow Remote Assistance communications. - - ADMX Info: @@ -15567,8 +14352,6 @@ Port 135:TCP %WINDIR%\PCHealth\HelpCtr\Binaries\Helpctr.exe Allow Remote Desktop Exception - - ADMX Info: @@ -15594,9 +14377,6 @@ Note: You can limit which clients are able to connect remotely by using Remote D You can limit the number of users who can connect simultaneously by configuring the policy setting at Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Limit number of connections, or by configuring the policy setting Maximum Connections by using the Remote Desktop Session Host WMI Provider. - - - ADMX Info: @@ -15627,9 +14407,6 @@ Important FIPS compliance can be configured through the System cryptography. Use FIPS compliant algorithms for encryption, hashing, and signing settings in Group Policy (under Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options.) The FIPS compliant setting encrypts and decrypts data sent from the client to the server and from the server to the client, with the Federal Information Processing Standard (FIPS) 140 encryption algorithms, by using Microsoft cryptographic modules. Use this encryption level when communications between clients and RD Session Host servers requires the highest level of encryption. - - - ADMX Info: @@ -15654,9 +14431,6 @@ If you disable this policy setting, client drive redirection is always allowed. If you do not configure this policy setting, client drive redirection and Clipboard file copy redirection are not specified at the Group Policy level. - - - ADMX Info: @@ -15677,8 +14451,6 @@ If you enable this setting the password saving checkbox in Remote Desktop Connec If you disable this setting or leave it not configured, the user will be able to save passwords using Remote Desktop Connection. - - ADMX Info: @@ -15705,9 +14477,6 @@ If you disable this policy setting, users can always log on to Remote Desktop Se If you do not configure this policy setting, automatic logon is not specified at the Group Policy level. - - - ADMX Info: @@ -15734,8 +14503,6 @@ If the status is set to Not Configured, unsecured communication is allowed. Note: The RPC interface is used for administering and configuring Remote Desktop Services. - - ADMX Info: @@ -15760,8 +14527,6 @@ If you do not configure this policy setting, it remains disabled. RPC clients w Note: This policy will not be applied until the system is rebooted. - - ADMX Info: @@ -15794,8 +14559,6 @@ If you enable this policy setting, it directs the RPC server runtime to restrict Note: This policy setting will not be applied until the system is rebooted. - - ADMX Info: @@ -15846,9 +14609,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -15887,9 +14647,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -15928,9 +14685,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -15969,9 +14723,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -16008,9 +14759,6 @@ ADMX Info: - 0 (default) – Disable. - 1 – Enable. - - - @@ -16051,9 +14799,6 @@ ADMX Info: - 0 (default) – Disable. - 1 – Enable. - - - @@ -16094,9 +14839,6 @@ ADMX Info: - 0 – Disable. - 1 (default) – Enable. - - - @@ -16133,9 +14875,6 @@ ADMX Info: - 0 – Disable. - 1 (default) – Enable. - - - @@ -16178,9 +14917,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -16217,9 +14953,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16265,9 +14998,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16310,9 +15040,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -16349,9 +15076,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16392,9 +15116,6 @@ ADMX Info: - 0 – Don't allow Anti Theft Mode. - 1 (default) – Anti Theft Mode will follow the default device configuration (region-dependent). - - - @@ -16437,9 +15158,6 @@ ADMX Info: - 0 (default) – Encryption enabled. - 1 – Encryption disabled. - - - @@ -16484,10 +15202,6 @@ ADMX Info: > [!IMPORTANT] > If encryption has been enabled, it cannot be turned off by using this policy. - - - - @@ -16524,9 +15238,6 @@ ADMX Info: - 0 (default) – Not required. - 1 – Required. - - - @@ -16574,9 +15285,6 @@ ADMX Info:
