deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merged PR 5589: changing policy tags used by automation to reduce footprint

Browse Source
This commit is contained in:
Nicholas Brower 2018-01-30 18:45:02 +00:00
parent 18c7fcd5a8
commit 2d27093796
75 changed files with 2107 additions and 2107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
windows/client-management/mdm/policy-csp-abovelock.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - AboveLock
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## AboveLock policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="abovelock-allowactioncenternotifications"></a>**AboveLock/AllowActionCenterNotifications**
<!--SupportedSKUs-->
@ -84,11 +84,11 @@ The following list shows the supported values:
- 1 (default) - Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="abovelock-allowcortanaabovelock"></a>**AboveLock/AllowCortanaAboveLock**
<!--SupportedSKUs-->
@ -134,11 +134,11 @@ The following list shows the supported values:
- 1 (default) - Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="abovelock-allowtoasts"></a>**AboveLock/AllowToasts**
<!--SupportedSKUs-->
@ -186,7 +186,7 @@ The following list shows the supported values:
- 1 (default) - Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -195,5 +195,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

18
windows/client-management/mdm/policy-csp-accountpoliciesaccountlockoutpolicy.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - AccountPoliciesAccountLockoutPolicy
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## AccountPoliciesAccountLockoutPolicy policies
<dl>
@ -35,7 +35,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="accountpoliciesaccountlockoutpolicy-accountlockoutduration"></a>**AccountPoliciesAccountLockoutPolicy/AccountLockoutDuration**
<!--SupportedSKUs-->
@ -78,11 +78,11 @@ If an account lockout threshold is defined, the account lockout duration must be
Default: None, because this policy setting only has meaning when an Account lockout threshold is specified.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="accountpoliciesaccountlockoutpolicy-accountlockoutthreshold"></a>**AccountPoliciesAccountLockoutPolicy/AccountLockoutThreshold**
<!--SupportedSKUs-->
@ -125,11 +125,11 @@ Failed password attempts against workstations or member servers that have been l
Default: 0.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="accountpoliciesaccountlockoutpolicy-resetaccountlockoutcounterafter"></a>**AccountPoliciesAccountLockoutPolicy/ResetAccountLockoutCounterAfter**
<!--SupportedSKUs-->
@ -172,7 +172,7 @@ If an account lockout threshold is defined, this reset time must be less than or
Default: None, because this policy setting only has meaning when an Account lockout threshold is specified.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -181,5 +181,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

22
windows/client-management/mdm/policy-csp-accounts.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Accounts
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Accounts policies
<dl>
@ -36,7 +36,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="accounts-allowaddingnonmicrosoftaccountsmanually"></a>**Accounts/AllowAddingNonMicrosoftAccountsManually**
<!--SupportedSKUs-->
@ -87,11 +87,11 @@ The following list shows the supported values:
- 1 (default) - Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="accounts-allowmicrosoftaccountconnection"></a>**Accounts/AllowMicrosoftAccountConnection**
<!--SupportedSKUs-->
@ -139,11 +139,11 @@ The following list shows the supported values:
- 1 (default) - Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="accounts-allowmicrosoftaccountsigninassistant"></a>**Accounts/AllowMicrosoftAccountSignInAssistant**
<!--SupportedSKUs-->
@ -189,11 +189,11 @@ The following list shows the supported values:
- 1 (default) - Manual start.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="accounts-domainnamesforemailsync"></a>**Accounts/DomainNamesForEmailSync**
<!--SupportedSKUs-->
@ -236,7 +236,7 @@ The data type is a string.
The default value is an empty string, which allows all email accounts on the device to sync email. Otherwise, the string should contain a pipe-separated list of domains that are allowed to sync email on the device. For example, "contoso.com|fabrikam.net|woodgrove.gov".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -245,7 +245,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartHoloLens-->
## <a href="" id="hololenspolicies"></a>Accounts policies supported by Windows Holographic for Business

10
windows/client-management/mdm/policy-csp-activexcontrols.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - ActiveXControls
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## ActiveXControls policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="activexcontrols-approvedinstallationsites"></a>**ActiveXControls/ApprovedInstallationSites**
<!--SupportedSKUs-->
@ -87,7 +87,7 @@ ADMX Info:
- GP ADMX file name: *ActiveXInstallService.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -96,5 +96,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

