From 2d2709379647cf5b6c746ae92a7117323f1f08ec Mon Sep 17 00:00:00 2001 From: Nicholas Brower Date: Tue, 30 Jan 2018 18:45:02 +0000 Subject: [PATCH] Merged PR 5589: changing policy tags used by automation to reduce footprint --- .../mdm/policy-csp-abovelock.md | 18 +- ...csp-accountpoliciesaccountlockoutpolicy.md | 18 +- .../mdm/policy-csp-accounts.md | 22 +- .../mdm/policy-csp-activexcontrols.md | 10 +- .../mdm/policy-csp-applicationdefaults.md | 10 +- .../mdm/policy-csp-applicationmanagement.md | 50 +- .../mdm/policy-csp-appvirtualization.md | 118 +-- .../mdm/policy-csp-attachmentmanager.md | 18 +- .../mdm/policy-csp-authentication.md | 26 +- .../mdm/policy-csp-autoplay.md | 18 +- .../mdm/policy-csp-bitlocker.md | 10 +- .../mdm/policy-csp-bluetooth.md | 26 +- .../mdm/policy-csp-browser.md | 158 +-- .../mdm/policy-csp-camera.md | 10 +- .../mdm/policy-csp-cellular.md | 26 +- .../mdm/policy-csp-connectivity.md | 62 +- .../mdm/policy-csp-controlpolicyconflict.md | 10 +- .../mdm/policy-csp-credentialproviders.md | 18 +- .../mdm/policy-csp-credentialsui.md | 14 +- .../mdm/policy-csp-cryptography.md | 14 +- .../mdm/policy-csp-dataprotection.md | 14 +- .../mdm/policy-csp-datausage.md | 14 +- .../mdm/policy-csp-defender.md | 146 +-- .../mdm/policy-csp-deliveryoptimization.md | 102 +- .../mdm/policy-csp-desktop.md | 10 +- .../mdm/policy-csp-deviceguard.md | 18 +- .../mdm/policy-csp-deviceinstallation.md | 14 +- .../mdm/policy-csp-devicelock.md | 74 +- .../mdm/policy-csp-display.md | 14 +- .../mdm/policy-csp-education.md | 18 +- .../mdm/policy-csp-enterprisecloudprint.md | 30 +- .../mdm/policy-csp-errorreporting.md | 26 +- .../mdm/policy-csp-eventlogservice.md | 22 +- .../mdm/policy-csp-experience.md | 90 +- .../mdm/policy-csp-exploitguard.md | 10 +- .../client-management/mdm/policy-csp-games.md | 10 +- .../mdm/policy-csp-handwriting.md | 10 +- .../mdm/policy-csp-internetexplorer.md | 978 +++++++++--------- .../mdm/policy-csp-kerberos.md | 26 +- .../mdm/policy-csp-kioskbrowser.md | 30 +- .../mdm/policy-csp-licensing.md | 14 +- ...policy-csp-localpoliciessecurityoptions.md | 226 ++-- .../mdm/policy-csp-location.md | 10 +- .../mdm/policy-csp-lockdown.md | 10 +- .../client-management/mdm/policy-csp-maps.md | 14 +- .../mdm/policy-csp-messaging.md | 18 +- .../mdm/policy-csp-networkisolation.md | 38 +- .../mdm/policy-csp-notifications.md | 10 +- .../client-management/mdm/policy-csp-power.md | 42 +- .../mdm/policy-csp-printers.md | 18 +- .../mdm/policy-csp-privacy.md | 314 +++--- .../mdm/policy-csp-remoteassistance.md | 22 +- .../mdm/policy-csp-remotedesktopservices.md | 30 +- .../mdm/policy-csp-remotemanagement.md | 66 +- .../mdm/policy-csp-remoteprocedurecall.md | 14 +- .../mdm/policy-csp-remoteshell.md | 34 +- .../mdm/policy-csp-search.md | 62 +- .../mdm/policy-csp-security.md | 50 +- .../mdm/policy-csp-settings.md | 62 +- .../mdm/policy-csp-smartscreen.md | 18 +- .../mdm/policy-csp-speech.md | 10 +- .../client-management/mdm/policy-csp-start.md | 122 +-- .../mdm/policy-csp-storage.md | 14 +- .../mdm/policy-csp-system.md | 66 +- .../mdm/policy-csp-systemservices.md | 30 +- .../mdm/policy-csp-taskscheduler.md | 10 +- .../mdm/policy-csp-textinput.md | 62 +- .../mdm/policy-csp-timelanguagesettings.md | 10 +- .../mdm/policy-csp-update.md | 198 ++-- .../mdm/policy-csp-userrights.md | 122 +-- .../client-management/mdm/policy-csp-wifi.md | 34 +- ...olicy-csp-windowsdefendersecuritycenter.md | 82 +- .../mdm/policy-csp-windowsinkworkspace.md | 14 +- .../mdm/policy-csp-windowslogon.md | 18 +- .../mdm/policy-csp-wirelessdisplay.md | 38 +- 75 files changed, 2107 insertions(+), 2107 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-abovelock.md b/windows/client-management/mdm/policy-csp-abovelock.md index 09bab6143a..bdcbc5f8c4 100644 --- a/windows/client-management/mdm/policy-csp-abovelock.md +++ b/windows/client-management/mdm/policy-csp-abovelock.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - AboveLock @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## AboveLock policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **AboveLock/AllowActionCenterNotifications** @@ -84,11 +84,11 @@ The following list shows the supported values: - 1 (default) - Allowed. - +
- + **AboveLock/AllowCortanaAboveLock** @@ -134,11 +134,11 @@ The following list shows the supported values: - 1 (default) - Allowed. - +
- + **AboveLock/AllowToasts** @@ -186,7 +186,7 @@ The following list shows the supported values: - 1 (default) - Allowed. - +
Footnote: @@ -195,5 +195,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-accountpoliciesaccountlockoutpolicy.md b/windows/client-management/mdm/policy-csp-accountpoliciesaccountlockoutpolicy.md index e74c715473..2d0549e77b 100644 --- a/windows/client-management/mdm/policy-csp-accountpoliciesaccountlockoutpolicy.md +++ b/windows/client-management/mdm/policy-csp-accountpoliciesaccountlockoutpolicy.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - AccountPoliciesAccountLockoutPolicy @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## AccountPoliciesAccountLockoutPolicy policies
@@ -35,7 +35,7 @@ ms.date: 01/29/2018
- + **AccountPoliciesAccountLockoutPolicy/AccountLockoutDuration** @@ -78,11 +78,11 @@ If an account lockout threshold is defined, the account lockout duration must be Default: None, because this policy setting only has meaning when an Account lockout threshold is specified. - +
- + **AccountPoliciesAccountLockoutPolicy/AccountLockoutThreshold** @@ -125,11 +125,11 @@ Failed password attempts against workstations or member servers that have been l Default: 0. - +
- + **AccountPoliciesAccountLockoutPolicy/ResetAccountLockoutCounterAfter** @@ -172,7 +172,7 @@ If an account lockout threshold is defined, this reset time must be less than or Default: None, because this policy setting only has meaning when an Account lockout threshold is specified. - +
Footnote: @@ -181,5 +181,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-accounts.md b/windows/client-management/mdm/policy-csp-accounts.md index 14b5d262f0..0fb29f4870 100644 --- a/windows/client-management/mdm/policy-csp-accounts.md +++ b/windows/client-management/mdm/policy-csp-accounts.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Accounts @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Accounts policies
@@ -36,7 +36,7 @@ ms.date: 01/29/2018
- + **Accounts/AllowAddingNonMicrosoftAccountsManually** @@ -87,11 +87,11 @@ The following list shows the supported values: - 1 (default) - Allowed. - +
- + **Accounts/AllowMicrosoftAccountConnection** @@ -139,11 +139,11 @@ The following list shows the supported values: - 1 (default) - Allowed. - +
- + **Accounts/AllowMicrosoftAccountSignInAssistant** @@ -189,11 +189,11 @@ The following list shows the supported values: - 1 (default) - Manual start. - +
- + **Accounts/DomainNamesForEmailSync** @@ -236,7 +236,7 @@ The data type is a string. The default value is an empty string, which allows all email accounts on the device to sync email. Otherwise, the string should contain a pipe-separated list of domains that are allowed to sync email on the device. For example, "contoso.com|fabrikam.net|woodgrove.gov". - +
Footnote: @@ -245,7 +245,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Accounts policies supported by Windows Holographic for Business diff --git a/windows/client-management/mdm/policy-csp-activexcontrols.md b/windows/client-management/mdm/policy-csp-activexcontrols.md index 6b16327ccb..4bea893b54 100644 --- a/windows/client-management/mdm/policy-csp-activexcontrols.md +++ b/windows/client-management/mdm/policy-csp-activexcontrols.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - ActiveXControls @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## ActiveXControls policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **ActiveXControls/ApprovedInstallationSites** @@ -87,7 +87,7 @@ ADMX Info: - GP ADMX file name: *ActiveXInstallService.admx* - +
Footnote: @@ -96,5 +96,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-applicationdefaults.md b/windows/client-management/mdm/policy-csp-applicationdefaults.md index 2889bb4f2a..0e45ce047c 100644 --- a/windows/client-management/mdm/policy-csp-applicationdefaults.md +++ b/windows/client-management/mdm/policy-csp-applicationdefaults.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - ApplicationDefaults @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## ApplicationDefaults policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **ApplicationDefaults/DefaultAssociationsConfiguration** @@ -122,7 +122,7 @@ Here is the SyncMl example: ``` - +
Footnote: @@ -131,5 +131,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-applicationmanagement.md b/windows/client-management/mdm/policy-csp-applicationmanagement.md index 1ca01c5a3f..9ee5181bd2 100644 --- a/windows/client-management/mdm/policy-csp-applicationmanagement.md +++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - ApplicationManagement @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## ApplicationManagement policies
@@ -57,7 +57,7 @@ ms.date: 01/29/2018
- + **ApplicationManagement/AllowAllTrustedApps** @@ -106,11 +106,11 @@ The following list shows the supported values: - 65535 (default) - Not configured. - +
- + **ApplicationManagement/AllowAppStoreAutoUpdate** @@ -159,11 +159,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **ApplicationManagement/AllowDeveloperUnlock** @@ -212,11 +212,11 @@ The following list shows the supported values: - 65535 (default) - Not configured. - +
- + **ApplicationManagement/AllowGameDVR** @@ -267,11 +267,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **ApplicationManagement/AllowSharedUserAppData** @@ -319,11 +319,11 @@ The following list shows the supported values: - 1 – Allowed. - +
- + **ApplicationManagement/AllowStore** @@ -371,11 +371,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **ApplicationManagement/ApplicationRestrictions** @@ -436,11 +436,11 @@ Value type is chr. Value evaluation rule - The information for PolicyManager is opaque. There is no most restricted value evaluation. Whenever there is a change to the value, the device parses the node value and enforces specified policies. - +
- + **ApplicationManagement/DisableStoreOriginatedApps** @@ -486,11 +486,11 @@ The following list shows the supported values: - 1 – Disable launch of apps. - +
- + **ApplicationManagement/RequirePrivateStoreOnly** @@ -539,11 +539,11 @@ The following list shows the supported values: - 1 – Only Private store is enabled. - +
- + **ApplicationManagement/RestrictAppDataToSystemVolume** @@ -591,11 +591,11 @@ The following list shows the supported values: - 1 – Restricted. - +
- + **ApplicationManagement/RestrictAppToSystemVolume** @@ -643,7 +643,7 @@ The following list shows the supported values: - 1 – Restricted. - +
Footnote: @@ -652,7 +652,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## ApplicationManagement policies supported by Windows Holographic for Business diff --git a/windows/client-management/mdm/policy-csp-appvirtualization.md b/windows/client-management/mdm/policy-csp-appvirtualization.md index f1bfd67657..5ec36f8881 100644 --- a/windows/client-management/mdm/policy-csp-appvirtualization.md +++ b/windows/client-management/mdm/policy-csp-appvirtualization.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - AppVirtualization @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## AppVirtualization policies
@@ -108,7 +108,7 @@ ms.date: 01/29/2018
- + **AppVirtualization/AllowAppVClient** @@ -162,11 +162,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/AllowDynamicVirtualization** @@ -220,11 +220,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/AllowPackageCleanup** @@ -278,11 +278,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/AllowPackageScripts** @@ -336,11 +336,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/AllowPublishingRefreshUX** @@ -394,11 +394,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/AllowReportingServer** @@ -462,11 +462,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/AllowRoamingFileExclusions** @@ -520,11 +520,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/AllowRoamingRegistryExclusions** @@ -578,11 +578,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/AllowStreamingAutoload** @@ -636,11 +636,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/ClientCoexistenceAllowMigrationmode** @@ -694,11 +694,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/IntegrationAllowRootGlobal** @@ -752,11 +752,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/IntegrationAllowRootUser** @@ -810,11 +810,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/PublishingAllowServer1** @@ -886,11 +886,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/PublishingAllowServer2** @@ -962,11 +962,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/PublishingAllowServer3** @@ -1038,11 +1038,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/PublishingAllowServer4** @@ -1114,11 +1114,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/PublishingAllowServer5** @@ -1190,11 +1190,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingAllowCertificateFilterForClient_SSL** @@ -1248,11 +1248,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingAllowHighCostLaunch** @@ -1306,11 +1306,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingAllowLocationProvider** @@ -1364,11 +1364,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingAllowPackageInstallationRoot** @@ -1422,11 +1422,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingAllowPackageSourceRoot** @@ -1480,11 +1480,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingAllowReestablishmentInterval** @@ -1538,11 +1538,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingAllowReestablishmentRetries** @@ -1596,11 +1596,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingSharedContentStoreMode** @@ -1654,11 +1654,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingSupportBranchCache** @@ -1712,11 +1712,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/StreamingVerifyCertificateRevocationList** @@ -1770,11 +1770,11 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
- + **AppVirtualization/VirtualComponentsAllowList** @@ -1828,7 +1828,7 @@ ADMX Info: - GP ADMX file name: *appv.admx* - +
Footnote: @@ -1837,5 +1837,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-attachmentmanager.md b/windows/client-management/mdm/policy-csp-attachmentmanager.md index b23d0fec1c..3cd9a8202d 100644 --- a/windows/client-management/mdm/policy-csp-attachmentmanager.md +++ b/windows/client-management/mdm/policy-csp-attachmentmanager.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - AttachmentManager @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## AttachmentManager policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **AttachmentManager/DoNotPreserveZoneInformation** @@ -93,11 +93,11 @@ ADMX Info: - GP ADMX file name: *AttachmentManager.admx* - +
- + **AttachmentManager/HideZoneInfoMechanism** @@ -157,11 +157,11 @@ ADMX Info: - GP ADMX file name: *AttachmentManager.admx* - +
- + **AttachmentManager/NotifyAntivirusPrograms** @@ -221,7 +221,7 @@ ADMX Info: - GP ADMX file name: *AttachmentManager.admx* - +
Footnote: @@ -230,5 +230,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-authentication.md b/windows/client-management/mdm/policy-csp-authentication.md index 6755d07861..881ae7ff19 100644 --- a/windows/client-management/mdm/policy-csp-authentication.md +++ b/windows/client-management/mdm/policy-csp-authentication.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Authentication @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Authentication policies
@@ -39,7 +39,7 @@ ms.date: 01/29/2018
- + **Authentication/AllowAadPasswordReset** @@ -85,11 +85,11 @@ The following list shows the supported values: - 1 – Allowed. - +
- + **Authentication/AllowEAPCertSSO** @@ -135,11 +135,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Authentication/AllowFastReconnect** @@ -187,11 +187,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Authentication/AllowFidoDeviceSignon** @@ -241,11 +241,11 @@ The following list shows the supported values: - 1 - Allow. The FIDO device credential provider is enabled and allows usage of FIDO devices to sign into an Windows. - +
- + **Authentication/AllowSecondaryAuthenticationDevice** @@ -293,7 +293,7 @@ The following list shows the supported values: - 1 – Allowed. - +
Footnote: @@ -302,7 +302,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Authentication policies supported by Windows Holographic for Business diff --git a/windows/client-management/mdm/policy-csp-autoplay.md b/windows/client-management/mdm/policy-csp-autoplay.md index 1691a0fce0..ea02a39c19 100644 --- a/windows/client-management/mdm/policy-csp-autoplay.md +++ b/windows/client-management/mdm/policy-csp-autoplay.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Autoplay @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Autoplay policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **Autoplay/DisallowAutoplayForNonVolumeDevices** @@ -92,11 +92,11 @@ ADMX Info: - GP ADMX file name: *AutoPlay.admx* - +
- + **Autoplay/SetDefaultAutoRunBehavior** @@ -164,11 +164,11 @@ ADMX Info: - GP ADMX file name: *AutoPlay.admx* - +
- + **Autoplay/TurnOffAutoPlay** @@ -237,7 +237,7 @@ ADMX Info: - GP ADMX file name: *AutoPlay.admx* - +
Footnote: @@ -246,5 +246,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-bitlocker.md b/windows/client-management/mdm/policy-csp-bitlocker.md index 35eb61f9df..852a915bac 100644 --- a/windows/client-management/mdm/policy-csp-bitlocker.md +++ b/windows/client-management/mdm/policy-csp-bitlocker.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Bitlocker @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Bitlocker policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **Bitlocker/EncryptionMethod** @@ -106,7 +106,7 @@ The following list shows the supported values: - 7 - XTS-AES 256-bit (Desktop only) - +
Footnote: @@ -115,5 +115,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-bluetooth.md b/windows/client-management/mdm/policy-csp-bluetooth.md index dc992781e7..3a6b797bf3 100644 --- a/windows/client-management/mdm/policy-csp-bluetooth.md +++ b/windows/client-management/mdm/policy-csp-bluetooth.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Bluetooth @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Bluetooth policies
@@ -39,7 +39,7 @@ ms.date: 01/29/2018
- + **Bluetooth/AllowAdvertising** @@ -89,11 +89,11 @@ The following list shows the supported values: - 1 (default) – Allowed. When set to 1, the device will send out advertisements. To verify, use any Bluetooth LE app and enable it to do advertising. Then, verify that the advertisement is received by the peripheral. - +
- + **Bluetooth/AllowDiscoverableMode** @@ -143,11 +143,11 @@ The following list shows the supported values: - 1 (default) – Allowed. When set to 1, other devices will be able to detect the device. To verify, open the Bluetooth control panel on the device. Then, go to another Bluetooth-enabled device, open the Bluetooth control panel and verify that you can discover it. - +
- + **Bluetooth/AllowPrepairing** @@ -193,11 +193,11 @@ The following list shows the supported values: - 1 (default)– Allowed. - +
- + **Bluetooth/LocalDeviceName** @@ -240,11 +240,11 @@ If this is set, the value that it is set to will be used as the Bluetooth device If this policy is not set or it is deleted, the default local radio name is used. - +
- + **Bluetooth/ServicesAllowedList** @@ -285,7 +285,7 @@ Set a list of allowable services and profiles. String hex formatted array of Blu The default value is an empty string. - +
Footnote: @@ -294,7 +294,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Bluetooth policies supported by Windows Holographic for Business diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index 51ca199a31..0e9aaf6db6 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Browser @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## Browser policies
@@ -140,7 +140,7 @@ ms.date: 01/29/2018
- + **Browser/AllowAddressBarDropdown** @@ -192,11 +192,11 @@ The following list shows the supported values: - 1 (default) – Allowed. Address bar drop-down is enabled. - +
- + **Browser/AllowAutofill** @@ -254,11 +254,11 @@ To verify AllowAutofill is set to 0 (not allowed): 4. Verify the setting **Save form entries** is greyed out. - +
- + **Browser/AllowBrowser** @@ -313,11 +313,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Browser/AllowCookies** @@ -376,11 +376,11 @@ To verify AllowCookies is set to 0 (not allowed): 4. Verify the setting **Cookies** is greyed out. - +
- + **Browser/AllowDeveloperTools** @@ -433,11 +433,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Browser/AllowDoNotTrack** @@ -495,11 +495,11 @@ To verify AllowDoNotTrack is set to 0 (not allowed): 4. Verify the setting **Send Do Not Track requests** is greyed out. - +
- + **Browser/AllowExtensions** @@ -546,11 +546,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Browser/AllowFlash** @@ -597,11 +597,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Browser/AllowFlashClickToRun** @@ -648,11 +648,11 @@ The following list shows the supported values: - 1 (default) – Users must click the content, click a Click-to-Run button, or have the site appear on an auto-allow list before Microsoft Edge loads and runs Adobe Flash content. - +
- + **Browser/AllowInPrivate** @@ -701,11 +701,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Browser/AllowMicrosoftCompatibilityList** @@ -757,11 +757,11 @@ The following list shows the supported values: - 1 (default) – Enabled. - +
- + **Browser/AllowPasswordManager** @@ -819,11 +819,11 @@ To verify AllowPasswordManager is set to 0 (not allowed): 4. Verify the settings **Offer to save password** and **Manage my saved passwords** are greyed out. - +
- + **Browser/AllowPopups** @@ -881,11 +881,11 @@ To verify AllowPopups is set to 0 (not allowed): 4. Verify the setting **Block pop-ups** is greyed out. - +
- + **Browser/AllowSearchEngineCustomization** @@ -936,11 +936,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Browser/AllowSearchSuggestionsinAddressBar** @@ -989,11 +989,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Browser/AllowSmartScreen** @@ -1051,11 +1051,11 @@ To verify AllowSmartScreen is set to 0 (not allowed): 4. Verify the setting **Help protect me from malicious sites and download with SmartScreen Filter** is greyed out. - +
- + **Browser/AlwaysEnableBooksLibrary** @@ -1102,11 +1102,11 @@ The following list shows the supported values: - 1 - Enable. Always show the Books Library, regardless of countries or region of activation. - +
- + **Browser/ClearBrowsingDataOnExit** @@ -1163,11 +1163,11 @@ To verify that browsing data is cleared on exit (ClearBrowsingDataOnExit is set 3. Open Microsoft Edge and start typing the same URL in address bar. Verify that it does not auto-complete from history. - +
- + **Browser/ConfigureAdditionalSearchEngines** @@ -1225,11 +1225,11 @@ The following list shows the supported values: - 1 – Additional search engines are allowed. - +
- + **Browser/DisableLockdownOfStartPages** @@ -1284,11 +1284,11 @@ The following list shows the supported values: - 1 – Disable lockdown of the Start pages and allow users to modify them. - +
- + **Browser/EnableExtendedBooksTelemetry** @@ -1337,11 +1337,11 @@ The following list shows the supported values: - 1 - Enable. Additional telemetry for schools. - +
- + **Browser/EnterpriseModeSiteList** @@ -1392,11 +1392,11 @@ The following list shows the supported values: - Set to a URL location of the enterprise site list. - +
- + **Browser/EnterpriseSiteListServiceUrl** @@ -1437,11 +1437,11 @@ The following list shows the supported values: > This policy (introduced in Windows 10, version 1507) was deprecated in Windows 10, version 1511 by [Browser/EnterpriseModeSiteList](#browser-enterprisemodesitelist). - +
- + **Browser/FirstRunURL** @@ -1489,11 +1489,11 @@ The data type is a string. The default value is an empty string. Otherwise, the string should contain the URL of the webpage users will see the first time Microsoft Edge is run. For example, “contoso.com”. - +
- + **Browser/HomePages** @@ -1543,11 +1543,11 @@ Starting in Windows 10, version 1703, if you don’t want to send traffic to Mi > Turning this setting off, or not configuring it, sets your default Start pages to the webpages specified in App settings. - +
- + **Browser/LockdownFavorites** @@ -1603,11 +1603,11 @@ The following list shows the supported values: - 1 - Enabled. Lockdown Favorites. - +
- + **Browser/PreventAccessToAboutFlagsInMicrosoftEdge** @@ -1654,11 +1654,11 @@ The following list shows the supported values: - 1 – Users can't access the about:flags page in Microsoft Edge. - +
- + **Browser/PreventFirstRunPage** @@ -1707,11 +1707,11 @@ The following list shows the supported values: - 1 – Employees don't see the First Run webpage. - +
- + **Browser/PreventLiveTileDataCollection** @@ -1760,11 +1760,11 @@ The following list shows the supported values: - 1 – Microsoft servers will not be contacted if a site is pinned to Start from Microsoft Edge. - +
- + **Browser/PreventSmartScreenPromptOverride** @@ -1813,11 +1813,11 @@ The following list shows the supported values: - 1 – On. - +
- + **Browser/PreventSmartScreenPromptOverrideForFiles** @@ -1864,11 +1864,11 @@ The following list shows the supported values: - 1 – On. - +