Most restricted value is 1. - - - @@ -16620,10 +15328,6 @@ ADMX Info: > [!NOTE] > Setting this policy to 0 (Not allowed) does not affect the autoplay dialog box that appears when a device is connected. - - - - @@ -16660,9 +15364,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16699,9 +15400,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16738,9 +15436,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16781,9 +15476,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16824,9 +15516,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16867,9 +15556,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16910,9 +15596,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16949,9 +15632,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -16992,9 +15672,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -17031,9 +15708,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -17072,9 +15746,6 @@ ADMX Info: - 2 - Simplified Chinese (Lunar). - 3 - Traditional Chinese (Lunar). - - - @@ -17136,9 +15807,6 @@ ADMX Info: 2. Configure the policy with the following string: "hide:about". 3. Open System Settings again and verify that the About page is no longer accessible. - - - @@ -17175,9 +15843,6 @@ ADMX Info: - 0 – Turns off Application Installation Control, allowing users to download and install files from anywhere on the web. - 1 – Turns on Application Installation Control, allowing users to only install apps from the Store. - - - @@ -17214,9 +15879,6 @@ ADMX Info: - 0 – Turns off SmartScreen in Windows. - 1 – Turns on SmartScreen in Windows. - - - @@ -17253,9 +15915,6 @@ ADMX Info: - 0 – Employees can ignore SmartScreen warnings and run malicious files. - 1 – Employees cannot ignore SmartScreen warnings and run malicious files. - - - @@ -17292,9 +15951,6 @@ ADMX Info: - 0 – Not allowed. - 1 (default) – Allowed. - - - @@ -17338,9 +15994,6 @@ ADMX Info:
If there is policy configuration conflict, the latest configuration request is applied to the device. - - - @@ -17366,9 +16019,6 @@ ADMX Info: - 2b - If set to '2': Verify that the all apps list is collapsed, and that the Settings toggle is grayed out. - 2c - If set to '3': Verify that there is no way of opening the all apps list from Start, and that the Settings toggle is grayed out. - - - @@ -17387,9 +16037,6 @@ ADMX Info: 1. Enable policy. 2. Open Start, click on the user tile, and verify that "Change account settings" is not available. - - - @@ -17415,9 +16062,6 @@ ADMX Info: 5. Check that "Show most used apps" Settings toggle is grayed out. 6. Check that most used apps do not appear in Start. - - - @@ -17439,9 +16083,6 @@ ADMX Info: > [!NOTE] > This policy can only be verified on laptops as "Hibernate" does not appear on regular PC's. - - - @@ -17460,9 +16101,6 @@ ADMX Info: 1. Enable policy. 2. Open Start, click on the user tile, and verify "Lock" is not available. - - - @@ -17484,9 +16122,6 @@ ADMX Info: 1. Enable policy. 2. Open Start, and verify the power button is not available. - - - @@ -17515,9 +16150,6 @@ ADMX Info: 8. Repeat Step 2. 9. Right Click pinned photos app and verify that there is no jumplist of recent items. - - - @@ -17543,9 +16175,6 @@ ADMX Info: 5. Check that "Show recently added apps" Settings toggle is grayed out. 6. Check that recently added apps do not appear in Start. - - - @@ -17564,9 +16193,6 @@ ADMX Info: 1. Enable policy. 2. Open Start, click on the Power button, and verify "Restart" and "Update and restart" are not available. - - - @@ -17585,9 +16211,6 @@ ADMX Info: 1. Enable policy. 2. Open Start, click on the Power button, and verify "Shut down" and "Update and shut down" are not available. - - - @@ -17606,9 +16229,6 @@ ADMX Info: 1. Enable policy. 2. Open Start, click on the user tile, and verify "Sign out" is not available. - - - @@ -17627,9 +16247,6 @@ ADMX Info: 1. Enable policy. 2. Open Start, click on the Power button, and verify that "Sleep" is not available. - - - @@ -17648,9 +16265,6 @@ ADMX Info: 1. Enable policy. 2. Open Start, click on the user tile, and verify that "Switch account" is not available. - - - @@ -17673,9 +16287,6 @@ ADMX Info: 2. Log off. 3. Log in, and verify that the user tile is gone from Start. - - - @@ -17699,9 +16310,6 @@ ADMX Info: 3. Sign out/in. 4. Verify that all Edge assets defined in XML show up in %LOCALAPPDATA%\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState path. - - - @@ -17723,9 +16331,6 @@ ADMX Info: 4. Open Start and right click on one of the app list icons. 5. Verify that More->Pin to taskbar menu does not show. - - - @@ -17770,9 +16375,6 @@ ADMX Info:
This policy is described in [Start/StartLayout Examples](#startlayout-examples) later in this topic. - - - @@ -17785,8 +16387,6 @@ If you enable this policy setting, Windows will not activate unactivated Enhance If you disable or do not configure this policy setting, Windows will activate unactivated Enhanced Storage devices. - - ADMX Info: @@ -17838,9 +16438,6 @@ ADMX Info: - 1 – Allowed. Users can make their devices available for downloading and installing preview software. - 2 (default) – Not configured. Users can make their devices available for downloading and installing preview software. - - - @@ -17879,9 +16476,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -17924,9 +16518,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -17974,9 +16565,6 @@ ADMX Info: - After a client machine is rebooted, check whether there is any network traffic from client machine to fs.microsoft.com. - - - @@ -18022,9 +16610,6 @@ ADMX Info:
For example, an app's original Location setting is Off. The administrator then sets the **AllowLocation** policy to 2 (Force Location On.) The Location service starts working for that app, overriding the original setting. Later, if the administrator switches the **AllowLocation** policy back to 1 (User Control), the app will revert to using its original setting of Off. - - - @@ -18063,9 +16648,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18159,9 +16741,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18200,9 +16779,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18211,8 +16787,6 @@ ADMX Info: N/A - - ADMX Info: @@ -18271,9 +16845,6 @@ ADMX Info: 2. Restart machine. 3. Verify that OneDrive.exe is not running in Task Manager. - - - @@ -18292,8 +16863,6 @@ If you disable or do not configure this policy setting, users can perform System Also, see the "Turn off System Restore configuration" policy setting. If the "Turn off System Restore" policy setting is disabled or not configured, the "Turn off System Restore configuration" policy setting is used to determine whether the option to configure System Restore is available. - - ADMX Info: @@ -18335,9 +16904,6 @@ ADMX Info:
If you disable or do not configure this policy setting, Connected User Experiences and Telemetry will go to Microsoft using the default proxy configuration. - - - @@ -18380,9 +16946,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18425,9 +16988,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18470,9 +17030,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18515,9 +17072,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18560,9 +17114,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18605,9 +17156,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18650,9 +17198,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18700,9 +17245,6 @@ ADMX Info: 2. Launch the input panel/touch keyboard by touching a text input field or launching it from the taskbar. Verify that text prediction is disabled by typing some text. Text prediction on the keyboard will be disabled even if the “Show text suggestions as I type” setting is enabled in the Settings app. 3. Launch the handwriting tool from the touch keyboard. Verify that text prediction is disabled when you write using the tool. - - - @@ -18711,9 +17253,6 @@ ADMX Info:
This policy has been deprecated. - - - @@ -18756,9 +17295,6 @@ ADMX Info:
Most restricted value is 0. - - - @@ -18799,9 +17335,6 @@ ADMX Info: - 0 (default) – No characters are filtered. - 1 – All characters except JIS0208 are filtered. - - - @@ -18842,9 +17375,6 @@ ADMX Info: - 0 (default) – No characters are filtered. - 1 – All characters except JIS0208 and EUDC are filtered. - - - @@ -18885,9 +17415,6 @@ ADMX Info: - 0 (default) – No characters are filtered. - 1 – All characters except ShiftJIS are filtered. - - - @@ -18901,9 +17428,6 @@ ADMX Info: - 0 – Locale default setting. - 1 (default) – Set 24 hour clock. - - - @@ -18946,9 +17470,6 @@ ADMX Info:
The default is 17 (5 PM). - - - @@ -18965,9 +17486,6 @@ ADMX Info:
The default value is 18 (hours). - - - @@ -19010,9 +17528,6 @@ ADMX Info:
The default value is 8 (8 AM). - - - @@ -19065,9 +17580,6 @@ ADMX Info:
If the policy is not configured, end-users get the default behavior (Auto install and restart). - - - @@ -19108,9 +17620,6 @@ ADMX Info: - 0 – Not allowed or not configured. - 1 – Allowed. Accepts updates received through Microsoft Update. - - - @@ -19155,9 +17664,6 @@ ADMX Info:
This policy is specific to desktop and local publishing via WSUS for 3rd party updates (binaries and updates not hosted on Microsoft Update) and allows IT to manage whether Automatic Updates accepts updates signed by entities other than Microsoft when the update is found on an intranet Microsoft update service location. - - - @@ -19205,10 +17711,6 @@ ADMX Info: > [!NOTE] > This policy applies only when the desktop or device is configured to connect to an intranet update service using the "Specify intranet Microsoft update service location" policy. - - - - @@ -19225,9 +17727,6 @@ ADMX Info:
The default value is 15 (minutes). - - - @@ -19245,9 +17744,6 @@ ADMX Info: - 1 (default) – Auto Dismissal. - 2 – User Dismissal. - - - @@ -19288,9 +17784,6 @@ ADMX Info: - 16 (default) – User gets all applicable upgrades from Current Branch (CB). - 32 – User gets upgrades from Current Branch for Business (CBB). - - - @@ -19331,9 +17824,6 @@ ADMX Info: > [!IMPORTANT] > The default maximum number of days to defer an update has been increased from 180 (Windows 10, version 1607) to 365 in Windows 10, version 1703. - - - @@ -19371,9 +17861,6 @@ ADMX Info:
Supported values are 0-30. - - - @@ -19473,10 +17960,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - - - - @@ -19522,9 +18005,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
If the "Allow Telemetry" policy is enabled and the Options value is set to 0, then the "Defer upgrades by", "Defer updates by" and "Pause Updates and Upgrades" settings have no effect. - - - @@ -19556,9 +18036,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
Added in Windows 10, version 1703. Specifies the scan frequency from every 1 - 22 hours. Default is 22 hours. - - - @@ -19575,9 +18052,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
The default value is 0 days (not specified). - - - @@ -19594,9 +18068,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
The default value is 3 days. - - - @@ -19613,9 +18084,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
The default value is 7 days. - - - @@ -19656,10 +18124,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - 0 (default) – Allow Windows Update drivers. - 1 – Exclude Windows Update drivers. - - - - @@ -19699,9 +18163,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - 0 (default) – Disabled. - 1 – Enabled. - - - @@ -19751,10 +18212,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego 3. Verify that any downloads that are above the download size limit will complete without being paused. - - - - @@ -19802,10 +18259,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego 3. Verify that any downloads that are above the download size limit will complete without being paused. - - - - @@ -19852,9 +18305,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
If the "Allow Telemetry" policy is enabled and the Options value is set to 0, then the "Defer upgrades by", "Defer updates by" and "Pause Updates and Upgrades" settings have no effect. - - - @@ -19896,9 +18346,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - 0 (default) – Feature Updates are not paused. - 1 – Feature Updates are paused for 60 days or until value set to back to 0, whichever is sooner. - - - @@ -19932,9 +18379,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
Value type is string. Supported operations are Add, Get, Delete, and Replace. - - - @@ -19974,9 +18418,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - 0 (default) – Quality Updates are not paused. - 1 – Quality Updates are paused for 35 days or until value set back to 0, whichever is sooner. - - - @@ -20010,9 +18451,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
