diff --git a/windows/client-management/mdm/policy-csp-credentialsdelegation.md b/windows/client-management/mdm/policy-csp-credentialsdelegation.md
index d4806508e7..a02c13b489 100644
--- a/windows/client-management/mdm/policy-csp-credentialsdelegation.md
+++ b/windows/client-management/mdm/policy-csp-credentialsdelegation.md
@@ -14,6 +14,12 @@ manager: dansimp
# Policy CSP - CredentialsDelegation
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
@@ -36,31 +42,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
-  |
+ No |
+ No |
| Pro |
-  |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -83,12 +96,7 @@ If you enable this policy setting, the host supports Restricted Admin or Remote
If you disable or do not configure this policy setting, Restricted Administration and Remote Credential Guard mode are not supported. User will always need to pass their credentials to the host.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -101,16 +109,7 @@ ADMX Info:
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-credentialsui.md b/windows/client-management/mdm/policy-csp-credentialsui.md
index 5fdff42127..0d294e4618 100644
--- a/windows/client-management/mdm/policy-csp-credentialsui.md
+++ b/windows/client-management/mdm/policy-csp-credentialsui.md
@@ -14,7 +14,12 @@ manager: dansimp
# Policy CSP - CredentialsUI
-
+> [!TIP]
+> These are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
@@ -39,31 +44,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -89,12 +101,7 @@ By default, the password reveal button is displayed after a user types a passwor
The policy applies to all Windows components and applications that use the Windows system controls, including Internet Explorer.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -114,31 +121,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -159,12 +173,7 @@ If you enable this policy setting, all local administrator accounts on the PC wi
If you disable this policy setting, users will always be required to type a user name and password to elevate.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -177,16 +186,7 @@ ADMX Info:
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-cryptography.md b/windows/client-management/mdm/policy-csp-cryptography.md
index 88e34b4df9..66af935c69 100644
--- a/windows/client-management/mdm/policy-csp-cryptography.md
+++ b/windows/client-management/mdm/policy-csp-cryptography.md
@@ -39,31 +39,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -108,31 +115,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -164,16 +178,7 @@ Lists the Cryptographic Cipher Algorithms allowed for SSL connections. Format is
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-dataprotection.md b/windows/client-management/mdm/policy-csp-dataprotection.md
index afbff9a990..ed9a1f87c4 100644
--- a/windows/client-management/mdm/policy-csp-dataprotection.md
+++ b/windows/client-management/mdm/policy-csp-dataprotection.md
@@ -39,31 +39,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -99,31 +106,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -150,15 +164,6 @@ Setting used by Windows 8.1 Selective Wipe.
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-datausage.md b/windows/client-management/mdm/policy-csp-datausage.md
index 652bf56c3c..9fcd657539 100644
--- a/windows/client-management/mdm/policy-csp-datausage.md
+++ b/windows/client-management/mdm/policy-csp-datausage.md
@@ -14,7 +14,12 @@ manager: dansimp
# Policy CSP - DataUsage
-
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
@@ -52,31 +57,38 @@ This policy is deprecated in Windows 10, version 1809.
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -103,12 +115,7 @@ If this policy setting is enabled, a drop-down list box presenting possible cost
If this policy setting is disabled or is not configured, the cost of 4G connections is Fixed by default.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -121,16 +128,7 @@ ADMX Info:
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-defender.md b/windows/client-management/mdm/policy-csp-defender.md
index c7445826de..fddac52c0c 100644
--- a/windows/client-management/mdm/policy-csp-defender.md
+++ b/windows/client-management/mdm/policy-csp-defender.md
@@ -156,31 +156,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -226,31 +233,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -296,31 +310,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -367,31 +388,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -437,31 +465,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -507,31 +542,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -577,31 +619,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -647,31 +696,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -709,31 +765,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -779,31 +842,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -849,31 +919,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -919,31 +996,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -981,31 +1065,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -1051,31 +1142,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 3 |
+ Yes |
+ Yes |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -1093,7 +1191,7 @@ The following list shows the supported values:
> This policy is only enforced in Windows 10 for desktop.
-Added in Windows 10, version 1709. This policy setting allows you to prevent Attack Surface reduction rules from matching on files under the paths specified or for the fully qualified resources specified. Paths should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a path or a fully qualified resource name. As an example, a path might be defined as: "c:\Windows" to exclude all files in this directory. A fully qualified resource name might be defined as: "C:\Windows\App.exe"..
+This policy setting allows you to prevent Attack Surface reduction rules from matching on files under the paths specified or for the fully qualified resources specified. Paths should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a path or a fully qualified resource name. As an example, a path might be defined as: "c:\Windows" to exclude all files in this directory. A fully qualified resource name might be defined as: "C:\Windows\App.exe"..
Value type is string.
@@ -1117,31 +1215,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 3 |
+ Yes |
+ Yes |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -1159,7 +1264,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 for desktop.
-Added in Windows 10, version 1709. This policy setting enables setting the state (Block/Audit/Off) for each Attack surface reduction (ASR) rule. Each ASR rule listed can be set to one of the following states (Block/Audit/Off). The ASR rule ID and state should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid ASR rule ID, while the value contains the status ID indicating the status of the rule.
+This policy setting enables setting the state (Block/Audit/Off) for each Attack surface reduction (ASR) rule. Each ASR rule listed can be set to one of the following states (Block/Audit/Off). The ASR rule ID and state should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid ASR rule ID, while the value contains the status ID indicating the status of the rule.