- + **Browser/PreventUsingLocalHostIPAddressForWebRTC** @@ -1919,11 +1919,11 @@ The following list shows the supported values: - 1 – The localhost IP address is hidden. - +
- + **Browser/ProvisionFavorites** @@ -1976,11 +1976,11 @@ If you disable or don't configure this setting, employees will see the favorites Data type is string. - +
- + **Browser/SendIntranetTraffictoInternetExplorer** @@ -2033,11 +2033,11 @@ The following list shows the supported values: - 1 – Intranet traffic is sent to Microsoft Edge. - +
- + **Browser/SetDefaultSearchEngine** @@ -2094,11 +2094,11 @@ The following list shows the supported values: - 1 - Allows you to configure the default search engine for your employees. - +
- + **Browser/ShowMessageWhenOpeningSitesInInternetExplorer** @@ -2151,11 +2151,11 @@ The following list shows the supported values: - 1 – Interstitial pages are shown. - +
- + **Browser/SyncFavoritesBetweenIEAndMicrosoftEdge** @@ -2217,11 +2217,11 @@ To verify that favorites are in synchronized between Internet Explorer and Micro - +
- + **Browser/UseSharedFolderForBooks** @@ -2268,7 +2268,7 @@ The following list shows the supported values: - 1 - Use a shared folder. - +
Footnote: @@ -2277,7 +2277,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Browser policies that can be set using Exchange Active Sync (EAS) diff --git a/windows/client-management/mdm/policy-csp-camera.md b/windows/client-management/mdm/policy-csp-camera.md index fc227b1f17..635f9d4118 100644 --- a/windows/client-management/mdm/policy-csp-camera.md +++ b/windows/client-management/mdm/policy-csp-camera.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Camera @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Camera policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **Camera/AllowCamera** @@ -75,7 +75,7 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
Footnote: @@ -84,7 +84,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Camera policies that can be set using Exchange Active Sync (EAS) diff --git a/windows/client-management/mdm/policy-csp-cellular.md b/windows/client-management/mdm/policy-csp-cellular.md index db8f20499e..33931f6aa7 100644 --- a/windows/client-management/mdm/policy-csp-cellular.md +++ b/windows/client-management/mdm/policy-csp-cellular.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Cellular @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Cellular policies
@@ -39,7 +39,7 @@ ms.date: 01/29/2018
- + **Cellular/LetAppsAccessCellularData** @@ -98,11 +98,11 @@ The following list shows the supported values: - 2 - Force Deny - +
- + **Cellular/LetAppsAccessCellularData_ForceAllowTheseApps** @@ -141,11 +141,11 @@ The following list shows the supported values: Added in Windows 10, version 1709. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to cellular data. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps. Value type is string. - +
- + **Cellular/LetAppsAccessCellularData_ForceDenyTheseApps** @@ -184,11 +184,11 @@ Added in Windows 10, version 1709. List of semi-colon delimited Package Family N Added in Windows 10, version 1709. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to cellular data. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps. Value type is string. - +
- + **Cellular/LetAppsAccessCellularData_UserInControlOfTheseApps** @@ -227,11 +227,11 @@ Added in Windows 10, version 1709. List of semi-colon delimited Package Family N Added in Windows 10, version 1709. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the cellular data access setting for the listed apps. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps. Value type is string. - +
- + **Cellular/ShowAppCellularAccessUI** @@ -294,7 +294,7 @@ ADMX Info: - GP ADMX file name: *wwansvc.admx* - +
Footnote: @@ -303,7 +303,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Cellular policies that can be set using Exchange Active Sync (EAS) diff --git a/windows/client-management/mdm/policy-csp-connectivity.md b/windows/client-management/mdm/policy-csp-connectivity.md index c4e91457b4..df9e662f31 100644 --- a/windows/client-management/mdm/policy-csp-connectivity.md +++ b/windows/client-management/mdm/policy-csp-connectivity.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Connectivity @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Connectivity policies
@@ -66,7 +66,7 @@ ms.date: 01/29/2018
- + **Connectivity/AllowBluetooth** @@ -120,11 +120,11 @@ The following list shows the supported values: - 2 (default) – Allow Bluetooth. If this is set to 2, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on. - +
- + **Connectivity/AllowCellularData** @@ -171,11 +171,11 @@ The following list shows the supported values: - 2 - Allow the cellular data channel. The user cannot turn it off. - +
- + **Connectivity/AllowCellularDataRoaming** @@ -234,11 +234,11 @@ To validate on mobile devices, do the following: 3. On the Properties page, select **Data roaming options**. - +
- + **Connectivity/AllowConnectedDevices** @@ -287,11 +287,11 @@ The following list shows the supported values: - 0 - Disable (CDP service not available). - +
- + **Connectivity/AllowNFC** @@ -343,11 +343,11 @@ The following list shows the supported values: - 1 (default) – Allow NFC capabilities. - +
- + **Connectivity/AllowUSBConnection** @@ -401,11 +401,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Connectivity/AllowVPNOverCellular** @@ -453,11 +453,11 @@ The following list shows the supported values: - 1 (default) – VPN can use any connection, including cellular. - +
- + **Connectivity/AllowVPNRoamingOverCellular** @@ -505,11 +505,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Connectivity/DiablePrintingOverHTTP** @@ -562,11 +562,11 @@ ADMX Info: - GP ADMX file name: *ICM.admx* - +
- + **Connectivity/DisableDownloadingOfPrintDriversOverHTTP** @@ -619,11 +619,11 @@ ADMX Info: - GP ADMX file name: *ICM.admx* - +
- + **Connectivity/DisableInternetDownloadForWebPublishingAndOnlineOrderingWizards** @@ -676,11 +676,11 @@ ADMX Info: - GP ADMX file name: *ICM.admx* - +
- + **Connectivity/DisallowNetworkConnectivityActiveTests** @@ -721,11 +721,11 @@ Added in Windows 10, version 1703. Network Connection Status Indicator (NCSI) de Value type is integer. - +
- + **Connectivity/HardenedUNCPaths** @@ -781,11 +781,11 @@ ADMX Info: - GP ADMX file name: *networkprovider.admx* - +
- + **Connectivity/ProhibitInstallationAndConfigurationOfNetworkBridge** @@ -838,7 +838,7 @@ ADMX Info: - GP ADMX file name: *NetworkConnections.admx* - +
Footnote: @@ -847,7 +847,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Connectivity policies that can be set using Exchange Active Sync (EAS) diff --git a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md index 421980c7b1..d4124e950a 100644 --- a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md +++ b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - ControlPolicyConflict @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## ControlPolicyConflict policies
@@ -29,7 +29,7 @@ ms.date: 01/29/2018
- + **ControlPolicyConflict/MDMWinsOverGP** @@ -83,7 +83,7 @@ The following list shows the supported values: - 1 - The MDM policy is used and the GP policy is blocked. - +
Footnote: @@ -92,5 +92,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-credentialproviders.md b/windows/client-management/mdm/policy-csp-credentialproviders.md index 20a5e4fc8d..8994842055 100644 --- a/windows/client-management/mdm/policy-csp-credentialproviders.md +++ b/windows/client-management/mdm/policy-csp-credentialproviders.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - CredentialProviders @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## CredentialProviders policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **CredentialProviders/AllowPINLogon** @@ -95,11 +95,11 @@ ADMX Info: - GP ADMX file name: *credentialproviders.admx* - +
- + **CredentialProviders/BlockPicturePassword** @@ -159,11 +159,11 @@ ADMX Info: - GP ADMX file name: *credentialproviders.admx* - +
- + **CredentialProviders/DisableAutomaticReDeploymentCredentials** @@ -211,7 +211,7 @@ The following list shows the supported values: - 1 - Disable visibility of the credentials for Windows 10 Automatic ReDeployment - +
Footnote: @@ -220,7 +220,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## CredentialProviders policies supported by IoT Core diff --git a/windows/client-management/mdm/policy-csp-credentialsui.md b/windows/client-management/mdm/policy-csp-credentialsui.md index 29395b9209..869f016e13 100644 --- a/windows/client-management/mdm/policy-csp-credentialsui.md +++ b/windows/client-management/mdm/policy-csp-credentialsui.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - CredentialsUI @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## CredentialsUI policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **CredentialsUI/DisablePasswordReveal** @@ -93,11 +93,11 @@ ADMX Info: - GP ADMX file name: *credui.admx* - +
- + **CredentialsUI/EnumerateAdministrators** @@ -155,7 +155,7 @@ ADMX Info: - GP ADMX file name: *credui.admx* - +
Footnote: @@ -164,5 +164,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-cryptography.md b/windows/client-management/mdm/policy-csp-cryptography.md index 2957dd9d77..81023d5fdd 100644 --- a/windows/client-management/mdm/policy-csp-cryptography.md +++ b/windows/client-management/mdm/policy-csp-cryptography.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Cryptography @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Cryptography policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **Cryptography/AllowFipsAlgorithmPolicy** @@ -76,11 +76,11 @@ The following list shows the supported values: - 1– Allowed. - +
- + **Cryptography/TLSCipherSuites** @@ -119,7 +119,7 @@ The following list shows the supported values: Lists the Cryptographic Cipher Algorithms allowed for SSL connections. Format is a semicolon delimited list. Last write win. - +
Footnote: @@ -128,7 +128,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Cryptography policies supported by Microsoft Surface Hub diff --git a/windows/client-management/mdm/policy-csp-dataprotection.md b/windows/client-management/mdm/policy-csp-dataprotection.md index 0a497016a1..1563402e93 100644 --- a/windows/client-management/mdm/policy-csp-dataprotection.md +++ b/windows/client-management/mdm/policy-csp-dataprotection.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - DataProtection @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## DataProtection policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **DataProtection/AllowDirectMemoryAccess** @@ -78,11 +78,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **DataProtection/LegacySelectiveWipeID** @@ -128,7 +128,7 @@ Setting used by Windows 8.1 Selective Wipe. > This policy is not recommended for use in Windows 10. - +
Footnote: @@ -137,7 +137,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## DataProtection policies supported by IoT Core diff --git a/windows/client-management/mdm/policy-csp-datausage.md b/windows/client-management/mdm/policy-csp-datausage.md index 736ad17532..9d64360b36 100644 --- a/windows/client-management/mdm/policy-csp-datausage.md +++ b/windows/client-management/mdm/policy-csp-datausage.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - DataUsage @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## DataUsage policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **DataUsage/SetCost3G** @@ -94,11 +94,11 @@ ADMX Info: - GP ADMX file name: *wwansvc.admx* - +
- + **DataUsage/SetCost4G** @@ -162,7 +162,7 @@ ADMX Info: - GP ADMX file name: *wwansvc.admx* - +
Footnote: @@ -171,5 +171,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-defender.md b/windows/client-management/mdm/policy-csp-defender.md index bcd17f7911..6dcfb31902 100644 --- a/windows/client-management/mdm/policy-csp-defender.md +++ b/windows/client-management/mdm/policy-csp-defender.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Defender @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Defender policies
@@ -129,7 +129,7 @@ ms.date: 01/29/2018
- + **Defender/AllowArchiveScanning** @@ -179,11 +179,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowBehaviorMonitoring** @@ -233,11 +233,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowCloudProtection** @@ -287,11 +287,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowEmailScanning** @@ -341,11 +341,11 @@ The following list shows the supported values: - 1 – Allowed. - +
- + **Defender/AllowFullScanOnMappedNetworkDrives** @@ -395,11 +395,11 @@ The following list shows the supported values: - 1 – Allowed. - +
- + **Defender/AllowFullScanRemovableDriveScanning** @@ -449,11 +449,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowIOAVProtection** @@ -503,11 +503,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowIntrusionPreventionSystem** @@ -557,11 +557,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowOnAccessProtection** @@ -611,11 +611,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowRealtimeMonitoring** @@ -665,11 +665,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowScanningNetworkFiles** @@ -719,11 +719,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowScriptScanning** @@ -773,11 +773,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AllowUserUIAccess** @@ -827,11 +827,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Defender/AttackSurfaceReductionOnlyExclusions** @@ -876,11 +876,11 @@ Added in Windows 10, version 1709. This policy setting allows you to prevent Att Value type is string. - +
- + **Defender/AttackSurfaceReductionRules** @@ -927,11 +927,11 @@ For more information about ASR rule ID and status ID, see [Enable Attack Surface Value type is string. - +
- + **Defender/AvgCPULoadFactor** @@ -981,11 +981,11 @@ The default value is 50. Valid values: 0–100 - +
- + **Defender/CloudBlockLevel** @@ -1044,11 +1044,11 @@ The following list shows the supported values: - 0x6 - Zero tolerance blocking level – block all unknown executables - +
- + **Defender/CloudExtendedTimeout** @@ -1097,11 +1097,11 @@ For example, if the desired timeout is 60 seconds, specify 50 seconds in this se > This feature depends on three other MAPS settings the must all be enabled- "Configure the 'Block at First Sight' feature; "Join Microsoft MAPS"; "Send file samples when further analysis is required". - +
- + **Defender/ControlledFolderAccessAllowedApplications** @@ -1143,11 +1143,11 @@ For example, if the desired timeout is 60 seconds, specify 50 seconds in this se Added in Windows 10, version 1709. This policy setting allows user-specified applications to the guard my folders feature. Adding an allowed application means the guard my folders feature will allow the application to modify or delete content in certain folders such as My Documents. In most cases it will not be necessary to add entries. Windows Defender Antivirus will automatically detect and dynamically add applications that are friendly. Value type is string. Use the | as the substring separator. - +
- + **Defender/ControlledFolderAccessProtectedFolders** @@ -1189,11 +1189,11 @@ Added in Windows 10, version 1709. This policy setting allows user-specified app Added in Windows 10, version 1709. This policy settings allows adding user-specified folder locations to the guard my folders feature. These folders will complement the system defined folders such as My Documents and My Pictures. The list of system folders will be displayed in the user interface and can not be changed. Value type is string. Use the | as the substring separator. - +
- + **Defender/DaysToRetainCleanedMalware** @@ -1243,11 +1243,11 @@ The default value is 0, which keeps items in quarantine, and does not automatica Valid values: 0–90 - +
- + **Defender/EnableControlledFolderAccess** @@ -1297,11 +1297,11 @@ The following list shows the supported values: - 2 - Audit Mode - +
- + **Defender/EnableNetworkProtection** @@ -1357,11 +1357,11 @@ The following list shows the supported values: - 2 - Enabled (audit mode) - +
- + **Defender/ExcludedExtensions** @@ -1404,11 +1404,11 @@ The following list shows the supported values: Allows an administrator to specify a list of file type extensions to ignore during a scan. Each file type in the list must be separated by a **|**. For example, "lib|obj". - +
- + **Defender/ExcludedPaths** @@ -1451,11 +1451,11 @@ Allows an administrator to specify a list of file type extensions to ignore duri Allows an administrator to specify a list of directory paths to ignore during a scan. Each path in the list must be separated by a **|**. For example, "C:\\Example|C:\\Example1". - +
- + **Defender/ExcludedProcesses** @@ -1504,11 +1504,11 @@ Allows an administrator to specify a list of files opened by processes to ignore Each file type must be separated by a **|**. For example, "C:\\Example.exe|C:\\Example1.exe". - +
- + **Defender/PUAProtection** @@ -1559,11 +1559,11 @@ The following list shows the supported values: - 2 – Audit mode. Windows Defender will detect potentially unwanted applications, but take no action. You can review information about the applications Windows Defender would have taken action against by searching for events created by Windows Defender in the Event Viewer. - +
- + **Defender/RealTimeScanDirection** @@ -1617,11 +1617,11 @@ The following list shows the supported values: - 2 – Monitor outgoing files. - +
- + **Defender/ScanParameter** @@ -1671,11 +1671,11 @@ The following list shows the supported values: - 2 – Full scan - +
- + **Defender/ScheduleQuickScanTime** @@ -1731,11 +1731,11 @@ The default value is 120 Valid values: 0–1380 - +
- + **Defender/ScheduleScanDay** @@ -1795,11 +1795,11 @@ The following list shows the supported values: - 8 – No scheduled scan - +
- + **Defender/ScheduleScanTime** @@ -1855,11 +1855,11 @@ The default value is 120. Valid values: 0–1380. - +
- + **Defender/SignatureUpdateInterval** @@ -1911,11 +1911,11 @@ The default value is 8. Valid values: 0–24. - +
- + **Defender/SubmitSamplesConsent** @@ -1967,11 +1967,11 @@ The following list shows the supported values: - 3 – Send all samples automatically. - +
- + **Defender/ThreatSeverityDefaultAction** @@ -2032,7 +2032,7 @@ The following list shows the supported values for possible actions: - 10 – Block - +
Footnote: @@ -2041,7 +2041,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Defender policies supported by Microsoft Surface Hub diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md index 066c6de874..d05d2cedb0 100644 --- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md +++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - DeliveryOptimization @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## DeliveryOptimization policies
@@ -98,7 +98,7 @@ ms.date: 01/29/2018
- + **DeliveryOptimization/DOAbsoluteMaxCacheSize** @@ -143,11 +143,11 @@ Added in Windows 10, version 1607. Specifies the maximum size in GB of Delivery The default value is 10. - +
- + **DeliveryOptimization/DOAllowVPNPeerCaching** @@ -197,11 +197,11 @@ The following list shows the supported values: - 1 - Allowed. - +
- + **DeliveryOptimization/DODelayBackgroundDownloadFromHttp** @@ -242,11 +242,11 @@ Added in Windows 10, next major update. This policy allows you to delay the use After the max delay is reached, the download will resume using HTTP, either downloading the entire payload or complementing the bytes that could not be downloaded from peers. Note that a download that is waiting for peer sources, will appear to be stuck for the end user. The recommended value is 1 hour (3600). - +
- + **DeliveryOptimization/DODelayForegroundDownloadFromHttp** @@ -299,11 +299,11 @@ The following list shows the supported values as number of seconds: - Default is not configured. - +
- + **DeliveryOptimization/DODownloadMode** @@ -357,11 +357,11 @@ The following list shows the supported values: - 100 - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607. - +
- + **DeliveryOptimization/DOGroupId** @@ -407,11 +407,11 @@ This Policy specifies an arbitrary group ID that the device belongs to. Use this > You must use a GUID as the group ID. - +
- + **DeliveryOptimization/DOGroupIdSource** @@ -467,11 +467,11 @@ The following list shows the supported values: - 4 - DNS suffix - +
- + **DeliveryOptimization/DOMaxCacheAge** @@ -516,11 +516,11 @@ Specifies the maximum time in seconds that each file is held in the Delivery Opt The default value is 259200 seconds (3 days). - +
- + **DeliveryOptimization/DOMaxCacheSize** @@ -565,11 +565,11 @@ Specifies the maximum cache size that Delivery Optimization can utilize, as a pe The default value is 20. - +
- + **DeliveryOptimization/DOMaxDownloadBandwidth** @@ -614,11 +614,11 @@ Added in Windows 10, version 1607. Specifies the maximum download bandwidth in The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads. - +
- + **DeliveryOptimization/DOMaxUploadBandwidth** @@ -663,11 +663,11 @@ Specifies the maximum upload bandwidth in KiloBytes/second that a device will us The default value is 0, which permits unlimited possible bandwidth (optimized for minimal usage of upload bandwidth). - +
- + **DeliveryOptimization/DOMinBackgroundQos** @@ -712,11 +712,11 @@ Added in Windows 10, version 1607. Specifies the minimum download QoS (Quality The default value is 500. - +
- + **DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload** @@ -760,11 +760,11 @@ Added in Windows 10, version 1703. Specifies any value between 1 and 100 (in pe The default value is 0. The value 0 (zero) means "not limited" and the cloud service default value will be used. - +
- + **DeliveryOptimization/DOMinDiskSizeAllowedToPeer** @@ -812,11 +812,11 @@ Added in Windows 10, version 1703. Specifies the required minimum disk size (cap The default value is 32 GB. - +
- + **DeliveryOptimization/DOMinFileSizeToCache** @@ -861,11 +861,11 @@ Added in Windows 10, version 1703. Specifies the minimum content file size in MB The default value is 100 MB. - +
- + **DeliveryOptimization/DOMinRAMAllowedToPeer** @@ -910,11 +910,11 @@ Added in Windows 10, version 1703. Specifies the minimum RAM size in GB required The default value is 4 GB. - +
- + **DeliveryOptimization/DOModifyCacheDrive** @@ -959,11 +959,11 @@ Added in Windows 10, version 1607. Specifies the drive that Delivery Optimizati By default, %SystemDrive% is used to store the cache. - +
- + **DeliveryOptimization/DOMonthlyUploadDataCap** @@ -1010,11 +1010,11 @@ The value 0 (zero) means "unlimited"; No monthly upload limit is applied if 0 is The default value is 20. - +
- + **DeliveryOptimization/DOPercentageMaxBackDownloadBandwidth** @@ -1055,22 +1055,22 @@ Added in Windows 10, next major update. Specifies the maximum background downloa Note that downloads from LAN peers will not be throttled even when this policy is set. - +
- + **DeliveryOptimization/DOPercentageMaxDownloadBandwidth** This policy is deprecated. Use [DOPercentageMaxForeDownloadBandwidth](#deliveryoptimization-dopercentagemaxforedownloadbandwidth) and [DOPercentageMaxBackDownloadBandwidth](#deliveryoptimization-dopercentagemaxbackdownloadbandwidth) policies instead. - +
- + **DeliveryOptimization/DOPercentageMaxForeDownloadBandwidth** @@ -1111,11 +1111,11 @@ Added in Windows 10, next major update. Specifies the maximum foreground downloa Note that downloads from LAN peers will not be throttled even when this policy is set. - +
- + **DeliveryOptimization/DORestrictPeerSelectionBy** @@ -1163,11 +1163,11 @@ The following list shows the supported values: - 1 - Subnet mask. - +
- + **DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth** @@ -1216,11 +1216,11 @@ This policy allows an IT Admin to define the following: - % of throttle for foreground traffic outside of business hours - +
- + **DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth** @@ -1269,7 +1269,7 @@ This policy allows an IT Admin to define the following: - % of throttle for foreground traffic outside of business hours - +
Footnote: @@ -1278,7 +1278,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## DeliveryOptimization policies supported by Microsoft Surface Hub diff --git a/windows/client-management/mdm/policy-csp-desktop.md b/windows/client-management/mdm/policy-csp-desktop.md index 009265655e..56fcae51f5 100644 --- a/windows/client-management/mdm/policy-csp-desktop.md +++ b/windows/client-management/mdm/policy-csp-desktop.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Desktop @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Desktop policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **Desktop/PreventUserRedirectionOfProfileFolders** @@ -85,7 +85,7 @@ ADMX Info: - GP ADMX file name: *desktop.admx* - +
Footnote: @@ -94,7 +94,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Desktop policies supported by Microsoft Surface Hub diff --git a/windows/client-management/mdm/policy-csp-deviceguard.md b/windows/client-management/mdm/policy-csp-deviceguard.md index d2cc249634..bde8f4dc65 100644 --- a/windows/client-management/mdm/policy-csp-deviceguard.md +++ b/windows/client-management/mdm/policy-csp-deviceguard.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - DeviceGuard @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## DeviceGuard policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **DeviceGuard/EnableVirtualizationBasedSecurity** @@ -79,11 +79,11 @@ The following list shows the supported values: - 1 - enable virtualization based security. - +