10
windows/client-management/mdm/policy-csp-applicationdefaults.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - ApplicationDefaults
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## ApplicationDefaults policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationdefaults-defaultassociationsconfiguration"></a>**ApplicationDefaults/DefaultAssociationsConfiguration**
<!--SupportedSKUs-->
@ -122,7 +122,7 @@ Here is the SyncMl example:
```
<!--/Example-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -131,5 +131,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

50
windows/client-management/mdm/policy-csp-applicationmanagement.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - ApplicationManagement
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## ApplicationManagement policies
<dl>
@ -57,7 +57,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-allowalltrustedapps"></a>**ApplicationManagement/AllowAllTrustedApps**
<!--SupportedSKUs-->
@ -106,11 +106,11 @@ The following list shows the supported values:
- 65535 (default) - Not configured.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-allowappstoreautoupdate"></a>**ApplicationManagement/AllowAppStoreAutoUpdate**
<!--SupportedSKUs-->
@ -159,11 +159,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-allowdeveloperunlock"></a>**ApplicationManagement/AllowDeveloperUnlock**
<!--SupportedSKUs-->
@ -212,11 +212,11 @@ The following list shows the supported values:
- 65535 (default) - Not configured.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-allowgamedvr"></a>**ApplicationManagement/AllowGameDVR**
<!--SupportedSKUs-->
@ -267,11 +267,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-allowshareduserappdata"></a>**ApplicationManagement/AllowSharedUserAppData**
<!--SupportedSKUs-->
@ -319,11 +319,11 @@ The following list shows the supported values:
- 1 Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-allowstore"></a>**ApplicationManagement/AllowStore**
<!--SupportedSKUs-->
@ -371,11 +371,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-applicationrestrictions"></a>**ApplicationManagement/ApplicationRestrictions**
<!--SupportedSKUs-->
@ -436,11 +436,11 @@ Value type is chr.
Value evaluation rule - The information for PolicyManager is opaque. There is no most restricted value evaluation. Whenever there is a change to the value, the device parses the node value and enforces specified policies.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-disablestoreoriginatedapps"></a>**ApplicationManagement/DisableStoreOriginatedApps**
<!--SupportedSKUs-->
@ -486,11 +486,11 @@ The following list shows the supported values:
- 1 Disable launch of apps.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-requireprivatestoreonly"></a>**ApplicationManagement/RequirePrivateStoreOnly**
<!--SupportedSKUs-->
@ -539,11 +539,11 @@ The following list shows the supported values:
- 1 Only Private store is enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-restrictappdatatosystemvolume"></a>**ApplicationManagement/RestrictAppDataToSystemVolume**
<!--SupportedSKUs-->
@ -591,11 +591,11 @@ The following list shows the supported values:
- 1 Restricted.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="applicationmanagement-restrictapptosystemvolume"></a>**ApplicationManagement/RestrictAppToSystemVolume**
<!--SupportedSKUs-->
@ -643,7 +643,7 @@ The following list shows the supported values:
- 1 Restricted.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -652,7 +652,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartHoloLens-->
## <a href="" id="hololenspolicies"></a>ApplicationManagement policies supported by Windows Holographic for Business

118
windows/client-management/mdm/policy-csp-appvirtualization.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - AppVirtualization
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## AppVirtualization policies
<dl>
@ -108,7 +108,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-allowappvclient"></a>**AppVirtualization/AllowAppVClient**
<!--SupportedSKUs-->
@ -162,11 +162,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-allowdynamicvirtualization"></a>**AppVirtualization/AllowDynamicVirtualization**
<!--SupportedSKUs-->
@ -220,11 +220,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-allowpackagecleanup"></a>**AppVirtualization/AllowPackageCleanup**
<!--SupportedSKUs-->
@ -278,11 +278,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-allowpackagescripts"></a>**AppVirtualization/AllowPackageScripts**
<!--SupportedSKUs-->
@ -336,11 +336,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-allowpublishingrefreshux"></a>**AppVirtualization/AllowPublishingRefreshUX**
<!--SupportedSKUs-->
@ -394,11 +394,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-allowreportingserver"></a>**AppVirtualization/AllowReportingServer**
<!--SupportedSKUs-->
@ -462,11 +462,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-allowroamingfileexclusions"></a>**AppVirtualization/AllowRoamingFileExclusions**
<!--SupportedSKUs-->
@ -520,11 +520,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-allowroamingregistryexclusions"></a>**AppVirtualization/AllowRoamingRegistryExclusions**
<!--SupportedSKUs-->
@ -578,11 +578,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-allowstreamingautoload"></a>**AppVirtualization/AllowStreamingAutoload**
<!--SupportedSKUs-->
@ -636,11 +636,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-clientcoexistenceallowmigrationmode"></a>**AppVirtualization/ClientCoexistenceAllowMigrationmode**
<!--SupportedSKUs-->
@ -694,11 +694,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-integrationallowrootglobal"></a>**AppVirtualization/IntegrationAllowRootGlobal**
<!--SupportedSKUs-->
@ -752,11 +752,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-integrationallowrootuser"></a>**AppVirtualization/IntegrationAllowRootUser**
<!--SupportedSKUs-->
@ -810,11 +810,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-publishingallowserver1"></a>**AppVirtualization/PublishingAllowServer1**
<!--SupportedSKUs-->
@ -886,11 +886,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-publishingallowserver2"></a>**AppVirtualization/PublishingAllowServer2**
<!--SupportedSKUs-->
@ -962,11 +962,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-publishingallowserver3"></a>**AppVirtualization/PublishingAllowServer3**
<!--SupportedSKUs-->
@ -1038,11 +1038,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-publishingallowserver4"></a>**AppVirtualization/PublishingAllowServer4**
<!--SupportedSKUs-->
@ -1114,11 +1114,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-publishingallowserver5"></a>**AppVirtualization/PublishingAllowServer5**
<!--SupportedSKUs-->
@ -1190,11 +1190,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingallowcertificatefilterforclient-ssl"></a>**AppVirtualization/StreamingAllowCertificateFilterForClient_SSL**
<!--SupportedSKUs-->
@ -1248,11 +1248,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingallowhighcostlaunch"></a>**AppVirtualization/StreamingAllowHighCostLaunch**
<!--SupportedSKUs-->
@ -1306,11 +1306,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingallowlocationprovider"></a>**AppVirtualization/StreamingAllowLocationProvider**
<!--SupportedSKUs-->
@ -1364,11 +1364,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingallowpackageinstallationroot"></a>**AppVirtualization/StreamingAllowPackageInstallationRoot**
<!--SupportedSKUs-->
@ -1422,11 +1422,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingallowpackagesourceroot"></a>**AppVirtualization/StreamingAllowPackageSourceRoot**
<!--SupportedSKUs-->
@ -1480,11 +1480,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingallowreestablishmentinterval"></a>**AppVirtualization/StreamingAllowReestablishmentInterval**
<!--SupportedSKUs-->
@ -1538,11 +1538,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingallowreestablishmentretries"></a>**AppVirtualization/StreamingAllowReestablishmentRetries**
<!--SupportedSKUs-->
@ -1596,11 +1596,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingsharedcontentstoremode"></a>**AppVirtualization/StreamingSharedContentStoreMode**
<!--SupportedSKUs-->
@ -1654,11 +1654,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingsupportbranchcache"></a>**AppVirtualization/StreamingSupportBranchCache**
<!--SupportedSKUs-->
@ -1712,11 +1712,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-streamingverifycertificaterevocationlist"></a>**AppVirtualization/StreamingVerifyCertificateRevocationList**
<!--SupportedSKUs-->
@ -1770,11 +1770,11 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="appvirtualization-virtualcomponentsallowlist"></a>**AppVirtualization/VirtualComponentsAllowList**
<!--SupportedSKUs-->
@ -1828,7 +1828,7 @@ ADMX Info:
- GP ADMX file name: *appv.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -1837,5 +1837,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

18
windows/client-management/mdm/policy-csp-attachmentmanager.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - AttachmentManager
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## AttachmentManager policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="attachmentmanager-donotpreservezoneinformation"></a>**AttachmentManager/DoNotPreserveZoneInformation**
<!--SupportedSKUs-->
@ -93,11 +93,11 @@ ADMX Info:
- GP ADMX file name: *AttachmentManager.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="attachmentmanager-hidezoneinfomechanism"></a>**AttachmentManager/HideZoneInfoMechanism**
<!--SupportedSKUs-->
@ -157,11 +157,11 @@ ADMX Info:
- GP ADMX file name: *AttachmentManager.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="attachmentmanager-notifyantivirusprograms"></a>**AttachmentManager/NotifyAntivirusPrograms**
<!--SupportedSKUs-->
@ -221,7 +221,7 @@ ADMX Info:
- GP ADMX file name: *AttachmentManager.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -230,5 +230,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

26
windows/client-management/mdm/policy-csp-authentication.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Authentication
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Authentication policies
<dl>
@ -39,7 +39,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="authentication-allowaadpasswordreset"></a>**Authentication/AllowAadPasswordReset**
<!--SupportedSKUs-->
@ -85,11 +85,11 @@ The following list shows the supported values:
- 1 Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="authentication-alloweapcertsso"></a>**Authentication/AllowEAPCertSSO**
<!--SupportedSKUs-->
@ -135,11 +135,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="authentication-allowfastreconnect"></a>**Authentication/AllowFastReconnect**
<!--SupportedSKUs-->
@ -187,11 +187,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="authentication-allowfidodevicesignon"></a>**Authentication/AllowFidoDeviceSignon**
<!--SupportedSKUs-->
@ -241,11 +241,11 @@ The following list shows the supported values:
- 1 - Allow. The FIDO device credential provider is enabled and allows usage of FIDO devices to sign into an Windows.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="authentication-allowsecondaryauthenticationdevice"></a>**Authentication/AllowSecondaryAuthenticationDevice**
<!--SupportedSKUs-->
@ -293,7 +293,7 @@ The following list shows the supported values:
- 1 Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -302,7 +302,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartHoloLens-->
## <a href="" id="hololenspolicies"></a>Authentication policies supported by Windows Holographic for Business

18
windows/client-management/mdm/policy-csp-autoplay.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Autoplay
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Autoplay policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="autoplay-disallowautoplayfornonvolumedevices"></a>**Autoplay/DisallowAutoplayForNonVolumeDevices**
<!--SupportedSKUs-->
@ -92,11 +92,11 @@ ADMX Info:
- GP ADMX file name: *AutoPlay.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="autoplay-setdefaultautorunbehavior"></a>**Autoplay/SetDefaultAutoRunBehavior**
<!--SupportedSKUs-->
@ -164,11 +164,11 @@ ADMX Info:
- GP ADMX file name: *AutoPlay.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="autoplay-turnoffautoplay"></a>**Autoplay/TurnOffAutoPlay**
<!--SupportedSKUs-->
@ -237,7 +237,7 @@ ADMX Info:
- GP ADMX file name: *AutoPlay.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -246,5 +246,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

10
windows/client-management/mdm/policy-csp-bitlocker.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Bitlocker
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Bitlocker policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="bitlocker-encryptionmethod"></a>**Bitlocker/EncryptionMethod**
<!--SupportedSKUs-->
@ -106,7 +106,7 @@ The following list shows the supported values:
- 7 - XTS-AES 256-bit (Desktop only)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -115,5 +115,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

26
windows/client-management/mdm/policy-csp-bluetooth.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Bluetooth
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Bluetooth policies
<dl>
@ -39,7 +39,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="bluetooth-allowadvertising"></a>**Bluetooth/AllowAdvertising**
<!--SupportedSKUs-->
@ -89,11 +89,11 @@ The following list shows the supported values:
- 1 (default) Allowed. When set to 1, the device will send out advertisements. To verify, use any Bluetooth LE app and enable it to do advertising. Then, verify that the advertisement is received by the peripheral.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="bluetooth-allowdiscoverablemode"></a>**Bluetooth/AllowDiscoverableMode**
<!--SupportedSKUs-->
@ -143,11 +143,11 @@ The following list shows the supported values:
- 1 (default) Allowed. When set to 1, other devices will be able to detect the device. To verify, open the Bluetooth control panel on the device. Then, go to another Bluetooth-enabled device, open the Bluetooth control panel and verify that you can discover it.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="bluetooth-allowprepairing"></a>**Bluetooth/AllowPrepairing**
<!--SupportedSKUs-->
@ -193,11 +193,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="bluetooth-localdevicename"></a>**Bluetooth/LocalDeviceName**
<!--SupportedSKUs-->
@ -240,11 +240,11 @@ If this is set, the value that it is set to will be used as the Bluetooth device
If this policy is not set or it is deleted, the default local radio name is used.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="bluetooth-servicesallowedlist"></a>**Bluetooth/ServicesAllowedList**
<!--SupportedSKUs-->
@ -285,7 +285,7 @@ Set a list of allowable services and profiles. String hex formatted array of Blu
The default value is an empty string.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -294,7 +294,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartHoloLens-->
## <a href="" id="hololenspolicies"></a>Bluetooth policies supported by Windows Holographic for Business

158
windows/client-management/mdm/policy-csp-browser.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Browser
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Browser policies
<dl>
@ -140,7 +140,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowaddressbardropdown"></a>**Browser/AllowAddressBarDropdown**
<!--SupportedSKUs-->
@ -192,11 +192,11 @@ The following list shows the supported values:
- 1 (default) Allowed. Address bar drop-down is enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowautofill"></a>**Browser/AllowAutofill**
<!--SupportedSKUs-->
@ -254,11 +254,11 @@ To verify AllowAutofill is set to 0 (not allowed):
4. Verify the setting **Save form entries** is greyed out.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowbrowser"></a>**Browser/AllowBrowser**
<!--SupportedSKUs-->
@ -313,11 +313,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowcookies"></a>**Browser/AllowCookies**
<!--SupportedSKUs-->
@ -376,11 +376,11 @@ To verify AllowCookies is set to 0 (not allowed):
4. Verify the setting **Cookies** is greyed out.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowdevelopertools"></a>**Browser/AllowDeveloperTools**
<!--SupportedSKUs-->
@ -433,11 +433,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowdonottrack"></a>**Browser/AllowDoNotTrack**
<!--SupportedSKUs-->
@ -495,11 +495,11 @@ To verify AllowDoNotTrack is set to 0 (not allowed):
4. Verify the setting **Send Do Not Track requests** is greyed out.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowextensions"></a>**Browser/AllowExtensions**
<!--SupportedSKUs-->
@ -546,11 +546,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowflash"></a>**Browser/AllowFlash**
<!--SupportedSKUs-->
@ -597,11 +597,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowflashclicktorun"></a>**Browser/AllowFlashClickToRun**
<!--SupportedSKUs-->
@ -648,11 +648,11 @@ The following list shows the supported values:
- 1 (default) Users must click the content, click a Click-to-Run button, or have the site appear on an auto-allow list before Microsoft Edge loads and runs Adobe Flash content.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowinprivate"></a>**Browser/AllowInPrivate**
<!--SupportedSKUs-->
@ -701,11 +701,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowmicrosoftcompatibilitylist"></a>**Browser/AllowMicrosoftCompatibilityList**
<!--SupportedSKUs-->
@ -757,11 +757,11 @@ The following list shows the supported values:
- 1 (default) Enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowpasswordmanager"></a>**Browser/AllowPasswordManager**
<!--SupportedSKUs-->
@ -819,11 +819,11 @@ To verify AllowPasswordManager is set to 0 (not allowed):
4. Verify the settings **Offer to save password** and **Manage my saved passwords** are greyed out.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowpopups"></a>**Browser/AllowPopups**
<!--SupportedSKUs-->
@ -881,11 +881,11 @@ To verify AllowPopups is set to 0 (not allowed):
4. Verify the setting **Block pop-ups** is greyed out.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowsearchenginecustomization"></a>**Browser/AllowSearchEngineCustomization**
<!--SupportedSKUs-->
@ -936,11 +936,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowsearchsuggestionsinaddressbar"></a>**Browser/AllowSearchSuggestionsinAddressBar**
<!--SupportedSKUs-->
@ -989,11 +989,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-allowsmartscreen"></a>**Browser/AllowSmartScreen**
<!--SupportedSKUs-->
@ -1051,11 +1051,11 @@ To verify AllowSmartScreen is set to 0 (not allowed):
4. Verify the setting **Help protect me from malicious sites and download with SmartScreen Filter** is greyed out.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-alwaysenablebookslibrary"></a>**Browser/AlwaysEnableBooksLibrary**
<!--SupportedSKUs-->
@ -1102,11 +1102,11 @@ The following list shows the supported values:
- 1 - Enable. Always show the Books Library, regardless of countries or region of activation.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-clearbrowsingdataonexit"></a>**Browser/ClearBrowsingDataOnExit**
<!--SupportedSKUs-->
@ -1163,11 +1163,11 @@ To verify that browsing data is cleared on exit (ClearBrowsingDataOnExit is set
3. Open Microsoft Edge and start typing the same URL in address bar. Verify that it does not auto-complete from history.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-configureadditionalsearchengines"></a>**Browser/ConfigureAdditionalSearchEngines**
<!--SupportedSKUs-->
@ -1225,11 +1225,11 @@ The following list shows the supported values:
- 1 Additional search engines are allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-disablelockdownofstartpages"></a>**Browser/DisableLockdownOfStartPages**
<!--SupportedSKUs-->
@ -1284,11 +1284,11 @@ The following list shows the supported values:
- 1 Disable lockdown of the Start pages and allow users to modify them.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-enableextendedbookstelemetry"></a>**Browser/EnableExtendedBooksTelemetry**
<!--SupportedSKUs-->
@ -1337,11 +1337,11 @@ The following list shows the supported values:
- 1 - Enable. Additional telemetry for schools.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-enterprisemodesitelist"></a>**Browser/EnterpriseModeSiteList**
<!--SupportedSKUs-->
@ -1392,11 +1392,11 @@ The following list shows the supported values:
- Set to a URL location of the enterprise site list.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-enterprisesitelistserviceurl"></a>**Browser/EnterpriseSiteListServiceUrl**
<!--SupportedSKUs-->
@ -1437,11 +1437,11 @@ The following list shows the supported values:
> This policy (introduced in Windows 10, version 1507) was deprecated in Windows 10, version 1511 by [Browser/EnterpriseModeSiteList](#browser-enterprisemodesitelist).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-firstrunurl"></a>**Browser/FirstRunURL**
<!--SupportedSKUs-->
@ -1489,11 +1489,11 @@ The data type is a string.
The default value is an empty string. Otherwise, the string should contain the URL of the webpage users will see the first time Microsoft Edge is run. For example, “contoso.com”.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-homepages"></a>**Browser/HomePages**
<!--SupportedSKUs-->
@ -1543,11 +1543,11 @@ Starting in Windows 10, version 1703, if you dont want to send traffic to Mi
> Turning this setting off, or not configuring it, sets your default Start pages to the webpages specified in App settings.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-lockdownfavorites"></a>**Browser/LockdownFavorites**
<!--SupportedSKUs-->
@ -1603,11 +1603,11 @@ The following list shows the supported values:
- 1 - Enabled. Lockdown Favorites.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-preventaccesstoaboutflagsinmicrosoftedge"></a>**Browser/PreventAccessToAboutFlagsInMicrosoftEdge**
<!--SupportedSKUs-->
@ -1654,11 +1654,11 @@ The following list shows the supported values:
- 1 Users can't access the about:flags page in Microsoft Edge.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-preventfirstrunpage"></a>**Browser/PreventFirstRunPage**
<!--SupportedSKUs-->
@ -1707,11 +1707,11 @@ The following list shows the supported values:
- 1 Employees don't see the First Run webpage.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-preventlivetiledatacollection"></a>**Browser/PreventLiveTileDataCollection**
<!--SupportedSKUs-->
@ -1760,11 +1760,11 @@ The following list shows the supported values:
- 1 Microsoft servers will not be contacted if a site is pinned to Start from Microsoft Edge.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-preventsmartscreenpromptoverride"></a>**Browser/PreventSmartScreenPromptOverride**
<!--SupportedSKUs-->
@ -1813,11 +1813,11 @@ The following list shows the supported values:
- 1 On.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-preventsmartscreenpromptoverrideforfiles"></a>**Browser/PreventSmartScreenPromptOverrideForFiles**
<!--SupportedSKUs-->
@ -1864,11 +1864,11 @@ The following list shows the supported values:
- 1 On.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-preventusinglocalhostipaddressforwebrtc"></a>**Browser/PreventUsingLocalHostIPAddressForWebRTC**
<!--SupportedSKUs-->
@ -1919,11 +1919,11 @@ The following list shows the supported values:
- 1 The localhost IP address is hidden.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-provisionfavorites"></a>**Browser/ProvisionFavorites**
<!--SupportedSKUs-->
@ -1976,11 +1976,11 @@ If you disable or don't configure this setting, employees will see the favorites
Data type is string.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-sendintranettraffictointernetexplorer"></a>**Browser/SendIntranetTraffictoInternetExplorer**
<!--SupportedSKUs-->
@ -2033,11 +2033,11 @@ The following list shows the supported values:
- 1 Intranet traffic is sent to Microsoft Edge.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-setdefaultsearchengine"></a>**Browser/SetDefaultSearchEngine**
<!--SupportedSKUs-->
@ -2094,11 +2094,11 @@ The following list shows the supported values:
- 1 - Allows you to configure the default search engine for your employees.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-showmessagewhenopeningsitesininternetexplorer"></a>**Browser/ShowMessageWhenOpeningSitesInInternetExplorer**
<!--SupportedSKUs-->
@ -2151,11 +2151,11 @@ The following list shows the supported values:
- 1 Interstitial pages are shown.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-syncfavoritesbetweenieandmicrosoftedge"></a>**Browser/SyncFavoritesBetweenIEAndMicrosoftEdge**
<!--SupportedSKUs-->
@ -2217,11 +2217,11 @@ To verify that favorites are in synchronized between Internet Explorer and Micro
</ol>
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="browser-usesharedfolderforbooks"></a>**Browser/UseSharedFolderForBooks**
<!--SupportedSKUs-->
@ -2268,7 +2268,7 @@ The following list shows the supported values:
- 1 - Use a shared folder.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -2277,7 +2277,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartEAS-->
## <a href="" id="eas"></a>Browser policies that can be set using Exchange Active Sync (EAS)

10
windows/client-management/mdm/policy-csp-camera.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Camera
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Camera policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="camera-allowcamera"></a>**Camera/AllowCamera**
<!--SupportedSKUs-->
@ -75,7 +75,7 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -84,7 +84,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartEAS-->
## <a href="" id="eas"></a>Camera policies that can be set using Exchange Active Sync (EAS)

26
windows/client-management/mdm/policy-csp-cellular.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Cellular
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Cellular policies
<dl>
@ -39,7 +39,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="cellular-letappsaccesscellulardata"></a>**Cellular/LetAppsAccessCellularData**
<!--SupportedSKUs-->
@ -98,11 +98,11 @@ The following list shows the supported values:
- 2 - Force Deny
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="cellular-letappsaccesscellulardata_forceallowtheseapps"></a>**Cellular/LetAppsAccessCellularData_ForceAllowTheseApps**
<!--SupportedSKUs-->
@ -141,11 +141,11 @@ The following list shows the supported values:
Added in Windows 10, version 1709. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are allowed access to cellular data. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps. Value type is string.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="cellular-letappsaccesscellulardata_forcedenytheseapps"></a>**Cellular/LetAppsAccessCellularData_ForceDenyTheseApps**
<!--SupportedSKUs-->
@ -184,11 +184,11 @@ Added in Windows 10, version 1709. List of semi-colon delimited Package Family N
Added in Windows 10, version 1709. List of semi-colon delimited Package Family Names of Microsoft Store Apps. Listed apps are denied access to cellular data. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps. Value type is string.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="cellular-letappsaccesscellulardata_userincontroloftheseapps"></a>**Cellular/LetAppsAccessCellularData_UserInControlOfTheseApps**
<!--SupportedSKUs-->
@ -227,11 +227,11 @@ Added in Windows 10, version 1709. List of semi-colon delimited Package Family N
Added in Windows 10, version 1709. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the cellular data access setting for the listed apps. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps. Value type is string.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="cellular-showappcellularaccessui"></a>**Cellular/ShowAppCellularAccessUI**
<!--SupportedSKUs-->
@ -294,7 +294,7 @@ ADMX Info:
- GP ADMX file name: *wwansvc.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -303,7 +303,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartEAS-->
## <a href="" id="eas"></a>Cellular policies that can be set using Exchange Active Sync (EAS)

62
windows/client-management/mdm/policy-csp-connectivity.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Connectivity
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Connectivity policies
<dl>
@ -66,7 +66,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-allowbluetooth"></a>**Connectivity/AllowBluetooth**
<!--SupportedSKUs-->
@ -120,11 +120,11 @@ The following list shows the supported values:
- 2 (default) Allow Bluetooth. If this is set to 2, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-allowcellulardata"></a>**Connectivity/AllowCellularData**
<!--SupportedSKUs-->
@ -171,11 +171,11 @@ The following list shows the supported values:
- 2 - Allow the cellular data channel. The user cannot turn it off.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-allowcellulardataroaming"></a>**Connectivity/AllowCellularDataRoaming**
<!--SupportedSKUs-->
@ -234,11 +234,11 @@ To validate on mobile devices, do the following:
3. On the Properties page, select **Data roaming options**.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-allowconnecteddevices"></a>**Connectivity/AllowConnectedDevices**
<!--SupportedSKUs-->
@ -287,11 +287,11 @@ The following list shows the supported values:
- 0 - Disable (CDP service not available).
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-allownfc"></a>**Connectivity/AllowNFC**
<!--SupportedSKUs-->
@ -343,11 +343,11 @@ The following list shows the supported values:
- 1 (default) Allow NFC capabilities.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-allowusbconnection"></a>**Connectivity/AllowUSBConnection**
<!--SupportedSKUs-->
@ -401,11 +401,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-allowvpnovercellular"></a>**Connectivity/AllowVPNOverCellular**
<!--SupportedSKUs-->
@ -453,11 +453,11 @@ The following list shows the supported values:
- 1 (default) VPN can use any connection, including cellular.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-allowvpnroamingovercellular"></a>**Connectivity/AllowVPNRoamingOverCellular**
<!--SupportedSKUs-->
@ -505,11 +505,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-diableprintingoverhttp"></a>**Connectivity/DiablePrintingOverHTTP**
<!--SupportedSKUs-->
@ -562,11 +562,11 @@ ADMX Info:
- GP ADMX file name: *ICM.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-disabledownloadingofprintdriversoverhttp"></a>**Connectivity/DisableDownloadingOfPrintDriversOverHTTP**
<!--SupportedSKUs-->
@ -619,11 +619,11 @@ ADMX Info:
- GP ADMX file name: *ICM.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-disableinternetdownloadforwebpublishingandonlineorderingwizards"></a>**Connectivity/DisableInternetDownloadForWebPublishingAndOnlineOrderingWizards**
<!--SupportedSKUs-->
@ -676,11 +676,11 @@ ADMX Info:
- GP ADMX file name: *ICM.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-disallownetworkconnectivityactivetests"></a>**Connectivity/DisallowNetworkConnectivityActiveTests**
<!--SupportedSKUs-->
@ -721,11 +721,11 @@ Added in Windows 10, version 1703. Network Connection Status Indicator (NCSI) de
Value type is integer.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-hardeneduncpaths"></a>**Connectivity/HardenedUNCPaths**
<!--SupportedSKUs-->
@ -781,11 +781,11 @@ ADMX Info:
- GP ADMX file name: *networkprovider.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="connectivity-prohibitinstallationandconfigurationofnetworkbridge"></a>**Connectivity/ProhibitInstallationAndConfigurationOfNetworkBridge**
<!--SupportedSKUs-->
@ -838,7 +838,7 @@ ADMX Info:
- GP ADMX file name: *NetworkConnections.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -847,7 +847,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartEAS-->
## <a href="" id="eas"></a>Connectivity policies that can be set using Exchange Active Sync (EAS)

10
windows/client-management/mdm/policy-csp-controlpolicyconflict.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - ControlPolicyConflict
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## ControlPolicyConflict policies
<dl>
@ -29,7 +29,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="controlpolicyconflict-mdmwinsovergp"></a>**ControlPolicyConflict/MDMWinsOverGP**
<!--SupportedSKUs-->
@ -83,7 +83,7 @@ The following list shows the supported values:
- 1 - The MDM policy is used and the GP policy is blocked.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -92,5 +92,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

18
windows/client-management/mdm/policy-csp-credentialproviders.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - CredentialProviders
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## CredentialProviders policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="credentialproviders-allowpinlogon"></a>**CredentialProviders/AllowPINLogon**
<!--SupportedSKUs-->
@ -95,11 +95,11 @@ ADMX Info:
- GP ADMX file name: *credentialproviders.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="credentialproviders-blockpicturepassword"></a>**CredentialProviders/BlockPicturePassword**
<!--SupportedSKUs-->
@ -159,11 +159,11 @@ ADMX Info:
- GP ADMX file name: *credentialproviders.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="credentialproviders-disableautomaticredeploymentcredentials"></a>**CredentialProviders/DisableAutomaticReDeploymentCredentials**
<!--SupportedSKUs-->
@ -211,7 +211,7 @@ The following list shows the supported values:
- 1 - Disable visibility of the credentials for Windows 10 Automatic ReDeployment
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -220,7 +220,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartIoTCore-->
## <a href="" id="iotcore"></a>CredentialProviders policies supported by IoT Core

14
windows/client-management/mdm/policy-csp-credentialsui.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - CredentialsUI
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## CredentialsUI policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="credentialsui-disablepasswordreveal"></a>**CredentialsUI/DisablePasswordReveal**
<!--SupportedSKUs-->
@ -93,11 +93,11 @@ ADMX Info:
- GP ADMX file name: *credui.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="credentialsui-enumerateadministrators"></a>**CredentialsUI/EnumerateAdministrators**
<!--SupportedSKUs-->
@ -155,7 +155,7 @@ ADMX Info:
- GP ADMX file name: *credui.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -164,5 +164,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

14
windows/client-management/mdm/policy-csp-cryptography.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Cryptography
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Cryptography policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="cryptography-allowfipsalgorithmpolicy"></a>**Cryptography/AllowFipsAlgorithmPolicy**
<!--SupportedSKUs-->
@ -76,11 +76,11 @@ The following list shows the supported values:
- 1 Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="cryptography-tlsciphersuites"></a>**Cryptography/TLSCipherSuites**
<!--SupportedSKUs-->
@ -119,7 +119,7 @@ The following list shows the supported values:
Lists the Cryptographic Cipher Algorithms allowed for SSL connections. Format is a semicolon delimited list. Last write win.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -128,7 +128,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartSurfaceHub-->
## <a href="" id="surfacehubpolicies"></a>Cryptography policies supported by Microsoft Surface Hub

14
windows/client-management/mdm/policy-csp-dataprotection.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - DataProtection
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## DataProtection policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="dataprotection-allowdirectmemoryaccess"></a>**DataProtection/AllowDirectMemoryAccess**
<!--SupportedSKUs-->
@ -78,11 +78,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="dataprotection-legacyselectivewipeid"></a>**DataProtection/LegacySelectiveWipeID**
<!--SupportedSKUs-->
@ -128,7 +128,7 @@ Setting used by Windows 8.1 Selective Wipe.
> This policy is not recommended for use in Windows 10.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -137,7 +137,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartIoTCore-->
## <a href="" id="iotcore"></a>DataProtection policies supported by IoT Core

14
windows/client-management/mdm/policy-csp-datausage.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - DataUsage
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## DataUsage policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="datausage-setcost3g"></a>**DataUsage/SetCost3G**
<!--SupportedSKUs-->
@ -94,11 +94,11 @@ ADMX Info:
- GP ADMX file name: *wwansvc.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="datausage-setcost4g"></a>**DataUsage/SetCost4G**
<!--SupportedSKUs-->
@ -162,7 +162,7 @@ ADMX Info:
- GP ADMX file name: *wwansvc.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -171,5 +171,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

146
windows/client-management/mdm/policy-csp-defender.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Defender
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Defender policies
<dl>
@ -129,7 +129,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowarchivescanning"></a>**Defender/AllowArchiveScanning**
<!--SupportedSKUs-->
