Updated

2025-05-12 05:17:22 +00:00 · 2021-09-27 08:52:02 +05:30 · 2021-09-27 08:52:02 +05:30 · 3854ea2d0d
commit 3854ea2d0d
parent 2752f0c875
4 changed files with 195 additions and 0 deletions
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@ -997,6 +997,8 @@ ms.date: 10/08/2020
 - [ADMX_Snmp/SNMP_Communities](./policy-csp-admx-snmp.md#admx-snmp-snmp-communities)
 - [ADMX_Snmp/SNMP_PermittedManagers](./policy-csp-admx-snmp.md#admx-snmp-snmp-permittedmanagers)
 - [ADMX_Snmp/SNMP_Traps_Public](./policy-csp-admx-snmp.md#admx-snmp-snmp-traps-public)
+- [ADMX_srmfci/EnableShellAccessCheck](./policy-csp-admx-srmfci.md#admx-srmfci-enableshellaccesscheck)
+- [ADMX_srmfci/AccessDeniedConfiguration](./policy-csp-admx-srmfci.md#admx-srmfci-accessdeniedconfiguration)
 - [ADMX_StartMenu/AddSearchInternetLinkInStartMenu](./policy-csp-admx-startmenu.md#admx-startmenu-addsearchinternetlinkinstartmenu)
 - [ADMX_StartMenu/ClearRecentDocsOnExit](./policy-csp-admx-startmenu.md#admx-startmenu-clearrecentdocsonexit)
 - [ADMX_StartMenu/ClearRecentProgForNewUserInStartMenu](./policy-csp-admx-startmenu.md#admx-startmenu-clearrecentprogfornewuserinstartmenu)
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@ -3582,6 +3582,17 @@ dfsdiscoverdc">ADMX_DFS/DFSDiscoverDC</a>
  </dd>
 </dl>

+### ADMX_srmfci policies
+
+<dl>
+  <dd>
+    <a href="./policy-csp-admx-srmfci.md#admx-srmfci-enableshellaccesscheck" id="admx-srmfci-enableshellaccesscheck">ADMX_srmfci/EnableShellAccessCheck</a>
+  </dd>
+  <dd>
+    <a href="./policy-csp-admx-srmfci.md#admx-srmfci-accessdeniedconfiguration" id="admx-srmfci-accessdeniedconfiguration">ADMX_srmfci/AccessDeniedConfiguration</a>
+  </dd>
+<dl>
+
 ### ADMX_StartMenu policies  

 <dl>
--- a/windows/client-management/mdm/policy-csp-admx-srmfci.md
+++ b/windows/client-management/mdm/policy-csp-admx-srmfci.md
@ -0,0 +1,180 @@
+---
+title: Policy CSP - ADMX_srmfci
+description: Policy CSP - ADMX_srmfci
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: manikadhiman
+ms.date: 09/18/2020
+ms.reviewer: 
+manager: dansimp
+---
+
+# Policy CSP - ADMX_srmfci
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+> 
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+> 
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+<hr/>
+
+<!--Policies-->
+## ADMX_srmfci policies  
+
+<dl>
+  <dd>
+    <a href="#admx-srmfci-enableshellaccesscheck">ADMX_srmfci/EnableShellAccessCheck</a>
+  </dd>
+  <dd>
+    <a href="#admx-srmfci-accessdeniedconfiguration">ADMX_srmfci/AccessDeniedConfiguration</a>
+  </dd>
+</dl>
+
+
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-srmfci-enableshellaccesscheck"></a>**ADMX_srmfci/EnableShellAccessCheck**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Edition</th>
+    <th>Windows 10</th>
+    <th>Windows 11</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This Group Policy Setting should be set on Windows clients  to enable access-denied assistance for all file types.
+
+<!--/Description-->
+
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP Friendly name: *Enable access-denied assistance on client for all file types*
+-   GP name: *EnableShellAccessCheck*
+-   GP path: *System\Access-Denied Assistance*
+-   GP ADMX file name: *srmfci.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+<!--Policy-->
+<a href="" id="admx-srmfci-accessdeniedconfiguration"></a>**ADMX_srmfci/AccessDeniedConfiguration**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Edition</th>
+    <th>Windows 10</th>
+    <th>Windows 11</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td>No</td>
+    <td>No</td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td>Yes</td>
+    <td>Yes</td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy setting specifies the message that users see when they are denied access to a file or folder. You can customize the Access Denied message to include additional text and links. You can also provide users with the ability to send an email to request access to the file or folder to which they were denied access.  
+
+If you enable this policy setting, users receive a customized Access Denied message from the file servers on which this policy setting is applied.  
+
+If you disable this policy setting, users see a standard Access Denied message that doesn't provide any of the functionality controlled by this policy setting, regardless of the file server configuration.  
+
+If you do not configure this policy setting, users see a standard Access Denied message unless the file server is configured to display the customized Access Denied message. By default, users see the standard Access Denied message.
+
+<!--/Description-->
+
+<!--ADMXBacked-->
+ADMX Info:  
+-   GP Friendly name: *Customize message for Access Denied errors*
+-   GP name: *AccessDeniedConfiguration*
+-   GP path: *System\Access-Denied Assistance*
+-   GP ADMX file name: *srmfci.admx*
+
+<!--/ADMXBacked-->
+<!--/Policy-->
+<hr/>
+
+
+<!--/Policies-->
+
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@ -599,6 +599,8 @@ items:
              href: policy-csp-admx-smartcard.md
            - name: ADMX_Snmp
              href: policy-csp-admx-snmp.md
+            - name: ADMX_srmfci
+              href: policy-csp-admx-srmfci.md  
            - name: ADMX_StartMenu
              href: policy-csp-admx-startmenu.md
            - name: ADMX_SystemRestore