- + **DeviceGuard/LsaCfgFlags** @@ -130,11 +130,11 @@ The following list shows the supported values: - 2 - (Enabled without lock) Turns on Credential Guard without UEFI lock. - +
- + **DeviceGuard/RequirePlatformSecurityFeatures** @@ -180,7 +180,7 @@ The following list shows the supported values: - 3 - Turns on VBS with Secure Boot and direct memory access (DMA). DMA requires hardware support. - +
Footnote: @@ -189,5 +189,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-deviceinstallation.md b/windows/client-management/mdm/policy-csp-deviceinstallation.md index d104e70a92..5813ea9ecb 100644 --- a/windows/client-management/mdm/policy-csp-deviceinstallation.md +++ b/windows/client-management/mdm/policy-csp-deviceinstallation.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - DeviceInstallation @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## DeviceInstallation policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **DeviceInstallation/PreventInstallationOfMatchingDeviceIDs** @@ -88,11 +88,11 @@ ADMX Info: - GP ADMX file name: *deviceinstallation.admx* - +
- + **DeviceInstallation/PreventInstallationOfMatchingDeviceSetupClasses** @@ -150,7 +150,7 @@ ADMX Info: - GP ADMX file name: *deviceinstallation.admx* - +
Footnote: @@ -159,5 +159,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-devicelock.md b/windows/client-management/mdm/policy-csp-devicelock.md index 3b169444ca..2555067447 100644 --- a/windows/client-management/mdm/policy-csp-devicelock.md +++ b/windows/client-management/mdm/policy-csp-devicelock.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - DeviceLock @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## DeviceLock policies
@@ -77,7 +77,7 @@ ms.date: 01/29/2018
- + **DeviceLock/AllowIdleReturnWithoutPassword** @@ -130,11 +130,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **DeviceLock/AllowScreenTimeoutWhileLockedUserConfig** @@ -192,11 +192,11 @@ The following list shows the supported values: - 1 – Allowed. - +
- + **DeviceLock/AllowSimpleDevicePassword** @@ -249,11 +249,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **DeviceLock/AlphanumericDevicePasswordRequired** @@ -312,11 +312,11 @@ The following list shows the supported values: - 2 (default) – Users can choose: Numeric PIN or password, or Alphanumeric PIN or password. - +
- + **DeviceLock/DevicePasswordEnabled** @@ -403,11 +403,11 @@ The following list shows the supported values: - 1 – Disabled - +
- + **DeviceLock/DevicePasswordExpiration** @@ -462,11 +462,11 @@ The following list shows the supported values: - 0 (default) - Passwords do not expire. - +
- + **DeviceLock/DevicePasswordHistory** @@ -523,11 +523,11 @@ The following list shows the supported values: - 0 (default) - +
- + **DeviceLock/EnforceLockScreenAndLogonImage** @@ -572,11 +572,11 @@ Added in Windows 10, version 1607. Specifies the default lock screen and logon Value type is a string, which is the full image filepath and filename. - +
- + **DeviceLock/EnforceLockScreenProvider** @@ -621,11 +621,11 @@ Added in Windows 10, version 1607. Restricts lock screen image to a specific lo Value type is a string, which is the AppID. - +
- + **DeviceLock/MaxDevicePasswordFailedAttempts** @@ -687,11 +687,11 @@ The following list shows the supported values: - 0 (default) - The device is never wiped after an incorrect PIN or password is entered. - +
- + **DeviceLock/MaxInactivityTimeDeviceLock** @@ -744,11 +744,11 @@ The following list shows the supported values: - 0 (default) - No timeout is defined. The default of "0" is Windows Phone 7.5 parity and is interpreted by as "No timeout is defined." - +
- + **DeviceLock/MaxInactivityTimeDeviceLockWithExternalDisplay** @@ -797,11 +797,11 @@ The following list shows the supported values: - 0 (default) - No timeout is defined. The default of "0" is Windows Phone 7.5 parity and is interpreted by as "No timeout is defined." - +
- + **DeviceLock/MinDevicePasswordComplexCharacters** @@ -911,11 +911,11 @@ The enforcement of policies for Microsoft accounts happen on the server, and the For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx) and [KB article](https://support.office.com/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca). - +
- + **DeviceLock/MinDevicePasswordLength** @@ -973,11 +973,11 @@ The following list shows the supported values: - The default value is 4 for mobile devices and desktop devices. - +
- + **DeviceLock/MinimumPasswordAge** @@ -1020,11 +1020,11 @@ The minimum password age must be less than the Maximum password age, unless the Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cycle through passwords repeatedly until they get to an old favorite. The default setting does not follow this recommendation, so that an administrator can specify a password for a user and then require the user to change the administrator-defined password when the user logs on. If the password history is set to 0, the user does not have to choose a new password. For this reason, Enforce password history is set to 1 by default. - +
- + **DeviceLock/PreventLockScreenSlideShow** @@ -1082,11 +1082,11 @@ ADMX Info: - GP ADMX file name: *ControlPanelDisplay.admx* - +
- + **DeviceLock/ScreenTimeoutWhileLocked** @@ -1136,7 +1136,7 @@ The default value is 10. Most restricted value is 0. - +
Footnote: @@ -1145,7 +1145,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## DeviceLock policies that can be set using Exchange Active Sync (EAS) diff --git a/windows/client-management/mdm/policy-csp-display.md b/windows/client-management/mdm/policy-csp-display.md index e2302d2679..fbfc7878d5 100644 --- a/windows/client-management/mdm/policy-csp-display.md +++ b/windows/client-management/mdm/policy-csp-display.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Display @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Display policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **Display/TurnOffGdiDPIScalingForApps** @@ -84,11 +84,11 @@ To validate on Desktop, do the following: 2. Run the app and observe blurry text. - +
- + **Display/TurnOnGdiDPIScalingForApps** @@ -142,7 +142,7 @@ To validate on Desktop, do the following: 2. Run the app and observe crisp text. - +
Footnote: @@ -151,5 +151,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-education.md b/windows/client-management/mdm/policy-csp-education.md index 70e051604f..3583549ed4 100644 --- a/windows/client-management/mdm/policy-csp-education.md +++ b/windows/client-management/mdm/policy-csp-education.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Education @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Education policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **Education/DefaultPrinterName** @@ -74,11 +74,11 @@ Added in Windows 10, version 1709. This policy allows IT Admins to set the user The policy value is expected to be the name (network host name) of an installed printer. - +
- + **Education/PreventAddingNewPrinters** @@ -124,11 +124,11 @@ The following list shows the supported values: - 1 – Prevent user installation. - +
- + **Education/PrinterNames** @@ -169,7 +169,7 @@ Added in Windows 10, version 1709. Allows IT Admins to automatically provision The policy value is expected to be a `````` seperated list of printer names. The OS will attempt to search and install the matching printer driver for each listed printer. - +
Footnote: @@ -178,5 +178,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-enterprisecloudprint.md b/windows/client-management/mdm/policy-csp-enterprisecloudprint.md index 635152c9cc..63d4b5f3b2 100644 --- a/windows/client-management/mdm/policy-csp-enterprisecloudprint.md +++ b/windows/client-management/mdm/policy-csp-enterprisecloudprint.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - EnterpriseCloudPrint @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## EnterpriseCloudPrint policies
@@ -42,7 +42,7 @@ ms.date: 01/29/2018
- + **EnterpriseCloudPrint/CloudPrintOAuthAuthority** @@ -85,11 +85,11 @@ The datatype is a string. The default value is an empty string. Otherwise, the value should contain the URL of an endpoint. For example, "https://azuretenant.contoso.com/adfs". - +
- + **EnterpriseCloudPrint/CloudPrintOAuthClientId** @@ -132,11 +132,11 @@ The datatype is a string. The default value is an empty string. Otherwise, the value should contain a GUID. For example, "E1CF1107-FF90-4228-93BF-26052DD2C714". - +
- + **EnterpriseCloudPrint/CloudPrintResourceId** @@ -179,11 +179,11 @@ The datatype is a string. The default value is an empty string. Otherwise, the value should contain a URL. For example, "http://MicrosoftEnterpriseCloudPrint/CloudPrint". - +
- + **EnterpriseCloudPrint/CloudPrinterDiscoveryEndPoint** @@ -226,11 +226,11 @@ The datatype is a string. The default value is an empty string. Otherwise, the value should contain the URL of an endpoint. For example, "https://cloudprinterdiscovery.contoso.com". - +
- + **EnterpriseCloudPrint/DiscoveryMaxPrinterLimit** @@ -273,11 +273,11 @@ The datatype is an integer. For Windows Mobile, the default value is 20. - +
- + **EnterpriseCloudPrint/MopriaDiscoveryResourceId** @@ -320,7 +320,7 @@ The datatype is a string. The default value is an empty string. Otherwise, the value should contain a URL. For example, "http://MopriaDiscoveryService/CloudPrint". - +
Footnote: @@ -329,5 +329,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-errorreporting.md b/windows/client-management/mdm/policy-csp-errorreporting.md index 8b4deb16d5..e33bbb0431 100644 --- a/windows/client-management/mdm/policy-csp-errorreporting.md +++ b/windows/client-management/mdm/policy-csp-errorreporting.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - ErrorReporting @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## ErrorReporting policies
@@ -39,7 +39,7 @@ ms.date: 01/29/2018
- + **ErrorReporting/CustomizeConsentSettings** @@ -107,11 +107,11 @@ ADMX Info: - GP ADMX file name: *ErrorReporting.admx* - +
- + **ErrorReporting/DisableWindowsErrorReporting** @@ -169,11 +169,11 @@ ADMX Info: - GP ADMX file name: *ErrorReporting.admx* - +
- + **ErrorReporting/DisplayErrorNotification** @@ -235,11 +235,11 @@ ADMX Info: - GP ADMX file name: *ErrorReporting.admx* - +
- + **ErrorReporting/DoNotSendAdditionalData** @@ -297,11 +297,11 @@ ADMX Info: - GP ADMX file name: *ErrorReporting.admx* - +
- + **ErrorReporting/PreventCriticalErrorDisplay** @@ -359,7 +359,7 @@ ADMX Info: - GP ADMX file name: *ErrorReporting.admx* - +
Footnote: @@ -368,5 +368,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-eventlogservice.md b/windows/client-management/mdm/policy-csp-eventlogservice.md index b531654651..10a8c1e6f4 100644 --- a/windows/client-management/mdm/policy-csp-eventlogservice.md +++ b/windows/client-management/mdm/policy-csp-eventlogservice.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - EventLogService @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## EventLogService policies
@@ -36,7 +36,7 @@ ms.date: 01/29/2018
- + **EventLogService/ControlEventLogBehavior** @@ -96,11 +96,11 @@ ADMX Info: - GP ADMX file name: *eventlog.admx* - +
- + **EventLogService/SpecifyMaximumFileSizeApplicationLog** @@ -158,11 +158,11 @@ ADMX Info: - GP ADMX file name: *eventlog.admx* - +
- + **EventLogService/SpecifyMaximumFileSizeSecurityLog** @@ -220,11 +220,11 @@ ADMX Info: - GP ADMX file name: *eventlog.admx* - +
- + **EventLogService/SpecifyMaximumFileSizeSystemLog** @@ -282,7 +282,7 @@ ADMX Info: - GP ADMX file name: *eventlog.admx* - +
Footnote: @@ -291,5 +291,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-experience.md b/windows/client-management/mdm/policy-csp-experience.md index 9c346946d7..162e0d9065 100644 --- a/windows/client-management/mdm/policy-csp-experience.md +++ b/windows/client-management/mdm/policy-csp-experience.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Experience @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## Experience policies
@@ -89,7 +89,7 @@ ms.date: 01/29/2018
- + **Experience/AllowCopyPaste** @@ -140,11 +140,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowCortana** @@ -192,11 +192,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowDeviceDiscovery** @@ -246,11 +246,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowFindMyDevice** @@ -300,11 +300,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowManualMDMUnenrollment** @@ -356,11 +356,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowSIMErrorDialogPromptWhenNoSIM** @@ -410,22 +410,22 @@ The following list shows the supported values: - 1 (default) – SIM card dialog prompt is displayed. - +
- + **Experience/AllowSaveAsOfOfficeFiles** This policy is deprecated. - +
- + **Experience/AllowScreenCapture** @@ -477,22 +477,22 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowSharingOfOfficeFiles** This policy is deprecated. - +
- + **Experience/AllowSyncMySettings** @@ -538,11 +538,11 @@ The following list shows the supported values: - 1 (default) – Sync settings allowed. - +
- + **Experience/AllowTailoredExperiencesWithDiagnosticData** @@ -597,11 +597,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowTaskSwitcher** @@ -651,11 +651,11 @@ The following list shows the supported values: - 1 (default) – Task switching allowed. - +
- + **Experience/AllowThirdPartySuggestionsInWindowsSpotlight** @@ -705,11 +705,11 @@ The following list shows the supported values: - 1 (default) – Third-party suggestions allowed. - +
- + **Experience/AllowVoiceRecording** @@ -761,11 +761,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowWindowsConsumerFeatures** @@ -817,11 +817,11 @@ The following list shows the supported values: - 1 – Allowed. - +
- + **Experience/AllowWindowsSpotlight** @@ -873,11 +873,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowWindowsSpotlightOnActionCenter** @@ -928,11 +928,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowWindowsSpotlightWindowsWelcomeExperience** @@ -984,11 +984,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Experience/AllowWindowsTips** @@ -1034,11 +1034,11 @@ The following list shows the supported values: - 1 (default) – Enabled. - +
- + **Experience/ConfigureWindowsSpotlightOnLockScreen** @@ -1089,11 +1089,11 @@ The following list shows the supported values: - 2 – placeholder only for future extension. Using this value has no effect. - +
- + **Experience/DoNotShowFeedbackNotifications** @@ -1143,7 +1143,7 @@ The following list shows the supported values: - 1 – Feedback notifications are disabled. - +
Footnote: @@ -1152,7 +1152,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Experience policies supported by Windows Holographic for Business diff --git a/windows/client-management/mdm/policy-csp-exploitguard.md b/windows/client-management/mdm/policy-csp-exploitguard.md index 9f742bb32f..f52eb4c227 100644 --- a/windows/client-management/mdm/policy-csp-exploitguard.md +++ b/windows/client-management/mdm/policy-csp-exploitguard.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - ExploitGuard @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## ExploitGuard policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **ExploitGuard/ExploitProtectionSettings** @@ -95,7 +95,7 @@ Here is an example: ``` - +
Footnote: @@ -104,5 +104,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-games.md b/windows/client-management/mdm/policy-csp-games.md index 233f091ce6..2a651204e1 100644 --- a/windows/client-management/mdm/policy-csp-games.md +++ b/windows/client-management/mdm/policy-csp-games.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Games @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Games policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **Games/AllowAdvancedGamingServices** @@ -73,7 +73,7 @@ The following list shows the supported values: - 1 (default) - Allowed - +
Footnote: @@ -82,5 +82,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-handwriting.md b/windows/client-management/mdm/policy-csp-handwriting.md index ac276081cf..c03012e8f2 100644 --- a/windows/client-management/mdm/policy-csp-handwriting.md +++ b/windows/client-management/mdm/policy-csp-handwriting.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Handwriting @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Handwriting policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **Handwriting/PanelDefaultModeDocked** @@ -79,7 +79,7 @@ The following list shows the supported values: - 1 - Enabled. - +
Footnote: @@ -88,5 +88,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md index ba26acd4fc..4e2042350f 100644 --- a/windows/client-management/mdm/policy-csp-internetexplorer.md +++ b/windows/client-management/mdm/policy-csp-internetexplorer.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - InternetExplorer @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## InternetExplorer policies
@@ -753,7 +753,7 @@ ms.date: 01/29/2018
- + **InternetExplorer/AddSearchProvider** @@ -812,11 +812,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowActiveXFiltering** @@ -875,11 +875,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowAddOnList** @@ -944,11 +944,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowAutoComplete** @@ -1001,11 +1001,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowCertificateAddressMismatchWarning** @@ -1059,11 +1059,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowDeletingBrowsingHistoryOnExit** @@ -1117,11 +1117,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowEnhancedProtectedMode** @@ -1182,11 +1182,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowEnterpriseModeFromToolsMenu** @@ -1245,11 +1245,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowEnterpriseModeSiteList** @@ -1308,11 +1308,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowFallbackToSSL3** @@ -1365,11 +1365,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowInternetExplorer7PolicyList** @@ -1428,11 +1428,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowInternetExplorerStandardsMode** @@ -1493,11 +1493,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowInternetZoneTemplate** @@ -1562,11 +1562,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowIntranetZoneTemplate** @@ -1631,11 +1631,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowLocalMachineZoneTemplate** @@ -1700,11 +1700,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowLockedDownInternetZoneTemplate** @@ -1769,11 +1769,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowLockedDownIntranetZoneTemplate** @@ -1838,11 +1838,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowLockedDownLocalMachineZoneTemplate** @@ -1907,11 +1907,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowLockedDownRestrictedSitesZoneTemplate** @@ -1976,11 +1976,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowOneWordEntry** @@ -2039,11 +2039,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowSiteToZoneAssignmentList** @@ -2108,11 +2108,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowSoftwareWhenSignatureIsInvalid** @@ -2166,11 +2166,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowSuggestedSites** @@ -2231,11 +2231,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowTrustedSitesZoneTemplate** @@ -2300,11 +2300,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowsLockedDownTrustedSitesZoneTemplate** @@ -2369,11 +2369,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/AllowsRestrictedSitesZoneTemplate** @@ -2438,11 +2438,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/CheckServerCertificateRevocation** @@ -2496,11 +2496,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/CheckSignaturesOnDownloadedPrograms** @@ -2554,11 +2554,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/ConsistentMimeHandlingInternetExplorerProcesses** @@ -2612,11 +2612,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableAdobeFlash** @@ -2677,11 +2677,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableBypassOfSmartScreenWarnings** @@ -2740,11 +2740,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableBypassOfSmartScreenWarningsAboutUncommonFiles** @@ -2803,11 +2803,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableConfiguringHistory** @@ -2861,11 +2861,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableCrashDetection** @@ -2919,11 +2919,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableCustomerExperienceImprovementProgramParticipation** @@ -2984,11 +2984,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableDeletingUserVisitedWebsites** @@ -3042,11 +3042,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableEnclosureDownloading** @@ -3105,11 +3105,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableEncryptionSupport** @@ -3170,11 +3170,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableFirstRunWizard** @@ -3237,11 +3237,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableFlipAheadFeature** @@ -3304,11 +3304,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableHomePageChange** @@ -3366,11 +3366,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableIgnoringCertificateErrors** @@ -3424,11 +3424,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableInPrivateBrowsing** @@ -3482,11 +3482,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableProcessesInEnhancedProtectedMode** @@ -3540,11 +3540,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableProxyChange** @@ -3603,11 +3603,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableSearchProviderChange** @@ -3666,11 +3666,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableSecondaryHomePageChange** @@ -3731,11 +3731,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableSecuritySettingsCheck** @@ -3789,11 +3789,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DisableUpdateCheck** @@ -3853,11 +3853,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DoNotAllowActiveXControlsInProtectedMode** @@ -3911,11 +3911,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DoNotAllowUsersToAddSites** @@ -3979,11 +3979,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DoNotAllowUsersToChangePolicies** @@ -4047,11 +4047,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DoNotBlockOutdatedActiveXControls** @@ -4112,11 +4112,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/DoNotBlockOutdatedActiveXControlsOnSpecificDomains** @@ -4181,11 +4181,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IncludeAllLocalSites** @@ -4246,11 +4246,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IncludeAllNetworkPaths** @@ -4311,11 +4311,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowAccessToDataSources** @@ -4376,11 +4376,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowAutomaticPromptingForActiveXControls** @@ -4441,11 +4441,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowAutomaticPromptingForFileDownloads** @@ -4504,11 +4504,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowCopyPasteViaScript** @@ -4562,11 +4562,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowDragAndDropCopyAndPasteFiles** @@ -4620,11 +4620,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowFontDownloads** @@ -4685,11 +4685,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowLessPrivilegedSites** @@ -4750,11 +4750,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowLoadingOfXAMLFiles** @@ -4808,11 +4808,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowNETFrameworkReliantComponents** @@ -4873,11 +4873,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowOnlyApprovedDomainsToUseActiveXControls** @@ -4931,11 +4931,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl** @@ -4989,11 +4989,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowScriptInitiatedWindows** @@ -5047,11 +5047,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowScriptingOfInternetExplorerWebBrowserControls** @@ -5105,11 +5105,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowScriptlets** @@ -5170,11 +5170,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowSmartScreenIE** @@ -5237,11 +5237,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowUpdatesToStatusBarViaScript** @@ -5295,11 +5295,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneAllowUserDataPersistence** @@ -5360,11 +5360,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneDoNotRunAntimalwareAgainstActiveXControls** @@ -5418,11 +5418,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneDownloadSignedActiveXControls** @@ -5476,11 +5476,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneDownloadUnsignedActiveXControls** @@ -5534,11 +5534,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneEnableCrossSiteScriptingFilter** @@ -5592,11 +5592,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows** @@ -5650,11 +5650,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows** @@ -5708,11 +5708,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneEnableMIMESniffing** @@ -5766,11 +5766,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneEnableProtectedMode** @@ -5824,11 +5824,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneIncludeLocalPathWhenUploadingFilesToServer** @@ -5882,11 +5882,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneInitializeAndScriptActiveXControls** @@ -5949,11 +5949,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneInitializeAndScriptActiveXControlsNotMarkedSafe** @@ -5982,11 +5982,11 @@ ADMX Info: - +