@ -179,11 +179,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowbehaviormonitoring"></a>**Defender/AllowBehaviorMonitoring**
<!--SupportedSKUs-->
@ -233,11 +233,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowcloudprotection"></a>**Defender/AllowCloudProtection**
<!--SupportedSKUs-->
@ -287,11 +287,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowemailscanning"></a>**Defender/AllowEmailScanning**
<!--SupportedSKUs-->
@ -341,11 +341,11 @@ The following list shows the supported values:
- 1 Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowfullscanonmappednetworkdrives"></a>**Defender/AllowFullScanOnMappedNetworkDrives**
<!--SupportedSKUs-->
@ -395,11 +395,11 @@ The following list shows the supported values:
- 1 Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowfullscanremovabledrivescanning"></a>**Defender/AllowFullScanRemovableDriveScanning**
<!--SupportedSKUs-->
@ -449,11 +449,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowioavprotection"></a>**Defender/AllowIOAVProtection**
<!--SupportedSKUs-->
@ -503,11 +503,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowintrusionpreventionsystem"></a>**Defender/AllowIntrusionPreventionSystem**
<!--SupportedSKUs-->
@ -557,11 +557,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowonaccessprotection"></a>**Defender/AllowOnAccessProtection**
<!--SupportedSKUs-->
@ -611,11 +611,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowrealtimemonitoring"></a>**Defender/AllowRealtimeMonitoring**
<!--SupportedSKUs-->
@ -665,11 +665,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowscanningnetworkfiles"></a>**Defender/AllowScanningNetworkFiles**
<!--SupportedSKUs-->
@ -719,11 +719,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowscriptscanning"></a>**Defender/AllowScriptScanning**
<!--SupportedSKUs-->
@ -773,11 +773,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-allowuseruiaccess"></a>**Defender/AllowUserUIAccess**
<!--SupportedSKUs-->
@ -827,11 +827,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-attacksurfacereductiononlyexclusions"></a>**Defender/AttackSurfaceReductionOnlyExclusions**
<!--SupportedSKUs-->
@ -876,11 +876,11 @@ Added in Windows 10, version 1709. This policy setting allows you to prevent Att
Value type is string.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-attacksurfacereductionrules"></a>**Defender/AttackSurfaceReductionRules**
<!--SupportedSKUs-->
@ -927,11 +927,11 @@ For more information about ASR rule ID and status ID, see [Enable Attack Surface
Value type is string.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-avgcpuloadfactor"></a>**Defender/AvgCPULoadFactor**
<!--SupportedSKUs-->
@ -981,11 +981,11 @@ The default value is 50.
Valid values: 0100
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-cloudblocklevel"></a>**Defender/CloudBlockLevel**
<!--SupportedSKUs-->
@ -1044,11 +1044,11 @@ The following list shows the supported values:
- 0x6 - Zero tolerance blocking level block all unknown executables
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-cloudextendedtimeout"></a>**Defender/CloudExtendedTimeout**
<!--SupportedSKUs-->
@ -1097,11 +1097,11 @@ For example, if the desired timeout is 60 seconds, specify 50 seconds in this se
> This feature depends on three other MAPS settings the must all be enabled- "Configure the 'Block at First Sight' feature; "Join Microsoft MAPS"; "Send file samples when further analysis is required".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-controlledfolderaccessallowedapplications"></a>**Defender/ControlledFolderAccessAllowedApplications**
<!--SupportedSKUs-->
@ -1143,11 +1143,11 @@ For example, if the desired timeout is 60 seconds, specify 50 seconds in this se
Added in Windows 10, version 1709. This policy setting allows user-specified applications to the guard my folders feature. Adding an allowed application means the guard my folders feature will allow the application to modify or delete content in certain folders such as My Documents. In most cases it will not be necessary to add entries. Windows Defender Antivirus will automatically detect and dynamically add applications that are friendly. Value type is string. Use the | as the substring separator.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-controlledfolderaccessprotectedfolders"></a>**Defender/ControlledFolderAccessProtectedFolders**
<!--SupportedSKUs-->
@ -1189,11 +1189,11 @@ Added in Windows 10, version 1709. This policy setting allows user-specified app
Added in Windows 10, version 1709. This policy settings allows adding user-specified folder locations to the guard my folders feature. These folders will complement the system defined folders such as My Documents and My Pictures. The list of system folders will be displayed in the user interface and can not be changed. Value type is string. Use the | as the substring separator.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-daystoretaincleanedmalware"></a>**Defender/DaysToRetainCleanedMalware**
<!--SupportedSKUs-->
@ -1243,11 +1243,11 @@ The default value is 0, which keeps items in quarantine, and does not automatica
Valid values: 090
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-enablecontrolledfolderaccess"></a>**Defender/EnableControlledFolderAccess**
<!--SupportedSKUs-->
@ -1297,11 +1297,11 @@ The following list shows the supported values:
- 2 - Audit Mode
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-enablenetworkprotection"></a>**Defender/EnableNetworkProtection**
<!--SupportedSKUs-->
@ -1357,11 +1357,11 @@ The following list shows the supported values:
- 2 - Enabled (audit mode)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-excludedextensions"></a>**Defender/ExcludedExtensions**
<!--SupportedSKUs-->
@ -1404,11 +1404,11 @@ The following list shows the supported values:
Allows an administrator to specify a list of file type extensions to ignore during a scan. Each file type in the list must be separated by a **|**. For example, "lib|obj".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-excludedpaths"></a>**Defender/ExcludedPaths**
<!--SupportedSKUs-->
@ -1451,11 +1451,11 @@ Allows an administrator to specify a list of file type extensions to ignore duri
Allows an administrator to specify a list of directory paths to ignore during a scan. Each path in the list must be separated by a **|**. For example, "C:\\Example|C:\\Example1".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-excludedprocesses"></a>**Defender/ExcludedProcesses**
<!--SupportedSKUs-->
@ -1504,11 +1504,11 @@ Allows an administrator to specify a list of files opened by processes to ignore
Each file type must be separated by a **|**. For example, "C:\\Example.exe|C:\\Example1.exe".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-puaprotection"></a>**Defender/PUAProtection**
<!--SupportedSKUs-->
@ -1559,11 +1559,11 @@ The following list shows the supported values:
- 2 Audit mode. Windows Defender will detect potentially unwanted applications, but take no action. You can review information about the applications Windows Defender would have taken action against by searching for events created by Windows Defender in the Event Viewer.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-realtimescandirection"></a>**Defender/RealTimeScanDirection**
<!--SupportedSKUs-->
@ -1617,11 +1617,11 @@ The following list shows the supported values:
- 2 Monitor outgoing files.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-scanparameter"></a>**Defender/ScanParameter**
<!--SupportedSKUs-->
@ -1671,11 +1671,11 @@ The following list shows the supported values:
- 2 Full scan
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-schedulequickscantime"></a>**Defender/ScheduleQuickScanTime**
<!--SupportedSKUs-->
@ -1731,11 +1731,11 @@ The default value is 120
Valid values: 01380
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-schedulescanday"></a>**Defender/ScheduleScanDay**
<!--SupportedSKUs-->
@ -1795,11 +1795,11 @@ The following list shows the supported values:
- 8 No scheduled scan
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-schedulescantime"></a>**Defender/ScheduleScanTime**
<!--SupportedSKUs-->
@ -1855,11 +1855,11 @@ The default value is 120.
Valid values: 01380.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-signatureupdateinterval"></a>**Defender/SignatureUpdateInterval**
<!--SupportedSKUs-->
@ -1911,11 +1911,11 @@ The default value is 8.
Valid values: 024.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-submitsamplesconsent"></a>**Defender/SubmitSamplesConsent**
<!--SupportedSKUs-->
@ -1967,11 +1967,11 @@ The following list shows the supported values:
- 3 Send all samples automatically.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="defender-threatseveritydefaultaction"></a>**Defender/ThreatSeverityDefaultAction**
<!--SupportedSKUs-->
@ -2032,7 +2032,7 @@ The following list shows the supported values for possible actions:
- 10 Block
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -2041,7 +2041,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartSurfaceHub-->
## <a href="" id="surfacehubpolicies"></a>Defender policies supported by Microsoft Surface Hub

102
windows/client-management/mdm/policy-csp-deliveryoptimization.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - DeliveryOptimization
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## DeliveryOptimization policies
<dl>
@ -98,7 +98,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-doabsolutemaxcachesize"></a>**DeliveryOptimization/DOAbsoluteMaxCacheSize**
<!--SupportedSKUs-->
@ -143,11 +143,11 @@ Added in Windows 10, version 1607. Specifies the maximum size in GB of Delivery
The default value is 10.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-doallowvpnpeercaching"></a>**DeliveryOptimization/DOAllowVPNPeerCaching**
<!--SupportedSKUs-->
@ -197,11 +197,11 @@ The following list shows the supported values:
- 1 - Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dodelaybackgrounddownloadfromhttp"></a>**DeliveryOptimization/DODelayBackgroundDownloadFromHttp**
<!--SupportedSKUs-->
@ -242,11 +242,11 @@ Added in Windows 10, next major update. This policy allows you to delay the use
After the max delay is reached, the download will resume using HTTP, either downloading the entire payload or complementing the bytes that could not be downloaded from peers. Note that a download that is waiting for peer sources, will appear to be stuck for the end user. The recommended value is 1 hour (3600).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dodelayforegrounddownloadfromhttp"></a>**DeliveryOptimization/DODelayForegroundDownloadFromHttp**
<!--SupportedSKUs-->
@ -299,11 +299,11 @@ The following list shows the supported values as number of seconds:
- Default is not configured.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dodownloadmode"></a>**DeliveryOptimization/DODownloadMode**
<!--SupportedSKUs-->
@ -357,11 +357,11 @@ The following list shows the supported values:
- 100 - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dogroupid"></a>**DeliveryOptimization/DOGroupId**
<!--SupportedSKUs-->
@ -407,11 +407,11 @@ This Policy specifies an arbitrary group ID that the device belongs to. Use this
> You must use a GUID as the group ID.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dogroupidsource"></a>**DeliveryOptimization/DOGroupIdSource**
<!--SupportedSKUs-->
@ -467,11 +467,11 @@ The following list shows the supported values:
- 4 - DNS suffix
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-domaxcacheage"></a>**DeliveryOptimization/DOMaxCacheAge**
<!--SupportedSKUs-->
@ -516,11 +516,11 @@ Specifies the maximum time in seconds that each file is held in the Delivery Opt
The default value is 259200 seconds (3 days).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-domaxcachesize"></a>**DeliveryOptimization/DOMaxCacheSize**
<!--SupportedSKUs-->
@ -565,11 +565,11 @@ Specifies the maximum cache size that Delivery Optimization can utilize, as a pe
The default value is 20.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-domaxdownloadbandwidth"></a>**DeliveryOptimization/DOMaxDownloadBandwidth**
<!--SupportedSKUs-->
@ -614,11 +614,11 @@ Added in Windows 10, version 1607. Specifies the maximum download bandwidth in
The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-domaxuploadbandwidth"></a>**DeliveryOptimization/DOMaxUploadBandwidth**
<!--SupportedSKUs-->
@ -663,11 +663,11 @@ Specifies the maximum upload bandwidth in KiloBytes/second that a device will us
The default value is 0, which permits unlimited possible bandwidth (optimized for minimal usage of upload bandwidth).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dominbackgroundqos"></a>**DeliveryOptimization/DOMinBackgroundQos**
<!--SupportedSKUs-->
@ -712,11 +712,11 @@ Added in Windows 10, version 1607. Specifies the minimum download QoS (Quality
The default value is 500.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dominbatterypercentageallowedtoupload"></a>**DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload**
<!--SupportedSKUs-->
@ -760,11 +760,11 @@ Added in Windows 10, version 1703. Specifies any value between 1 and 100 (in pe
The default value is 0. The value 0 (zero) means "not limited" and the cloud service default value will be used.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-domindisksizeallowedtopeer"></a>**DeliveryOptimization/DOMinDiskSizeAllowedToPeer**
<!--SupportedSKUs-->
@ -812,11 +812,11 @@ Added in Windows 10, version 1703. Specifies the required minimum disk size (cap
The default value is 32 GB.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dominfilesizetocache"></a>**DeliveryOptimization/DOMinFileSizeToCache**
<!--SupportedSKUs-->
@ -861,11 +861,11 @@ Added in Windows 10, version 1703. Specifies the minimum content file size in MB
The default value is 100 MB.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dominramallowedtopeer"></a>**DeliveryOptimization/DOMinRAMAllowedToPeer**
<!--SupportedSKUs-->
@ -910,11 +910,11 @@ Added in Windows 10, version 1703. Specifies the minimum RAM size in GB required
The default value is 4 GB.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-domodifycachedrive"></a>**DeliveryOptimization/DOModifyCacheDrive**
<!--SupportedSKUs-->
@ -959,11 +959,11 @@ Added in Windows 10, version 1607. Specifies the drive that Delivery Optimizati
By default, %SystemDrive% is used to store the cache.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-domonthlyuploaddatacap"></a>**DeliveryOptimization/DOMonthlyUploadDataCap**
<!--SupportedSKUs-->
@ -1010,11 +1010,11 @@ The value 0 (zero) means "unlimited"; No monthly upload limit is applied if 0 is
The default value is 20.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dopercentagemaxbackdownloadbandwidth"></a>**DeliveryOptimization/DOPercentageMaxBackDownloadBandwidth**
<!--SupportedSKUs-->
@ -1055,22 +1055,22 @@ Added in Windows 10, next major update. Specifies the maximum background downloa
Note that downloads from LAN peers will not be throttled even when this policy is set.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dopercentagemaxdownloadbandwidth"></a>**DeliveryOptimization/DOPercentageMaxDownloadBandwidth**
<!--Description-->
This policy is deprecated. Use [DOPercentageMaxForeDownloadBandwidth](#deliveryoptimization-dopercentagemaxforedownloadbandwidth) and [DOPercentageMaxBackDownloadBandwidth](#deliveryoptimization-dopercentagemaxbackdownloadbandwidth) policies instead.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dopercentagemaxforedownloadbandwidth"></a>**DeliveryOptimization/DOPercentageMaxForeDownloadBandwidth**
<!--SupportedSKUs-->
@ -1111,11 +1111,11 @@ Added in Windows 10, next major update. Specifies the maximum foreground downloa
Note that downloads from LAN peers will not be throttled even when this policy is set.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dorestrictpeerselectionby"></a>**DeliveryOptimization/DORestrictPeerSelectionBy**
<!--SupportedSKUs-->
@ -1163,11 +1163,11 @@ The following list shows the supported values:
- 1 - Subnet mask.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth"></a>**DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth**
<!--SupportedSKUs-->
@ -1216,11 +1216,11 @@ This policy allows an IT Admin to define the following:
- % of throttle for foreground traffic outside of business hours
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth"></a>**DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth**
<!--SupportedSKUs-->
@ -1269,7 +1269,7 @@ This policy allows an IT Admin to define the following:
- % of throttle for foreground traffic outside of business hours
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -1278,7 +1278,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartSurfaceHub-->
## <a href="" id="surfacehubpolicies"></a>DeliveryOptimization policies supported by Microsoft Surface Hub

10
windows/client-management/mdm/policy-csp-desktop.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Desktop
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Desktop policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="desktop-preventuserredirectionofprofilefolders"></a>**Desktop/PreventUserRedirectionOfProfileFolders**
<!--SupportedSKUs-->
@ -85,7 +85,7 @@ ADMX Info:
- GP ADMX file name: *desktop.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -94,7 +94,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartSurfaceHub-->
## <a href="" id="surfacehubpolicies"></a>Desktop policies supported by Microsoft Surface Hub

18
windows/client-management/mdm/policy-csp-deviceguard.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - DeviceGuard
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## DeviceGuard policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deviceguard-enablevirtualizationbasedsecurity"></a>**DeviceGuard/EnableVirtualizationBasedSecurity**
<!--SupportedSKUs-->
@ -79,11 +79,11 @@ The following list shows the supported values:
- 1 - enable virtualization based security.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deviceguard-lsacfgflags"></a>**DeviceGuard/LsaCfgFlags**
<!--SupportedSKUs-->
@ -130,11 +130,11 @@ The following list shows the supported values:
- 2 - (Enabled without lock) Turns on Credential Guard without UEFI lock.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deviceguard-requireplatformsecurityfeatures"></a>**DeviceGuard/RequirePlatformSecurityFeatures**
<!--SupportedSKUs-->
@ -180,7 +180,7 @@ The following list shows the supported values:
- 3 - Turns on VBS with Secure Boot and direct memory access (DMA). DMA requires hardware support.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -189,5 +189,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

14
windows/client-management/mdm/policy-csp-deviceinstallation.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - DeviceInstallation
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## DeviceInstallation policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deviceinstallation-preventinstallationofmatchingdeviceids"></a>**DeviceInstallation/PreventInstallationOfMatchingDeviceIDs**
<!--SupportedSKUs-->
@ -88,11 +88,11 @@ ADMX Info:
- GP ADMX file name: *deviceinstallation.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="deviceinstallation-preventinstallationofmatchingdevicesetupclasses"></a>**DeviceInstallation/PreventInstallationOfMatchingDeviceSetupClasses**
<!--SupportedSKUs-->
@ -150,7 +150,7 @@ ADMX Info:
- GP ADMX file name: *deviceinstallation.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -159,5 +159,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

74
windows/client-management/mdm/policy-csp-devicelock.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - DeviceLock
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## DeviceLock policies
<dl>
@ -77,7 +77,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-allowidlereturnwithoutpassword"></a>**DeviceLock/AllowIdleReturnWithoutPassword**
<!--SupportedSKUs-->
@ -130,11 +130,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-allowscreentimeoutwhilelockeduserconfig"></a>**DeviceLock/AllowScreenTimeoutWhileLockedUserConfig**
<!--SupportedSKUs-->
@ -192,11 +192,11 @@ The following list shows the supported values:
- 1 Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-allowsimpledevicepassword"></a>**DeviceLock/AllowSimpleDevicePassword**
<!--SupportedSKUs-->
@ -249,11 +249,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-alphanumericdevicepasswordrequired"></a>**DeviceLock/AlphanumericDevicePasswordRequired**
<!--SupportedSKUs-->
@ -312,11 +312,11 @@ The following list shows the supported values:
- 2 (default) Users can choose: Numeric PIN or password, or Alphanumeric PIN or password.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-devicepasswordenabled"></a>**DeviceLock/DevicePasswordEnabled**
<!--SupportedSKUs-->
@ -403,11 +403,11 @@ The following list shows the supported values:
- 1 Disabled
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-devicepasswordexpiration"></a>**DeviceLock/DevicePasswordExpiration**
<!--SupportedSKUs-->
@ -462,11 +462,11 @@ The following list shows the supported values:
- 0 (default) - Passwords do not expire.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-devicepasswordhistory"></a>**DeviceLock/DevicePasswordHistory**
<!--SupportedSKUs-->
@ -523,11 +523,11 @@ The following list shows the supported values:
- 0 (default)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-enforcelockscreenandlogonimage"></a>**DeviceLock/EnforceLockScreenAndLogonImage**
<!--SupportedSKUs-->
@ -572,11 +572,11 @@ Added in Windows 10, version 1607. Specifies the default lock screen and logon
Value type is a string, which is the full image filepath and filename.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-enforcelockscreenprovider"></a>**DeviceLock/EnforceLockScreenProvider**
<!--SupportedSKUs-->
@ -621,11 +621,11 @@ Added in Windows 10, version 1607. Restricts lock screen image to a specific lo
Value type is a string, which is the AppID.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-maxdevicepasswordfailedattempts"></a>**DeviceLock/MaxDevicePasswordFailedAttempts**
<!--SupportedSKUs-->
@ -687,11 +687,11 @@ The following list shows the supported values:
- 0 (default) - The device is never wiped after an incorrect PIN or password is entered.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-maxinactivitytimedevicelock"></a>**DeviceLock/MaxInactivityTimeDeviceLock**
<!--SupportedSKUs-->
@ -744,11 +744,11 @@ The following list shows the supported values:
- 0 (default) - No timeout is defined. The default of "0" is Windows Phone 7.5 parity and is interpreted by as "No timeout is defined."
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-maxinactivitytimedevicelockwithexternaldisplay"></a>**DeviceLock/MaxInactivityTimeDeviceLockWithExternalDisplay**
<!--SupportedSKUs-->
@ -797,11 +797,11 @@ The following list shows the supported values:
- 0 (default) - No timeout is defined. The default of "0" is Windows Phone 7.5 parity and is interpreted by as "No timeout is defined."
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-mindevicepasswordcomplexcharacters"></a>**DeviceLock/MinDevicePasswordComplexCharacters**
<!--SupportedSKUs-->
@ -911,11 +911,11 @@ The enforcement of policies for Microsoft accounts happen on the server, and the
For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx) and [KB article](https://support.office.com/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-mindevicepasswordlength"></a>**DeviceLock/MinDevicePasswordLength**
<!--SupportedSKUs-->
@ -973,11 +973,11 @@ The following list shows the supported values:
- The default value is 4 for mobile devices and desktop devices.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-minimumpasswordage"></a>**DeviceLock/MinimumPasswordAge**
<!--SupportedSKUs-->
@ -1020,11 +1020,11 @@ The minimum password age must be less than the Maximum password age, unless the
Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cycle through passwords repeatedly until they get to an old favorite. The default setting does not follow this recommendation, so that an administrator can specify a password for a user and then require the user to change the administrator-defined password when the user logs on. If the password history is set to 0, the user does not have to choose a new password. For this reason, Enforce password history is set to 1 by default.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-preventlockscreenslideshow"></a>**DeviceLock/PreventLockScreenSlideShow**
<!--SupportedSKUs-->
@ -1082,11 +1082,11 @@ ADMX Info:
- GP ADMX file name: *ControlPanelDisplay.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="devicelock-screentimeoutwhilelocked"></a>**DeviceLock/ScreenTimeoutWhileLocked**
<!--SupportedSKUs-->
@ -1136,7 +1136,7 @@ The default value is 10.
Most restricted value is 0.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -1145,7 +1145,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartEAS-->
## <a href="" id="eas"></a>DeviceLock policies that can be set using Exchange Active Sync (EAS)

14
windows/client-management/mdm/policy-csp-display.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Display
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Display policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="display-turnoffgdidpiscalingforapps"></a>**Display/TurnOffGdiDPIScalingForApps**
<!--SupportedSKUs-->
@ -84,11 +84,11 @@ To validate on Desktop, do the following:
2. Run the app and observe blurry text.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="display-turnongdidpiscalingforapps"></a>**Display/TurnOnGdiDPIScalingForApps**
<!--SupportedSKUs-->
@ -142,7 +142,7 @@ To validate on Desktop, do the following:
2. Run the app and observe crisp text.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -151,5 +151,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

18
windows/client-management/mdm/policy-csp-education.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Education
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Education policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="education-defaultprintername"></a>**Education/DefaultPrinterName**
<!--SupportedSKUs-->
@ -74,11 +74,11 @@ Added in Windows 10, version 1709. This policy allows IT Admins to set the user
The policy value is expected to be the name (network host name) of an installed printer.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="education-preventaddingnewprinters"></a>**Education/PreventAddingNewPrinters**
<!--SupportedSKUs-->
@ -124,11 +124,11 @@ The following list shows the supported values:
- 1 Prevent user installation.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="education-printernames"></a>**Education/PrinterNames**
<!--SupportedSKUs-->
@ -169,7 +169,7 @@ Added in Windows 10, version 1709. Allows IT Admins to automatically provision
The policy value is expected to be a ```&#xF000;``` seperated list of printer names. The OS will attempt to search and install the matching printer driver for each listed printer.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -178,5 +178,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

30
windows/client-management/mdm/policy-csp-enterprisecloudprint.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - EnterpriseCloudPrint
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## EnterpriseCloudPrint policies
<dl>
@ -42,7 +42,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="enterprisecloudprint-cloudprintoauthauthority"></a>**EnterpriseCloudPrint/CloudPrintOAuthAuthority**
<!--SupportedSKUs-->
@ -85,11 +85,11 @@ The datatype is a string.
The default value is an empty string. Otherwise, the value should contain the URL of an endpoint. For example, "https:<span></span>//azuretenant.contoso.com/adfs".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="enterprisecloudprint-cloudprintoauthclientid"></a>**EnterpriseCloudPrint/CloudPrintOAuthClientId**
<!--SupportedSKUs-->
@ -132,11 +132,11 @@ The datatype is a string.
The default value is an empty string. Otherwise, the value should contain a GUID. For example, "E1CF1107-FF90-4228-93BF-26052DD2C714".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="enterprisecloudprint-cloudprintresourceid"></a>**EnterpriseCloudPrint/CloudPrintResourceId**
<!--SupportedSKUs-->
@ -179,11 +179,11 @@ The datatype is a string.
The default value is an empty string. Otherwise, the value should contain a URL. For example, "http:<span></span>//MicrosoftEnterpriseCloudPrint/CloudPrint".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="enterprisecloudprint-cloudprinterdiscoveryendpoint"></a>**EnterpriseCloudPrint/CloudPrinterDiscoveryEndPoint**
<!--SupportedSKUs-->
@ -226,11 +226,11 @@ The datatype is a string.
The default value is an empty string. Otherwise, the value should contain the URL of an endpoint. For example, "https:<span></span>//cloudprinterdiscovery.contoso.com".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="enterprisecloudprint-discoverymaxprinterlimit"></a>**EnterpriseCloudPrint/DiscoveryMaxPrinterLimit**
<!--SupportedSKUs-->
@ -273,11 +273,11 @@ The datatype is an integer.
For Windows Mobile, the default value is 20.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="enterprisecloudprint-mopriadiscoveryresourceid"></a>**EnterpriseCloudPrint/MopriaDiscoveryResourceId**
<!--SupportedSKUs-->
@ -320,7 +320,7 @@ The datatype is a string.
The default value is an empty string. Otherwise, the value should contain a URL. For example, "http:<span></span>//MopriaDiscoveryService/CloudPrint".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -329,5 +329,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

26
windows/client-management/mdm/policy-csp-errorreporting.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - ErrorReporting
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## ErrorReporting policies
<dl>
@ -39,7 +39,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="errorreporting-customizeconsentsettings"></a>**ErrorReporting/CustomizeConsentSettings**
<!--SupportedSKUs-->
@ -107,11 +107,11 @@ ADMX Info:
- GP ADMX file name: *ErrorReporting.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="errorreporting-disablewindowserrorreporting"></a>**ErrorReporting/DisableWindowsErrorReporting**
<!--SupportedSKUs-->
@ -169,11 +169,11 @@ ADMX Info:
- GP ADMX file name: *ErrorReporting.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="errorreporting-displayerrornotification"></a>**ErrorReporting/DisplayErrorNotification**
<!--SupportedSKUs-->
@ -235,11 +235,11 @@ ADMX Info:
- GP ADMX file name: *ErrorReporting.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="errorreporting-donotsendadditionaldata"></a>**ErrorReporting/DoNotSendAdditionalData**
<!--SupportedSKUs-->
@ -297,11 +297,11 @@ ADMX Info:
- GP ADMX file name: *ErrorReporting.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="errorreporting-preventcriticalerrordisplay"></a>**ErrorReporting/PreventCriticalErrorDisplay**
<!--SupportedSKUs-->
@ -359,7 +359,7 @@ ADMX Info:
- GP ADMX file name: *ErrorReporting.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -368,5 +368,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

22
windows/client-management/mdm/policy-csp-eventlogservice.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - EventLogService
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## EventLogService policies
<dl>
@ -36,7 +36,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="eventlogservice-controleventlogbehavior"></a>**EventLogService/ControlEventLogBehavior**
<!--SupportedSKUs-->
@ -96,11 +96,11 @@ ADMX Info:
- GP ADMX file name: *eventlog.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="eventlogservice-specifymaximumfilesizeapplicationlog"></a>**EventLogService/SpecifyMaximumFileSizeApplicationLog**
<!--SupportedSKUs-->
@ -158,11 +158,11 @@ ADMX Info:
- GP ADMX file name: *eventlog.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="eventlogservice-specifymaximumfilesizesecuritylog"></a>**EventLogService/SpecifyMaximumFileSizeSecurityLog**
<!--SupportedSKUs-->
@ -220,11 +220,11 @@ ADMX Info:
- GP ADMX file name: *eventlog.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="eventlogservice-specifymaximumfilesizesystemlog"></a>**EventLogService/SpecifyMaximumFileSizeSystemLog**
<!--SupportedSKUs-->
@ -282,7 +282,7 @@ ADMX Info:
- GP ADMX file name: *eventlog.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -291,5 +291,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

90
windows/client-management/mdm/policy-csp-experience.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Experience
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Experience policies
<dl>
@ -89,7 +89,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowcopypaste"></a>**Experience/AllowCopyPaste**
<!--SupportedSKUs-->
@ -140,11 +140,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowcortana"></a>**Experience/AllowCortana**
<!--SupportedSKUs-->
@ -192,11 +192,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowdevicediscovery"></a>**Experience/AllowDeviceDiscovery**
<!--SupportedSKUs-->
@ -246,11 +246,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowfindmydevice"></a>**Experience/AllowFindMyDevice**
<!--SupportedSKUs-->
@ -300,11 +300,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowmanualmdmunenrollment"></a>**Experience/AllowManualMDMUnenrollment**
<!--SupportedSKUs-->
@ -356,11 +356,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowsimerrordialogpromptwhennosim"></a>**Experience/AllowSIMErrorDialogPromptWhenNoSIM**
<!--SupportedSKUs-->
@ -410,22 +410,22 @@ The following list shows the supported values:
- 1 (default) SIM card dialog prompt is displayed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowsaveasofofficefiles"></a>**Experience/AllowSaveAsOfOfficeFiles**
<!--Description-->
This policy is deprecated.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowscreencapture"></a>**Experience/AllowScreenCapture**
<!--SupportedSKUs-->
@ -477,22 +477,22 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowsharingofofficefiles"></a>**Experience/AllowSharingOfOfficeFiles**
<!--Description-->
This policy is deprecated.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowsyncmysettings"></a>**Experience/AllowSyncMySettings**
<!--SupportedSKUs-->
@ -538,11 +538,11 @@ The following list shows the supported values:
- 1 (default) Sync settings allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowtailoredexperienceswithdiagnosticdata"></a>**Experience/AllowTailoredExperiencesWithDiagnosticData**
<!--SupportedSKUs-->
@ -597,11 +597,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowtaskswitcher"></a>**Experience/AllowTaskSwitcher**
<!--SupportedSKUs-->
@ -651,11 +651,11 @@ The following list shows the supported values:
- 1 (default) Task switching allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowthirdpartysuggestionsinwindowsspotlight"></a>**Experience/AllowThirdPartySuggestionsInWindowsSpotlight**
<!--SupportedSKUs-->
@ -705,11 +705,11 @@ The following list shows the supported values:
- 1 (default) Third-party suggestions allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowvoicerecording"></a>**Experience/AllowVoiceRecording**
<!--SupportedSKUs-->
@ -761,11 +761,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowwindowsconsumerfeatures"></a>**Experience/AllowWindowsConsumerFeatures**
<!--SupportedSKUs-->
@ -817,11 +817,11 @@ The following list shows the supported values:
- 1 Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowwindowsspotlight"></a>**Experience/AllowWindowsSpotlight**
<!--SupportedSKUs-->
@ -873,11 +873,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowwindowsspotlightonactioncenter"></a>**Experience/AllowWindowsSpotlightOnActionCenter**
<!--SupportedSKUs-->
@ -928,11 +928,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowwindowsspotlightwindowswelcomeexperience"></a>**Experience/AllowWindowsSpotlightWindowsWelcomeExperience**
<!--SupportedSKUs-->
@ -984,11 +984,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-allowwindowstips"></a>**Experience/AllowWindowsTips**
<!--SupportedSKUs-->
@ -1034,11 +1034,11 @@ The following list shows the supported values:
- 1 (default) Enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-configurewindowsspotlightonlockscreen"></a>**Experience/ConfigureWindowsSpotlightOnLockScreen**
<!--SupportedSKUs-->
@ -1089,11 +1089,11 @@ The following list shows the supported values:
- 2 placeholder only for future extension. Using this value has no effect.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="experience-donotshowfeedbacknotifications"></a>**Experience/DoNotShowFeedbackNotifications**
<!--SupportedSKUs-->
@ -1143,7 +1143,7 @@ The following list shows the supported values:
- 1 Feedback notifications are disabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -1152,7 +1152,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartHoloLens-->
## <a href="" id="hololenspolicies"></a>Experience policies supported by Windows Holographic for Business

10
windows/client-management/mdm/policy-csp-exploitguard.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - ExploitGuard
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## ExploitGuard policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="exploitguard-exploitprotectionsettings"></a>**ExploitGuard/ExploitProtectionSettings**
<!--SupportedSKUs-->
@ -95,7 +95,7 @@ Here is an example:
```
<!--/Example-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -104,5 +104,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

