From 30a144ec9c6d64820b1b2b8e3ef9276b22cfe6ab Mon Sep 17 00:00:00 2001
From: nimishasatapathy <75668234+nimishasatapathy@users.noreply.github.com>
Date: Tue, 5 Oct 2021 13:25:38 +0530
Subject: [PATCH] Updated

---
 .../policy-configuration-service-provider.md  |  17 +
 .../mdm/policy-csp-admx-admpwd.md             | 299 ++++++++++++++++++
 windows/client-management/mdm/toc.yml         |   2 +
 3 files changed, 318 insertions(+)
 create mode 100644 windows/client-management/mdm/policy-csp-admx-admpwd.md

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index dbc08873bd..af24745349 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -213,6 +213,23 @@ The following diagram shows the Policy configuration service provider in tree fo
   </dd>
 </dl>
 
+### ADMX_AdmPwd policies
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-admpwd.md#admx-admpwd-pol_admpwd_dontallowpwdexpirationbehindpolicy" id="admx-admpwd-pol_admpwd_dontallowpwdexpirationbehindpolicy">ADMX_AdmPwd/POL_AdmPwd_DontAllowPwdExpirationBehindPolicy</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-admpwd.md#admx-admpwd-pol_admpwd_enabled" id="admx-admpwd-pol_admpwd_enabled">ADMX_AdmPwd/POL_AdmPwd_Enabled</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-admpwd.md#admx-admpwd-pol_admpwd_adminname" id="admx-admpwd-pol_admpwd_adminname">ADMX_AdmPwd/POL_AdmPwd_AdminName</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-admpwd.md#admx-admpwd-pol_admpwd" id="admx-admpwd-pol_admpwd">ADMX_AdmPwd/POL_AdmPwd</a>
+  </dd>
+<dl>
+
 ### ADMX_AppCompat policies
 
 <dl>
diff --git a/windows/client-management/mdm/policy-csp-admx-admpwd.md b/windows/client-management/mdm/policy-csp-admx-admpwd.md
new file mode 100644
index 0000000000..19b22053f4
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-admpwd.md
@@ -0,0 +1,299 @@
+---
+title: Policy CSP - ADMX_AdmPwd
+description: Policy CSP - ADMX_AdmPwd
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 11/09/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_AdmPwd
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+
+<hr/>
+
+<!--Policies-->
+## ADMX_AdmPwd policies  
+
+<dl>
+  <dd>
+    <a href="#admx-admpwd-pol_admpwd_dontallowpwdexpirationbehindpolicy">ADMX_AdmPwd/POL_AdmPwd_DontAllowPwdExpirationBehindPolicy</a>
+  </dd>
+  <dd>
+    <a href="#admx-admpwd-pol_admpwd_enabled">ADMX_AdmPwd/POL_AdmPwd_Enabled</a>
+  </dd>
+  <dd>
+    <a href="#admx-admpwd-pol_admpwd_adminname">ADMX_AdmPwd/POL_AdmPwd_AdminName</a>
+  </dd>
+  <dd>
+    <a href="#admx-admpwd-pol_admpwd">ADMX_AdmPwd/POL_AdmPwd</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-admpwd-pol_admpwd_dontallowpwdexpirationbehindpolicy"></a>**ADMX_AdmPwd/POL_AdmPwd_DontAllowPwdExpirationBehindPolicy**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Edition</th>
+    <th>Windows 10</th>
+    <th>Windows 11</th>
+<tr>
+    <td>Home</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+
+When you enable this setting, planned password expiration longer than password age dictated by "Password Settings" policy is NOT allowed. When such expiration is detected, password is changed immediately and password expiration is set according to policy.
+
+When you disable or not configure this setting, password expiration time may be longer than required by "Password Settings" policy.
+<!--/Description-->
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP Friendly name: *Do not allow password expiration time longer than required by policy*
+-   GP name: *POL_AdmPwd_DontAllowPwdExpirationBehindPolicy*
+-   GP path: *Windows Components\AdmPwd*
+-   GP ADMX file name: *AdmPwd.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-admpwd-pol_admpwd_enabled"></a>**ADMX_AdmPwd/POL_AdmPwd_Enabled**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Edition</th>
+    <th>Windows 10</th>
+    <th>Windows 11</th>
+<tr>
+    <td>Home</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+
+This policy enables the management of password for local administrator account
+
+If you enable this setting, local administrator password is managed.
+
+If you disable or not configure this setting, local administrator password is NOT managed.
+<!--/Description-->
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP Friendly name: *Enable local admin password management*
+-   GP name: *POL_AdmPwd_Enabled*
+-   GP path: *Windows Components\AdmPwd*
+-   GP ADMX file name: *AdmPwd.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-admpwd-pol_admpwd_adminname"></a>**ADMX_AdmPwd/POL_AdmPwd_AdminName**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Edition</th>
+    <th>Windows 10</th>
+    <th>Windows 11</th>
+<tr>
+    <td>Home</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+
+When you enable this setting, planned password expiration longer than password age dictated by "Password Settings" policy is NOT allowed. When such expiration is detected, password is changed immediately and password expiration is set according to policy.
+
+When you disable or not configure this setting, password expiration time may be longer than required by "Password Settings" policy.
+<!--/Description-->
+
+<!--ADMXBacked-->
+
+ADMX Info:  
+-   GP Friendly name: *Name of administrator account to manage*
+-   GP name: *POL_AdmPwd_AdminName*
+-   GP path: *Windows Components\AdmPwd*
+-   GP ADMX file name: *AdmPwd.admx*
+
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-admpwd-pol_admpwd"></a>**ADMX_AdmPwd/POL_AdmPwd**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Edition</th>
+    <th>Windows 10</th>
+    <th>Windows 11</th>
+<tr>
+    <td>Home</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+
+This policy setting enables management of password for local administrator account
+
+If you enable this setting, local administrator password is managed
+
+If you disable or not configure this setting, local administrator password is NOT managed.
+
+<!--/Description-->
+
+<!--ADMXBacked-->
+
+ADMX Info:  
+-   GP Friendly name: *Password Settings*
+-   GP name: *POL_AdmPwd*
+-   GP path: *Windows Components\AdmPwd*
+-   GP ADMX file name: *AdmPwd.admx*
+
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+
+<!--/Policies-->
+
diff --git a/windows/client-management/mdm/toc.yml b/windows/client-management/mdm/toc.yml
index 932fdd0cbb..8fa76c2a7f 100644
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@@ -407,6 +407,8 @@ items:
               href: policy-csp-admx-activexinstallservice.md
             - name: ADMX_AddRemovePrograms
               href: policy-csp-admx-addremoveprograms.md
+            - name: ADMX_AdmPwd
+              href: policy-csp-admx-admpwd.md  
             - name: ADMX_AppCompat
               href: policy-csp-admx-appcompat.md
             - name: ADMX_AppxPackageManager