- + **InternetExplorer/InternetZoneJavaPermissions** @@ -6040,11 +6040,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneLaunchingApplicationsAndFilesInIFRAME** @@ -6098,11 +6098,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneLogonOptions** @@ -6156,11 +6156,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneNavigateWindowsAndFrames** @@ -6221,11 +6221,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode** @@ -6279,11 +6279,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneShowSecurityWarningForPotentiallyUnsafeFiles** @@ -6337,11 +6337,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/InternetZoneUsePopupBlocker** @@ -6395,11 +6395,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneAllowAccessToDataSources** @@ -6460,11 +6460,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneAllowAutomaticPromptingForActiveXControls** @@ -6525,11 +6525,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneAllowAutomaticPromptingForFileDownloads** @@ -6588,11 +6588,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneAllowFontDownloads** @@ -6653,11 +6653,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneAllowLessPrivilegedSites** @@ -6718,11 +6718,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneAllowNETFrameworkReliantComponents** @@ -6783,11 +6783,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneAllowScriptlets** @@ -6848,11 +6848,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneAllowSmartScreenIE** @@ -6915,11 +6915,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneAllowUserDataPersistence** @@ -6980,11 +6980,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneDoNotRunAntimalwareAgainstActiveXControls** @@ -7038,11 +7038,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneInitializeAndScriptActiveXControls** @@ -7105,11 +7105,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneJavaPermissions** @@ -7163,11 +7163,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/IntranetZoneNavigateWindowsAndFrames** @@ -7228,11 +7228,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneAllowAccessToDataSources** @@ -7293,11 +7293,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneAllowAutomaticPromptingForActiveXControls** @@ -7358,11 +7358,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneAllowAutomaticPromptingForFileDownloads** @@ -7421,11 +7421,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneAllowFontDownloads** @@ -7486,11 +7486,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneAllowLessPrivilegedSites** @@ -7551,11 +7551,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneAllowNETFrameworkReliantComponents** @@ -7616,11 +7616,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneAllowScriptlets** @@ -7681,11 +7681,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneAllowSmartScreenIE** @@ -7748,11 +7748,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneAllowUserDataPersistence** @@ -7813,11 +7813,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneDoNotRunAntimalwareAgainstActiveXControls** @@ -7871,11 +7871,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneInitializeAndScriptActiveXControls** @@ -7938,11 +7938,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneJavaPermissions** @@ -7996,11 +7996,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LocalMachineZoneNavigateWindowsAndFrames** @@ -8061,11 +8061,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneAllowAccessToDataSources** @@ -8126,11 +8126,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneAllowAutomaticPromptingForActiveXControls** @@ -8191,11 +8191,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneAllowAutomaticPromptingForFileDownloads** @@ -8254,11 +8254,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneAllowFontDownloads** @@ -8319,11 +8319,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneAllowLessPrivilegedSites** @@ -8384,11 +8384,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneAllowNETFrameworkReliantComponents** @@ -8449,11 +8449,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneAllowScriptlets** @@ -8514,11 +8514,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneAllowSmartScreenIE** @@ -8581,11 +8581,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneAllowUserDataPersistence** @@ -8646,11 +8646,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneInitializeAndScriptActiveXControls** @@ -8713,11 +8713,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneJavaPermissions** @@ -8771,11 +8771,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownInternetZoneNavigateWindowsAndFrames** @@ -8836,11 +8836,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneAllowAccessToDataSources** @@ -8901,11 +8901,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneAllowAutomaticPromptingForActiveXControls** @@ -8966,11 +8966,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneAllowAutomaticPromptingForFileDownloads** @@ -9029,11 +9029,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneAllowFontDownloads** @@ -9094,11 +9094,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneAllowLessPrivilegedSites** @@ -9159,11 +9159,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneAllowNETFrameworkReliantComponents** @@ -9224,11 +9224,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneAllowScriptlets** @@ -9289,11 +9289,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneAllowSmartScreenIE** @@ -9356,11 +9356,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneAllowUserDataPersistence** @@ -9421,11 +9421,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneInitializeAndScriptActiveXControls** @@ -9488,11 +9488,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownIntranetZoneNavigateWindowsAndFrames** @@ -9553,11 +9553,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneAllowAccessToDataSources** @@ -9618,11 +9618,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneAllowAutomaticPromptingForActiveXControls** @@ -9683,11 +9683,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneAllowAutomaticPromptingForFileDownloads** @@ -9746,11 +9746,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneAllowFontDownloads** @@ -9811,11 +9811,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneAllowLessPrivilegedSites** @@ -9876,11 +9876,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneAllowNETFrameworkReliantComponents** @@ -9941,11 +9941,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneAllowScriptlets** @@ -10006,11 +10006,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneAllowSmartScreenIE** @@ -10073,11 +10073,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneAllowUserDataPersistence** @@ -10138,11 +10138,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneInitializeAndScriptActiveXControls** @@ -10205,11 +10205,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneJavaPermissions** @@ -10263,11 +10263,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownLocalMachineZoneNavigateWindowsAndFrames** @@ -10328,11 +10328,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneAllowAccessToDataSources** @@ -10393,11 +10393,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneAllowAutomaticPromptingForActiveXControls** @@ -10458,11 +10458,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneAllowAutomaticPromptingForFileDownloads** @@ -10521,11 +10521,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneAllowFontDownloads** @@ -10586,11 +10586,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneAllowLessPrivilegedSites** @@ -10651,11 +10651,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneAllowNETFrameworkReliantComponents** @@ -10716,11 +10716,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneAllowScriptlets** @@ -10781,11 +10781,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneAllowSmartScreenIE** @@ -10848,11 +10848,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneAllowUserDataPersistence** @@ -10913,11 +10913,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneInitializeAndScriptActiveXControls** @@ -10980,11 +10980,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneJavaPermissions** @@ -11038,11 +11038,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownRestrictedSitesZoneNavigateWindowsAndFrames** @@ -11103,11 +11103,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneAllowAccessToDataSources** @@ -11168,11 +11168,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneAllowAutomaticPromptingForActiveXControls** @@ -11233,11 +11233,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneAllowAutomaticPromptingForFileDownloads** @@ -11296,11 +11296,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneAllowFontDownloads** @@ -11361,11 +11361,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneAllowLessPrivilegedSites** @@ -11426,11 +11426,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneAllowNETFrameworkReliantComponents** @@ -11491,11 +11491,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneAllowScriptlets** @@ -11556,11 +11556,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneAllowSmartScreenIE** @@ -11623,11 +11623,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneAllowUserDataPersistence** @@ -11688,11 +11688,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneInitializeAndScriptActiveXControls** @@ -11755,11 +11755,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneJavaPermissions** @@ -11813,11 +11813,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/LockedDownTrustedSitesZoneNavigateWindowsAndFrames** @@ -11878,11 +11878,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/MKProtocolSecurityRestrictionInternetExplorerProcesses** @@ -11936,11 +11936,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/MimeSniffingSafetyFeatureInternetExplorerProcesses** @@ -11994,11 +11994,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/NotificationBarInternetExplorerProcesses** @@ -12052,11 +12052,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/PreventManagingSmartScreenFilter** @@ -12110,11 +12110,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/PreventPerUserInstallationOfActiveXControls** @@ -12168,11 +12168,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/ProtectionFromZoneElevationInternetExplorerProcesses** @@ -12226,11 +12226,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RemoveRunThisTimeButtonForOutdatedActiveXControls** @@ -12284,11 +12284,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictActiveXInstallInternetExplorerProcesses** @@ -12342,11 +12342,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictFileDownloadInternetExplorerProcesses** @@ -12400,11 +12400,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowAccessToDataSources** @@ -12465,11 +12465,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowActiveScripting** @@ -12523,11 +12523,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowAutomaticPromptingForActiveXControls** @@ -12588,11 +12588,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowAutomaticPromptingForFileDownloads** @@ -12651,11 +12651,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowBinaryAndScriptBehaviors** @@ -12709,11 +12709,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowCopyPasteViaScript** @@ -12767,11 +12767,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowDragAndDropCopyAndPasteFiles** @@ -12825,11 +12825,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowFileDownloads** @@ -12883,11 +12883,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowFontDownloads** @@ -12948,11 +12948,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowLessPrivilegedSites** @@ -13013,11 +13013,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowLoadingOfXAMLFiles** @@ -13071,11 +13071,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowMETAREFRESH** @@ -13129,11 +13129,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowNETFrameworkReliantComponents** @@ -13194,11 +13194,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowOnlyApprovedDomainsToUseActiveXControls** @@ -13252,11 +13252,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl** @@ -13310,11 +13310,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowScriptInitiatedWindows** @@ -13368,11 +13368,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowScriptingOfInternetExplorerWebBrowserControls** @@ -13426,11 +13426,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowScriptlets** @@ -13491,11 +13491,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowSmartScreenIE** @@ -13558,11 +13558,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowUpdatesToStatusBarViaScript** @@ -13616,11 +13616,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneAllowUserDataPersistence** @@ -13681,11 +13681,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneDoNotRunAntimalwareAgainstActiveXControls** @@ -13739,11 +13739,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneDownloadSignedActiveXControls** @@ -13797,11 +13797,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneDownloadUnsignedActiveXControls** @@ -13855,11 +13855,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneEnableCrossSiteScriptingFilter** @@ -13913,11 +13913,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows** @@ -13971,11 +13971,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows** @@ -14029,11 +14029,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneEnableMIMESniffing** @@ -14087,11 +14087,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneIncludeLocalPathWhenUploadingFilesToServer** @@ -14145,11 +14145,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneInitializeAndScriptActiveXControls** @@ -14212,11 +14212,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneJavaPermissions** @@ -14270,11 +14270,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneLaunchingApplicationsAndFilesInIFRAME** @@ -14328,11 +14328,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneLogonOptions** @@ -14386,11 +14386,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneNavigateWindowsAndFrames** @@ -14451,11 +14451,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneRunActiveXControlsAndPlugins** @@ -14509,11 +14509,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode** @@ -14567,11 +14567,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneScriptActiveXControlsMarkedSafeForScripting** @@ -14625,11 +14625,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneScriptingOfJavaApplets** @@ -14683,11 +14683,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneShowSecurityWarningForPotentiallyUnsafeFiles** @@ -14741,11 +14741,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneTurnOnProtectedMode** @@ -14799,11 +14799,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/RestrictedSitesZoneUsePopupBlocker** @@ -14857,11 +14857,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/ScriptedWindowSecurityRestrictionsInternetExplorerProcesses** @@ -14915,11 +14915,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/SearchProviderList** @@ -14978,11 +14978,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/SecurityZonesUseOnlyMachineSettings** @@ -15035,11 +15035,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/SpecifyUseOfActiveXInstallerService** @@ -15093,11 +15093,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneAllowAccessToDataSources** @@ -15158,11 +15158,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneAllowAutomaticPromptingForActiveXControls** @@ -15223,11 +15223,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneAllowAutomaticPromptingForFileDownloads** @@ -15286,11 +15286,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneAllowFontDownloads** @@ -15351,11 +15351,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneAllowLessPrivilegedSites** @@ -15416,11 +15416,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneAllowNETFrameworkReliantComponents** @@ -15481,11 +15481,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneAllowScriptlets** @@ -15546,11 +15546,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneAllowSmartScreenIE** @@ -15613,11 +15613,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneAllowUserDataPersistence** @@ -15678,11 +15678,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneDoNotRunAntimalwareAgainstActiveXControls** @@ -15736,11 +15736,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneInitializeAndScriptActiveXControls** @@ -15803,11 +15803,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneJavaPermissions** @@ -15861,11 +15861,11 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
- + **InternetExplorer/TrustedSitesZoneNavigateWindowsAndFrames** @@ -15926,7 +15926,7 @@ ADMX Info: - GP ADMX file name: *inetres.admx* - +
Footnote: @@ -15935,5 +15935,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-kerberos.md b/windows/client-management/mdm/policy-csp-kerberos.md index 7a2e9f901b..361a19a81c 100644 --- a/windows/client-management/mdm/policy-csp-kerberos.md +++ b/windows/client-management/mdm/policy-csp-kerberos.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Kerberos @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Kerberos policies
@@ -39,7 +39,7 @@ ms.date: 01/29/2018
- + **Kerberos/AllowForestSearchOrder** @@ -97,11 +97,11 @@ ADMX Info: - GP ADMX file name: *Kerberos.admx* - +
- + **Kerberos/KerberosClientSupportsClaimsCompoundArmor** @@ -158,11 +158,11 @@ ADMX Info: - GP ADMX file name: *Kerberos.admx* - +
- + **Kerberos/RequireKerberosArmoring** @@ -224,11 +224,11 @@ ADMX Info: - GP ADMX file name: *Kerberos.admx* - +
- + **Kerberos/RequireStrictKDCValidation** @@ -286,11 +286,11 @@ ADMX Info: - GP ADMX file name: *Kerberos.admx* - +
- + **Kerberos/SetMaximumContextTokenSize** @@ -352,7 +352,7 @@ ADMX Info: - GP ADMX file name: *Kerberos.admx* - +
Footnote: @@ -361,5 +361,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-kioskbrowser.md b/windows/client-management/mdm/policy-csp-kioskbrowser.md index 769c55b3dd..6606c038b3 100644 --- a/windows/client-management/mdm/policy-csp-kioskbrowser.md +++ b/windows/client-management/mdm/policy-csp-kioskbrowser.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - KioskBrowser @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## KioskBrowser policies
@@ -44,7 +44,7 @@ ms.date: 01/29/2018
- + **KioskBrowser/BlockedUrlExceptions** @@ -84,11 +84,11 @@ ms.date: 01/29/2018 Added in Windows 10, next major update. List of exceptions to the blocked website URLs (with wildcard support). This is used to configure URLs kiosk browsers are allowed to navigate to, which are a subset of the blocked URLs. - +
- + **KioskBrowser/BlockedUrls** @@ -128,11 +128,11 @@ Added in Windows 10, next major update. List of exceptions to the blocked websit Added in Windows 10, next major update. List of blocked website URLs (with wildcard support). This is used to configure blocked URLs kiosk browsers cannot navigate to. - +
- + **KioskBrowser/DefaultURL** @@ -172,11 +172,11 @@ Added in Windows 10, next major update. List of blocked website URLs (with wildc Added in Windows 10, next major update. Configures the default URL kiosk browsers to navigate on launch and restart. - +
- + **KioskBrowser/EnableHomeButton** @@ -216,11 +216,11 @@ Added in Windows 10, next major update. Configures the default URL kiosk browser Added in Windows 10, next major update. Enable/disable kiosk browser's home button. - +
- + **KioskBrowser/EnableNavigationButtons** @@ -260,11 +260,11 @@ Added in Windows 10, next major update. Enable/disable kiosk browser's home butt Added in Windows 10, next major update. Enable/disable kiosk browser's navigation buttons (forward/back). - +
- + **KioskBrowser/RestartOnIdleTime** @@ -306,7 +306,7 @@ Added in Windows 10, next major update. Amount of time in minutes the session is The value is an int 1-1440 that specifies the amount of minutes the session is idle until the kiosk browser restarts in a fresh state. The default value is empty which means there is no idle timeout within the kiosk browser. - +
Footnote: @@ -315,5 +315,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-licensing.md b/windows/client-management/mdm/policy-csp-licensing.md index 28751d2800..66109605f7 100644 --- a/windows/client-management/mdm/policy-csp-licensing.md +++ b/windows/client-management/mdm/policy-csp-licensing.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Licensing @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Licensing policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **Licensing/AllowWindowsEntitlementReactivation** @@ -76,11 +76,11 @@ The following list shows the supported values: - 1 (default) – Enable Windows license reactivation on managed devices. - +
- + **Licensing/DisallowKMSClientOnlineAVSValidation** @@ -126,7 +126,7 @@ The following list shows the supported values: - 1 – Enabled. - +
Footnote: @@ -135,5 +135,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md index 1207e03022..f67234078a 100644 --- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md +++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - LocalPoliciesSecurityOptions @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## LocalPoliciesSecurityOptions policies
@@ -191,7 +191,7 @@ ms.date: 01/29/2018
- + **LocalPoliciesSecurityOptions/Accounts_BlockMicrosoftAccounts** @@ -245,11 +245,11 @@ The following list shows the supported values: - 1 - enabled (users cannot add Microsoft accounts). - +
- + **LocalPoliciesSecurityOptions/Accounts_EnableAdministratorAccountStatus** @@ -303,11 +303,11 @@ Valid values: - 1 - local Administrator account is enabled - +
- + **LocalPoliciesSecurityOptions/Accounts_EnableGuestAccountStatus** @@ -358,11 +358,11 @@ Valid values: - 1 - local Guest account is enabled - +
- + **LocalPoliciesSecurityOptions/Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly** @@ -421,11 +421,11 @@ Valid values: - 1 - enabled - local accounts that are not password protected will only be able to log on at the computer's keyboard - +
- + **LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount** @@ -470,11 +470,11 @@ Default: Administrator. Value type is string. Supported operations are Add, Get, Replace, and Delete. - +
- + **LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount** @@ -519,11 +519,11 @@ Default: Guest. Value type is string. Supported operations are Add, Get, Replace, and Delete. - +
- + **LocalPoliciesSecurityOptions/Devices_AllowUndockWithoutHavingToLogon** @@ -569,11 +569,11 @@ Caution: Disabling this policy may tempt users to try and physically remove the laptop from its docking station using methods other than the external hardware eject button. Since this may cause damage to the hardware, this setting, in general, should only be disabled on laptop configurations that are physically securable. - +
- + **LocalPoliciesSecurityOptions/Devices_AllowedToFormatAndEjectRemovableMedia** @@ -619,11 +619,11 @@ This security setting determines who is allowed to format and eject removable NT Default: This policy is not defined and only Administrators have this ability. - +
- + **LocalPoliciesSecurityOptions/Devices_PreventUsersFromInstallingPrinterDriversWhenConnectingToSharedPrinters** @@ -671,11 +671,11 @@ Note This setting does not affect the ability to add a local printer. This setting does not affect Administrators. - +
- + **LocalPoliciesSecurityOptions/Devices_RestrictCDROMAccessToLocallyLoggedOnUserOnly** @@ -720,11 +720,11 @@ If this policy is enabled, it allows only the interactively logged-on user to ac Default: This policy is not defined and CD-ROM access is not restricted to the locally logged-on user. - +
- + **LocalPoliciesSecurityOptions/DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways** @@ -780,11 +780,11 @@ If this policy is enabled, the policy Domain member: Digitally sign secure chann Logon information transmitted over the secure channel is always encrypted regardless of whether encryption of ALL other secure channel traffic is negotiated or not. - +
- + **LocalPoliciesSecurityOptions/DomainMember_DigitallyEncryptSecureChannelDataWhenPossible** @@ -837,11 +837,11 @@ There is no known reason for disabling this setting. Besides unnecessarily reduc Note: Domain controllers are also domain members and establish secure channels with other domain controllers in the same domain as well as domain controllers in trusted domains. - +
- + **LocalPoliciesSecurityOptions/DomainMember_DigitallySignSecureChannelDataWhenPossible** @@ -888,11 +888,11 @@ This setting determines whether or not the domain member attempts to negotiate s Default: Enabled. - +
- + **LocalPoliciesSecurityOptions/DomainMember_DisableMachineAccountPasswordChanges** @@ -940,11 +940,11 @@ This security setting should not be enabled. Computer account passwords are used This setting should not be used in an attempt to support dual-boot scenarios that use the same computer account. If you want to dual-boot two installations that are joined to the same domain, give the two installations different computer names. - +
- + **LocalPoliciesSecurityOptions/DomainMember_MaximumMachineAccountPasswordAge** @@ -991,11 +991,11 @@ Important This setting applies to Windows 2000 computers, but it is not available through the Security Configuration Manager tools on these computers. - +
- + **LocalPoliciesSecurityOptions/DomainMember_RequireStrongSessionKey** @@ -1053,11 +1053,11 @@ In order to take advantage of this policy on member workstations and servers, al In order to take advantage of this policy on domain controllers, all domain controllers in the same domain as well as all trusted domains must run Windows 2000 or later. - +