10
windows/client-management/mdm/policy-csp-games.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Games
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Games policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="games-allowadvancedgamingservices"></a>**Games/AllowAdvancedGamingServices**
<!--SupportedSKUs-->
@ -73,7 +73,7 @@ The following list shows the supported values:
- 1 (default) - Allowed
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -82,5 +82,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

10
windows/client-management/mdm/policy-csp-handwriting.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Handwriting
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Handwriting policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="handwriting-paneldefaultmodedocked"></a>**Handwriting/PanelDefaultModeDocked**
<!--SupportedSKUs-->
@ -79,7 +79,7 @@ The following list shows the supported values:
- 1 - Enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -88,5 +88,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

978
windows/client-management/mdm/policy-csp-internetexplorer.md
View File

File diff suppressed because it is too large Load Diff

26
windows/client-management/mdm/policy-csp-kerberos.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Kerberos
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Kerberos policies
<dl>
@ -39,7 +39,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kerberos-allowforestsearchorder"></a>**Kerberos/AllowForestSearchOrder**
<!--SupportedSKUs-->
@ -97,11 +97,11 @@ ADMX Info:
- GP ADMX file name: *Kerberos.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kerberos-kerberosclientsupportsclaimscompoundarmor"></a>**Kerberos/KerberosClientSupportsClaimsCompoundArmor**
<!--SupportedSKUs-->
@ -158,11 +158,11 @@ ADMX Info:
- GP ADMX file name: *Kerberos.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kerberos-requirekerberosarmoring"></a>**Kerberos/RequireKerberosArmoring**
<!--SupportedSKUs-->
@ -224,11 +224,11 @@ ADMX Info:
- GP ADMX file name: *Kerberos.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kerberos-requirestrictkdcvalidation"></a>**Kerberos/RequireStrictKDCValidation**
<!--SupportedSKUs-->
@ -286,11 +286,11 @@ ADMX Info:
- GP ADMX file name: *Kerberos.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kerberos-setmaximumcontexttokensize"></a>**Kerberos/SetMaximumContextTokenSize**
<!--SupportedSKUs-->
@ -352,7 +352,7 @@ ADMX Info:
- GP ADMX file name: *Kerberos.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -361,5 +361,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

30
windows/client-management/mdm/policy-csp-kioskbrowser.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - KioskBrowser
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## KioskBrowser policies
<dl>
@ -44,7 +44,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kioskbrowser-blockedurlexceptions"></a>**KioskBrowser/BlockedUrlExceptions**
<!--SupportedSKUs-->
@ -84,11 +84,11 @@ ms.date: 01/29/2018
Added in Windows 10, next major update. List of exceptions to the blocked website URLs (with wildcard support). This is used to configure URLs kiosk browsers are allowed to navigate to, which are a subset of the blocked URLs.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kioskbrowser-blockedurls"></a>**KioskBrowser/BlockedUrls**
<!--SupportedSKUs-->
@ -128,11 +128,11 @@ Added in Windows 10, next major update. List of exceptions to the blocked websit
Added in Windows 10, next major update. List of blocked website URLs (with wildcard support). This is used to configure blocked URLs kiosk browsers cannot navigate to.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kioskbrowser-defaulturl"></a>**KioskBrowser/DefaultURL**
<!--SupportedSKUs-->
@ -172,11 +172,11 @@ Added in Windows 10, next major update. List of blocked website URLs (with wildc
Added in Windows 10, next major update. Configures the default URL kiosk browsers to navigate on launch and restart.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kioskbrowser-enablehomebutton"></a>**KioskBrowser/EnableHomeButton**
<!--SupportedSKUs-->
@ -216,11 +216,11 @@ Added in Windows 10, next major update. Configures the default URL kiosk browser
Added in Windows 10, next major update. Enable/disable kiosk browser's home button.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kioskbrowser-enablenavigationbuttons"></a>**KioskBrowser/EnableNavigationButtons**
<!--SupportedSKUs-->
@ -260,11 +260,11 @@ Added in Windows 10, next major update. Enable/disable kiosk browser's home butt
Added in Windows 10, next major update. Enable/disable kiosk browser's navigation buttons (forward/back).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="kioskbrowser-restartonidletime"></a>**KioskBrowser/RestartOnIdleTime**
<!--SupportedSKUs-->
@ -306,7 +306,7 @@ Added in Windows 10, next major update. Amount of time in minutes the session is
The value is an int 1-1440 that specifies the amount of minutes the session is idle until the kiosk browser restarts in a fresh state. The default value is empty which means there is no idle timeout within the kiosk browser.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -315,5 +315,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

14
windows/client-management/mdm/policy-csp-licensing.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Licensing
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Licensing policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="licensing-allowwindowsentitlementreactivation"></a>**Licensing/AllowWindowsEntitlementReactivation**
<!--SupportedSKUs-->
@ -76,11 +76,11 @@ The following list shows the supported values:
- 1 (default) Enable Windows license reactivation on managed devices.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="licensing-disallowkmsclientonlineavsvalidation"></a>**Licensing/DisallowKMSClientOnlineAVSValidation**
<!--SupportedSKUs-->
@ -126,7 +126,7 @@ The following list shows the supported values:
- 1 Enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -135,5 +135,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

226
windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - LocalPoliciesSecurityOptions
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## LocalPoliciesSecurityOptions policies
<dl>
@ -191,7 +191,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-accounts-blockmicrosoftaccounts"></a>**LocalPoliciesSecurityOptions/Accounts_BlockMicrosoftAccounts**
<!--SupportedSKUs-->
@ -245,11 +245,11 @@ The following list shows the supported values:
- 1 - enabled (users cannot add Microsoft accounts).
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-accounts-enableadministratoraccountstatus"></a>**LocalPoliciesSecurityOptions/Accounts_EnableAdministratorAccountStatus**
<!--SupportedSKUs-->
@ -303,11 +303,11 @@ Valid values:
- 1 - local Administrator account is enabled
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-accounts-enableguestaccountstatus"></a>**LocalPoliciesSecurityOptions/Accounts_EnableGuestAccountStatus**
<!--SupportedSKUs-->
@ -358,11 +358,11 @@ Valid values:
- 1 - local Guest account is enabled
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-accounts-limitlocalaccountuseofblankpasswordstoconsolelogononly"></a>**LocalPoliciesSecurityOptions/Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly**
<!--SupportedSKUs-->
@ -421,11 +421,11 @@ Valid values:
- 1 - enabled - local accounts that are not password protected will only be able to log on at the computer's keyboard
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-accounts-renameadministratoraccount"></a>**LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount**
<!--SupportedSKUs-->
@ -470,11 +470,11 @@ Default: Administrator.
Value type is string. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-accounts-renameguestaccount"></a>**LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount**
<!--SupportedSKUs-->
@ -519,11 +519,11 @@ Default: Guest.
Value type is string. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-devices-allowundockwithouthavingtologon"></a>**LocalPoliciesSecurityOptions/Devices_AllowUndockWithoutHavingToLogon**
<!--SupportedSKUs-->
@ -569,11 +569,11 @@ Caution:
Disabling this policy may tempt users to try and physically remove the laptop from its docking station using methods other than the external hardware eject button. Since this may cause damage to the hardware, this setting, in general, should only be disabled on laptop configurations that are physically securable.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-devices-allowedtoformatandejectremovablemedia"></a>**LocalPoliciesSecurityOptions/Devices_AllowedToFormatAndEjectRemovableMedia**
<!--SupportedSKUs-->
@ -619,11 +619,11 @@ This security setting determines who is allowed to format and eject removable NT
Default: This policy is not defined and only Administrators have this ability.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-devices-preventusersfrominstallingprinterdriverswhenconnectingtosharedprinters"></a>**LocalPoliciesSecurityOptions/Devices_PreventUsersFromInstallingPrinterDriversWhenConnectingToSharedPrinters**
<!--SupportedSKUs-->
@ -671,11 +671,11 @@ Note
This setting does not affect the ability to add a local printer. This setting does not affect Administrators.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-devices-restrictcdromaccesstolocallyloggedonuseronly"></a>**LocalPoliciesSecurityOptions/Devices_RestrictCDROMAccessToLocallyLoggedOnUserOnly**
<!--SupportedSKUs-->
@ -720,11 +720,11 @@ If this policy is enabled, it allows only the interactively logged-on user to ac
Default: This policy is not defined and CD-ROM access is not restricted to the locally logged-on user.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-domainmember-digitallyencryptorsignsecurechanneldataalways"></a>**LocalPoliciesSecurityOptions/DomainMember_DigitallyEncryptOrSignSecureChannelDataAlways**
<!--SupportedSKUs-->
@ -780,11 +780,11 @@ If this policy is enabled, the policy Domain member: Digitally sign secure chann
Logon information transmitted over the secure channel is always encrypted regardless of whether encryption of ALL other secure channel traffic is negotiated or not.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-domainmember-digitallyencryptsecurechanneldatawhenpossible"></a>**LocalPoliciesSecurityOptions/DomainMember_DigitallyEncryptSecureChannelDataWhenPossible**
<!--SupportedSKUs-->
@ -837,11 +837,11 @@ There is no known reason for disabling this setting. Besides unnecessarily reduc
Note: Domain controllers are also domain members and establish secure channels with other domain controllers in the same domain as well as domain controllers in trusted domains.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-domainmember-digitallysignsecurechanneldatawhenpossible"></a>**LocalPoliciesSecurityOptions/DomainMember_DigitallySignSecureChannelDataWhenPossible**
<!--SupportedSKUs-->
@ -888,11 +888,11 @@ This setting determines whether or not the domain member attempts to negotiate s
Default: Enabled.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-domainmember-disablemachineaccountpasswordchanges"></a>**LocalPoliciesSecurityOptions/DomainMember_DisableMachineAccountPasswordChanges**
<!--SupportedSKUs-->
@ -940,11 +940,11 @@ This security setting should not be enabled. Computer account passwords are used
This setting should not be used in an attempt to support dual-boot scenarios that use the same computer account. If you want to dual-boot two installations that are joined to the same domain, give the two installations different computer names.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-domainmember-maximummachineaccountpasswordage"></a>**LocalPoliciesSecurityOptions/DomainMember_MaximumMachineAccountPasswordAge**
<!--SupportedSKUs-->
@ -991,11 +991,11 @@ Important
This setting applies to Windows 2000 computers, but it is not available through the Security Configuration Manager tools on these computers.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-domainmember-requirestrongsessionkey"></a>**LocalPoliciesSecurityOptions/DomainMember_RequireStrongSessionKey**
<!--SupportedSKUs-->
@ -1053,11 +1053,11 @@ In order to take advantage of this policy on member workstations and servers, al
In order to take advantage of this policy on domain controllers, all domain controllers in the same domain as well as all trusted domains must run Windows 2000 or later.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-interactivelogon-displayuserinformationwhenthesessionislocked"></a>**LocalPoliciesSecurityOptions/InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked**
<!--SupportedSKUs-->
@ -1106,11 +1106,11 @@ Valid values:
- 3 - Do not display user information
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-interactivelogon-donotdisplaylastsignedin"></a>**LocalPoliciesSecurityOptions/InteractiveLogon_DoNotDisplayLastSignedIn**
<!--SupportedSKUs-->
@ -1164,11 +1164,11 @@ Valid values:
- 1 - enabled (username will not be shown)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-interactivelogon-donotdisplayusernameatsignin"></a>**LocalPoliciesSecurityOptions/InteractiveLogon_DoNotDisplayUsernameAtSignIn**
<!--SupportedSKUs-->
@ -1223,11 +1223,11 @@ Valid values:
- 1 - enabled (username will not be shown)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-interactivelogon-donotrequirectrlaltdel"></a>**LocalPoliciesSecurityOptions/InteractiveLogon_DoNotRequireCTRLALTDEL**
<!--SupportedSKUs-->
@ -1283,11 +1283,11 @@ Valid values:
- 1 - enabled (a user is not required to press CTRL+ALT+DEL to log on)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-interactivelogon-machineinactivitylimit"></a>**LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit**
<!--SupportedSKUs-->
@ -1338,11 +1338,11 @@ Valid values:
- 1 - enabled (session will lock after amount of inactive time exceeds the inactivity limit)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-interactivelogon-messagetextforusersattemptingtologon"></a>**LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn**
<!--SupportedSKUs-->
@ -1389,11 +1389,11 @@ Default: No message.
Value type is string. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-interactivelogon-messagetitleforusersattemptingtologon"></a>**LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn**
<!--SupportedSKUs-->
@ -1438,11 +1438,11 @@ Default: No message.
Value type is string. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-interactivelogon-smartcardremovalbehavior"></a>**LocalPoliciesSecurityOptions/InteractiveLogon_SmartCardRemovalBehavior**
<!--SupportedSKUs-->
@ -1502,11 +1502,11 @@ Default: This policy is not defined, which means that the system treats it as No
On Windows Vista and above: For this setting to work, the Smart Card Removal Policy service must be started.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsalways"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsAlways**
<!--SupportedSKUs-->
@ -1567,11 +1567,11 @@ SMB packet signing can significantly degrade SMB performance, depending on diale
For more information, reference: https://go.microsoft.com/fwlink/?LinkID=787136.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-microsoftnetworkclient-digitallysigncommunicationsifserveragrees"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees**
<!--SupportedSKUs-->
@ -1629,11 +1629,11 @@ SMB packet signing can significantly degrade SMB performance, depending on diale
For more information, reference: https://go.microsoft.com/fwlink/?LinkID=787136.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-microsoftnetworkclient-sendunencryptedpasswordtothirdpartysmbservers"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers**
<!--SupportedSKUs-->
@ -1678,11 +1678,11 @@ Sending unencrypted passwords is a security risk.
Default: Disabled.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-microsoftnetworkserver-amountofidletimerequiredbeforesuspendingsession"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkServer_AmountOfIdleTimeRequiredBeforeSuspendingSession**
<!--SupportedSKUs-->
@ -1729,11 +1729,11 @@ For this policy setting, a value of 0 means to disconnect an idle session as qui
Default:This policy is not defined, which means that the system treats it as 15 minutes for servers and undefined for workstations.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-microsoftnetworkserver-digitallysigncommunicationsalways"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsAlways**
<!--SupportedSKUs-->
@ -1803,11 +1803,11 @@ HKLM\System\CurrentControlSet\Services\lanmanserver\parameters\enableW9xsecurity
For more information, reference: https://go.microsoft.com/fwlink/?LinkID=787136.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-microsoftnetworkserver-digitallysigncommunicationsifclientagrees"></a>**LocalPoliciesSecurityOptions/MicrosoftNetworkServer_DigitallySignCommunicationsIfClientAgrees**
<!--SupportedSKUs-->
@ -1869,11 +1869,11 @@ SMB packet signing can significantly degrade SMB performance, depending on diale
For more information, reference: https://go.microsoft.com/fwlink/?LinkID=787136.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networkaccess-donotallowanonymousenumerationofsamaccounts"></a>**LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts**
<!--SupportedSKUs-->
@ -1928,11 +1928,11 @@ Important
This policy has no impact on domain controllers.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networkaccess-donotallowanonymousenumerationofsamaccountsandshares"></a>**LocalPoliciesSecurityOptions/NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares**
<!--SupportedSKUs-->
@ -1977,11 +1977,11 @@ Windows allows anonymous users to perform certain activities, such as enumeratin
Default: Disabled.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networkaccess-leteveryonepermissionsapplytoanonymoususers"></a>**LocalPoliciesSecurityOptions/NetworkAccess_LetEveryonePermissionsApplyToAnonymousUsers**
<!--SupportedSKUs-->
@ -2028,11 +2028,11 @@ If this policy is enabled, the Everyone SID is added to the token that is create
Default: Disabled.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networkaccess-restrictanonymousaccesstonamedpipesandshares"></a>**LocalPoliciesSecurityOptions/NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares**
<!--SupportedSKUs-->
@ -2077,11 +2077,11 @@ Network access: Shares that can be accessed anonymously
Default: Enabled.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networkaccess-restrictclientsallowedtomakeremotecallstosam"></a>**LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM**
<!--SupportedSKUs-->
@ -2126,11 +2126,11 @@ If not selected, the default security descriptor will be used.
This policy is supported on at least Windows Server 2016.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networksecurity-allowlocalsystemtousecomputeridentityforntlm"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM**
<!--SupportedSKUs-->
@ -2183,11 +2183,11 @@ This policy is supported on at least Windows Vista or Windows Server 2008.
Note: Windows Vista or Windows Server 2008 do not expose this setting in Group Policy.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networksecurity-allowpku2uauthenticationrequests"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests**
<!--SupportedSKUs-->
@ -2237,11 +2237,11 @@ Valid values:
- 1 - enabled (allow PKU2U authentication requests to this computer to use online identities.)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networksecurity-donotstorelanmanagerhashvalueonnextpasswordchange"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange**
<!--SupportedSKUs-->
@ -2291,11 +2291,11 @@ Windows 2000 Service Pack 2 (SP2) and above offer compatibility with authenticat
This setting can affect the ability of computers running Windows 2000 Server, Windows 2000 Professional, Windows XP, and the Windows Server 2003 family to communicate with computers running Windows 95 and Windows 98.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networksecurity-lanmanagerauthenticationlevel"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_LANManagerAuthenticationLevel**
<!--SupportedSKUs-->
@ -2360,11 +2360,11 @@ Windows Server 2003: Send NTLM response only
Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2: Send NTLMv2 response only
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedclients"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients**
<!--SupportedSKUs-->
@ -2414,11 +2414,11 @@ Windows XP, Windows Vista, Windows 2000 Server, Windows Server 2003, and Windows
Windows 7 and Windows Server 2008 R2: Require 128-bit encryption
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-networksecurity-minimumsessionsecurityforntlmsspbasedservers"></a>**LocalPoliciesSecurityOptions/NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers**
<!--SupportedSKUs-->
@ -2468,11 +2468,11 @@ Windows XP, Windows Vista, Windows 2000 Server, Windows Server 2003, and Windows
Windows 7 and Windows Server 2008 R2: Require 128-bit encryption
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-recoveryconsole-allowautomaticadministrativelogon"></a>**LocalPoliciesSecurityOptions/RecoveryConsole_AllowAutomaticAdministrativeLogon**
<!--SupportedSKUs-->
@ -2514,11 +2514,11 @@ Valid values:
- 1 - enabled (allow automatic administrative logon)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-shutdown-allowsystemtobeshutdownwithouthavingtologon"></a>**LocalPoliciesSecurityOptions/Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn**
<!--SupportedSKUs-->
@ -2574,11 +2574,11 @@ Valid values:
- 1 - enabled (allow system to be shut down without having to log on)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-shutdown-clearvirtualmemorypagefile"></a>**LocalPoliciesSecurityOptions/Shutdown_ClearVirtualMemoryPageFile**
<!--SupportedSKUs-->
@ -2625,11 +2625,11 @@ When this policy is enabled, it causes the system pagefile to be cleared upon cl
Default: Disabled.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-systemobjects-requirecaseinsensitivityfornonwindowssubsystems"></a>**LocalPoliciesSecurityOptions/SystemObjects_RequireCaseInsensitivityForNonWindowsSubsystems**
<!--SupportedSKUs-->
@ -2674,11 +2674,11 @@ If this setting is enabled, case insensitivity is enforced for all directory obj
Default: Enabled.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-allowuiaccessapplicationstopromptforelevation"></a>**LocalPoliciesSecurityOptions/UserAccountControl_AllowUIAccessApplicationsToPromptForElevation**
<!--SupportedSKUs-->
@ -2733,11 +2733,11 @@ Valid values:
- 1 - enabled (allow UIAccess applications to prompt for elevation without using the secure desktop)
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-behavioroftheelevationpromptforadministrators"></a>**LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForAdministrators**
<!--SupportedSKUs-->
@ -2794,11 +2794,11 @@ The options are:
Value type is integer. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-behavioroftheelevationpromptforstandardusers"></a>**LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers**
<!--SupportedSKUs-->
@ -2848,11 +2848,11 @@ The following list shows the supported values:
- 3 (Default) - Prompt for credentials: When an operation requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-detectapplicationinstallationsandpromptforelevation"></a>**LocalPoliciesSecurityOptions/UserAccountControl_DetectApplicationInstallationsAndPromptForElevation**
<!--SupportedSKUs-->
@ -2899,11 +2899,11 @@ Enabled: (Default) When an application installation package is detected that req
Disabled: Application installation packages are not detected and prompted for elevation. Enterprises that are running standard user desktops and use delegated installation technologies such as Group Policy Software Installation or Systems Management Server (SMS) should disable this policy setting. In this case, installer detection is unnecessary.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-onlyelevateexecutablefilesthataresignedandvalidated"></a>**LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated**
<!--SupportedSKUs-->
@ -2950,11 +2950,11 @@ The options are:
Value type is integer. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-onlyelevateuiaccessapplicationsthatareinstalledinsecurelocations"></a>**LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations**
<!--SupportedSKUs-->
@ -3007,11 +3007,11 @@ The options are:
Value type is integer. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-runalladministratorsinadminapprovalmode"></a>**LocalPoliciesSecurityOptions/UserAccountControl_RunAllAdministratorsInAdminApprovalMode**
<!--SupportedSKUs-->
@ -3059,11 +3059,11 @@ The options are:
Value type is integer. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-switchtothesecuredesktopwhenpromptingforelevation"></a>**LocalPoliciesSecurityOptions/UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation**
<!--SupportedSKUs-->
@ -3110,11 +3110,11 @@ The options are:
Value type is integer. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-useadminapprovalmode"></a>**LocalPoliciesSecurityOptions/UserAccountControl_UseAdminApprovalMode**
<!--SupportedSKUs-->
@ -3161,11 +3161,11 @@ The options are:
• Disabled: (Default) The built-in Administrator account runs all applications with full administrative privilege.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="localpoliciessecurityoptions-useraccountcontrol-virtualizefileandregistrywritefailurestoperuserlocations"></a>**LocalPoliciesSecurityOptions/UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations**
<!--SupportedSKUs-->
@ -3215,7 +3215,7 @@ The following list shows the supported values:
- 1 - Enabled: (Default) Application write failures are redirected at run time to defined user locations for both the file system and registry.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -3224,5 +3224,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