Value type is string. Supported operations are Add, Get, Delete, and Replace. - - - @@ -20055,9 +18493,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - 0 (default) – User gets upgrades from Current Branch. - 1 – User gets upgrades from Current Branch for Business. - - - @@ -20105,9 +18540,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - 0 – Not configured. The device installs all applicable updates. - 1 – The device only installs updates that are both applicable and on the Approved Updates list. Set this policy to 1 if IT wants to control the deployment of updates on devices, such as when testing is required prior to deployment. - - - @@ -20124,9 +18556,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
The default value is 15 (minutes). - - - @@ -20143,9 +18572,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
The default value is 4 (hours). - - - @@ -20196,9 +18622,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - 6 – Friday - 7 – Saturday - - - @@ -20242,9 +18665,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
The default value is 3. - - - @@ -20262,9 +18682,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - 0 (default) – Enabled - 1 – Disabled - - - @@ -20301,9 +18718,6 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego - 0 - not configured - 1 - configured - - - @@ -20366,9 +18780,6 @@ Example ``` - - - @@ -20413,9 +18824,6 @@ Example > If the "Alternate Download Server" Group Policy is not set, it will use the WSUS server by default to download updates. > This policy is not supported on Windows RT. Setting this policy will not have any effect on Windows RT PCs. - - - @@ -20424,9 +18832,6 @@ Example
This policy has been deprecated. - - - @@ -20465,9 +18870,6 @@ Example
Most restricted value is 0. - - - @@ -20506,9 +18908,6 @@ Example
Most restricted value is 0. - - - @@ -20550,10 +18949,6 @@ Example > [!NOTE] > Setting this policy deletes any previously installed user-configured and Wi-Fi sense Wi-Fi profiles from the device. Certain Wi-Fi profiles that are not user configured nor Wi-Fi sense might not be deleted. In addition, not all non-MDM profiles are completely deleted. - - - - @@ -20592,9 +18987,6 @@ Example
Most restricted value is 0. - - - @@ -20629,9 +19021,6 @@ Example - 0 - WiFi Direct connection is not allowed. - 1 - WiFi Direct connection is allowed. - - - @@ -20669,9 +19058,6 @@ Example
Supported operations are Add, Delete, Get, and Replace. - - - @@ -20708,9 +19094,6 @@ Example - 0 - app suggestions are not allowed. - 1 (default) -allow app suggestions. - - - @@ -20748,9 +19131,6 @@ Example - 1 - ink workspace is enabled (feature is turned on), but the user cannot access it above the lock screen. - 2 (default) - ink workspace is enabled (feature is turned on), and the user is allowed to use it above the lock screen. - - - @@ -20763,8 +19143,6 @@ If you enable this policy setting, no app notifications are displayed on the loc If you disable or do not configure this policy setting, users can choose which apps display notifications on the lock screen. - - ADMX Info: @@ -20785,8 +19163,6 @@ If you enable this policy setting, the PC's network connectivity state cannot be If you disable or don't configure this policy setting, any user can disconnect the PC from the network or can connect the PC to other available networks without signing into Windows. - - ADMX Info: @@ -20836,9 +19212,6 @@ ADMX Info: 1. Enable policy. 2. Verify that the Switch account button in Start is hidden. - - - @@ -20873,9 +19246,6 @@ ADMX Info: - 0 - your PC cannot discover or project to other devices. - 1 - your PC can discover and project to other devices - - - @@ -20910,9 +19280,6 @@ ADMX Info: - 0 - your PC cannot discover or project to other infrastructure devices, although it is possible to discover and project over WiFi Direct. - 1 - your PC can discover and project to other devices over infrastructure. - - - @@ -20951,9 +19318,6 @@ ADMX Info: - 0 - projection to PC is not allowed. Always off and the user cannot enable it. - 1 (default) - projection to PC is allowed. Enabled only above the lock screen. - - - @@ -20988,9 +19352,6 @@ ADMX Info: - 0 - your PC is not discoverable and other devices cannot project to it over infrastructure, although it is possible to project to it over WiFi Direct. - 1 - your PC is discoverable and other devices can project to it over infrastructure. - - - @@ -20999,9 +19360,6 @@ ADMX Info:
Added in Windows 10, version 1703. - - - @@ -21040,9 +19398,6 @@ ADMX Info: - 0 (default) - PIN is not required. - 1 - PIN is required. - - -