- + **LocalPoliciesSecurityOptions/InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked** @@ -1106,11 +1106,11 @@ Valid values: - 3 - Do not display user information - +
- + **LocalPoliciesSecurityOptions/InteractiveLogon_DoNotDisplayLastSignedIn** @@ -1164,11 +1164,11 @@ Valid values: - 1 - enabled (username will not be shown) - +
- + **LocalPoliciesSecurityOptions/InteractiveLogon_DoNotDisplayUsernameAtSignIn** @@ -1223,11 +1223,11 @@ Valid values: - 1 - enabled (username will not be shown) - +
- + **LocalPoliciesSecurityOptions/InteractiveLogon_DoNotRequireCTRLALTDEL** @@ -1283,11 +1283,11 @@ Valid values: - 1 - enabled (a user is not required to press CTRL+ALT+DEL to log on) - +
- + **LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit** @@ -1338,11 +1338,11 @@ Valid values: - 1 - enabled (session will lock after amount of inactive time exceeds the inactivity limit) - +
- + **LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn** @@ -1389,11 +1389,11 @@ Default: No message. Value type is string. Supported operations are Add, Get, Replace, and Delete. - +
- + **LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn** @@ -1438,11 +1438,11 @@ Default: No message. Value type is string. Supported operations are Add, Get, Replace, and Delete. - +
- + **LocalPoliciesSecurityOptions/InteractiveLogon_SmartCardRemovalBehavior** @@ -1502,11 +1502,11 @@ Default: This policy is not defined, which means that the system treats it as No On Windows Vista and above: For this setting to work, the Smart Card Removal Policy service must be started. - +
- + **LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsAlways** @@ -1567,11 +1567,11 @@ SMB packet signing can significantly degrade SMB performance, depending on diale For more information, reference: https://go.microsoft.com/fwlink/?LinkID=787136. - +
- + **LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees** @@ -1629,11 +1629,11 @@ SMB packet signing can significantly degrade SMB performance, depending on diale For more information, reference: https://go.microsoft.com/fwlink/?LinkID=787136. - +
- + **LocalPoliciesSecurityOptions/MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers** @@ -1678,11 +1678,11 @@ Sending unencrypted passwords is a security risk. Default: Disabled. - +
- + **LocalPoliciesSecurityOptions/MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession** @@ -1729,11 +1729,11 @@ For this policy setting, a value of 0 means to disconnect an idle session as qui Default:This policy is not defined, which means that the system treats it as 15 minutes for servers and undefined for workstations. - +
- + **LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways** @@ -1803,11 +1803,11 @@ HKLM\System\CurrentControlSet\Services\lanmanserver\parameters\enableW9xsecurity For more information, reference: https://go.microsoft.com/fwlink/?LinkID=787136. - +
- + **LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsIfClientAgrees** @@ -1869,11 +1869,11 @@ SMB packet signing can significantly degrade SMB performance, depending on diale For more information, reference: https://go.microsoft.com/fwlink/?LinkID=787136. - +
- + **LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts** @@ -1928,11 +1928,11 @@ Important This policy has no impact on domain controllers. - +
- + **LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares** @@ -1977,11 +1977,11 @@ Windows allows anonymous users to perform certain activities, such as enumeratin Default: Disabled. - +
- + **LocalPoliciesSecurityOptions/NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers** @@ -2028,11 +2028,11 @@ If this policy is enabled, the Everyone SID is added to the token that is create Default: Disabled. - +
- + **LocalPoliciesSecurityOptions/NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares** @@ -2077,11 +2077,11 @@ Network access: Shares that can be accessed anonymously Default: Enabled. - +
- + **LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM** @@ -2126,11 +2126,11 @@ If not selected, the default security descriptor will be used. This policy is supported on at least Windows Server 2016. - +
- + **LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM** @@ -2183,11 +2183,11 @@ This policy is supported on at least Windows Vista or Windows Server 2008. Note: Windows Vista or Windows Server 2008 do not expose this setting in Group Policy. - +
- + **LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests** @@ -2237,11 +2237,11 @@ Valid values: - 1 - enabled (allow PKU2U authentication requests to this computer to use online identities.) - +
- + **LocalPoliciesSecurityOptions/NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange** @@ -2291,11 +2291,11 @@ Windows 2000 Service Pack 2 (SP2) and above offer compatibility with authenticat This setting can affect the ability of computers running Windows 2000 Server, Windows 2000 Professional, Windows XP, and the Windows Server 2003 family to communicate with computers running Windows 95 and Windows 98. - +
- + **LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel** @@ -2360,11 +2360,11 @@ Windows Server 2003: Send NTLM response only Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: Send NTLMv2 response only - +
- + **LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients** @@ -2414,11 +2414,11 @@ Windows XP, Windows Vista, Windows 2000 Server, Windows Server 2003, and Windows Windows 7 and Windows Server 2008 R2: Require 128-bit encryption - +
- + **LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers** @@ -2468,11 +2468,11 @@ Windows XP, Windows Vista, Windows 2000 Server, Windows Server 2003, and Windows Windows 7 and Windows Server 2008 R2: Require 128-bit encryption - +
- + **LocalPoliciesSecurityOptions/RecoveryConsole_AllowAutomaticAdministrativeLogon** @@ -2514,11 +2514,11 @@ Valid values: - 1 - enabled (allow automatic administrative logon) - +
- + **LocalPoliciesSecurityOptions/Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn** @@ -2574,11 +2574,11 @@ Valid values: - 1 - enabled (allow system to be shut down without having to log on) - +
- + **LocalPoliciesSecurityOptions/Shutdown_ClearVirtualMemoryPageFile** @@ -2625,11 +2625,11 @@ When this policy is enabled, it causes the system pagefile to be cleared upon cl Default: Disabled. - +
- + **LocalPoliciesSecurityOptions/SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems** @@ -2674,11 +2674,11 @@ If this setting is enabled, case insensitivity is enforced for all directory obj Default: Enabled. - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_AllowUIAccessApplicationsToPromptForElevation** @@ -2733,11 +2733,11 @@ Valid values: - 1 - enabled (allow UIAccess applications to prompt for elevation without using the secure desktop) - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForAdministrators** @@ -2794,11 +2794,11 @@ The options are: Value type is integer. Supported operations are Add, Get, Replace, and Delete. - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers** @@ -2848,11 +2848,11 @@ The following list shows the supported values: - 3 (Default) - Prompt for credentials: When an operation requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege. - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_DetectApplicationInstallationsAndPromptForElevation** @@ -2899,11 +2899,11 @@ Enabled: (Default) When an application installation package is detected that req Disabled: Application installation packages are not detected and prompted for elevation. Enterprises that are running standard user desktops and use delegated installation technologies such as Group Policy Software Installation or Systems Management Server (SMS) should disable this policy setting. In this case, installer detection is unnecessary. - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated** @@ -2950,11 +2950,11 @@ The options are: Value type is integer. Supported operations are Add, Get, Replace, and Delete. - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations** @@ -3007,11 +3007,11 @@ The options are: Value type is integer. Supported operations are Add, Get, Replace, and Delete. - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_RunAllAdministratorsInAdminApprovalMode** @@ -3059,11 +3059,11 @@ The options are: Value type is integer. Supported operations are Add, Get, Replace, and Delete. - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation** @@ -3110,11 +3110,11 @@ The options are: Value type is integer. Supported operations are Add, Get, Replace, and Delete. - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_UseAdminApprovalMode** @@ -3161,11 +3161,11 @@ The options are: • Disabled: (Default) The built-in Administrator account runs all applications with full administrative privilege. - +
- + **LocalPoliciesSecurityOptions/UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations** @@ -3215,7 +3215,7 @@ The following list shows the supported values: - 1 - Enabled: (Default) Application write failures are redirected at run time to defined user locations for both the file system and registry. - +
Footnote: @@ -3224,5 +3224,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-location.md b/windows/client-management/mdm/policy-csp-location.md index 3d2a9f5773..ac9c25abfa 100644 --- a/windows/client-management/mdm/policy-csp-location.md +++ b/windows/client-management/mdm/policy-csp-location.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Location @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Location policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **Location/EnableLocation** @@ -83,7 +83,7 @@ To validate on Desktop, do the following: 2. Use Windows Maps Application (or similar) to see if a location can or cannot be obtained. - +
Footnote: @@ -92,5 +92,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-lockdown.md b/windows/client-management/mdm/policy-csp-lockdown.md index 38165bb182..a63d073566 100644 --- a/windows/client-management/mdm/policy-csp-lockdown.md +++ b/windows/client-management/mdm/policy-csp-lockdown.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - LockDown @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## LockDown policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **LockDown/AllowEdgeSwipe** @@ -75,7 +75,7 @@ The following list shows the supported values: - 1 (default, not configured) - allow edge swipe. - +
Footnote: @@ -84,5 +84,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-maps.md b/windows/client-management/mdm/policy-csp-maps.md index d4c5ac8af2..4d5a5f55ec 100644 --- a/windows/client-management/mdm/policy-csp-maps.md +++ b/windows/client-management/mdm/policy-csp-maps.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Maps @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Maps policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **Maps/AllowOfflineMapsDownloadOverMeteredConnection** @@ -79,11 +79,11 @@ The following list shows the supported values: - 65535 (default) – Not configured. User's choice. - +
- + **Maps/EnableOfflineMapsAutoUpdate** @@ -132,7 +132,7 @@ The following list shows the supported values: - 65535 (default) – Not configured. User's choice. - +
Footnote: @@ -141,5 +141,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-messaging.md b/windows/client-management/mdm/policy-csp-messaging.md index 743c206a04..abd33e0f71 100644 --- a/windows/client-management/mdm/policy-csp-messaging.md +++ b/windows/client-management/mdm/policy-csp-messaging.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Messaging @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Messaging policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **Messaging/AllowMMS** @@ -82,11 +82,11 @@ The following list shows the supported values: - 1 (default) - Enabled. - +
- + **Messaging/AllowMessageSync** @@ -132,11 +132,11 @@ The following list shows the supported values: - 1 - message sync is allowed. The user can change this setting. - +
- + **Messaging/AllowRCS** @@ -185,7 +185,7 @@ The following list shows the supported values: - 1 (default) - Enabled. - +
Footnote: @@ -194,5 +194,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-networkisolation.md b/windows/client-management/mdm/policy-csp-networkisolation.md index 1e104d4c8a..445d9a8d6d 100644 --- a/windows/client-management/mdm/policy-csp-networkisolation.md +++ b/windows/client-management/mdm/policy-csp-networkisolation.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - NetworkIsolation @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## NetworkIsolation policies
@@ -48,7 +48,7 @@ ms.date: 01/29/2018
- + **NetworkIsolation/EnterpriseCloudResources** @@ -87,11 +87,11 @@ ms.date: 01/29/2018 Contains a list of Enterprise resource domains hosted in the cloud that need to be protected. Connections to these resources are considered enterprise data. If a proxy is paired with a cloud resource, traffic to the cloud resource will be routed through the enterprise network via the denoted proxy server (on Port 80). A proxy server used for this purpose must also be configured using the **EnterpriseInternalProxyServers** policy. This domain list is a pipe-separated list of cloud resources. Each cloud resource can also be paired optionally with an internal proxy server by using a trailing comma followed by the proxy address. For example, **<*cloudresource*>|<*cloudresource*>|<*cloudresource*>,<*proxy*>|<*cloudresource*>|<*cloudresource*>,<*proxy*>|**. - +
- + **NetworkIsolation/EnterpriseIPRange** @@ -143,11 +143,11 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff ``` - +
- + **NetworkIsolation/EnterpriseIPRangesAreAuthoritative** @@ -186,11 +186,11 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff Boolean value that tells the client to accept the configured list and not to use heuristics to attempt to find other subnets. - +
- + **NetworkIsolation/EnterpriseInternalProxyServers** @@ -229,11 +229,11 @@ Boolean value that tells the client to accept the configured list and not to use This is the comma-separated list of internal proxy servers. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59". These proxies have been configured by the admin to connect to specific resources on the Internet. They are considered to be enterprise network locations. The proxies are only leveraged in configuring the **EnterpriseCloudResources** policy to force traffic to the matched cloud resources through these proxies. - +
- + **NetworkIsolation/EnterpriseNetworkDomainNames** @@ -282,11 +282,11 @@ Here are the steps to create canonical domain names: 3. Call [IdnToUnicode](https://msdn.microsoft.com/library/windows/desktop/dd318151.aspx) with no flags set (dwFlags = 0). - +
- + **NetworkIsolation/EnterpriseProxyServers** @@ -325,11 +325,11 @@ Here are the steps to create canonical domain names: This is a comma-separated list of proxy servers. Any server on this list is considered non-enterprise. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59". - +
- + **NetworkIsolation/EnterpriseProxyServersAreAuthoritative** @@ -368,11 +368,11 @@ This is a comma-separated list of proxy servers. Any server on this list is cons Boolean value that tells the client to accept the configured list of proxies and not try to detect other work proxies. - +
- + **NetworkIsolation/NeutralResources** @@ -411,7 +411,7 @@ Boolean value that tells the client to accept the configured list of proxies and List of domain names that can used for work or personal resource. - +
Footnote: @@ -420,5 +420,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-notifications.md b/windows/client-management/mdm/policy-csp-notifications.md index d9bb95050c..2f8a4559f5 100644 --- a/windows/client-management/mdm/policy-csp-notifications.md +++ b/windows/client-management/mdm/policy-csp-notifications.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Notifications @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Notifications policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **Notifications/DisallowNotificationMirroring** @@ -77,7 +77,7 @@ The following list shows the supported values: - 1 - disable notification mirroring. - +
Footnote: @@ -86,5 +86,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-power.md b/windows/client-management/mdm/policy-csp-power.md index 7ea180fcf7..5bc495e5d8 100644 --- a/windows/client-management/mdm/policy-csp-power.md +++ b/windows/client-management/mdm/policy-csp-power.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Power @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Power policies
@@ -51,7 +51,7 @@ ms.date: 01/29/2018
- + **Power/AllowStandbyWhenSleepingPluggedIn** @@ -109,11 +109,11 @@ ADMX Info: - GP ADMX file name: *power.admx* - +
- + **Power/DisplayOffTimeoutOnBattery** @@ -173,11 +173,11 @@ ADMX Info: - GP ADMX file name: *power.admx* - +
- + **Power/DisplayOffTimeoutPluggedIn** @@ -237,11 +237,11 @@ ADMX Info: - GP ADMX file name: *power.admx* - +
- + **Power/HibernateTimeoutOnBattery** @@ -302,11 +302,11 @@ ADMX Info: - GP ADMX file name: *power.admx* - +
- + **Power/HibernateTimeoutPluggedIn** @@ -366,11 +366,11 @@ ADMX Info: - GP ADMX file name: *power.admx* - +
- + **Power/RequirePasswordWhenComputerWakesOnBattery** @@ -428,11 +428,11 @@ ADMX Info: - GP ADMX file name: *power.admx* - +
- + **Power/RequirePasswordWhenComputerWakesPluggedIn** @@ -490,11 +490,11 @@ ADMX Info: - GP ADMX file name: *power.admx* - +
- + **Power/StandbyTimeoutOnBattery** @@ -554,11 +554,11 @@ ADMX Info: - GP ADMX file name: *power.admx* - +
- + **Power/StandbyTimeoutPluggedIn** @@ -618,7 +618,7 @@ ADMX Info: - GP ADMX file name: *power.admx* - +
Footnote: @@ -627,5 +627,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-printers.md b/windows/client-management/mdm/policy-csp-printers.md index 709afa0ddb..2e10fa65e7 100644 --- a/windows/client-management/mdm/policy-csp-printers.md +++ b/windows/client-management/mdm/policy-csp-printers.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Printers @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Printers policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **Printers/PointAndPrintRestrictions** @@ -104,11 +104,11 @@ ADMX Info: - GP ADMX file name: *Printing.admx* - +
- + **Printers/PointAndPrintRestrictions_User** @@ -179,11 +179,11 @@ ADMX Info: - GP ADMX file name: *Printing.admx* - +
- + **Printers/PublishPrinters** @@ -243,7 +243,7 @@ ADMX Info: - GP ADMX file name: *Printing2.admx* - +
Footnote: @@ -252,5 +252,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-privacy.md b/windows/client-management/mdm/policy-csp-privacy.md index 5422f5440f..c42149d2f1 100644 --- a/windows/client-management/mdm/policy-csp-privacy.md +++ b/windows/client-management/mdm/policy-csp-privacy.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Privacy @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Privacy policies
@@ -255,7 +255,7 @@ ms.date: 01/29/2018
- + **Privacy/AllowAutoAcceptPairingAndPrivacyConsentPrompts** @@ -307,11 +307,11 @@ The following list shows the supported values: - 1 – Allowed. - +
- + **Privacy/AllowInputPersonalization** @@ -359,11 +359,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Privacy/DisableAdvertisingId** @@ -412,11 +412,11 @@ The following list shows the supported values: - 65535 (default)- Not configured. - +
- + **Privacy/EnableActivityFeed** @@ -462,11 +462,11 @@ The following list shows the supported values: - 1 – (default) Enabled. Apps/OS can publish the activities and will be roamed across device graph. - +
- + **Privacy/LetAppsAccessAccountInfo** @@ -516,11 +516,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessAccountInfo_ForceAllowTheseApps** @@ -559,11 +559,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed access to account information. This setting overrides the default LetAppsAccessAccountInfo policy setting for the specified Windows apps. - +
- + **Privacy/LetAppsAccessAccountInfo_ForceDenyTheseApps** @@ -602,11 +602,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are denied access to account information. This setting overrides the default LetAppsAccessAccountInfo policy setting for the specified Windows apps. - +
- + **Privacy/LetAppsAccessAccountInfo_UserInControlOfTheseApps** @@ -645,11 +645,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the account information privacy setting for the listed Windows apps. This setting overrides the default LetAppsAccessAccountInfo policy setting for the specified Windows apps. - +
- + **Privacy/LetAppsAccessCalendar** @@ -699,11 +699,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessCalendar_ForceAllowTheseApps** @@ -742,11 +742,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed access to the calendar. This setting overrides the default LetAppsAccessCalendar policy setting for the specified Windows apps. - +
- + **Privacy/LetAppsAccessCalendar_ForceDenyTheseApps** @@ -785,11 +785,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are denied access to the calendar. This setting overrides the default LetAppsAccessCalendar policy setting for the specified Windows apps. - +
- + **Privacy/LetAppsAccessCalendar_UserInControlOfTheseApps** @@ -828,11 +828,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the calendar privacy setting for the listed Windows apps. This setting overrides the default LetAppsAccessCalendar policy setting for the specified Windows apps. - +
- + **Privacy/LetAppsAccessCallHistory** @@ -882,11 +882,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessCallHistory_ForceAllowTheseApps** @@ -925,11 +925,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed access to call history. This setting overrides the default LetAppsAccessCallHistory policy setting for the specified Windows apps. - +
- + **Privacy/LetAppsAccessCallHistory_ForceDenyTheseApps** @@ -968,11 +968,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are denied access to call history. This setting overrides the default LetAppsAccessCallHistory policy setting for the specified Windows apps. - +
- + **Privacy/LetAppsAccessCallHistory_UserInControlOfTheseApps** @@ -1011,11 +1011,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the call history privacy setting for the listed Windows apps. This setting overrides the default LetAppsAccessCallHistory policy setting for the specified Windows apps. - +