10
windows/client-management/mdm/policy-csp-location.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Location
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Location policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="location-enablelocation"></a>**Location/EnableLocation**
<!--SupportedSKUs-->
@ -83,7 +83,7 @@ To validate on Desktop, do the following:
2. Use Windows Maps Application (or similar) to see if a location can or cannot be obtained.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -92,5 +92,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

10
windows/client-management/mdm/policy-csp-lockdown.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - LockDown
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## LockDown policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="lockdown-allowedgeswipe"></a>**LockDown/AllowEdgeSwipe**
<!--SupportedSKUs-->
@ -75,7 +75,7 @@ The following list shows the supported values:
- 1 (default, not configured) - allow edge swipe.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -84,5 +84,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

14
windows/client-management/mdm/policy-csp-maps.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Maps
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Maps policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="maps-allowofflinemapsdownloadovermeteredconnection"></a>**Maps/AllowOfflineMapsDownloadOverMeteredConnection**
<!--SupportedSKUs-->
@ -79,11 +79,11 @@ The following list shows the supported values:
- 65535 (default) Not configured. User's choice.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="maps-enableofflinemapsautoupdate"></a>**Maps/EnableOfflineMapsAutoUpdate**
<!--SupportedSKUs-->
@ -132,7 +132,7 @@ The following list shows the supported values:
- 65535 (default) Not configured. User's choice.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -141,5 +141,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

18
windows/client-management/mdm/policy-csp-messaging.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Messaging
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Messaging policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="messaging-allowmms"></a>**Messaging/AllowMMS**
<!--SupportedSKUs-->
@ -82,11 +82,11 @@ The following list shows the supported values:
- 1 (default) - Enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="messaging-allowmessagesync"></a>**Messaging/AllowMessageSync**
<!--SupportedSKUs-->
@ -132,11 +132,11 @@ The following list shows the supported values:
- 1 - message sync is allowed. The user can change this setting.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="messaging-allowrcs"></a>**Messaging/AllowRCS**
<!--SupportedSKUs-->
@ -185,7 +185,7 @@ The following list shows the supported values:
- 1 (default) - Enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -194,5 +194,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