- + **Privacy/LetAppsAccessCamera** @@ -1065,11 +1065,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessCamera_ForceAllowTheseApps** @@ -1108,11 +1108,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to the camera. This setting overrides the default LetAppsAccessCamera policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessCamera_ForceDenyTheseApps** @@ -1151,11 +1151,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to the camera. This setting overrides the default LetAppsAccessCamera policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessCamera_UserInControlOfTheseApps** @@ -1194,11 +1194,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the camera privacy setting for the listed apps. This setting overrides the default LetAppsAccessCamera policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessContacts** @@ -1248,11 +1248,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessContacts_ForceAllowTheseApps** @@ -1291,11 +1291,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to contacts. This setting overrides the default LetAppsAccessContacts policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessContacts_ForceDenyTheseApps** @@ -1334,11 +1334,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to contacts. This setting overrides the default LetAppsAccessContacts policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessContacts_UserInControlOfTheseApps** @@ -1377,11 +1377,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the contacts privacy setting for the listed apps. This setting overrides the default LetAppsAccessContacts policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessEmail** @@ -1431,11 +1431,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessEmail_ForceAllowTheseApps** @@ -1474,11 +1474,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to email. This setting overrides the default LetAppsAccessEmail policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessEmail_ForceDenyTheseApps** @@ -1517,11 +1517,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to email. This setting overrides the default LetAppsAccessEmail policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessEmail_UserInControlOfTheseApps** @@ -1560,11 +1560,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the email privacy setting for the listed apps. This setting overrides the default LetAppsAccessEmail policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessLocation** @@ -1614,11 +1614,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessLocation_ForceAllowTheseApps** @@ -1657,11 +1657,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to location. This setting overrides the default LetAppsAccessLocation policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessLocation_ForceDenyTheseApps** @@ -1700,11 +1700,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to location. This setting overrides the default LetAppsAccessLocation policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessLocation_UserInControlOfTheseApps** @@ -1743,11 +1743,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the location privacy setting for the listed apps. This setting overrides the default LetAppsAccessLocation policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessMessaging** @@ -1797,11 +1797,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessMessaging_ForceAllowTheseApps** @@ -1840,11 +1840,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed to read or send messages (text or MMS). This setting overrides the default LetAppsAccessMessaging policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessMessaging_ForceDenyTheseApps** @@ -1883,11 +1883,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are not allowed to read or send messages (text or MMS). This setting overrides the default LetAppsAccessMessaging policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessMessaging_UserInControlOfTheseApps** @@ -1926,11 +1926,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the messaging privacy setting for the listed apps. This setting overrides the default LetAppsAccessMessaging policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessMicrophone** @@ -1980,11 +1980,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessMicrophone_ForceAllowTheseApps** @@ -2023,11 +2023,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to the microphone. This setting overrides the default LetAppsAccessMicrophone policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessMicrophone_ForceDenyTheseApps** @@ -2066,11 +2066,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to the microphone. This setting overrides the default LetAppsAccessMicrophone policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessMicrophone_UserInControlOfTheseApps** @@ -2109,11 +2109,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the microphone privacy setting for the listed apps. This setting overrides the default LetAppsAccessMicrophone policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessMotion** @@ -2163,11 +2163,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessMotion_ForceAllowTheseApps** @@ -2206,11 +2206,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to motion data. This setting overrides the default LetAppsAccessMotion policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessMotion_ForceDenyTheseApps** @@ -2249,11 +2249,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to motion data. This setting overrides the default LetAppsAccessMotion policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessMotion_UserInControlOfTheseApps** @@ -2292,11 +2292,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the motion privacy setting for the listed apps. This setting overrides the default LetAppsAccessMotion policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessNotifications** @@ -2346,11 +2346,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessNotifications_ForceAllowTheseApps** @@ -2389,11 +2389,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to notifications. This setting overrides the default LetAppsAccessNotifications policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessNotifications_ForceDenyTheseApps** @@ -2432,11 +2432,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to notifications. This setting overrides the default LetAppsAccessNotifications policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessNotifications_UserInControlOfTheseApps** @@ -2475,11 +2475,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the notifications privacy setting for the listed apps. This setting overrides the default LetAppsAccessNotifications policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessPhone** @@ -2529,11 +2529,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessPhone_ForceAllowTheseApps** @@ -2572,11 +2572,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed to make phone calls. This setting overrides the default LetAppsAccessPhone policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessPhone_ForceDenyTheseApps** @@ -2615,11 +2615,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are not allowed to make phone calls. This setting overrides the default LetAppsAccessPhone policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessPhone_UserInControlOfTheseApps** @@ -2658,11 +2658,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the phone call privacy setting for the listed apps. This setting overrides the default LetAppsAccessPhone policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessRadios** @@ -2712,11 +2712,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessRadios_ForceAllowTheseApps** @@ -2755,11 +2755,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps will have access to control radios. This setting overrides the default LetAppsAccessRadios policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessRadios_ForceDenyTheseApps** @@ -2798,11 +2798,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps will not have access to control radios. This setting overrides the default LetAppsAccessRadios policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessRadios_UserInControlOfTheseApps** @@ -2841,11 +2841,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the radios privacy setting for the listed apps. This setting overrides the default LetAppsAccessRadios policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessTasks** @@ -2884,11 +2884,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1703. Specifies whether Windows apps can access tasks. - +
- + **Privacy/LetAppsAccessTasks_ForceAllowTheseApps** @@ -2927,11 +2927,11 @@ Added in Windows 10, version 1703. Specifies whether Windows apps can access tas Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to tasks. This setting overrides the default LetAppsAccessTasks policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessTasks_ForceDenyTheseApps** @@ -2970,11 +2970,11 @@ Added in Windows 10, version 1703. List of semi-colon delimited Package Family N Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to tasks. This setting overrides the default LetAppsAccessTasks policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessTasks_UserInControlOfTheseApps** @@ -3013,11 +3013,11 @@ Added in Windows 10, version 1703. List of semi-colon delimited Package Family N Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the tasks privacy setting for the listed apps. This setting overrides the default LetAppsAccessTasks policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessTrustedDevices** @@ -3067,11 +3067,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsAccessTrustedDevices_ForceAllowTheseApps** @@ -3110,11 +3110,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps will have access to trusted devices. This setting overrides the default LetAppsAccessTrustedDevices policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessTrustedDevices_ForceDenyTheseApps** @@ -3153,11 +3153,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps will not have access to trusted devices. This setting overrides the default LetAppsAccessTrustedDevices policy setting for the specified apps. - +
- + **Privacy/LetAppsAccessTrustedDevices_UserInControlOfTheseApps** @@ -3196,11 +3196,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the 'trusted devices' privacy setting for the listed apps. This setting overrides the default LetAppsAccessTrustedDevices policy setting for the specified apps. - +
- + **Privacy/LetAppsGetDiagnosticInfo** @@ -3250,11 +3250,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps** @@ -3293,11 +3293,11 @@ The following list shows the supported values: Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps will have access to diagnostic information about other running apps. This setting overrides the default LetAppsGetDiagnosticInfo policy setting for the specified apps. - +
- + **Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps** @@ -3336,11 +3336,11 @@ Added in Windows 10, version 1703. List of semi-colon delimited Package Family Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps will not have access to diagnostic information about other running apps. This setting overrides the default LetAppsGetDiagnosticInfo policy setting for the specified apps. - +
- + **Privacy/LetAppsGetDiagnosticInfo_UserInControlOfTheseApps** @@ -3379,11 +3379,11 @@ Added in Windows 10, version 1703. List of semi-colon delimited Package Family Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the 'get diagnostic info' privacy setting for the listed apps. This setting overrides the default LetAppsGetDiagnosticInfo policy setting for the specified apps. - +
- + **Privacy/LetAppsRunInBackground** @@ -3435,11 +3435,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsRunInBackground_ForceAllowTheseApps** @@ -3478,11 +3478,11 @@ The following list shows the supported values: Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are able to run in the background. This setting overrides the default LetAppsRunInBackground policy setting for the specified apps. - +
- + **Privacy/LetAppsRunInBackground_ForceDenyTheseApps** @@ -3521,11 +3521,11 @@ Added in Windows 10, version 1703. List of semi-colon delimited Package Family Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied the ability to run in the background. This setting overrides the default LetAppsRunInBackground policy setting for the specified apps. - +
- + **Privacy/LetAppsRunInBackground_UserInControlOfTheseApps** @@ -3564,11 +3564,11 @@ Added in Windows 10, version 1703. List of semi-colon delimited Package Family Added in Windows 10, version 1703. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the background apps privacy setting for the listed apps. This setting overrides the default LetAppsRunInBackground policy setting for the specified apps. - +
- + **Privacy/LetAppsSyncWithDevices** @@ -3618,11 +3618,11 @@ The following list shows the supported values: - 2 - Force deny. - +
- + **Privacy/LetAppsSyncWithDevices_ForceAllowTheseApps** @@ -3661,11 +3661,11 @@ The following list shows the supported values: Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps will have access to sync with devices. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps. - +
- + **Privacy/LetAppsSyncWithDevices_ForceDenyTheseApps** @@ -3704,11 +3704,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps will not have access to sync with devices. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps. - +
- + **Privacy/LetAppsSyncWithDevices_UserInControlOfTheseApps** @@ -3747,11 +3747,11 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Microsoft Store Apps. The user is able to control the 'sync with devices' privacy setting for the listed apps. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps. - +
- + **Privacy/PublishUserActivities** @@ -3797,7 +3797,7 @@ The following list shows the supported values: - 1 – (default) Enabled. Apps/OS can publish the *user activities*. - +
Footnote: @@ -3806,7 +3806,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Privacy policies supported by Windows Holographic for Business diff --git a/windows/client-management/mdm/policy-csp-remoteassistance.md b/windows/client-management/mdm/policy-csp-remoteassistance.md index 1cf07a4456..79ab76a706 100644 --- a/windows/client-management/mdm/policy-csp-remoteassistance.md +++ b/windows/client-management/mdm/policy-csp-remoteassistance.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - RemoteAssistance @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## RemoteAssistance policies
@@ -36,7 +36,7 @@ ms.date: 01/29/2018
- + **RemoteAssistance/CustomizeWarningMessages** @@ -100,11 +100,11 @@ ADMX Info: - GP ADMX file name: *remoteassistance.admx* - +
- + **RemoteAssistance/SessionLogging** @@ -164,11 +164,11 @@ ADMX Info: - GP ADMX file name: *remoteassistance.admx* - +
- + **RemoteAssistance/SolicitedRemoteAssistance** @@ -236,11 +236,11 @@ ADMX Info: - GP ADMX file name: *remoteassistance.admx* - +
- + **RemoteAssistance/UnsolicitedRemoteAssistance** @@ -331,7 +331,7 @@ ADMX Info: - GP ADMX file name: *remoteassistance.admx* - +
Footnote: @@ -340,5 +340,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-remotedesktopservices.md b/windows/client-management/mdm/policy-csp-remotedesktopservices.md index 2c808afadf..79615e7c27 100644 --- a/windows/client-management/mdm/policy-csp-remotedesktopservices.md +++ b/windows/client-management/mdm/policy-csp-remotedesktopservices.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - RemoteDesktopServices @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## RemoteDesktopServices policies
@@ -42,7 +42,7 @@ ms.date: 01/29/2018
- + **RemoteDesktopServices/AllowUsersToConnectRemotely** @@ -106,11 +106,11 @@ ADMX Info: - GP ADMX file name: *terminalserver.admx* - +
- + **RemoteDesktopServices/ClientConnectionEncryptionLevel** @@ -178,11 +178,11 @@ ADMX Info: - GP ADMX file name: *terminalserver.admx* - +
- + **RemoteDesktopServices/DoNotAllowDriveRedirection** @@ -244,11 +244,11 @@ ADMX Info: - GP ADMX file name: *terminalserver.admx* - +
- + **RemoteDesktopServices/DoNotAllowPasswordSaving** @@ -306,11 +306,11 @@ ADMX Info: - GP ADMX file name: *terminalserver.admx* - +
- + **RemoteDesktopServices/PromptForPasswordUponConnection** @@ -374,11 +374,11 @@ ADMX Info: - GP ADMX file name: *terminalserver.admx* - +
- + **RemoteDesktopServices/RequireSecureRPCCommunication** @@ -442,7 +442,7 @@ ADMX Info: - GP ADMX file name: *terminalserver.admx* - +
Footnote: @@ -451,5 +451,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-remotemanagement.md b/windows/client-management/mdm/policy-csp-remotemanagement.md index 141fbaed7e..609bfc4763 100644 --- a/windows/client-management/mdm/policy-csp-remotemanagement.md +++ b/windows/client-management/mdm/policy-csp-remotemanagement.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - RemoteManagement @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## RemoteManagement policies
@@ -69,7 +69,7 @@ ms.date: 01/29/2018
- + **RemoteManagement/AllowBasicAuthentication_Client** @@ -122,11 +122,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/AllowBasicAuthentication_Service** @@ -179,11 +179,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/AllowCredSSPAuthenticationClient** @@ -236,11 +236,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/AllowCredSSPAuthenticationService** @@ -293,11 +293,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/AllowRemoteServerManagement** @@ -350,11 +350,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/AllowUnencryptedTraffic_Client** @@ -407,11 +407,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/AllowUnencryptedTraffic_Service** @@ -464,11 +464,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/DisallowDigestAuthentication** @@ -521,11 +521,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/DisallowNegotiateAuthenticationClient** @@ -578,11 +578,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/DisallowNegotiateAuthenticationService** @@ -635,11 +635,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/DisallowStoringOfRunAsCredentials** @@ -692,11 +692,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/SpecifyChannelBindingTokenHardeningLevel** @@ -749,11 +749,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/TrustedHosts** @@ -806,11 +806,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/TurnOnCompatibilityHTTPListener** @@ -863,11 +863,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
- + **RemoteManagement/TurnOnCompatibilityHTTPSListener** @@ -920,7 +920,7 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteManagement.admx* - +
Footnote: @@ -929,5 +929,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-remoteprocedurecall.md b/windows/client-management/mdm/policy-csp-remoteprocedurecall.md index 6038112891..16adbb0e97 100644 --- a/windows/client-management/mdm/policy-csp-remoteprocedurecall.md +++ b/windows/client-management/mdm/policy-csp-remoteprocedurecall.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - RemoteProcedureCall @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## RemoteProcedureCall policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **RemoteProcedureCall/RPCEndpointMapperClientAuthentication** @@ -92,11 +92,11 @@ ADMX Info: - GP ADMX file name: *rpc.admx* - +
- + **RemoteProcedureCall/RestrictUnauthenticatedRPCClients** @@ -166,7 +166,7 @@ ADMX Info: - GP ADMX file name: *rpc.admx* - +
Footnote: @@ -175,5 +175,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-remoteshell.md b/windows/client-management/mdm/policy-csp-remoteshell.md index d1a746424c..5f9c72ad15 100644 --- a/windows/client-management/mdm/policy-csp-remoteshell.md +++ b/windows/client-management/mdm/policy-csp-remoteshell.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - RemoteShell @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## RemoteShell policies
@@ -45,7 +45,7 @@ ms.date: 01/29/2018
- + **RemoteShell/AllowRemoteShellAccess** @@ -98,11 +98,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteShell.admx* - +
- + **RemoteShell/MaxConcurrentUsers** @@ -155,11 +155,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteShell.admx* - +
- + **RemoteShell/SpecifyIdleTimeout** @@ -212,11 +212,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteShell.admx* - +
- + **RemoteShell/SpecifyMaxMemory** @@ -269,11 +269,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteShell.admx* - +
- + **RemoteShell/SpecifyMaxProcesses** @@ -326,11 +326,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteShell.admx* - +
- + **RemoteShell/SpecifyMaxRemoteShells** @@ -383,11 +383,11 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteShell.admx* - +
- + **RemoteShell/SpecifyShellTimeout** @@ -440,7 +440,7 @@ ADMX Info: - GP ADMX file name: *WindowsRemoteShell.admx* - +
Footnote: @@ -449,5 +449,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-search.md b/windows/client-management/mdm/policy-csp-search.md index 743ea8568e..616c8eb992 100644 --- a/windows/client-management/mdm/policy-csp-search.md +++ b/windows/client-management/mdm/policy-csp-search.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Search @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## Search policies
@@ -68,7 +68,7 @@ ms.date: 01/29/2018
- + **Search/AllowCloudSearch** @@ -114,11 +114,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Search/AllowCortanaInAAD** @@ -164,11 +164,11 @@ The following list shows the supported values: - 1 - Allowed. The Cortana consent page will appear in Azure AAD OOBE during setup. - +
- + **Search/AllowIndexingEncryptedStoresOrItems** @@ -220,11 +220,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Search/AllowSearchToUseLocation** @@ -272,11 +272,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Search/AllowStoringImagesFromVisionSearch** @@ -292,11 +292,11 @@ The following list shows the supported values: This policy has been deprecated. - +
- + **Search/AllowUsingDiacritics** @@ -345,11 +345,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Search/AllowWindowsIndexer** @@ -388,11 +388,11 @@ The following list shows the supported values: Allow Windows indexer. Value type is integer. - +
- + **Search/AlwaysUseAutoLangDetection** @@ -441,11 +441,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Search/DisableBackoff** @@ -491,11 +491,11 @@ The following list shows the supported values: - 1 – Enable. - +
- + **Search/DisableRemovableDriveIndexing** @@ -545,11 +545,11 @@ The following list shows the supported values: - 1 – Enable. - +
- + **Search/DoNotUseWebResults** @@ -600,11 +600,11 @@ The following list shows the supported values: - 1 (default) - Allowed. Queries will be performed on the web and web results will be displayed when a user performs a query in Search. - +
- + **Search/PreventIndexingLowDiskSpaceMB** @@ -654,11 +654,11 @@ The following list shows the supported values: - 1 (default) – Enable. - +
- + **Search/PreventRemoteQueries** @@ -704,11 +704,11 @@ The following list shows the supported values: - 1 (default) – Enable. - +
- + **Search/SafeSearchPermissions** @@ -761,7 +761,7 @@ The following list shows the supported values: - 1 (default) – Moderate filtering against adult content (valid search results will not be filtered). - +
Footnote: @@ -770,7 +770,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Search policies that can be set using Exchange Active Sync (EAS) diff --git a/windows/client-management/mdm/policy-csp-security.md b/windows/client-management/mdm/policy-csp-security.md index 8d7edec458..fa48adfe0d 100644 --- a/windows/client-management/mdm/policy-csp-security.md +++ b/windows/client-management/mdm/policy-csp-security.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Security @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## Security policies
@@ -59,7 +59,7 @@ ms.date: 01/29/2018
- + **Security/AllowAddProvisioningPackage** @@ -105,11 +105,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Security/AllowAutomaticDeviceEncryptionForAzureADJoinedDevices** @@ -155,11 +155,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Security/AllowManualRootCertificateInstallation** @@ -211,11 +211,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Security/AllowRemoveProvisioningPackage** @@ -261,11 +261,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Security/AntiTheftMode** @@ -315,11 +315,11 @@ The following list shows the supported values: - 1 (default) – Anti Theft Mode will follow the default device configuration (region-dependent). - +
- + **Security/ClearTPMIfNotReady** @@ -368,11 +368,11 @@ The following list shows the supported values: - 1 – Will prompt to clear the TPM if the TPM is in a non-ready state (or reduced functionality) which can be remediated with a TPM Clear. - +
- + **Security/ConfigureWindowsPasswords** @@ -422,11 +422,11 @@ The following list shows the supported values: - 2- Default (Feature defaults as per SKU and device capabilities. Windows 10 S devices will exhibit "Disallow passwords" default, and all other devices will default to "Allow passwords") - +
- + **Security/PreventAutomaticDeviceEncryptionForAzureADJoinedDevices** @@ -478,11 +478,11 @@ The following list shows the supported values: - 1 – Encryption disabled. - +
- + **Security/RequireDeviceEncryption** @@ -534,11 +534,11 @@ The following list shows the supported values: - 1 – Encryption is required. - +
- + **Security/RequireProvisioningPackageSignature** @@ -584,11 +584,11 @@ The following list shows the supported values: - 1 – Required. - +
- + **Security/RequireRetrieveHealthCertificateOnBoot** @@ -646,7 +646,7 @@ The following list shows the supported values: - 1 – Required. - +
Footnote: @@ -655,7 +655,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Security policies that can be set using Exchange Active Sync (EAS) diff --git a/windows/client-management/mdm/policy-csp-settings.md b/windows/client-management/mdm/policy-csp-settings.md index 1ba96f10d0..bd6a64ba12 100644 --- a/windows/client-management/mdm/policy-csp-settings.md +++ b/windows/client-management/mdm/policy-csp-settings.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Settings @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## Settings policies
@@ -68,7 +68,7 @@ ms.date: 01/29/2018
- + **Settings/AllowAutoPlay** @@ -121,11 +121,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowDataSense** @@ -171,11 +171,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowDateTime** @@ -221,11 +221,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowEditDeviceName** @@ -271,11 +271,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowLanguage** @@ -325,11 +325,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowOnlineTips** @@ -370,11 +370,11 @@ Enables or disables the retrieval of online tips and help for the Settings app. If disabled, Settings will not contact Microsoft content services to retrieve tips and help content. - +
- + **Settings/AllowPowerSleep** @@ -424,11 +424,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowRegion** @@ -478,11 +478,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowSignInOptions** @@ -532,11 +532,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowVPN** @@ -582,11 +582,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowWorkplace** @@ -636,11 +636,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/AllowYourAccount** @@ -686,11 +686,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Settings/ConfigureTaskbarCalendar** @@ -738,11 +738,11 @@ The following list shows the supported values: - 3 - Traditional Chinese (Lunar). - +
- + **Settings/PageVisibilityList** @@ -813,7 +813,7 @@ To validate on Desktop, do the following: 3. Open System Settings again and verify that the About page is no longer accessible. - +
Footnote: @@ -822,7 +822,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Settings policies supported by Windows Holographic for Business diff --git a/windows/client-management/mdm/policy-csp-smartscreen.md b/windows/client-management/mdm/policy-csp-smartscreen.md index 27398259c1..f52bfb67a6 100644 --- a/windows/client-management/mdm/policy-csp-smartscreen.md +++ b/windows/client-management/mdm/policy-csp-smartscreen.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - SmartScreen @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## SmartScreen policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **SmartScreen/EnableAppInstallControl** @@ -79,11 +79,11 @@ The following list shows the supported values: - 1 – Turns on Application Installation Control, allowing users to only install apps from the Store. - +