38
windows/client-management/mdm/policy-csp-networkisolation.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - NetworkIsolation
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## NetworkIsolation policies
<dl>
@ -48,7 +48,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="networkisolation-enterprisecloudresources"></a>**NetworkIsolation/EnterpriseCloudResources**
<!--SupportedSKUs-->
@ -87,11 +87,11 @@ ms.date: 01/29/2018
Contains a list of Enterprise resource domains hosted in the cloud that need to be protected. Connections to these resources are considered enterprise data. If a proxy is paired with a cloud resource, traffic to the cloud resource will be routed through the enterprise network via the denoted proxy server (on Port 80). A proxy server used for this purpose must also be configured using the **EnterpriseInternalProxyServers** policy. This domain list is a pipe-separated list of cloud resources. Each cloud resource can also be paired optionally with an internal proxy server by using a trailing comma followed by the proxy address. For example, **&lt;*cloudresource*&gt;|&lt;*cloudresource*&gt;|&lt;*cloudresource*&gt;,&lt;*proxy*&gt;|&lt;*cloudresource*&gt;|&lt;*cloudresource*&gt;,&lt;*proxy*&gt;|**.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="networkisolation-enterpriseiprange"></a>**NetworkIsolation/EnterpriseIPRange**
<!--SupportedSKUs-->
@ -143,11 +143,11 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
```
<!--/Example-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="networkisolation-enterpriseiprangesareauthoritative"></a>**NetworkIsolation/EnterpriseIPRangesAreAuthoritative**
<!--SupportedSKUs-->
@ -186,11 +186,11 @@ fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
Boolean value that tells the client to accept the configured list and not to use heuristics to attempt to find other subnets.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="networkisolation-enterpriseinternalproxyservers"></a>**NetworkIsolation/EnterpriseInternalProxyServers**
<!--SupportedSKUs-->
@ -229,11 +229,11 @@ Boolean value that tells the client to accept the configured list and not to use
This is the comma-separated list of internal proxy servers. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59". These proxies have been configured by the admin to connect to specific resources on the Internet. They are considered to be enterprise network locations. The proxies are only leveraged in configuring the **EnterpriseCloudResources** policy to force traffic to the matched cloud resources through these proxies.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="networkisolation-enterprisenetworkdomainnames"></a>**NetworkIsolation/EnterpriseNetworkDomainNames**
<!--SupportedSKUs-->
@ -282,11 +282,11 @@ Here are the steps to create canonical domain names:
3. Call [IdnToUnicode](https://msdn.microsoft.com/library/windows/desktop/dd318151.aspx) with no flags set (dwFlags = 0).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="networkisolation-enterpriseproxyservers"></a>**NetworkIsolation/EnterpriseProxyServers**
<!--SupportedSKUs-->
@ -325,11 +325,11 @@ Here are the steps to create canonical domain names:
This is a comma-separated list of proxy servers. Any server on this list is considered non-enterprise. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59".
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="networkisolation-enterpriseproxyserversareauthoritative"></a>**NetworkIsolation/EnterpriseProxyServersAreAuthoritative**
<!--SupportedSKUs-->
@ -368,11 +368,11 @@ This is a comma-separated list of proxy servers. Any server on this list is cons
Boolean value that tells the client to accept the configured list of proxies and not try to detect other work proxies.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="networkisolation-neutralresources"></a>**NetworkIsolation/NeutralResources**
<!--SupportedSKUs-->
@ -411,7 +411,7 @@ Boolean value that tells the client to accept the configured list of proxies and
List of domain names that can used for work or personal resource.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -420,5 +420,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

10
windows/client-management/mdm/policy-csp-notifications.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Notifications
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Notifications policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="notifications-disallownotificationmirroring"></a>**Notifications/DisallowNotificationMirroring**
<!--SupportedSKUs-->
@ -77,7 +77,7 @@ The following list shows the supported values:
- 1 - disable notification mirroring.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -86,5 +86,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

42
windows/client-management/mdm/policy-csp-power.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Power
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Power policies
<dl>
@ -51,7 +51,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="power-allowstandbywhensleepingpluggedin"></a>**Power/AllowStandbyWhenSleepingPluggedIn**
<!--SupportedSKUs-->
@ -109,11 +109,11 @@ ADMX Info:
- GP ADMX file name: *power.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="power-displayofftimeoutonbattery"></a>**Power/DisplayOffTimeoutOnBattery**
<!--SupportedSKUs-->
@ -173,11 +173,11 @@ ADMX Info:
- GP ADMX file name: *power.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="power-displayofftimeoutpluggedin"></a>**Power/DisplayOffTimeoutPluggedIn**
<!--SupportedSKUs-->
@ -237,11 +237,11 @@ ADMX Info:
- GP ADMX file name: *power.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="power-hibernatetimeoutonbattery"></a>**Power/HibernateTimeoutOnBattery**
<!--SupportedSKUs-->
@ -302,11 +302,11 @@ ADMX Info:
- GP ADMX file name: *power.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="power-hibernatetimeoutpluggedin"></a>**Power/HibernateTimeoutPluggedIn**
<!--SupportedSKUs-->
@ -366,11 +366,11 @@ ADMX Info:
- GP ADMX file name: *power.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="power-requirepasswordwhencomputerwakesonbattery"></a>**Power/RequirePasswordWhenComputerWakesOnBattery**
<!--SupportedSKUs-->
@ -428,11 +428,11 @@ ADMX Info:
- GP ADMX file name: *power.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="power-requirepasswordwhencomputerwakespluggedin"></a>**Power/RequirePasswordWhenComputerWakesPluggedIn**
<!--SupportedSKUs-->
@ -490,11 +490,11 @@ ADMX Info:
- GP ADMX file name: *power.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="power-standbytimeoutonbattery"></a>**Power/StandbyTimeoutOnBattery**
<!--SupportedSKUs-->
@ -554,11 +554,11 @@ ADMX Info:
- GP ADMX file name: *power.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="power-standbytimeoutpluggedin"></a>**Power/StandbyTimeoutPluggedIn**
<!--SupportedSKUs-->
@ -618,7 +618,7 @@ ADMX Info:
- GP ADMX file name: *power.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -627,5 +627,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

18
windows/client-management/mdm/policy-csp-printers.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Printers
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Printers policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="printers-pointandprintrestrictions"></a>**Printers/PointAndPrintRestrictions**
<!--SupportedSKUs-->
@ -104,11 +104,11 @@ ADMX Info:
- GP ADMX file name: *Printing.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="printers-pointandprintrestrictions-user"></a>**Printers/PointAndPrintRestrictions_User**
<!--SupportedSKUs-->
@ -179,11 +179,11 @@ ADMX Info:
- GP ADMX file name: *Printing.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="printers-publishprinters"></a>**Printers/PublishPrinters**
<!--SupportedSKUs-->
@ -243,7 +243,7 @@ ADMX Info:
- GP ADMX file name: *Printing2.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -252,5 +252,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

314
windows/client-management/mdm/policy-csp-privacy.md
View File

File diff suppressed because it is too large Load Diff

22
windows/client-management/mdm/policy-csp-remoteassistance.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - RemoteAssistance
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## RemoteAssistance policies
<dl>
@ -36,7 +36,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteassistance-customizewarningmessages"></a>**RemoteAssistance/CustomizeWarningMessages**
<!--SupportedSKUs-->
@ -100,11 +100,11 @@ ADMX Info:
- GP ADMX file name: *remoteassistance.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteassistance-sessionlogging"></a>**RemoteAssistance/SessionLogging**
<!--SupportedSKUs-->
@ -164,11 +164,11 @@ ADMX Info:
- GP ADMX file name: *remoteassistance.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteassistance-solicitedremoteassistance"></a>**RemoteAssistance/SolicitedRemoteAssistance**
<!--SupportedSKUs-->
@ -236,11 +236,11 @@ ADMX Info:
- GP ADMX file name: *remoteassistance.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteassistance-unsolicitedremoteassistance"></a>**RemoteAssistance/UnsolicitedRemoteAssistance**
<!--SupportedSKUs-->
@ -331,7 +331,7 @@ ADMX Info:
- GP ADMX file name: *remoteassistance.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -340,5 +340,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

30
windows/client-management/mdm/policy-csp-remotedesktopservices.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - RemoteDesktopServices
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## RemoteDesktopServices policies
<dl>
@ -42,7 +42,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotedesktopservices-allowuserstoconnectremotely"></a>**RemoteDesktopServices/AllowUsersToConnectRemotely**
<!--SupportedSKUs-->
@ -106,11 +106,11 @@ ADMX Info:
- GP ADMX file name: *terminalserver.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotedesktopservices-clientconnectionencryptionlevel"></a>**RemoteDesktopServices/ClientConnectionEncryptionLevel**
<!--SupportedSKUs-->
@ -178,11 +178,11 @@ ADMX Info:
- GP ADMX file name: *terminalserver.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotedesktopservices-donotallowdriveredirection"></a>**RemoteDesktopServices/DoNotAllowDriveRedirection**
<!--SupportedSKUs-->
@ -244,11 +244,11 @@ ADMX Info:
- GP ADMX file name: *terminalserver.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotedesktopservices-donotallowpasswordsaving"></a>**RemoteDesktopServices/DoNotAllowPasswordSaving**
<!--SupportedSKUs-->
@ -306,11 +306,11 @@ ADMX Info:
- GP ADMX file name: *terminalserver.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotedesktopservices-promptforpassworduponconnection"></a>**RemoteDesktopServices/PromptForPasswordUponConnection**
<!--SupportedSKUs-->
@ -374,11 +374,11 @@ ADMX Info:
- GP ADMX file name: *terminalserver.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotedesktopservices-requiresecurerpccommunication"></a>**RemoteDesktopServices/RequireSecureRPCCommunication**
<!--SupportedSKUs-->
@ -442,7 +442,7 @@ ADMX Info:
- GP ADMX file name: *terminalserver.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -451,5 +451,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

66
windows/client-management/mdm/policy-csp-remotemanagement.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - RemoteManagement
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## RemoteManagement policies
<dl>
@ -69,7 +69,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-allowbasicauthentication-client"></a>**RemoteManagement/AllowBasicAuthentication_Client**
<!--SupportedSKUs-->
@ -122,11 +122,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-allowbasicauthentication-service"></a>**RemoteManagement/AllowBasicAuthentication_Service**
<!--SupportedSKUs-->
@ -179,11 +179,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-allowcredsspauthenticationclient"></a>**RemoteManagement/AllowCredSSPAuthenticationClient**
<!--SupportedSKUs-->
@ -236,11 +236,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-allowcredsspauthenticationservice"></a>**RemoteManagement/AllowCredSSPAuthenticationService**
<!--SupportedSKUs-->
@ -293,11 +293,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-allowremoteservermanagement"></a>**RemoteManagement/AllowRemoteServerManagement**
<!--SupportedSKUs-->
@ -350,11 +350,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-allowunencryptedtraffic-client"></a>**RemoteManagement/AllowUnencryptedTraffic_Client**
<!--SupportedSKUs-->
@ -407,11 +407,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-allowunencryptedtraffic-service"></a>**RemoteManagement/AllowUnencryptedTraffic_Service**
<!--SupportedSKUs-->
@ -464,11 +464,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-disallowdigestauthentication"></a>**RemoteManagement/DisallowDigestAuthentication**
<!--SupportedSKUs-->
@ -521,11 +521,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-disallownegotiateauthenticationclient"></a>**RemoteManagement/DisallowNegotiateAuthenticationClient**
<!--SupportedSKUs-->
@ -578,11 +578,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-disallownegotiateauthenticationservice"></a>**RemoteManagement/DisallowNegotiateAuthenticationService**
<!--SupportedSKUs-->
@ -635,11 +635,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-disallowstoringofrunascredentials"></a>**RemoteManagement/DisallowStoringOfRunAsCredentials**
<!--SupportedSKUs-->
@ -692,11 +692,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-specifychannelbindingtokenhardeninglevel"></a>**RemoteManagement/SpecifyChannelBindingTokenHardeningLevel**
<!--SupportedSKUs-->
@ -749,11 +749,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-trustedhosts"></a>**RemoteManagement/TrustedHosts**
<!--SupportedSKUs-->
@ -806,11 +806,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-turnoncompatibilityhttplistener"></a>**RemoteManagement/TurnOnCompatibilityHTTPListener**
<!--SupportedSKUs-->
@ -863,11 +863,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remotemanagement-turnoncompatibilityhttpslistener"></a>**RemoteManagement/TurnOnCompatibilityHTTPSListener**
<!--SupportedSKUs-->
@ -920,7 +920,7 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteManagement.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -929,5 +929,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

14
windows/client-management/mdm/policy-csp-remoteprocedurecall.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - RemoteProcedureCall
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## RemoteProcedureCall policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteprocedurecall-rpcendpointmapperclientauthentication"></a>**RemoteProcedureCall/RPCEndpointMapperClientAuthentication**
<!--SupportedSKUs-->
@ -92,11 +92,11 @@ ADMX Info:
- GP ADMX file name: *rpc.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteprocedurecall-restrictunauthenticatedrpcclients"></a>**RemoteProcedureCall/RestrictUnauthenticatedRPCClients**
<!--SupportedSKUs-->
@ -166,7 +166,7 @@ ADMX Info:
- GP ADMX file name: *rpc.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -175,5 +175,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

34
windows/client-management/mdm/policy-csp-remoteshell.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - RemoteShell
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## RemoteShell policies
<dl>
@ -45,7 +45,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteshell-allowremoteshellaccess"></a>**RemoteShell/AllowRemoteShellAccess**
<!--SupportedSKUs-->
@ -98,11 +98,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteShell.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteshell-maxconcurrentusers"></a>**RemoteShell/MaxConcurrentUsers**
<!--SupportedSKUs-->
@ -155,11 +155,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteShell.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteshell-specifyidletimeout"></a>**RemoteShell/SpecifyIdleTimeout**
<!--SupportedSKUs-->
@ -212,11 +212,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteShell.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteshell-specifymaxmemory"></a>**RemoteShell/SpecifyMaxMemory**
<!--SupportedSKUs-->
@ -269,11 +269,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteShell.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteshell-specifymaxprocesses"></a>**RemoteShell/SpecifyMaxProcesses**
<!--SupportedSKUs-->
@ -326,11 +326,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteShell.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteshell-specifymaxremoteshells"></a>**RemoteShell/SpecifyMaxRemoteShells**
<!--SupportedSKUs-->
@ -383,11 +383,11 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteShell.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="remoteshell-specifyshelltimeout"></a>**RemoteShell/SpecifyShellTimeout**
<!--SupportedSKUs-->
@ -440,7 +440,7 @@ ADMX Info:
- GP ADMX file name: *WindowsRemoteShell.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -449,5 +449,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

62
windows/client-management/mdm/policy-csp-search.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Search
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Search policies
<dl>
@ -68,7 +68,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-allowcloudsearch"></a>**Search/AllowCloudSearch**
<!--SupportedSKUs-->
@ -114,11 +114,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-allowcortanainaad"></a>**Search/AllowCortanaInAAD**
<!--SupportedSKUs-->
@ -164,11 +164,11 @@ The following list shows the supported values:
- 1 - Allowed. The Cortana consent page will appear in Azure AAD OOBE during setup.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-allowindexingencryptedstoresoritems"></a>**Search/AllowIndexingEncryptedStoresOrItems**
<!--SupportedSKUs-->
@ -220,11 +220,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-allowsearchtouselocation"></a>**Search/AllowSearchToUseLocation**
<!--SupportedSKUs-->
@ -272,11 +272,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-allowstoringimagesfromvisionsearch"></a>**Search/AllowStoringImagesFromVisionSearch**
<!--Scope-->
@ -292,11 +292,11 @@ The following list shows the supported values:
This policy has been deprecated.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-allowusingdiacritics"></a>**Search/AllowUsingDiacritics**
<!--SupportedSKUs-->
@ -345,11 +345,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-allowwindowsindexer"></a>**Search/AllowWindowsIndexer**
<!--SupportedSKUs-->
@ -388,11 +388,11 @@ The following list shows the supported values:
Allow Windows indexer. Value type is integer.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-alwaysuseautolangdetection"></a>**Search/AlwaysUseAutoLangDetection**
<!--SupportedSKUs-->
@ -441,11 +441,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-disablebackoff"></a>**Search/DisableBackoff**
<!--SupportedSKUs-->
@ -491,11 +491,11 @@ The following list shows the supported values:
- 1 Enable.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-disableremovabledriveindexing"></a>**Search/DisableRemovableDriveIndexing**
<!--SupportedSKUs-->
@ -545,11 +545,11 @@ The following list shows the supported values:
- 1 Enable.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-donotusewebresults"></a>**Search/DoNotUseWebResults**
<!--SupportedSKUs-->
@ -600,11 +600,11 @@ The following list shows the supported values:
- 1 (default) - Allowed. Queries will be performed on the web and web results will be displayed when a user performs a query in Search.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-preventindexinglowdiskspacemb"></a>**Search/PreventIndexingLowDiskSpaceMB**
<!--SupportedSKUs-->
@ -654,11 +654,11 @@ The following list shows the supported values:
- 1 (default) Enable.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-preventremotequeries"></a>**Search/PreventRemoteQueries**
<!--SupportedSKUs-->
@ -704,11 +704,11 @@ The following list shows the supported values:
- 1 (default) Enable.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="search-safesearchpermissions"></a>**Search/SafeSearchPermissions**
<!--SupportedSKUs-->
@ -761,7 +761,7 @@ The following list shows the supported values:
- 1 (default) Moderate filtering against adult content (valid search results will not be filtered).
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -770,7 +770,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartEAS-->
## <a href="" id="eas"></a>Search policies that can be set using Exchange Active Sync (EAS)

50
windows/client-management/mdm/policy-csp-security.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Security
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Security policies
<dl>
@ -59,7 +59,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-allowaddprovisioningpackage"></a>**Security/AllowAddProvisioningPackage**
<!--SupportedSKUs-->
@ -105,11 +105,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-allowautomaticdeviceencryptionforazureadjoineddevices"></a>**Security/AllowAutomaticDeviceEncryptionForAzureADJoinedDevices**
<!--SupportedSKUs-->
@ -155,11 +155,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-allowmanualrootcertificateinstallation"></a>**Security/AllowManualRootCertificateInstallation**
<!--SupportedSKUs-->
@ -211,11 +211,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-allowremoveprovisioningpackage"></a>**Security/AllowRemoveProvisioningPackage**
<!--SupportedSKUs-->
@ -261,11 +261,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-antitheftmode"></a>**Security/AntiTheftMode**
<!--SupportedSKUs-->
@ -315,11 +315,11 @@ The following list shows the supported values:
- 1 (default) Anti Theft Mode will follow the default device configuration (region-dependent).
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-cleartpmifnotready"></a>**Security/ClearTPMIfNotReady**
<!--SupportedSKUs-->
@ -368,11 +368,11 @@ The following list shows the supported values:
- 1 Will prompt to clear the TPM if the TPM is in a non-ready state (or reduced functionality) which can be remediated with a TPM Clear.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-configurewindowspasswords"></a>**Security/ConfigureWindowsPasswords**
<!--SupportedSKUs-->
@ -422,11 +422,11 @@ The following list shows the supported values:
- 2- Default (Feature defaults as per SKU and device capabilities. Windows 10 S devices will exhibit "Disallow passwords" default, and all other devices will default to "Allow passwords")
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-preventautomaticdeviceencryptionforazureadjoineddevices"></a>**Security/PreventAutomaticDeviceEncryptionForAzureADJoinedDevices**
<!--SupportedSKUs-->
@ -478,11 +478,11 @@ The following list shows the supported values:
- 1 Encryption disabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-requiredeviceencryption"></a>**Security/RequireDeviceEncryption**
<!--SupportedSKUs-->
@ -534,11 +534,11 @@ The following list shows the supported values:
- 1 Encryption is required.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-requireprovisioningpackagesignature"></a>**Security/RequireProvisioningPackageSignature**
<!--SupportedSKUs-->
@ -584,11 +584,11 @@ The following list shows the supported values:
- 1 Required.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="security-requireretrievehealthcertificateonboot"></a>**Security/RequireRetrieveHealthCertificateOnBoot**
<!--SupportedSKUs-->
@ -646,7 +646,7 @@ The following list shows the supported values:
- 1 Required.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -655,7 +655,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartEAS-->
## <a href="" id="eas"></a>Security policies that can be set using Exchange Active Sync (EAS)

62
windows/client-management/mdm/policy-csp-settings.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Settings
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Settings policies
<dl>
@ -68,7 +68,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowautoplay"></a>**Settings/AllowAutoPlay**
<!--SupportedSKUs-->
@ -121,11 +121,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowdatasense"></a>**Settings/AllowDataSense**
<!--SupportedSKUs-->
@ -171,11 +171,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowdatetime"></a>**Settings/AllowDateTime**
<!--SupportedSKUs-->
@ -221,11 +221,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-alloweditdevicename"></a>**Settings/AllowEditDeviceName**
<!--SupportedSKUs-->
@ -271,11 +271,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowlanguage"></a>**Settings/AllowLanguage**
<!--SupportedSKUs-->
@ -325,11 +325,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowonlinetips"></a>**Settings/AllowOnlineTips**
<!--SupportedSKUs-->
@ -370,11 +370,11 @@ Enables or disables the retrieval of online tips and help for the Settings app.
If disabled, Settings will not contact Microsoft content services to retrieve tips and help content.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowpowersleep"></a>**Settings/AllowPowerSleep**
<!--SupportedSKUs-->
@ -424,11 +424,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowregion"></a>**Settings/AllowRegion**
<!--SupportedSKUs-->
@ -478,11 +478,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowsigninoptions"></a>**Settings/AllowSignInOptions**
<!--SupportedSKUs-->
@ -532,11 +532,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowvpn"></a>**Settings/AllowVPN**
<!--SupportedSKUs-->
@ -582,11 +582,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowworkplace"></a>**Settings/AllowWorkplace**
<!--SupportedSKUs-->
@ -636,11 +636,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-allowyouraccount"></a>**Settings/AllowYourAccount**
<!--SupportedSKUs-->
@ -686,11 +686,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-configuretaskbarcalendar"></a>**Settings/ConfigureTaskbarCalendar**
<!--SupportedSKUs-->
@ -738,11 +738,11 @@ The following list shows the supported values:
- 3 - Traditional Chinese (Lunar).
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="settings-pagevisibilitylist"></a>**Settings/PageVisibilityList**
<!--SupportedSKUs-->
@ -813,7 +813,7 @@ To validate on Desktop, do the following:
3. Open System Settings again and verify that the About page is no longer accessible.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -822,7 +822,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartHoloLens-->
## <a href="" id="hololenspolicies"></a>Settings policies supported by Windows Holographic for Business

18
windows/client-management/mdm/policy-csp-smartscreen.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - SmartScreen
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## SmartScreen policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="smartscreen-enableappinstallcontrol"></a>**SmartScreen/EnableAppInstallControl**
<!--SupportedSKUs-->
@ -79,11 +79,11 @@ The following list shows the supported values:
- 1 Turns on Application Installation Control, allowing users to only install apps from the Store.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="smartscreen-enablesmartscreeninshell"></a>**SmartScreen/EnableSmartScreenInShell**
<!--SupportedSKUs-->
@ -129,11 +129,11 @@ The following list shows the supported values:
- 1 Turns on SmartScreen in Windows.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="smartscreen-preventoverrideforfilesinshell"></a>**SmartScreen/PreventOverrideForFilesInShell**
<!--SupportedSKUs-->
@ -179,7 +179,7 @@ The following list shows the supported values:
- 1 Employees cannot ignore SmartScreen warnings and run malicious files.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -188,5 +188,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

10
windows/client-management/mdm/policy-csp-speech.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Speech
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Speech policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="speech-allowspeechmodelupdate"></a>**Speech/AllowSpeechModelUpdate**
<!--SupportedSKUs-->
@ -73,7 +73,7 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -82,5 +82,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

122
windows/client-management/mdm/policy-csp-start.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Start
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Start policies
<dl>
@ -111,7 +111,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfolderdocuments"></a>**Start/AllowPinnedFolderDocuments**
<!--SupportedSKUs-->
@ -158,11 +158,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfolderdownloads"></a>**Start/AllowPinnedFolderDownloads**
<!--SupportedSKUs-->
@ -209,11 +209,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfolderfileexplorer"></a>**Start/AllowPinnedFolderFileExplorer**
<!--SupportedSKUs-->
@ -260,11 +260,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfolderhomegroup"></a>**Start/AllowPinnedFolderHomeGroup**
<!--SupportedSKUs-->
@ -311,11 +311,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfoldermusic"></a>**Start/AllowPinnedFolderMusic**
<!--SupportedSKUs-->
@ -362,11 +362,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfoldernetwork"></a>**Start/AllowPinnedFolderNetwork**
<!--SupportedSKUs-->
@ -413,11 +413,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfolderpersonalfolder"></a>**Start/AllowPinnedFolderPersonalFolder**
<!--SupportedSKUs-->
@ -464,11 +464,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfolderpictures"></a>**Start/AllowPinnedFolderPictures**
<!--SupportedSKUs-->
@ -515,11 +515,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfoldersettings"></a>**Start/AllowPinnedFolderSettings**
<!--SupportedSKUs-->
@ -566,11 +566,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-allowpinnedfoldervideos"></a>**Start/AllowPinnedFolderVideos**
<!--SupportedSKUs-->
@ -617,11 +617,11 @@ The following list shows the supported values:
- 65535 (default) - There is no enforced configuration and the setting can be changed by the user.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-forcestartsize"></a>**Start/ForceStartSize**
<!--SupportedSKUs-->
@ -675,11 +675,11 @@ The following list shows the supported values:
- 2 - Force a fullscreen size of Start.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hideapplist"></a>**Start/HideAppList**
<!--SupportedSKUs-->
@ -741,11 +741,11 @@ The following list shows the supported values:
- 3 - Hide all apps list, remove all apps button, and Disable "Show app list in Start menu" in Settings app.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hidechangeaccountsettings"></a>**Start/HideChangeAccountSettings**
<!--SupportedSKUs-->
@ -798,11 +798,11 @@ To validate on Desktop, do the following:
2. Open Start, click on the user tile, and verify that "Change account settings" is not available.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hidefrequentlyusedapps"></a>**Start/HideFrequentlyUsedApps**
<!--SupportedSKUs-->
@ -862,11 +862,11 @@ To validate on Desktop, do the following:
6. Check that most used apps do not appear in Start.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hidehibernate"></a>**Start/HideHibernate**
<!--SupportedSKUs-->
@ -923,11 +923,11 @@ To validate on Laptop, do the following:
2. Open Start, click on the Power button, and verify "Hibernate" is not available.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hidelock"></a>**Start/HideLock**
<!--SupportedSKUs-->
@ -980,11 +980,11 @@ To validate on Desktop, do the following:
2. Open Start, click on the user tile, and verify "Lock" is not available.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hidepeoplebar"></a>**Start/HidePeopleBar**
<!--SupportedSKUs-->
@ -1025,11 +1025,11 @@ Added in Windows 10, version 1709. Enabling this policy removes the people icon
Value type is integer.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hidepowerbutton"></a>**Start/HidePowerButton**
<!--SupportedSKUs-->
@ -1085,11 +1085,11 @@ To validate on Desktop, do the following:
2. Open Start, and verify the power button is not available.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hiderecentjumplists"></a>**Start/HideRecentJumplists**
<!--SupportedSKUs-->
@ -1152,11 +1152,11 @@ To validate on Desktop, do the following:
9. Right Click pinned photos app and verify that there is no jumplist of recent items.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hiderecentlyaddedapps"></a>**Start/HideRecentlyAddedApps**
<!--SupportedSKUs-->
@ -1216,11 +1216,11 @@ To validate on Desktop, do the following:
6. Check that recently added apps do not appear in Start.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hiderestart"></a>**Start/HideRestart**
<!--SupportedSKUs-->
@ -1273,11 +1273,11 @@ To validate on Desktop, do the following:
2. Open Start, click on the Power button, and verify "Restart" and "Update and restart" are not available.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hideshutdown"></a>**Start/HideShutDown**
<!--SupportedSKUs-->
@ -1330,11 +1330,11 @@ To validate on Desktop, do the following:
2. Open Start, click on the Power button, and verify "Shut down" and "Update and shut down" are not available.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hidesignout"></a>**Start/HideSignOut**
<!--SupportedSKUs-->
@ -1387,11 +1387,11 @@ To validate on Desktop, do the following:
2. Open Start, click on the user tile, and verify "Sign out" is not available.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hidesleep"></a>**Start/HideSleep**
<!--SupportedSKUs-->
@ -1444,11 +1444,11 @@ To validate on Desktop, do the following:
2. Open Start, click on the Power button, and verify that "Sleep" is not available.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hideswitchaccount"></a>**Start/HideSwitchAccount**
<!--SupportedSKUs-->
@ -1501,11 +1501,11 @@ To validate on Desktop, do the following:
2. Open Start, click on the user tile, and verify that "Switch account" is not available.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-hideusertile"></a>**Start/HideUserTile**
<!--SupportedSKUs-->
@ -1562,11 +1562,11 @@ To validate on Desktop, do the following:
3. Log in, and verify that the user tile is gone from Start.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-importedgeassets"></a>**Start/ImportEdgeAssets**
<!--SupportedSKUs-->
@ -1622,11 +1622,11 @@ To validate on Desktop, do the following:
4. Verify that all Edge assets defined in XML show up in %LOCALAPPDATA%\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState path.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-nopinningtotaskbar"></a>**Start/NoPinningToTaskbar**
<!--SupportedSKUs-->
@ -1682,11 +1682,11 @@ To validate on Desktop, do the following:
5. Verify that More->Pin to taskbar menu does not show.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="start-startlayout"></a>**Start/StartLayout**
<!--SupportedSKUs-->
@ -1731,7 +1731,7 @@ Allows you to override the default Start layout and prevents the user from chang
For further details on how to customize the Start layout, please see [Customize and export Start layout](https://docs.microsoft.com/en-us/windows/configuration/customize-and-export-start-layout) and [Configure Windows 10 taskbar](https://docs.microsoft.com/en-us/windows/configuration/configure-windows-10-taskbar).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -1740,5 +1740,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

14
windows/client-management/mdm/policy-csp-storage.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Storage
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Storage policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="storage-allowdiskhealthmodelupdates"></a>**Storage/AllowDiskHealthModelUpdates**
<!--SupportedSKUs-->
@ -80,11 +80,11 @@ The following list shows the supported values:
- 1 (default) - Allow
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="storage-enhancedstoragedevices"></a>**Storage/EnhancedStorageDevices**
<!--SupportedSKUs-->
@ -142,7 +142,7 @@ ADMX Info:
- GP ADMX file name: *enhancedstorage.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -151,5 +151,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

66
windows/client-management/mdm/policy-csp-system.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - System
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## System policies
<dl>
@ -71,7 +71,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-allowbuildpreview"></a>**System/AllowBuildPreview**
<!--SupportedSKUs-->
@ -124,11 +124,11 @@ The following list shows the supported values:
- 2 (default) Not configured. Users can make their devices available for downloading and installing preview software.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-allowembeddedmode"></a>**System/AllowEmbeddedMode**
<!--SupportedSKUs-->
@ -176,11 +176,11 @@ The following list shows the supported values:
- 1 Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-allowexperimentation"></a>**System/AllowExperimentation**
<!--SupportedSKUs-->
@ -233,11 +233,11 @@ The following list shows the supported values:
- 2 Allows Microsoft to conduct full experimentations.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-allowfontproviders"></a>**System/AllowFontProviders**
<!--SupportedSKUs-->
@ -296,11 +296,11 @@ To verify if System/AllowFontProviders is set to true:
- After a client machine is rebooted, check whether there is any network traffic from client machine to fs.microsoft.com.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-allowlocation"></a>**System/AllowLocation**
<!--SupportedSKUs-->
@ -356,11 +356,11 @@ The following list shows the supported values:
- 2 Force Location On. All Location Privacy settings are toggled on and greyed out. Users cannot change the settings and all consent permissions will be automatically suppressed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-allowstoragecard"></a>**System/AllowStorageCard**
<!--SupportedSKUs-->
@ -408,11 +408,11 @@ The following list shows the supported values:
- 1 (default) Allow a storage card.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-allowtelemetry"></a>**System/AllowTelemetry**
<!--SupportedSKUs-->
@ -527,11 +527,11 @@ Windows 10 Values:
Most restricted value is 0.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-allowusertoresetphone"></a>**System/AllowUserToResetPhone**
<!--SupportedSKUs-->
@ -580,11 +580,11 @@ orted values:
- 1 (default) Allowed to reset to factory default settings.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-bootstartdriverinitialization"></a>**System/BootStartDriverInitialization**
<!--SupportedSKUs-->
@ -636,11 +636,11 @@ ADMX Info:
- GP ADMX file name: *earlylauncham.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-disableenterpriseauthproxy"></a>**System/DisableEnterpriseAuthProxy**
<!--SupportedSKUs-->
@ -679,11 +679,11 @@ ADMX Info:
This policy setting blocks the Connected User Experience and Telemetry service from automatically using an authenticated proxy to send data back to Microsoft on Windows 10. If you disable or do not configure this policy setting, the Connected User Experience and Telemetry service will automatically use an authenticated proxy to send data back to Microsoft. Enabling this policy will block the Connected User Experience and Telemetry service from automatically using an authenticated proxy.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-disableonedrivefilesync"></a>**System/DisableOneDriveFileSync**
<!--SupportedSKUs-->
@ -745,11 +745,11 @@ To validate on Desktop, do the following:
3. Verify that OneDrive.exe is not running in Task Manager.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-disablesystemrestore"></a>**System/DisableSystemRestore**
<!--SupportedSKUs-->
@ -813,11 +813,11 @@ ADMX Info:
- GP ADMX file name: *systemrestore.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-feedbackhubalwayssavediagnosticslocally"></a>**System/FeedbackHubAlwaysSaveDiagnosticsLocally**
<!--SupportedSKUs-->
@ -863,11 +863,11 @@ The following list shows the supported values:
- 1 - True. The Feedback Hub should always save a local copy of diagnostics that may be created when a feedback is submitted.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-limitenhanceddiagnosticdatawindowsanalytics"></a>**System/LimitEnhancedDiagnosticDataWindowsAnalytics**
<!--SupportedSKUs-->
@ -919,11 +919,11 @@ Enabling enhanced diagnostic data in the System/AllowTelemetry policy in combina
If you disable or do not configure this policy setting, then the level of diagnostic data sent to Microsoft is determined by the System/AllowTelemetry policy.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="system-telemetryproxy"></a>**System/TelemetryProxy**
<!--SupportedSKUs-->
@ -964,7 +964,7 @@ Allows you to specify the fully qualified domain name (FQDN) or IP address of a
If you disable or do not configure this policy setting, Connected User Experiences and Telemetry will go to Microsoft using the default proxy configuration.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -973,7 +973,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartEAS-->
## <a href="" id="eas"></a>System policies that can be set using Exchange Active Sync (EAS)

30
windows/client-management/mdm/policy-csp-systemservices.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - SystemServices
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## SystemServices policies
<dl>
@ -44,7 +44,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="systemservices-configurehomegrouplistenerservicestartupmode"></a>**SystemServices/ConfigureHomeGroupListenerServiceStartupMode**
<!--SupportedSKUs-->
@ -83,11 +83,11 @@ ms.date: 01/29/2018
Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="systemservices-configurehomegroupproviderservicestartupmode"></a>**SystemServices/ConfigureHomeGroupProviderServiceStartupMode**
<!--SupportedSKUs-->
@ -126,11 +126,11 @@ Added in Windows 10, next major update. This setting determines whether the serv
Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="systemservices-configurexboxaccessorymanagementservicestartupmode"></a>**SystemServices/ConfigureXboxAccessoryManagementServiceStartupMode**
<!--SupportedSKUs-->
@ -169,11 +169,11 @@ Added in Windows 10, next major update. This setting determines whether the serv
Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="systemservices-configurexboxliveauthmanagerservicestartupmode"></a>**SystemServices/ConfigureXboxLiveAuthManagerServiceStartupMode**
<!--SupportedSKUs-->
@ -212,11 +212,11 @@ Added in Windows 10, next major update. This setting determines whether the serv
Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="systemservices-configurexboxlivegamesaveservicestartupmode"></a>**SystemServices/ConfigureXboxLiveGameSaveServiceStartupMode**
<!--SupportedSKUs-->
@ -255,11 +255,11 @@ Added in Windows 10, next major update. This setting determines whether the serv
Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="systemservices-configurexboxlivenetworkingservicestartupmode"></a>**SystemServices/ConfigureXboxLiveNetworkingServiceStartupMode**
<!--SupportedSKUs-->
@ -298,7 +298,7 @@ Added in Windows 10, next major update. This setting determines whether the serv
Added in Windows 10, next major update. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -307,5 +307,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

10
windows/client-management/mdm/policy-csp-taskscheduler.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - TaskScheduler
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## TaskScheduler policies
<dl>
@ -29,7 +29,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="taskscheduler-enablexboxgamesavetask"></a>**TaskScheduler/EnableXboxGameSaveTask**
<!--SupportedSKUs-->
@ -68,7 +68,7 @@ ms.date: 01/29/2018
Added in Windows 10, next major update. This setting determines whether the specific task is enabled (1) or disabled (0). Default: Enabled.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -77,5 +77,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

62
windows/client-management/mdm/policy-csp-textinput.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - TextInput
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## TextInput policies
<dl>
@ -68,7 +68,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowimelogging"></a>**TextInput/AllowIMELogging**
<!--SupportedSKUs-->
@ -120,11 +120,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowimenetworkaccess"></a>**TextInput/AllowIMENetworkAccess**
<!--SupportedSKUs-->
@ -176,11 +176,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowinputpanel"></a>**TextInput/AllowInputPanel**
<!--SupportedSKUs-->
@ -232,11 +232,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowjapaneseimesurrogatepaircharacters"></a>**TextInput/AllowJapaneseIMESurrogatePairCharacters**
<!--SupportedSKUs-->
@ -289,11 +289,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowjapaneseivscharacters"></a>**TextInput/AllowJapaneseIVSCharacters**
<!--SupportedSKUs-->
@ -345,11 +345,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowjapanesenonpublishingstandardglyph"></a>**TextInput/AllowJapaneseNonPublishingStandardGlyph**
<!--SupportedSKUs-->
@ -401,11 +401,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowjapaneseuserdictionary"></a>**TextInput/AllowJapaneseUserDictionary**
<!--SupportedSKUs-->
@ -457,11 +457,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowkeyboardtextsuggestions"></a>**TextInput/AllowKeyboardTextSuggestions**
<!--SupportedSKUs-->
@ -520,22 +520,22 @@ To validate that text prediction is disabled on Windows 10 for desktop, do the f
3. Launch the handwriting tool from the touch keyboard. Verify that text prediction is disabled when you write using the tool.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowkoreanextendedhanja"></a>**TextInput/AllowKoreanExtendedHanja**
<!--Description-->
This policy has been deprecated.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-allowlanguagefeaturesuninstall"></a>**TextInput/AllowLanguageFeaturesUninstall**
<!--SupportedSKUs-->
@ -587,11 +587,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-enabletouchkeyboardautoinvokeindesktopmode"></a>**TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode**
<!--SupportedSKUs-->
@ -643,11 +643,11 @@ The following list shows the supported values:
- 1 - Enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-excludejapaneseimeexceptjis0208"></a>**TextInput/ExcludeJapaneseIMEExceptJIS0208**
<!--SupportedSKUs-->
@ -697,11 +697,11 @@ The following list shows the supported values:
- 1 All characters except JIS0208 are filtered.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-excludejapaneseimeexceptjis0208andeudc"></a>**TextInput/ExcludeJapaneseIMEExceptJIS0208andEUDC**
<!--SupportedSKUs-->
@ -751,11 +751,11 @@ The following list shows the supported values:
- 1 All characters except JIS0208 and EUDC are filtered.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="textinput-excludejapaneseimeexceptshiftjis"></a>**TextInput/ExcludeJapaneseIMEExceptShiftJIS**
<!--SupportedSKUs-->
@ -805,7 +805,7 @@ The following list shows the supported values:
- 1 All characters except ShiftJIS are filtered.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -814,7 +814,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartSurfaceHub-->
## <a href="" id="surfacehubpolicies"></a>TextInput policies supported by Microsoft Surface Hub

10
windows/client-management/mdm/policy-csp-timelanguagesettings.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - TimeLanguageSettings
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## TimeLanguageSettings policies
<dl>
@ -27,7 +27,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="timelanguagesettings-allowset24hourclock"></a>**TimeLanguageSettings/AllowSet24HourClock**
<!--SupportedSKUs-->
@ -73,7 +73,7 @@ The following list shows the supported values:
- 1 (default) Set 24 hour clock.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -82,5 +82,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

198
windows/client-management/mdm/policy-csp-update.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Update
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Update policies
<dl>
@ -170,7 +170,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-activehoursend"></a>**Update/ActiveHoursEnd**
<!--SupportedSKUs-->
@ -216,11 +216,11 @@ Supported values are 0-23, where 0 is 12 AM, 1 is 1 AM, etc.
The default is 17 (5 PM).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-activehoursmaxrange"></a>**Update/ActiveHoursMaxRange**
<!--SupportedSKUs-->
@ -263,11 +263,11 @@ Supported values are 8-18.
The default value is 18 (hours).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-activehoursstart"></a>**Update/ActiveHoursStart**
<!--SupportedSKUs-->
@ -313,11 +313,11 @@ Supported values are 0-23, where 0 is 12 AM, 1 is 1 AM, etc.
The default value is 8 (8 AM).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-allowautoupdate"></a>**Update/AllowAutoUpdate**
<!--SupportedSKUs-->
@ -376,11 +376,11 @@ The following list shows the supported values:
- 5 Turn off automatic updates.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-allowautowindowsupdatedownloadovermeterednetwork"></a>**Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork**
<!--SupportedSKUs-->
@ -430,11 +430,11 @@ The following list shows the supported values:
- 1 - Allowed
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-allowmuupdateservice"></a>**Update/AllowMUUpdateService**
<!--SupportedSKUs-->
@ -480,11 +480,11 @@ The following list shows the supported values:
- 1 Allowed. Accepts updates received through Microsoft Update.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-allownonmicrosoftsignedupdate"></a>**Update/AllowNonMicrosoftSignedUpdate**
<!--SupportedSKUs-->
@ -534,11 +534,11 @@ The following list shows the supported values:
- 1 Allowed. Accepts updates received through an intranet Microsoft update service location, if they are signed by a certificate found in the "Trusted Publishers" certificate store of the local computer.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-allowupdateservice"></a>**Update/AllowUpdateService**
<!--SupportedSKUs-->
@ -591,11 +591,11 @@ The following list shows the supported values:
- 1 (default) Update service is allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-autorestartdeadlineperiodindays"></a>**Update/AutoRestartDeadlinePeriodInDays**
<!--SupportedSKUs-->
@ -638,11 +638,11 @@ Supported values are 2-30 days.
The default value is 7 days.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-autorestartnotificationschedule"></a>**Update/AutoRestartNotificationSchedule**
<!--SupportedSKUs-->
@ -687,11 +687,11 @@ The default value is 15 (minutes).
Supported values are 15, 30, 60, 120, and 240 (minutes).
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-autorestartrequirednotificationdismissal"></a>**Update/AutoRestartRequiredNotificationDismissal**
<!--SupportedSKUs-->
@ -737,11 +737,11 @@ The following list shows the supported values:
- 2 User Dismissal.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-branchreadinesslevel"></a>**Update/BranchReadinessLevel**
<!--SupportedSKUs-->
@ -790,11 +790,11 @@ The following list shows the supported values:
- 32 {0x20} - Semi-annual Channel. Device gets feature updates from Semi-annual Channel.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-configurefeatureupdateuninstallperiod"></a>**Update/ConfigureFeatureUpdateUninstallPeriod**
<!--SupportedSKUs-->
@ -824,11 +824,11 @@ The following list shows the supported values:
Added in Windows 10, next major update. Enable IT admin to configure feature update uninstall period. Values range 2 - 60 days. Default is 10 days.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-deferfeatureupdatesperiodindays"></a>**Update/DeferFeatureUpdatesPeriodInDays**
<!--SupportedSKUs-->
@ -874,11 +874,11 @@ Supported values are 0-365 days.
> The default maximum number of days to defer an update has been increased from 180 (Windows 10, version 1607) to 365 in Windows 10, version 1703.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-deferqualityupdatesperiodindays"></a>**Update/DeferQualityUpdatesPeriodInDays**
<!--SupportedSKUs-->
@ -919,11 +919,11 @@ Added in Windows 10, version 1607. Defers Quality Updates for the specified num
Supported values are 0-30.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-deferupdateperiod"></a>**Update/DeferUpdatePeriod**
<!--SupportedSKUs-->
@ -1055,11 +1055,11 @@ If a machine has Microsoft Update enabled, any Microsoft Updates in these catego
</table>-->
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-deferupgradeperiod"></a>**Update/DeferUpgradePeriod**
<!--SupportedSKUs-->
@ -1110,11 +1110,11 @@ If the "Specify intranet Microsoft update service location" policy is enabled, t
If the "Allow Telemetry" policy is enabled and the Options value is set to 0, then the "Defer upgrades by", "Defer updates by" and "Pause Updates and Upgrades" settings have no effect.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-detectionfrequency"></a>**Update/DetectionFrequency**
<!--SupportedSKUs-->
@ -1153,11 +1153,11 @@ If the "Allow Telemetry" policy is enabled and the Options value is set to 0, th
Added in Windows 10, version 1703. Specifies the scan frequency from every 1 - 22 hours. Default is 22 hours.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-disabledualscan"></a>**Update/DisableDualScan**
<!--SupportedSKUs-->
@ -1209,11 +1209,11 @@ The following list shows the supported values:
- 1 - do not allow update deferral policies to cause scans against Windows Update
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-engagedrestartdeadline"></a>**Update/EngagedRestartDeadline**
<!--SupportedSKUs-->
@ -1256,11 +1256,11 @@ Supported values are 2-30 days.
The default value is 0 days (not specified).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-engagedrestartsnoozeschedule"></a>**Update/EngagedRestartSnoozeSchedule**
<!--SupportedSKUs-->
@ -1303,11 +1303,11 @@ Supported values are 1-3 days.
The default value is 3 days.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-engagedrestarttransitionschedule"></a>**Update/EngagedRestartTransitionSchedule**
<!--SupportedSKUs-->
@ -1350,11 +1350,11 @@ Supported values are 2-30 days.
The default value is 7 days.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-excludewudriversinqualityupdate"></a>**Update/ExcludeWUDriversInQualityUpdate**
<!--SupportedSKUs-->
@ -1403,11 +1403,11 @@ The following list shows the supported values:
- 1 Exclude Windows Update drivers.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-fillemptycontenturls"></a>**Update/FillEmptyContentUrls**
<!--SupportedSKUs-->
@ -1456,11 +1456,11 @@ The following list shows the supported values:
- 1 Enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-ignoremoappdownloadlimit"></a>**Update/IgnoreMOAppDownloadLimit**
<!--SupportedSKUs-->
@ -1521,11 +1521,11 @@ To validate this policy:
3. Verify that any downloads that are above the download size limit will complete without being paused.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-ignoremoupdatedownloadlimit"></a>**Update/IgnoreMOUpdateDownloadLimit**
<!--SupportedSKUs-->
@ -1586,11 +1586,11 @@ To validate this policy:
2. Run the scheduled task on phone to check for OS updates in the background. For example, on a mobile device, run the following commands in TShell:
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-managepreviewbuilds"></a>**Update/ManagePreviewBuilds**
<!--SupportedSKUs-->
@ -1637,11 +1637,11 @@ The following list shows the supported values:
- 2 - Enable Preview builds
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-pausedeferrals"></a>**Update/PauseDeferrals**
<!--SupportedSKUs-->
@ -1696,11 +1696,11 @@ The following list shows the supported values:
- 1 Deferrals are paused.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-pausefeatureupdates"></a>**Update/PauseFeatureUpdates**
<!--SupportedSKUs-->
@ -1749,11 +1749,11 @@ The following list shows the supported values:
- 1 Feature Updates are paused for 60 days or until value set to back to 0, whichever is sooner.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-pausefeatureupdatesstarttime"></a>**Update/PauseFeatureUpdatesStartTime**
<!--SupportedSKUs-->
@ -1794,11 +1794,11 @@ Added in Windows 10, version 1703. Specifies the date and time when the IT admi
Value type is string. Supported operations are Add, Get, Delete, and Replace.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-pausequalityupdates"></a>**Update/PauseQualityUpdates**
<!--SupportedSKUs-->
@ -1844,11 +1844,11 @@ The following list shows the supported values:
- 1 Quality Updates are paused for 35 days or until value set back to 0, whichever is sooner.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-pausequalityupdatesstarttime"></a>**Update/PauseQualityUpdatesStartTime**
<!--SupportedSKUs-->
@ -1889,22 +1889,22 @@ Added in Windows 10, version 1703. Specifies the date and time when the IT admi
Value type is string. Supported operations are Add, Get, Delete, and Replace.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-phoneupdaterestrictions"></a>**Update/PhoneUpdateRestrictions**
<!--Description-->
This policy is deprecated. Use [Update/RequireUpdateApproval](#update-requireupdateapproval) instead.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-requiredeferupgrade"></a>**Update/RequireDeferUpgrade**
<!--SupportedSKUs-->
@ -1954,11 +1954,11 @@ The following list shows the supported values:
- 1 User gets upgrades from Semi-Annual Channel.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-requireupdateapproval"></a>**Update/RequireUpdateApproval**
<!--SupportedSKUs-->
@ -2010,11 +2010,11 @@ The following list shows the supported values:
- 1 The device only installs updates that are both applicable and on the Approved Updates list. Set this policy to 1 if IT wants to control the deployment of updates on devices, such as when testing is required prior to deployment.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-scheduleimminentrestartwarning"></a>**Update/ScheduleImminentRestartWarning**
<!--SupportedSKUs-->
@ -2059,11 +2059,11 @@ The default value is 15 (minutes).
Supported values are 15, 30, or 60 (minutes).
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-schedulerestartwarning"></a>**Update/ScheduleRestartWarning**
<!--SupportedSKUs-->
@ -2112,11 +2112,11 @@ The default value is 4 (hours).
Supported values are 2, 4, 8, 12, or 24 (hours).
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-scheduledinstallday"></a>**Update/ScheduledInstallDay**
<!--SupportedSKUs-->
@ -2172,11 +2172,11 @@ The following list shows the supported values:
- 7 Saturday
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-scheduledinstalleveryweek"></a>**Update/ScheduledInstallEveryWeek**
<!--SupportedSKUs-->
@ -2219,11 +2219,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i
</ul>
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-scheduledinstallfirstweek"></a>**Update/ScheduledInstallFirstWeek**
<!--SupportedSKUs-->
@ -2266,11 +2266,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i
</ul>
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-scheduledinstallfourthweek"></a>**Update/ScheduledInstallFourthWeek**
<!--SupportedSKUs-->
@ -2313,11 +2313,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i
</ul>
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-scheduledinstallsecondweek"></a>**Update/ScheduledInstallSecondWeek**
<!--SupportedSKUs-->
@ -2360,11 +2360,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i
</ul>
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-scheduledinstallthirdweek"></a>**Update/ScheduledInstallThirdWeek**
<!--SupportedSKUs-->
@ -2407,11 +2407,11 @@ Added in Windows 10, version 1709. Enables the IT admin to schedule the update i
</ul>
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-scheduledinstalltime"></a>**Update/ScheduledInstallTime**
<!--SupportedSKUs-->
@ -2462,11 +2462,11 @@ Supported values are 0-23, where 0 = 12 AM and 23 = 11 PM.
The default value is 3.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-setautorestartnotificationdisable"></a>**Update/SetAutoRestartNotificationDisable**
<!--SupportedSKUs-->
@ -2512,11 +2512,11 @@ The following list shows the supported values:
- 1 Disabled
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-setedurestart"></a>**Update/SetEDURestart**
<!--SupportedSKUs-->
@ -2562,11 +2562,11 @@ The following list shows the supported values:
- 1 - configured
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-updateserviceurl"></a>**Update/UpdateServiceUrl**
<!--SupportedSKUs-->
@ -2637,11 +2637,11 @@ Example
```
<!--/Example-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="update-updateserviceurlalternate"></a>**Update/UpdateServiceUrlAlternate**
<!--SupportedSKUs-->
@ -2691,7 +2691,7 @@ Value type is string and the default value is an empty string, "". If the settin
> This policy is not supported on Windows RT. Setting this policy will not have any effect on Windows RT PCs.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -2700,7 +2700,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartHoloLens-->
## <a href="" id="hololenspolicies"></a>Update policies supported by Windows Holographic for Business