- + **SmartScreen/EnableSmartScreenInShell** @@ -129,11 +129,11 @@ The following list shows the supported values: - 1 – Turns on SmartScreen in Windows. - +
- + **SmartScreen/PreventOverrideForFilesInShell** @@ -179,7 +179,7 @@ The following list shows the supported values: - 1 – Employees cannot ignore SmartScreen warnings and run malicious files. - +
Footnote: @@ -188,5 +188,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-speech.md b/windows/client-management/mdm/policy-csp-speech.md index 2c38f752bb..e5c27c3200 100644 --- a/windows/client-management/mdm/policy-csp-speech.md +++ b/windows/client-management/mdm/policy-csp-speech.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Speech @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Speech policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **Speech/AllowSpeechModelUpdate** @@ -73,7 +73,7 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
Footnote: @@ -82,5 +82,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-start.md b/windows/client-management/mdm/policy-csp-start.md index eabc6aabe7..e8122802b3 100644 --- a/windows/client-management/mdm/policy-csp-start.md +++ b/windows/client-management/mdm/policy-csp-start.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Start @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Start policies
@@ -111,7 +111,7 @@ ms.date: 01/29/2018
- + **Start/AllowPinnedFolderDocuments** @@ -158,11 +158,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/AllowPinnedFolderDownloads** @@ -209,11 +209,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/AllowPinnedFolderFileExplorer** @@ -260,11 +260,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/AllowPinnedFolderHomeGroup** @@ -311,11 +311,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/AllowPinnedFolderMusic** @@ -362,11 +362,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/AllowPinnedFolderNetwork** @@ -413,11 +413,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/AllowPinnedFolderPersonalFolder** @@ -464,11 +464,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/AllowPinnedFolderPictures** @@ -515,11 +515,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/AllowPinnedFolderSettings** @@ -566,11 +566,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/AllowPinnedFolderVideos** @@ -617,11 +617,11 @@ The following list shows the supported values: - 65535 (default) - There is no enforced configuration and the setting can be changed by the user. - +
- + **Start/ForceStartSize** @@ -675,11 +675,11 @@ The following list shows the supported values: - 2 - Force a fullscreen size of Start. - +
- + **Start/HideAppList** @@ -741,11 +741,11 @@ The following list shows the supported values: - 3 - Hide all apps list, remove all apps button, and Disable "Show app list in Start menu" in Settings app. - +
- + **Start/HideChangeAccountSettings** @@ -798,11 +798,11 @@ To validate on Desktop, do the following: 2. Open Start, click on the user tile, and verify that "Change account settings" is not available. - +
- + **Start/HideFrequentlyUsedApps** @@ -862,11 +862,11 @@ To validate on Desktop, do the following: 6. Check that most used apps do not appear in Start. - +
- + **Start/HideHibernate** @@ -923,11 +923,11 @@ To validate on Laptop, do the following: 2. Open Start, click on the Power button, and verify "Hibernate" is not available. - +
- + **Start/HideLock** @@ -980,11 +980,11 @@ To validate on Desktop, do the following: 2. Open Start, click on the user tile, and verify "Lock" is not available. - +
- + **Start/HidePeopleBar** @@ -1025,11 +1025,11 @@ Added in Windows 10, version 1709. Enabling this policy removes the people icon Value type is integer. - +
- + **Start/HidePowerButton** @@ -1085,11 +1085,11 @@ To validate on Desktop, do the following: 2. Open Start, and verify the power button is not available. - +
- + **Start/HideRecentJumplists** @@ -1152,11 +1152,11 @@ To validate on Desktop, do the following: 9. Right Click pinned photos app and verify that there is no jumplist of recent items. - +
- + **Start/HideRecentlyAddedApps** @@ -1216,11 +1216,11 @@ To validate on Desktop, do the following: 6. Check that recently added apps do not appear in Start. - +
- + **Start/HideRestart** @@ -1273,11 +1273,11 @@ To validate on Desktop, do the following: 2. Open Start, click on the Power button, and verify "Restart" and "Update and restart" are not available. - +
- + **Start/HideShutDown** @@ -1330,11 +1330,11 @@ To validate on Desktop, do the following: 2. Open Start, click on the Power button, and verify "Shut down" and "Update and shut down" are not available. - +
- + **Start/HideSignOut** @@ -1387,11 +1387,11 @@ To validate on Desktop, do the following: 2. Open Start, click on the user tile, and verify "Sign out" is not available. - +
- + **Start/HideSleep** @@ -1444,11 +1444,11 @@ To validate on Desktop, do the following: 2. Open Start, click on the Power button, and verify that "Sleep" is not available. - +
- + **Start/HideSwitchAccount** @@ -1501,11 +1501,11 @@ To validate on Desktop, do the following: 2. Open Start, click on the user tile, and verify that "Switch account" is not available. - +
- + **Start/HideUserTile** @@ -1562,11 +1562,11 @@ To validate on Desktop, do the following: 3. Log in, and verify that the user tile is gone from Start. - +
- + **Start/ImportEdgeAssets** @@ -1622,11 +1622,11 @@ To validate on Desktop, do the following: 4. Verify that all Edge assets defined in XML show up in %LOCALAPPDATA%\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState path. - +
- + **Start/NoPinningToTaskbar** @@ -1682,11 +1682,11 @@ To validate on Desktop, do the following: 5. Verify that More->Pin to taskbar menu does not show. - +
- + **Start/StartLayout** @@ -1731,7 +1731,7 @@ Allows you to override the default Start layout and prevents the user from chang For further details on how to customize the Start layout, please see [Customize and export Start layout](https://docs.microsoft.com/en-us/windows/configuration/customize-and-export-start-layout) and [Configure Windows 10 taskbar](https://docs.microsoft.com/en-us/windows/configuration/configure-windows-10-taskbar). - +
Footnote: @@ -1740,5 +1740,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-storage.md b/windows/client-management/mdm/policy-csp-storage.md index b7bc8809d4..dbcdfe8bd5 100644 --- a/windows/client-management/mdm/policy-csp-storage.md +++ b/windows/client-management/mdm/policy-csp-storage.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Storage @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Storage policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **Storage/AllowDiskHealthModelUpdates** @@ -80,11 +80,11 @@ The following list shows the supported values: - 1 (default) - Allow - +
- + **Storage/EnhancedStorageDevices** @@ -142,7 +142,7 @@ ADMX Info: - GP ADMX file name: *enhancedstorage.admx* - +
Footnote: @@ -151,5 +151,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md index f7c6e8a3f8..f45d4b3ddc 100644 --- a/windows/client-management/mdm/policy-csp-system.md +++ b/windows/client-management/mdm/policy-csp-system.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - System @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## System policies
@@ -71,7 +71,7 @@ ms.date: 01/29/2018
- + **System/AllowBuildPreview** @@ -124,11 +124,11 @@ The following list shows the supported values: - 2 (default) – Not configured. Users can make their devices available for downloading and installing preview software. - +
- + **System/AllowEmbeddedMode** @@ -176,11 +176,11 @@ The following list shows the supported values: - 1 – Allowed. - +
- + **System/AllowExperimentation** @@ -233,11 +233,11 @@ The following list shows the supported values: - 2 – Allows Microsoft to conduct full experimentations. - +
- + **System/AllowFontProviders** @@ -296,11 +296,11 @@ To verify if System/AllowFontProviders is set to true: - After a client machine is rebooted, check whether there is any network traffic from client machine to fs.microsoft.com. - +
- + **System/AllowLocation** @@ -356,11 +356,11 @@ The following list shows the supported values: - 2 – Force Location On. All Location Privacy settings are toggled on and greyed out. Users cannot change the settings and all consent permissions will be automatically suppressed. - +
- + **System/AllowStorageCard** @@ -408,11 +408,11 @@ The following list shows the supported values: - 1 (default) – Allow a storage card. - +
- + **System/AllowTelemetry** @@ -527,11 +527,11 @@ Windows 10 Values: Most restricted value is 0. - +
- + **System/AllowUserToResetPhone** @@ -580,11 +580,11 @@ orted values: - 1 (default) – Allowed to reset to factory default settings. - +
- + **System/BootStartDriverInitialization** @@ -636,11 +636,11 @@ ADMX Info: - GP ADMX file name: *earlylauncham.admx* - +
- + **System/DisableEnterpriseAuthProxy** @@ -679,11 +679,11 @@ ADMX Info: This policy setting blocks the Connected User Experience and Telemetry service from automatically using an authenticated proxy to send data back to Microsoft on Windows 10. If you disable or do not configure this policy setting, the Connected User Experience and Telemetry service will automatically use an authenticated proxy to send data back to Microsoft. Enabling this policy will block the Connected User Experience and Telemetry service from automatically using an authenticated proxy. - +
- + **System/DisableOneDriveFileSync** @@ -745,11 +745,11 @@ To validate on Desktop, do the following: 3. Verify that OneDrive.exe is not running in Task Manager. - +
- + **System/DisableSystemRestore** @@ -813,11 +813,11 @@ ADMX Info: - GP ADMX file name: *systemrestore.admx* - +
- + **System/FeedbackHubAlwaysSaveDiagnosticsLocally** @@ -863,11 +863,11 @@ The following list shows the supported values: - 1 - True. The Feedback Hub should always save a local copy of diagnostics that may be created when a feedback is submitted. - +
- + **System/LimitEnhancedDiagnosticDataWindowsAnalytics** @@ -919,11 +919,11 @@ Enabling enhanced diagnostic data in the System/AllowTelemetry policy in combina If you disable or do not configure this policy setting, then the level of diagnostic data sent to Microsoft is determined by the System/AllowTelemetry policy. - +
- + **System/TelemetryProxy** @@ -964,7 +964,7 @@ Allows you to specify the fully qualified domain name (FQDN) or IP address of a If you disable or do not configure this policy setting, Connected User Experiences and Telemetry will go to Microsoft using the default proxy configuration. - +
Footnote: @@ -973,7 +973,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## System policies that can be set using Exchange Active Sync (EAS) diff --git a/windows/client-management/mdm/policy-csp-systemservices.md b/windows/client-management/mdm/policy-csp-systemservices.md index e717d43451..7071a57f68 100644 --- a/windows/client-management/mdm/policy-csp-systemservices.md +++ b/windows/client-management/mdm/policy-csp-systemservices.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - SystemServices @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## SystemServices policies
@@ -44,7 +44,7 @@ ms.date: 01/29/2018
- + **SystemServices/ConfigureHomeGroupListenerServiceStartupMode** @@ -83,11 +83,11 @@ ms.date: 01/29/2018 Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. - +
- + **SystemServices/ConfigureHomeGroupProviderServiceStartupMode** @@ -126,11 +126,11 @@ Added in Windows 10, next major update. This setting determines whether the serv Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. - +
- + **SystemServices/ConfigureXboxAccessoryManagementServiceStartupMode** @@ -169,11 +169,11 @@ Added in Windows 10, next major update. This setting determines whether the serv Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. - +
- + **SystemServices/ConfigureXboxLiveAuthManagerServiceStartupMode** @@ -212,11 +212,11 @@ Added in Windows 10, next major update. This setting determines whether the serv Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. - +
- + **SystemServices/ConfigureXboxLiveGameSaveServiceStartupMode** @@ -255,11 +255,11 @@ Added in Windows 10, next major update. This setting determines whether the serv Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. - +
- + **SystemServices/ConfigureXboxLiveNetworkingServiceStartupMode** @@ -298,7 +298,7 @@ Added in Windows 10, next major update. This setting determines whether the serv Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. - +
Footnote: @@ -307,5 +307,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-taskscheduler.md b/windows/client-management/mdm/policy-csp-taskscheduler.md index 0da5ed456d..e55edde857 100644 --- a/windows/client-management/mdm/policy-csp-taskscheduler.md +++ b/windows/client-management/mdm/policy-csp-taskscheduler.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - TaskScheduler @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## TaskScheduler policies
@@ -29,7 +29,7 @@ ms.date: 01/29/2018
- + **TaskScheduler/EnableXboxGameSaveTask** @@ -68,7 +68,7 @@ ms.date: 01/29/2018 Added in Windows 10, next major update. This setting determines whether the specific task is enabled (1) or disabled (0). Default: Enabled. - +
Footnote: @@ -77,5 +77,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-textinput.md b/windows/client-management/mdm/policy-csp-textinput.md index e712a54e76..ef51165474 100644 --- a/windows/client-management/mdm/policy-csp-textinput.md +++ b/windows/client-management/mdm/policy-csp-textinput.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - TextInput @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## TextInput policies
@@ -68,7 +68,7 @@ ms.date: 01/29/2018
- + **TextInput/AllowIMELogging** @@ -120,11 +120,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **TextInput/AllowIMENetworkAccess** @@ -176,11 +176,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **TextInput/AllowInputPanel** @@ -232,11 +232,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **TextInput/AllowJapaneseIMESurrogatePairCharacters** @@ -289,11 +289,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **TextInput/AllowJapaneseIVSCharacters** @@ -345,11 +345,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **TextInput/AllowJapaneseNonPublishingStandardGlyph** @@ -401,11 +401,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **TextInput/AllowJapaneseUserDictionary** @@ -457,11 +457,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **TextInput/AllowKeyboardTextSuggestions** @@ -520,22 +520,22 @@ To validate that text prediction is disabled on Windows 10 for desktop, do the f 3. Launch the handwriting tool from the touch keyboard. Verify that text prediction is disabled when you write using the tool. - +
- + **TextInput/AllowKoreanExtendedHanja** This policy has been deprecated. - +
- + **TextInput/AllowLanguageFeaturesUninstall** @@ -587,11 +587,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode** @@ -643,11 +643,11 @@ The following list shows the supported values: - 1 - Enabled. - +
- + **TextInput/ExcludeJapaneseIMEExceptJIS0208** @@ -697,11 +697,11 @@ The following list shows the supported values: - 1 – All characters except JIS0208 are filtered. - +
- + **TextInput/ExcludeJapaneseIMEExceptJIS0208andEUDC** @@ -751,11 +751,11 @@ The following list shows the supported values: - 1 – All characters except JIS0208 and EUDC are filtered. - +
- + **TextInput/ExcludeJapaneseIMEExceptShiftJIS** @@ -805,7 +805,7 @@ The following list shows the supported values: - 1 – All characters except ShiftJIS are filtered. - +
Footnote: @@ -814,7 +814,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## TextInput policies supported by Microsoft Surface Hub diff --git a/windows/client-management/mdm/policy-csp-timelanguagesettings.md b/windows/client-management/mdm/policy-csp-timelanguagesettings.md index ddda234337..c926c03e45 100644 --- a/windows/client-management/mdm/policy-csp-timelanguagesettings.md +++ b/windows/client-management/mdm/policy-csp-timelanguagesettings.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - TimeLanguageSettings @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## TimeLanguageSettings policies
@@ -27,7 +27,7 @@ ms.date: 01/29/2018
- + **TimeLanguageSettings/AllowSet24HourClock** @@ -73,7 +73,7 @@ The following list shows the supported values: - 1 (default) – Set 24 hour clock. - +
Footnote: @@ -82,5 +82,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md index 3eac735f1d..47a34b96dd 100644 --- a/windows/client-management/mdm/policy-csp-update.md +++ b/windows/client-management/mdm/policy-csp-update.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Update @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## Update policies
@@ -170,7 +170,7 @@ ms.date: 01/29/2018
- + **Update/ActiveHoursEnd** @@ -216,11 +216,11 @@ Supported values are 0-23, where 0 is 12 AM, 1 is 1 AM, etc. The default is 17 (5 PM). - +
- + **Update/ActiveHoursMaxRange** @@ -263,11 +263,11 @@ Supported values are 8-18. The default value is 18 (hours). - +
- + **Update/ActiveHoursStart** @@ -313,11 +313,11 @@ Supported values are 0-23, where 0 is 12 AM, 1 is 1 AM, etc. The default value is 8 (8 AM). - +
- + **Update/AllowAutoUpdate** @@ -376,11 +376,11 @@ The following list shows the supported values: - 5 – Turn off automatic updates. - +
- + **Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork** @@ -430,11 +430,11 @@ The following list shows the supported values: - 1 - Allowed - +
- + **Update/AllowMUUpdateService** @@ -480,11 +480,11 @@ The following list shows the supported values: - 1 – Allowed. Accepts updates received through Microsoft Update. - +
- + **Update/AllowNonMicrosoftSignedUpdate** @@ -534,11 +534,11 @@ The following list shows the supported values: - 1 – Allowed. Accepts updates received through an intranet Microsoft update service location, if they are signed by a certificate found in the "Trusted Publishers" certificate store of the local computer. - +
- + **Update/AllowUpdateService** @@ -591,11 +591,11 @@ The following list shows the supported values: - 1 (default) – Update service is allowed. - +
- + **Update/AutoRestartDeadlinePeriodInDays** @@ -638,11 +638,11 @@ Supported values are 2-30 days. The default value is 7 days. - +
- + **Update/AutoRestartNotificationSchedule** @@ -687,11 +687,11 @@ The default value is 15 (minutes). Supported values are 15, 30, 60, 120, and 240 (minutes). - +
- + **Update/AutoRestartRequiredNotificationDismissal** @@ -737,11 +737,11 @@ The following list shows the supported values: - 2 – User Dismissal. - +
- + **Update/BranchReadinessLevel** @@ -790,11 +790,11 @@ The following list shows the supported values: - 32 {0x20} - Semi-annual Channel. Device gets feature updates from Semi-annual Channel. - +
- + **Update/ConfigureFeatureUpdateUninstallPeriod** @@ -824,11 +824,11 @@ The following list shows the supported values: Added in Windows 10, next major update. Enable IT admin to configure feature update uninstall period. Values range 2 - 60 days. Default is 10 days. - +
- + **Update/DeferFeatureUpdatesPeriodInDays** @@ -874,11 +874,11 @@ Supported values are 0-365 days. > The default maximum number of days to defer an update has been increased from 180 (Windows 10, version 1607) to 365 in Windows 10, version 1703. - +
- + **Update/DeferQualityUpdatesPeriodInDays** @@ -919,11 +919,11 @@ Added in Windows 10, version 1607. Defers Quality Updates for the specified num Supported values are 0-30. - +
- + **Update/DeferUpdatePeriod** @@ -1055,11 +1055,11 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego --> - +
- + **Update/DeferUpgradePeriod** @@ -1110,11 +1110,11 @@ If the "Specify intranet Microsoft update service location" policy is enabled, t If the "Allow Telemetry" policy is enabled and the Options value is set to 0, then the "Defer upgrades by", "Defer updates by" and "Pause Updates and Upgrades" settings have no effect. - +
- + **Update/DetectionFrequency** @@ -1153,11 +1153,11 @@ If the "Allow Telemetry" policy is enabled and the Options value is set to 0, th Added in Windows 10, version 1703. Specifies the scan frequency from every 1 - 22 hours. Default is 22 hours. - +
- + **Update/DisableDualScan** @@ -1209,11 +1209,11 @@ The following list shows the supported values: - 1 - do not allow update deferral policies to cause scans against Windows Update - +
- + **Update/EngagedRestartDeadline** @@ -1256,11 +1256,11 @@ Supported values are 2-30 days. The default value is 0 days (not specified). - +
- + **Update/EngagedRestartSnoozeSchedule** @@ -1303,11 +1303,11 @@ Supported values are 1-3 days. The default value is 3 days. - +
- + **Update/EngagedRestartTransitionSchedule** @@ -1350,11 +1350,11 @@ Supported values are 2-30 days. The default value is 7 days. - +
- + **Update/ExcludeWUDriversInQualityUpdate** @@ -1403,11 +1403,11 @@ The following list shows the supported values: - 1 – Exclude Windows Update drivers. - +
- + **Update/FillEmptyContentUrls** @@ -1456,11 +1456,11 @@ The following list shows the supported values: - 1 – Enabled. - +
- + **Update/IgnoreMOAppDownloadLimit** @@ -1521,11 +1521,11 @@ To validate this policy: 3. Verify that any downloads that are above the download size limit will complete without being paused. - +
- + **Update/IgnoreMOUpdateDownloadLimit** @@ -1586,11 +1586,11 @@ To validate this policy: 2. Run the scheduled task on phone to check for OS updates in the background. For example, on a mobile device, run the following commands in TShell: - +
- + **Update/ManagePreviewBuilds** @@ -1637,11 +1637,11 @@ The following list shows the supported values: - 2 - Enable Preview builds - +
- + **Update/PauseDeferrals** @@ -1696,11 +1696,11 @@ The following list shows the supported values: - 1 – Deferrals are paused. - +
- + **Update/PauseFeatureUpdates** @@ -1749,11 +1749,11 @@ The following list shows the supported values: - 1 – Feature Updates are paused for 60 days or until value set to back to 0, whichever is sooner. - +
- + **Update/PauseFeatureUpdatesStartTime** @@ -1794,11 +1794,11 @@ Added in Windows 10, version 1703. Specifies the date and time when the IT admi Value type is string. Supported operations are Add, Get, Delete, and Replace. - +
- + **Update/PauseQualityUpdates** @@ -1844,11 +1844,11 @@ The following list shows the supported values: - 1 – Quality Updates are paused for 35 days or until value set back to 0, whichever is sooner. - +
- + **Update/PauseQualityUpdatesStartTime** @@ -1889,22 +1889,22 @@ Added in Windows 10, version 1703. Specifies the date and time when the IT admi Value type is string. Supported operations are Add, Get, Delete, and Replace. - +
- + **Update/PhoneUpdateRestrictions** This policy is deprecated. Use [Update/RequireUpdateApproval](#update-requireupdateapproval) instead. - +
- + **Update/RequireDeferUpgrade** @@ -1954,11 +1954,11 @@ The following list shows the supported values: - 1 – User gets upgrades from Semi-Annual Channel. - +
- + **Update/RequireUpdateApproval** @@ -2010,11 +2010,11 @@ The following list shows the supported values: - 1 – The device only installs updates that are both applicable and on the Approved Updates list. Set this policy to 1 if IT wants to control the deployment of updates on devices, such as when testing is required prior to deployment. - +
- + **Update/ScheduleImminentRestartWarning** @@ -2059,11 +2059,11 @@ The default value is 15 (minutes). Supported values are 15, 30, or 60 (minutes). - +
- + **Update/ScheduleRestartWarning** @@ -2112,11 +2112,11 @@ The default value is 4 (hours). Supported values are 2, 4, 8, 12, or 24 (hours). - +
- + **Update/ScheduledInstallDay** @@ -2172,11 +2172,11 @@ The following list shows the supported values: - 7 – Saturday - +
- + **Update/ScheduledInstallEveryWeek** @@ -2219,11 +2219,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i - +
- + **Update/ScheduledInstallFirstWeek** @@ -2266,11 +2266,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i - +
- + **Update/ScheduledInstallFourthWeek** @@ -2313,11 +2313,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i - +
- + **Update/ScheduledInstallSecondWeek** @@ -2360,11 +2360,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i - +
- + **Update/ScheduledInstallThirdWeek** @@ -2407,11 +2407,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i - +
- + **Update/ScheduledInstallTime** @@ -2462,11 +2462,11 @@ Supported values are 0-23, where 0 = 12 AM and 23 = 11 PM. The default value is 3. - +
- + **Update/SetAutoRestartNotificationDisable** @@ -2512,11 +2512,11 @@ The following list shows the supported values: - 1 – Disabled - +
- + **Update/SetEDURestart** @@ -2562,11 +2562,11 @@ The following list shows the supported values: - 1 - configured - +
- + **Update/UpdateServiceUrl** @@ -2637,11 +2637,11 @@ Example ``` - +
- + **Update/UpdateServiceUrlAlternate** @@ -2691,7 +2691,7 @@ Value type is string and the default value is an empty string, "". If the settin > This policy is not supported on Windows RT. Setting this policy will not have any effect on Windows RT PCs. - +
Footnote: @@ -2700,7 +2700,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Update policies supported by Windows Holographic for Business diff --git a/windows/client-management/mdm/policy-csp-userrights.md b/windows/client-management/mdm/policy-csp-userrights.md index 53cf96c3f3..b091456af0 100644 --- a/windows/client-management/mdm/policy-csp-userrights.md +++ b/windows/client-management/mdm/policy-csp-userrights.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - UserRights @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## UserRights policies
@@ -113,7 +113,7 @@ ms.date: 01/29/2018
- + **UserRights/AccessCredentialManagerAsTrustedCaller** @@ -152,11 +152,11 @@ ms.date: 01/29/2018 This user right is used by Credential Manager during Backup/Restore. No accounts should have this privilege, as it is only assigned to Winlogon. Users' saved credentials might be compromised if this privilege is given to other entities. - +
- + **UserRights/AccessFromNetwork** @@ -195,11 +195,11 @@ This user right is used by Credential Manager during Backup/Restore. No accounts This user right determines which users and groups are allowed to connect to the computer over the network. Remote Desktop Services are not affected by this user right.Note: Remote Desktop Services was called Terminal Services in previous versions of Windows Server. - +
- + **UserRights/ActAsPartOfTheOperatingSystem** @@ -238,11 +238,11 @@ This user right determines which users and groups are allowed to connect to the This user right allows a process to impersonate any user without authentication. The process can therefore gain access to the same local resources as that user. Processes that require this privilege should use the LocalSystem account, which already includes this privilege, rather than using a separate user account with this privilege specially assigned. Caution:Assigning this user right can be a security risk. Only assign this user right to trusted users. - +
- + **UserRights/AllowLocalLogOn** @@ -281,11 +281,11 @@ This user right allows a process to impersonate any user without authentication. This user right determines which users can log on to the computer. Note: Modifying this setting may affect compatibility with clients, services, and applications. For compatibility information about this setting, see Allow log on locally (https://go.microsoft.com/fwlink/?LinkId=24268 ) at the Microsoft website. - +
- + **UserRights/BackupFilesAndDirectories** @@ -324,11 +324,11 @@ This user right determines which users can log on to the computer. Note: Modifyi This user right determines which users can bypass file, directory, registry, and other persistent objects permissions when backing up files and directories.Specifically, this user right is similar to granting the following permissions to the user or group in question on all files and folders on the system:Traverse Folder/Execute File, Read. Caution: Assigning this user right can be a security risk. Since users with this user right can read any registry settings and files, only assign this user right to trusted users - +
- + **UserRights/ChangeSystemTime** @@ -367,11 +367,11 @@ This user right determines which users can bypass file, directory, registry, and This user right determines which users and groups can change the time and date on the internal clock of the computer. Users that are assigned this user right can affect the appearance of event logs. If the system time is changed, events that are logged will reflect this new time, not the actual time that the events occurred. - +
- + **UserRights/CreateGlobalObjects** @@ -410,11 +410,11 @@ This user right determines which users and groups can change the time and date o This security setting determines whether users can create global objects that are available to all sessions. Users can still create objects that are specific to their own session if they do not have this user right. Users who can create global objects could affect processes that run under other users' sessions, which could lead to application failure or data corruption. Caution: Assigning this user right can be a security risk. Assign this user right only to trusted users. - +
- + **UserRights/CreatePageFile** @@ -453,11 +453,11 @@ This security setting determines whether users can create global objects that ar This user right determines which users and groups can call an internal application programming interface (API) to create and change the size of a page file. This user right is used internally by the operating system and usually does not need to be assigned to any users - +
- + **UserRights/CreatePermanentSharedObjects** @@ -496,11 +496,11 @@ This user right determines which users and groups can call an internal applicati This user right determines which accounts can be used by processes to create a directory object using the object manager. This user right is used internally by the operating system and is useful to kernel-mode components that extend the object namespace. Because components that are running in kernel mode already have this user right assigned to them, it is not necessary to specifically assign it. - +
- + **UserRights/CreateSymbolicLinks** @@ -539,11 +539,11 @@ This user right determines which accounts can be used by processes to create a d This user right determines if the user can create a symbolic link from the computer he is logged on to. Caution: This privilege should only be given to trusted users. Symbolic links can expose security vulnerabilities in applications that aren't designed to handle them. Note: This setting can be used in conjunction a symlink filesystem setting that can be manipulated with the command line utility to control the kinds of symlinks that are allowed on the machine. Type 'fsutil behavior set symlinkevaluation /?' at the command line to get more information about fsutil and symbolic links. - +
- + **UserRights/CreateToken** @@ -582,11 +582,11 @@ This user right determines if the user can create a symbolic link from the compu This user right determines which accounts can be used by processes to create a token that can then be used to get access to any local resources when the process uses an internal application programming interface (API) to create an access token. This user right is used internally by the operating system. Unless it is necessary, do not assign this user right to a user, group, or process other than Local System. Caution: Assigning this user right can be a security risk. Do not assign this user right to any user, group, or process that you do not want to take over the system. - +
- + **UserRights/DebugPrograms** @@ -625,11 +625,11 @@ This user right determines which accounts can be used by processes to create a t This user right determines which users can attach a debugger to any process or to the kernel. Developers who are debugging their own applications do not need to be assigned this user right. Developers who are debugging new system components will need this user right to be able to do so. This user right provides complete access to sensitive and critical operating system components. Caution:Assigning this user right can be a security risk. Only assign this user right to trusted users. - +
- + **UserRights/DenyAccessFromNetwork** @@ -668,11 +668,11 @@ This user right determines which users can attach a debugger to any process or t This user right determines which users are prevented from accessing a computer over the network. This policy setting supersedes the Access this computer from the network policy setting if a user account is subject to both policies. - +
- + **UserRights/DenyLocalLogOn** @@ -711,11 +711,11 @@ This user right determines which users are prevented from accessing a computer o This security setting determines which service accounts are prevented from registering a process as a service. Note: This security setting does not apply to the System, Local Service, or Network Service accounts. - +
- + **UserRights/DenyRemoteDesktopServicesLogOn** @@ -754,11 +754,11 @@ This security setting determines which service accounts are prevented from regis This user right determines which users and groups are prohibited from logging on as a Remote Desktop Services client. - +
- + **UserRights/EnableDelegation** @@ -797,11 +797,11 @@ This user right determines which users and groups are prohibited from logging on This user right determines which users can set the Trusted for Delegation setting on a user or computer object. The user or object that is granted this privilege must have write access to the account control flags on the user or computer object. A server process running on a computer (or under a user context) that is trusted for delegation can access resources on another computer using delegated credentials of a client, as long as the client account does not have the Account cannot be delegated account control flag set. Caution: Misuse of this user right, or of the Trusted for Delegation setting, could make the network vulnerable to sophisticated attacks using Trojan horse programs that impersonate incoming clients and use their credentials to gain access to network resources. - +
- + **UserRights/GenerateSecurityAudits** @@ -840,11 +840,11 @@ This user right determines which users can set the Trusted for Delegation settin This user right determines which accounts can be used by a process to add entries to the security log. The security log is used to trace unauthorized system access. Misuse of this user right can result in the generation of many auditing events, potentially hiding evidence of an attack or causing a denial of service. Shut down system immediately if unable to log security audits security policy setting is enabled. - +
- + **UserRights/ImpersonateClient** @@ -887,11 +887,11 @@ Assigning this user right to a user allows programs running on behalf of that us Because of these factors, users do not usually need this user right. Warning: If you enable this setting, programs that previously had the Impersonate privilege may lose it, and they may not run. - +
- + **UserRights/IncreaseSchedulingPriority** @@ -930,11 +930,11 @@ Because of these factors, users do not usually need this user right. Warning: If This user right determines which accounts can use a process with Write Property access to another process to increase the execution priority assigned to the other process. A user with this privilege can change the scheduling priority of a process through the Task Manager user interface. - +
- + **UserRights/LoadUnloadDeviceDrivers** @@ -973,11 +973,11 @@ This user right determines which accounts can use a process with Write Property This user right determines which users can dynamically load and unload device drivers or other code in to kernel mode. This user right does not apply to Plug and Play device drivers. It is recommended that you do not assign this privilege to other users. Caution: Assigning this user right can be a security risk. Do not assign this user right to any user, group, or process that you do not want to take over the system. - +
- + **UserRights/LockMemory** @@ -1016,11 +1016,11 @@ This user right determines which users can dynamically load and unload device dr This user right determines which accounts can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM). - +
- + **UserRights/ManageAuditingAndSecurityLog** @@ -1059,11 +1059,11 @@ This user right determines which accounts can use a process to keep data in phys This user right determines which users can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys. This security setting does not allow a user to enable file and object access auditing in general. You can view audited events in the security log of the Event Viewer. A user with this privilege can also view and clear the security log. - +
- + **UserRights/ManageVolume** @@ -1102,11 +1102,11 @@ This user right determines which users can specify object access auditing option This user right determines which users and groups can run maintenance tasks on a volume, such as remote defragmentation. Use caution when assigning this user right. Users with this user right can explore disks and extend files in to memory that contains other data. When the extended files are opened, the user might be able to read and modify the acquired data. - +
- + **UserRights/ModifyFirmwareEnvironment** @@ -1145,11 +1145,11 @@ This user right determines which users and groups can run maintenance tasks on a This user right determines who can modify firmware environment values. Firmware environment variables are settings stored in the nonvolatile RAM of non-x86-based computers. The effect of the setting depends on the processor.On x86-based computers, the only firmware environment value that can be modified by assigning this user right is the Last Known Good Configuration setting, which should only be modified by the system. On Itanium-based computers, boot information is stored in nonvolatile RAM. Users must be assigned this user right to run bootcfg.exe and to change the Default Operating System setting on Startup and Recovery in System Properties. On all computers, this user right is required to install or upgrade Windows.Note: This security setting does not affect who can modify the system environment variables and user environment variables that are displayed on the Advanced tab of System Properties. - +
- + **UserRights/ModifyObjectLabel** @@ -1188,11 +1188,11 @@ This user right determines who can modify firmware environment values. Firmware This user right determines which user accounts can modify the integrity label of objects, such as files, registry keys, or processes owned by other users. Processes running under a user account can modify the label of an object owned by that user to a lower level without this privilege. - +
- + **UserRights/ProfileSingleProcess** @@ -1231,11 +1231,11 @@ This user right determines which user accounts can modify the integrity label of This user right determines which users can use performance monitoring tools to monitor the performance of system processes. - +
- + **UserRights/RemoteShutdown** @@ -1274,11 +1274,11 @@ This user right determines which users can use performance monitoring tools to m This user right determines which users are allowed to shut down a computer from a remote location on the network. Misuse of this user right can result in a denial of service. - +
- + **UserRights/RestoreFilesAndDirectories** @@ -1317,11 +1317,11 @@ This user right determines which users are allowed to shut down a computer from This user right determines which users can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and directories, and determines which users can set any valid security principal as the owner of an object. Specifically, this user right is similar to granting the following permissions to the user or group in question on all files and folders on the system:Traverse Folder/Execute File, Write. Caution: Assigning this user right can be a security risk. Since users with this user right can overwrite registry settings, hide data, and gain ownership of system objects, only assign this user right to trusted users. - +
- + **UserRights/TakeOwnership** @@ -1360,7 +1360,7 @@ This user right determines which users can bypass file, directory, registry, and This user right determines which users can take ownership of any securable object in the system, including Active Directory objects, files and folders, printers, registry keys, processes, and threads. Caution: Assigning this user right can be a security risk. Since owners of objects have full control of them, only assign this user right to trusted users. - +
Footnote: @@ -1369,5 +1369,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-wifi.md b/windows/client-management/mdm/policy-csp-wifi.md index 5d27b9d4f0..8fa7a54082 100644 --- a/windows/client-management/mdm/policy-csp-wifi.md +++ b/windows/client-management/mdm/policy-csp-wifi.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - Wifi @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## Wifi policies
@@ -45,18 +45,18 @@ ms.date: 01/29/2018
- + **WiFi/AllowWiFiHotSpotReporting** This policy has been deprecated. - +
- + **Wifi/AllowAutoConnectToWiFiSenseHotspots** @@ -104,11 +104,11 @@ The following list shows the supported values: - 1 (default) – Allowed. - +
- + **Wifi/AllowInternetSharing** @@ -156,11 +156,11 @@ The following list shows the supported values: - 1 (default) – Allow the use of Internet Sharing. - +
- + **Wifi/AllowManualWiFiConfiguration** @@ -211,11 +211,11 @@ The following list shows the supported values: - 1 (default) – Adding new network SSIDs beyond the already MDM provisioned ones is allowed. - +
- + **Wifi/AllowWiFi** @@ -263,11 +263,11 @@ The following list shows the supported values: - 1 (default) – WiFi connection is allowed. - +
- + **Wifi/AllowWiFiDirect** @@ -313,11 +313,11 @@ The following list shows the supported values: - 1 - WiFi Direct connection is allowed. - +
- + **Wifi/WLANScanMode** @@ -362,7 +362,7 @@ The default value is 0. Supported operations are Add, Delete, Get, and Replace. - +
Footnote: @@ -371,7 +371,7 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + ## Wifi policies that can be set using Exchange Active Sync (EAS) diff --git a/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md b/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md index a7f22fe4fc..65c25b116e 100644 --- a/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md +++ b/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - WindowsDefenderSecurityCenter @@ -17,7 +17,7 @@ ms.date: 01/29/2018
- + ## WindowsDefenderSecurityCenter policies
@@ -83,7 +83,7 @@ ms.date: 01/29/2018
- + **WindowsDefenderSecurityCenter/CompanyName** @@ -124,11 +124,11 @@ Added in Windows 10, version 1709. The company name that is displayed to the use Value type is string. Supported operations are Add, Get, Replace and Delete. - +
- + **WindowsDefenderSecurityCenter/DisableAccountProtectionUI** @@ -174,11 +174,11 @@ Valid values: - 1 - (Enable) The users cannot see the display of the Account protection area in Windows Defender Security Center. - +
- + **WindowsDefenderSecurityCenter/DisableAppBrowserUI** @@ -226,11 +226,11 @@ The following list shows the supported values: - 1 - (Enable) The users cannot see the display of the app and browser protection area in Windows Defender Security Center. - +
- + **WindowsDefenderSecurityCenter/DisableDeviceSecurityUI** @@ -276,11 +276,11 @@ Valid values: - 1 - (Enable) The users cannot see the display of the Device secuirty area in Windows Defender Security Center. - +
- + **WindowsDefenderSecurityCenter/DisableEnhancedNotifications** @@ -331,11 +331,11 @@ The following list shows the supported values: - 1 - (Enable) Windows Defender Security Center only display notifications which are considered critical on clients. - +
- + **WindowsDefenderSecurityCenter/DisableFamilyUI** @@ -383,11 +383,11 @@ The following list shows the supported values: - 1 - (Enable) The users cannot see the display of the family options area in Windows Defender Security Center. - +
- + **WindowsDefenderSecurityCenter/DisableHealthUI** @@ -435,11 +435,11 @@ The following list shows the supported values: - 1 - (Enable) The users cannot see the display of the device performance and health area in Windows Defender Security Center. - +
- + **WindowsDefenderSecurityCenter/DisableNetworkUI** @@ -487,11 +487,11 @@ The following list shows the supported values: - 1 - (Enable) The users cannot see the display of the firewall and network protection area in Windows Defender Security Center. - +
- + **WindowsDefenderSecurityCenter/DisableNotifications** @@ -539,11 +539,11 @@ The following list shows the supported values: - 1 - (Enable) The users cannot see the display of Windows Defender Security Center notifications. - +
- + **WindowsDefenderSecurityCenter/DisableVirusUI** @@ -591,11 +591,11 @@ The following list shows the supported values: - 1 - (Enable) The users cannot see the display of the virus and threat protection area in Windows Defender Security Center. - +
- + **WindowsDefenderSecurityCenter/DisallowExploitProtectionOverride** @@ -643,11 +643,11 @@ The following list shows the supported values: - 1 - (Enable) Local users cannot make changes in the exploit protection settings area. - +
- + **WindowsDefenderSecurityCenter/Email** @@ -688,11 +688,11 @@ Added in Windows 10, version 1709. The email address that is displayed to users. Value type is string. Supported operations are Add, Get, Replace and Delete. - +
- + **WindowsDefenderSecurityCenter/EnableCustomizedToasts** @@ -740,11 +740,11 @@ The following list shows the supported values: - 1 - (Enable) Notifications contain the company name and contact options. - +
- + **WindowsDefenderSecurityCenter/EnableInAppCustomization** @@ -792,11 +792,11 @@ The following list shows the supported values: - 1 - (Enable) Display the company name and contact options in the card fly out notification. - +
- + **WindowsDefenderSecurityCenter/HideRansomwareDataRecovery** @@ -842,11 +842,11 @@ Valid values: - 1 - (Enable) The Ransomware data recovery area is hidden. - +
- + **WindowsDefenderSecurityCenter/HideSecureBoot** @@ -892,11 +892,11 @@ Valid values: - 1 - (Enable) The Secure boot area is hidden. - +
- + **WindowsDefenderSecurityCenter/HideTPMTroubleshooting** @@ -942,11 +942,11 @@ Valid values: - 1 - (Enable) The Security processor (TPM) troubleshooting area is hidden. - +
- + **WindowsDefenderSecurityCenter/Phone** @@ -987,11 +987,11 @@ Added in Windows 10, version 1709. The phone number or Skype ID that is displaye Value type is string. Supported operations are Add, Get, Replace, and Delete. - +
- + **WindowsDefenderSecurityCenter/URL** @@ -1032,7 +1032,7 @@ Added in Windows 10, version 1709. The help portal URL this is displayed to user Value type is Value type is string. Supported operations are Add, Get, Replace, and Delete. - +
Footnote: @@ -1041,5 +1041,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-windowsinkworkspace.md b/windows/client-management/mdm/policy-csp-windowsinkworkspace.md index 69290e276b..0b0a6104d4 100644 --- a/windows/client-management/mdm/policy-csp-windowsinkworkspace.md +++ b/windows/client-management/mdm/policy-csp-windowsinkworkspace.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - WindowsInkWorkspace @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## WindowsInkWorkspace policies
@@ -30,7 +30,7 @@ ms.date: 01/29/2018
- + **WindowsInkWorkspace/AllowSuggestedAppsInWindowsInkWorkspace** @@ -76,11 +76,11 @@ The following list shows the supported values: - 1 (default) -allow app suggestions. - +
- + **WindowsInkWorkspace/AllowWindowsInkWorkspace** @@ -127,7 +127,7 @@ Value type is int. The following list shows the supported values: - 2 (default) - ink workspace is enabled (feature is turned on), and the user is allowed to use it above the lock screen. - +
Footnote: @@ -136,5 +136,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-windowslogon.md b/windows/client-management/mdm/policy-csp-windowslogon.md index 9679d7b3a3..513b783cee 100644 --- a/windows/client-management/mdm/policy-csp-windowslogon.md +++ b/windows/client-management/mdm/policy-csp-windowslogon.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - WindowsLogon @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## WindowsLogon policies
@@ -33,7 +33,7 @@ ms.date: 01/29/2018
- + **WindowsLogon/DisableLockScreenAppNotifications** @@ -91,11 +91,11 @@ ADMX Info: - GP ADMX file name: *logon.admx* - +
- + **WindowsLogon/DontDisplayNetworkSelectionUI** @@ -153,11 +153,11 @@ ADMX Info: - GP ADMX file name: *logon.admx* - +
- + **WindowsLogon/HideFastUserSwitching** @@ -210,7 +210,7 @@ To validate on Desktop, do the following: 2. Verify that the Switch account button in Start is hidden. - +
Footnote: @@ -219,5 +219,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - + diff --git a/windows/client-management/mdm/policy-csp-wirelessdisplay.md b/windows/client-management/mdm/policy-csp-wirelessdisplay.md index e7c65f476a..5830a05aa4 100644 --- a/windows/client-management/mdm/policy-csp-wirelessdisplay.md +++ b/windows/client-management/mdm/policy-csp-wirelessdisplay.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 01/29/2018 +ms.date: 01/30/2018 --- # Policy CSP - WirelessDisplay @@ -15,7 +15,7 @@ ms.date: 01/29/2018
- + ## WirelessDisplay policies
@@ -48,7 +48,7 @@ ms.date: 01/29/2018
- + **WirelessDisplay/AllowMdnsAdvertisement** @@ -94,11 +94,11 @@ The following list shows the supported values: - 1 - Allow - +
- + **WirelessDisplay/AllowMdnsDiscovery** @@ -144,11 +144,11 @@ The following list shows the supported values: - 1 - Allow - +
- + **WirelessDisplay/AllowProjectionFromPC** @@ -194,11 +194,11 @@ The following list shows the supported values: - 1 - your PC can discover and project to other devices - +
- + **WirelessDisplay/AllowProjectionFromPCOverInfrastructure** @@ -244,11 +244,11 @@ The following list shows the supported values: - 1 - your PC can discover and project to other devices over infrastructure. - +
- + **WirelessDisplay/AllowProjectionToPC** @@ -298,11 +298,11 @@ The following list shows the supported values: - 1 (default) - projection to PC is allowed. Enabled only above the lock screen. - +
- + **WirelessDisplay/AllowProjectionToPCOverInfrastructure** @@ -348,11 +348,11 @@ The following list shows the supported values: - 1 - your PC is discoverable and other devices can project to it over infrastructure. - +
- + **WirelessDisplay/AllowUserInputFromWirelessDisplayReceiver** @@ -375,11 +375,11 @@ The following list shows the supported values: - 1 (default) - Wireless display input enabled. - +
- + **WirelessDisplay/RequirePinForPairing** @@ -429,7 +429,7 @@ The following list shows the supported values: - 1 - PIN is required. - +
Footnote: @@ -438,5 +438,5 @@ Footnote: - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. - +