122
windows/client-management/mdm/policy-csp-userrights.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - UserRights
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## UserRights policies
<dl>
@ -113,7 +113,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-accesscredentialmanagerastrustedcaller"></a>**UserRights/AccessCredentialManagerAsTrustedCaller**
<!--SupportedSKUs-->
@ -152,11 +152,11 @@ ms.date: 01/29/2018
This user right is used by Credential Manager during Backup/Restore. No accounts should have this privilege, as it is only assigned to Winlogon. Users' saved credentials might be compromised if this privilege is given to other entities.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-accessfromnetwork"></a>**UserRights/AccessFromNetwork**
<!--SupportedSKUs-->
@ -195,11 +195,11 @@ This user right is used by Credential Manager during Backup/Restore. No accounts
This user right determines which users and groups are allowed to connect to the computer over the network. Remote Desktop Services are not affected by this user right.Note: Remote Desktop Services was called Terminal Services in previous versions of Windows Server.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-actaspartoftheoperatingsystem"></a>**UserRights/ActAsPartOfTheOperatingSystem**
<!--SupportedSKUs-->
@ -238,11 +238,11 @@ This user right determines which users and groups are allowed to connect to the
This user right allows a process to impersonate any user without authentication. The process can therefore gain access to the same local resources as that user. Processes that require this privilege should use the LocalSystem account, which already includes this privilege, rather than using a separate user account with this privilege specially assigned. Caution:Assigning this user right can be a security risk. Only assign this user right to trusted users.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-allowlocallogon"></a>**UserRights/AllowLocalLogOn**
<!--SupportedSKUs-->
@ -281,11 +281,11 @@ This user right allows a process to impersonate any user without authentication.
This user right determines which users can log on to the computer. Note: Modifying this setting may affect compatibility with clients, services, and applications. For compatibility information about this setting, see Allow log on locally (https://go.microsoft.com/fwlink/?LinkId=24268 ) at the Microsoft website.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-backupfilesanddirectories"></a>**UserRights/BackupFilesAndDirectories**
<!--SupportedSKUs-->
@ -324,11 +324,11 @@ This user right determines which users can log on to the computer. Note: Modifyi
This user right determines which users can bypass file, directory, registry, and other persistent objects permissions when backing up files and directories.Specifically, this user right is similar to granting the following permissions to the user or group in question on all files and folders on the system:Traverse Folder/Execute File, Read. Caution: Assigning this user right can be a security risk. Since users with this user right can read any registry settings and files, only assign this user right to trusted users
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-changesystemtime"></a>**UserRights/ChangeSystemTime**
<!--SupportedSKUs-->
@ -367,11 +367,11 @@ This user right determines which users can bypass file, directory, registry, and
This user right determines which users and groups can change the time and date on the internal clock of the computer. Users that are assigned this user right can affect the appearance of event logs. If the system time is changed, events that are logged will reflect this new time, not the actual time that the events occurred.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-createglobalobjects"></a>**UserRights/CreateGlobalObjects**
<!--SupportedSKUs-->
@ -410,11 +410,11 @@ This user right determines which users and groups can change the time and date o
This security setting determines whether users can create global objects that are available to all sessions. Users can still create objects that are specific to their own session if they do not have this user right. Users who can create global objects could affect processes that run under other users' sessions, which could lead to application failure or data corruption. Caution: Assigning this user right can be a security risk. Assign this user right only to trusted users.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-createpagefile"></a>**UserRights/CreatePageFile**
<!--SupportedSKUs-->
@ -453,11 +453,11 @@ This security setting determines whether users can create global objects that ar
This user right determines which users and groups can call an internal application programming interface (API) to create and change the size of a page file. This user right is used internally by the operating system and usually does not need to be assigned to any users
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-createpermanentsharedobjects"></a>**UserRights/CreatePermanentSharedObjects**
<!--SupportedSKUs-->
@ -496,11 +496,11 @@ This user right determines which users and groups can call an internal applicati
This user right determines which accounts can be used by processes to create a directory object using the object manager. This user right is used internally by the operating system and is useful to kernel-mode components that extend the object namespace. Because components that are running in kernel mode already have this user right assigned to them, it is not necessary to specifically assign it.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-createsymboliclinks"></a>**UserRights/CreateSymbolicLinks**
<!--SupportedSKUs-->
@ -539,11 +539,11 @@ This user right determines which accounts can be used by processes to create a d
This user right determines if the user can create a symbolic link from the computer he is logged on to. Caution: This privilege should only be given to trusted users. Symbolic links can expose security vulnerabilities in applications that aren't designed to handle them. Note: This setting can be used in conjunction a symlink filesystem setting that can be manipulated with the command line utility to control the kinds of symlinks that are allowed on the machine. Type 'fsutil behavior set symlinkevaluation /?' at the command line to get more information about fsutil and symbolic links.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-createtoken"></a>**UserRights/CreateToken**
<!--SupportedSKUs-->
@ -582,11 +582,11 @@ This user right determines if the user can create a symbolic link from the compu
This user right determines which accounts can be used by processes to create a token that can then be used to get access to any local resources when the process uses an internal application programming interface (API) to create an access token. This user right is used internally by the operating system. Unless it is necessary, do not assign this user right to a user, group, or process other than Local System. Caution: Assigning this user right can be a security risk. Do not assign this user right to any user, group, or process that you do not want to take over the system.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-debugprograms"></a>**UserRights/DebugPrograms**
<!--SupportedSKUs-->
@ -625,11 +625,11 @@ This user right determines which accounts can be used by processes to create a t
This user right determines which users can attach a debugger to any process or to the kernel. Developers who are debugging their own applications do not need to be assigned this user right. Developers who are debugging new system components will need this user right to be able to do so. This user right provides complete access to sensitive and critical operating system components. Caution:Assigning this user right can be a security risk. Only assign this user right to trusted users.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-denyaccessfromnetwork"></a>**UserRights/DenyAccessFromNetwork**
<!--SupportedSKUs-->
@ -668,11 +668,11 @@ This user right determines which users can attach a debugger to any process or t
This user right determines which users are prevented from accessing a computer over the network. This policy setting supersedes the Access this computer from the network policy setting if a user account is subject to both policies.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-denylocallogon"></a>**UserRights/DenyLocalLogOn**
<!--SupportedSKUs-->
@ -711,11 +711,11 @@ This user right determines which users are prevented from accessing a computer o
This security setting determines which service accounts are prevented from registering a process as a service. Note: This security setting does not apply to the System, Local Service, or Network Service accounts.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-denyremotedesktopserviceslogon"></a>**UserRights/DenyRemoteDesktopServicesLogOn**
<!--SupportedSKUs-->
@ -754,11 +754,11 @@ This security setting determines which service accounts are prevented from regis
This user right determines which users and groups are prohibited from logging on as a Remote Desktop Services client.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-enabledelegation"></a>**UserRights/EnableDelegation**
<!--SupportedSKUs-->
@ -797,11 +797,11 @@ This user right determines which users and groups are prohibited from logging on
This user right determines which users can set the Trusted for Delegation setting on a user or computer object. The user or object that is granted this privilege must have write access to the account control flags on the user or computer object. A server process running on a computer (or under a user context) that is trusted for delegation can access resources on another computer using delegated credentials of a client, as long as the client account does not have the Account cannot be delegated account control flag set. Caution: Misuse of this user right, or of the Trusted for Delegation setting, could make the network vulnerable to sophisticated attacks using Trojan horse programs that impersonate incoming clients and use their credentials to gain access to network resources.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-generatesecurityaudits"></a>**UserRights/GenerateSecurityAudits**
<!--SupportedSKUs-->
@ -840,11 +840,11 @@ This user right determines which users can set the Trusted for Delegation settin
This user right determines which accounts can be used by a process to add entries to the security log. The security log is used to trace unauthorized system access. Misuse of this user right can result in the generation of many auditing events, potentially hiding evidence of an attack or causing a denial of service. Shut down system immediately if unable to log security audits security policy setting is enabled.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-impersonateclient"></a>**UserRights/ImpersonateClient**
<!--SupportedSKUs-->
@ -887,11 +887,11 @@ Assigning this user right to a user allows programs running on behalf of that us
Because of these factors, users do not usually need this user right. Warning: If you enable this setting, programs that previously had the Impersonate privilege may lose it, and they may not run.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-increaseschedulingpriority"></a>**UserRights/IncreaseSchedulingPriority**
<!--SupportedSKUs-->
@ -930,11 +930,11 @@ Because of these factors, users do not usually need this user right. Warning: If
This user right determines which accounts can use a process with Write Property access to another process to increase the execution priority assigned to the other process. A user with this privilege can change the scheduling priority of a process through the Task Manager user interface.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-loadunloaddevicedrivers"></a>**UserRights/LoadUnloadDeviceDrivers**
<!--SupportedSKUs-->
@ -973,11 +973,11 @@ This user right determines which accounts can use a process with Write Property
This user right determines which users can dynamically load and unload device drivers or other code in to kernel mode. This user right does not apply to Plug and Play device drivers. It is recommended that you do not assign this privilege to other users. Caution: Assigning this user right can be a security risk. Do not assign this user right to any user, group, or process that you do not want to take over the system.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-lockmemory"></a>**UserRights/LockMemory**
<!--SupportedSKUs-->
@ -1016,11 +1016,11 @@ This user right determines which users can dynamically load and unload device dr
This user right determines which accounts can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Exercising this privilege could significantly affect system performance by decreasing the amount of available random access memory (RAM).
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-manageauditingandsecuritylog"></a>**UserRights/ManageAuditingAndSecurityLog**
<!--SupportedSKUs-->
@ -1059,11 +1059,11 @@ This user right determines which accounts can use a process to keep data in phys
This user right determines which users can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys. This security setting does not allow a user to enable file and object access auditing in general. You can view audited events in the security log of the Event Viewer. A user with this privilege can also view and clear the security log.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-managevolume"></a>**UserRights/ManageVolume**
<!--SupportedSKUs-->
@ -1102,11 +1102,11 @@ This user right determines which users can specify object access auditing option
This user right determines which users and groups can run maintenance tasks on a volume, such as remote defragmentation. Use caution when assigning this user right. Users with this user right can explore disks and extend files in to memory that contains other data. When the extended files are opened, the user might be able to read and modify the acquired data.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-modifyfirmwareenvironment"></a>**UserRights/ModifyFirmwareEnvironment**
<!--SupportedSKUs-->
@ -1145,11 +1145,11 @@ This user right determines which users and groups can run maintenance tasks on a
This user right determines who can modify firmware environment values. Firmware environment variables are settings stored in the nonvolatile RAM of non-x86-based computers. The effect of the setting depends on the processor.On x86-based computers, the only firmware environment value that can be modified by assigning this user right is the Last Known Good Configuration setting, which should only be modified by the system. On Itanium-based computers, boot information is stored in nonvolatile RAM. Users must be assigned this user right to run bootcfg.exe and to change the Default Operating System setting on Startup and Recovery in System Properties. On all computers, this user right is required to install or upgrade Windows.Note: This security setting does not affect who can modify the system environment variables and user environment variables that are displayed on the Advanced tab of System Properties.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-modifyobjectlabel"></a>**UserRights/ModifyObjectLabel**
<!--SupportedSKUs-->
@ -1188,11 +1188,11 @@ This user right determines who can modify firmware environment values. Firmware
This user right determines which user accounts can modify the integrity label of objects, such as files, registry keys, or processes owned by other users. Processes running under a user account can modify the label of an object owned by that user to a lower level without this privilege.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-profilesingleprocess"></a>**UserRights/ProfileSingleProcess**
<!--SupportedSKUs-->
@ -1231,11 +1231,11 @@ This user right determines which user accounts can modify the integrity label of
This user right determines which users can use performance monitoring tools to monitor the performance of system processes.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-remoteshutdown"></a>**UserRights/RemoteShutdown**
<!--SupportedSKUs-->
@ -1274,11 +1274,11 @@ This user right determines which users can use performance monitoring tools to m
This user right determines which users are allowed to shut down a computer from a remote location on the network. Misuse of this user right can result in a denial of service.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-restorefilesanddirectories"></a>**UserRights/RestoreFilesAndDirectories**
<!--SupportedSKUs-->
@ -1317,11 +1317,11 @@ This user right determines which users are allowed to shut down a computer from
This user right determines which users can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and directories, and determines which users can set any valid security principal as the owner of an object. Specifically, this user right is similar to granting the following permissions to the user or group in question on all files and folders on the system:Traverse Folder/Execute File, Write. Caution: Assigning this user right can be a security risk. Since users with this user right can overwrite registry settings, hide data, and gain ownership of system objects, only assign this user right to trusted users.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="userrights-takeownership"></a>**UserRights/TakeOwnership**
<!--SupportedSKUs-->
@ -1360,7 +1360,7 @@ This user right determines which users can bypass file, directory, registry, and
This user right determines which users can take ownership of any securable object in the system, including Active Directory objects, files and folders, printers, registry keys, processes, and threads. Caution: Assigning this user right can be a security risk. Since owners of objects have full control of them, only assign this user right to trusted users.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -1369,5 +1369,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

34
windows/client-management/mdm/policy-csp-wifi.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - Wifi
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## Wifi policies
<dl>
@ -45,18 +45,18 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wifi-allowwifihotspotreporting"></a>**WiFi/AllowWiFiHotSpotReporting**
<!--Description-->
This policy has been deprecated.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wifi-allowautoconnecttowifisensehotspots"></a>**Wifi/AllowAutoConnectToWiFiSenseHotspots**
<!--SupportedSKUs-->
@ -104,11 +104,11 @@ The following list shows the supported values:
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wifi-allowinternetsharing"></a>**Wifi/AllowInternetSharing**
<!--SupportedSKUs-->
@ -156,11 +156,11 @@ The following list shows the supported values:
- 1 (default) Allow the use of Internet Sharing.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wifi-allowmanualwificonfiguration"></a>**Wifi/AllowManualWiFiConfiguration**
<!--SupportedSKUs-->
@ -211,11 +211,11 @@ The following list shows the supported values:
- 1 (default) Adding new network SSIDs beyond the already MDM provisioned ones is allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wifi-allowwifi"></a>**Wifi/AllowWiFi**
<!--SupportedSKUs-->
@ -263,11 +263,11 @@ The following list shows the supported values:
- 1 (default) WiFi connection is allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wifi-allowwifidirect"></a>**Wifi/AllowWiFiDirect**
<!--SupportedSKUs-->
@ -313,11 +313,11 @@ The following list shows the supported values:
- 1 - WiFi Direct connection is allowed.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wifi-wlanscanmode"></a>**Wifi/WLANScanMode**
<!--SupportedSKUs-->
@ -362,7 +362,7 @@ The default value is 0.
Supported operations are Add, Delete, Get, and Replace.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -371,7 +371,7 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->
<!--StartEAS-->
## <a href="" id="eas"></a>Wifi policies that can be set using Exchange Active Sync (EAS)

82
windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - WindowsDefenderSecurityCenter
@ -17,7 +17,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## WindowsDefenderSecurityCenter policies
<dl>
@ -83,7 +83,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-companyname"></a>**WindowsDefenderSecurityCenter/CompanyName**
<!--SupportedSKUs-->
@ -124,11 +124,11 @@ Added in Windows 10, version 1709. The company name that is displayed to the use
Value type is string. Supported operations are Add, Get, Replace and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disableaccountprotectionui"></a>**WindowsDefenderSecurityCenter/DisableAccountProtectionUI**
<!--SupportedSKUs-->
@ -174,11 +174,11 @@ Valid values:
- 1 - (Enable) The users cannot see the display of the Account protection area in Windows Defender Security Center.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disableappbrowserui"></a>**WindowsDefenderSecurityCenter/DisableAppBrowserUI**
<!--SupportedSKUs-->
@ -226,11 +226,11 @@ The following list shows the supported values:
- 1 - (Enable) The users cannot see the display of the app and browser protection area in Windows Defender Security Center.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disabledevicesecurityui"></a>**WindowsDefenderSecurityCenter/DisableDeviceSecurityUI**
<!--SupportedSKUs-->
@ -276,11 +276,11 @@ Valid values:
- 1 - (Enable) The users cannot see the display of the Device secuirty area in Windows Defender Security Center.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disableenhancednotifications"></a>**WindowsDefenderSecurityCenter/DisableEnhancedNotifications**
<!--SupportedSKUs-->
@ -331,11 +331,11 @@ The following list shows the supported values:
- 1 - (Enable) Windows Defender Security Center only display notifications which are considered critical on clients.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disablefamilyui"></a>**WindowsDefenderSecurityCenter/DisableFamilyUI**
<!--SupportedSKUs-->
@ -383,11 +383,11 @@ The following list shows the supported values:
- 1 - (Enable) The users cannot see the display of the family options area in Windows Defender Security Center.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disablehealthui"></a>**WindowsDefenderSecurityCenter/DisableHealthUI**
<!--SupportedSKUs-->
@ -435,11 +435,11 @@ The following list shows the supported values:
- 1 - (Enable) The users cannot see the display of the device performance and health area in Windows Defender Security Center.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disablenetworkui"></a>**WindowsDefenderSecurityCenter/DisableNetworkUI**
<!--SupportedSKUs-->
@ -487,11 +487,11 @@ The following list shows the supported values:
- 1 - (Enable) The users cannot see the display of the firewall and network protection area in Windows Defender Security Center.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disablenotifications"></a>**WindowsDefenderSecurityCenter/DisableNotifications**
<!--SupportedSKUs-->
@ -539,11 +539,11 @@ The following list shows the supported values:
- 1 - (Enable) The users cannot see the display of Windows Defender Security Center notifications.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disablevirusui"></a>**WindowsDefenderSecurityCenter/DisableVirusUI**
<!--SupportedSKUs-->
@ -591,11 +591,11 @@ The following list shows the supported values:
- 1 - (Enable) The users cannot see the display of the virus and threat protection area in Windows Defender Security Center.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-disallowexploitprotectionoverride"></a>**WindowsDefenderSecurityCenter/DisallowExploitProtectionOverride**
<!--SupportedSKUs-->
@ -643,11 +643,11 @@ The following list shows the supported values:
- 1 - (Enable) Local users cannot make changes in the exploit protection settings area.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-email"></a>**WindowsDefenderSecurityCenter/Email**
<!--SupportedSKUs-->
@ -688,11 +688,11 @@ Added in Windows 10, version 1709. The email address that is displayed to users.
Value type is string. Supported operations are Add, Get, Replace and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-enablecustomizedtoasts"></a>**WindowsDefenderSecurityCenter/EnableCustomizedToasts**
<!--SupportedSKUs-->
@ -740,11 +740,11 @@ The following list shows the supported values:
- 1 - (Enable) Notifications contain the company name and contact options.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-enableinappcustomization"></a>**WindowsDefenderSecurityCenter/EnableInAppCustomization**
<!--SupportedSKUs-->
@ -792,11 +792,11 @@ The following list shows the supported values:
- 1 - (Enable) Display the company name and contact options in the card fly out notification.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-hideransomwaredatarecovery"></a>**WindowsDefenderSecurityCenter/HideRansomwareDataRecovery**
<!--SupportedSKUs-->
@ -842,11 +842,11 @@ Valid values:
- 1 - (Enable) The Ransomware data recovery area is hidden.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-hidesecureboot"></a>**WindowsDefenderSecurityCenter/HideSecureBoot**
<!--SupportedSKUs-->
@ -892,11 +892,11 @@ Valid values:
- 1 - (Enable) The Secure boot area is hidden.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-hidetpmtroubleshooting"></a>**WindowsDefenderSecurityCenter/HideTPMTroubleshooting**
<!--SupportedSKUs-->
@ -942,11 +942,11 @@ Valid values:
- 1 - (Enable) The Security processor (TPM) troubleshooting area is hidden.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-phone"></a>**WindowsDefenderSecurityCenter/Phone**
<!--SupportedSKUs-->
@ -987,11 +987,11 @@ Added in Windows 10, version 1709. The phone number or Skype ID that is displaye
Value type is string. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsdefendersecuritycenter-url"></a>**WindowsDefenderSecurityCenter/URL**
<!--SupportedSKUs-->
@ -1032,7 +1032,7 @@ Added in Windows 10, version 1709. The help portal URL this is displayed to user
Value type is Value type is string. Supported operations are Add, Get, Replace, and Delete.
<!--/Description-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -1041,5 +1041,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

14
windows/client-management/mdm/policy-csp-windowsinkworkspace.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - WindowsInkWorkspace
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## WindowsInkWorkspace policies
<dl>
@ -30,7 +30,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsinkworkspace-allowsuggestedappsinwindowsinkworkspace"></a>**WindowsInkWorkspace/AllowSuggestedAppsInWindowsInkWorkspace**
<!--SupportedSKUs-->
@ -76,11 +76,11 @@ The following list shows the supported values:
- 1 (default) -allow app suggestions.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowsinkworkspace-allowwindowsinkworkspace"></a>**WindowsInkWorkspace/AllowWindowsInkWorkspace**
<!--SupportedSKUs-->
@ -127,7 +127,7 @@ Value type is int. The following list shows the supported values:
- 2 (default) - ink workspace is enabled (feature is turned on), and the user is allowed to use it above the lock screen.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -136,5 +136,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

18
windows/client-management/mdm/policy-csp-windowslogon.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - WindowsLogon
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## WindowsLogon policies
<dl>
@ -33,7 +33,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowslogon-disablelockscreenappnotifications"></a>**WindowsLogon/DisableLockScreenAppNotifications**
<!--SupportedSKUs-->
@ -91,11 +91,11 @@ ADMX Info:
- GP ADMX file name: *logon.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowslogon-dontdisplaynetworkselectionui"></a>**WindowsLogon/DontDisplayNetworkSelectionUI**
<!--SupportedSKUs-->
@ -153,11 +153,11 @@ ADMX Info:
- GP ADMX file name: *logon.admx*
<!--/ADMX-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="windowslogon-hidefastuserswitching"></a>**WindowsLogon/HideFastUserSwitching**
<!--SupportedSKUs-->
@ -210,7 +210,7 @@ To validate on Desktop, do the following:
2. Verify that the Switch account button in Start is hidden.
<!--/Validation-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -219,5 +219,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->

38
windows/client-management/mdm/policy-csp-wirelessdisplay.md
View File

@ -6,7 +6,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 01/29/2018
ms.date: 01/30/2018
---
# Policy CSP - WirelessDisplay
@ -15,7 +15,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicies-->
<!--Policies-->
## WirelessDisplay policies
<dl>
@ -48,7 +48,7 @@ ms.date: 01/29/2018
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wirelessdisplay-allowmdnsadvertisement"></a>**WirelessDisplay/AllowMdnsAdvertisement**
<!--SupportedSKUs-->
@ -94,11 +94,11 @@ The following list shows the supported values:
- 1 - Allow
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wirelessdisplay-allowmdnsdiscovery"></a>**WirelessDisplay/AllowMdnsDiscovery**
<!--SupportedSKUs-->
@ -144,11 +144,11 @@ The following list shows the supported values:
- 1 - Allow
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wirelessdisplay-allowprojectionfrompc"></a>**WirelessDisplay/AllowProjectionFromPC**
<!--SupportedSKUs-->
@ -194,11 +194,11 @@ The following list shows the supported values:
- 1 - your PC can discover and project to other devices
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wirelessdisplay-allowprojectionfrompcoverinfrastructure"></a>**WirelessDisplay/AllowProjectionFromPCOverInfrastructure**
<!--SupportedSKUs-->
@ -244,11 +244,11 @@ The following list shows the supported values:
- 1 - your PC can discover and project to other devices over infrastructure.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wirelessdisplay-allowprojectiontopc"></a>**WirelessDisplay/AllowProjectionToPC**
<!--SupportedSKUs-->
@ -298,11 +298,11 @@ The following list shows the supported values:
- 1 (default) - projection to PC is allowed. Enabled only above the lock screen.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wirelessdisplay-allowprojectiontopcoverinfrastructure"></a>**WirelessDisplay/AllowProjectionToPCOverInfrastructure**
<!--SupportedSKUs-->
@ -348,11 +348,11 @@ The following list shows the supported values:
- 1 - your PC is discoverable and other devices can project to it over infrastructure.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wirelessdisplay-allowuserinputfromwirelessdisplayreceiver"></a>**WirelessDisplay/AllowUserInputFromWirelessDisplayReceiver**
<!--Scope-->
@ -375,11 +375,11 @@ The following list shows the supported values:
- 1 (default) - Wireless display input enabled.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
<!--StartPolicy-->
<!--Policy-->
<a href="" id="wirelessdisplay-requirepinforpairing"></a>**WirelessDisplay/RequirePinForPairing**
<!--SupportedSKUs-->
@ -429,7 +429,7 @@ The following list shows the supported values:
- 1 - PIN is required.
<!--/SupportedValues-->
<!--EndPolicy-->
<!--/Policy-->
<hr/>
Footnote:
@ -438,5 +438,5 @@ Footnote:
- 2 - Added in Windows 10, version 1703.
- 3 - Added in Windows 10, version 1709.
<!--EndPolicies-->
<!--/Policies-->