For more information about ASR rule ID and status ID, see [Enable Attack Surface Reduction](/windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction).
@@ -1185,31 +1290,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -1256,31 +1368,38 @@ Valid values: 0–100
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 5 |
+ Yes |
+ Yes |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -1338,31 +1457,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 3 |
+ Yes |
+ Yes |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -1380,7 +1506,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 for desktop.
-Added in Windows 10, version 1709. This policy setting determines how aggressive Microsoft Defender Antivirus will be in blocking and scanning suspicious files. Value type is integer.
+This policy setting determines how aggressive Microsoft Defender Antivirus will be in blocking and scanning suspicious files. Value type is integer.
If this setting is on, Microsoft Defender Antivirus will be more aggressive when identifying suspicious files to block and scan; otherwise, it will be less aggressive and therefore block and scan with less frequency.
@@ -1418,31 +1544,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 3 |
+ Yes |
+ Yes |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -1459,7 +1592,7 @@ The following list shows the supported values:
> [!NOTE]
> This policy is only enforced in Windows 10 for desktop.
-Added in Windows 10, version 1709. This feature allows Microsoft Defender Antivirus to block a suspicious file for up to 60 seconds, and scan it in the cloud to make sure it's safe. Value type is integer, range is 0 - 50.
+This feature allows Microsoft Defender Antivirus to block a suspicious file for up to 60 seconds, and scan it in the cloud to make sure it's safe. Value type is integer, range is 0 - 50.
The typical cloud check timeout is 10 seconds. To enable the extended cloud check feature, specify the extended time in seconds, up to an additional 50 seconds.
@@ -1488,31 +1621,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 3 |
+ Yes |
+ Yes |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -1551,31 +1691,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 3 |
+ Yes |
+ Yes |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -1592,7 +1739,7 @@ ADMX Info:
> [!NOTE]
> This policy is only enforced in Windows 10 for desktop. The previous name was GuardedFoldersList and changed to ControlledFolderAccessProtectedFolders.
-Added in Windows 10, version 1709. This policy settings allows adding user-specified folder locations to the controlled folder access feature. These folders will complement the system defined folders such as My Documents and My Pictures. The list of system folders will be displayed in the user interface and can not be changed. Value type is string. Use the | as the substring separator.
+This policy settings allows adding user-specified folder locations to the controlled folder access feature. These folders will complement the system defined folders such as My Documents and My Pictures. The list of system folders will be displayed in the user interface and can not be changed. Value type is string. Use the | as the substring separator.
@@ -1614,31 +1761,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -1685,31 +1839,38 @@ Valid values: 0–90
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 5 |
+ Yes |
+ Yes |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -1765,31 +1926,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 5 |
+ Yes |
+ Yes |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -1845,31 +2013,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 3 |
+ Yes |
+ Yes |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -1886,7 +2061,7 @@ ADMX Info:
> [!NOTE]
> This policy is only enforced in Windows 10 for desktop. The previous name was EnableGuardMyFolders and changed to EnableControlledFolderAccess.
-Added in Windows 10, version 1709. This policy enables setting the state (On/Off/Audit) for the controlled folder access feature. The controlled folder access feature removes modify and delete permissions from untrusted applications to certain folders such as My Documents. Value type is integer and the range is 0 - 2.
+This policy enables setting the state (On/Off/Audit) for the controlled folder access feature. The controlled folder access feature removes modify and delete permissions from untrusted applications to certain folders such as My Documents. Value type is integer and the range is 0 - 2.
@@ -1916,31 +2091,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 5 |
+ Yes |
+ Yes |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -1994,31 +2176,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 3 |
+ Yes |
+ Yes |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -2035,7 +2224,7 @@ ADMX Info:
> [!NOTE]
> This policy is only enforced in Windows 10 for desktop.
-Added in Windows 10, version 1709. This policy allows you to turn network protection on (block/audit) or off. Network protection protects employees using any app from accessing phishing scams, exploit-hosting sites, and malicious content on the Internet. This includes preventing third-party browsers from connecting to dangerous sites. Value type is integer.
+This policy allows you to turn network protection on (block/audit) or off. Network protection protects employees using any app from accessing phishing scams, exploit-hosting sites, and malicious content on the Internet. This includes preventing third-party browsers from connecting to dangerous sites. Value type is integer.
If you enable this setting, network protection is turned on and employees can't turn it off. Its behavior can be controlled by the following options: Block and Audit.
If you enable this policy with the ""Block"" option, users/apps will be blocked from connecting to dangerous domains. You will be able to see this activity in Windows Defender Security Center.
@@ -2071,31 +2260,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2135,31 +2331,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2199,31 +2402,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2269,31 +2479,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2311,7 +2528,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 for desktop.
-Added in Windows 10, version 1607. Specifies the level of detection for potentially unwanted applications (PUAs). Windows Defender alerts you when potentially unwanted software is being downloaded or attempts to install itself on your computer.
+Specifies the level of detection for potentially unwanted applications (PUAs). Windows Defender alerts you when potentially unwanted software is being downloaded or attempts to install itself on your computer.
> [!NOTE]
> Potentially unwanted applications (PUA) are a category of software that can cause your machine to run slowly, display unexpected ads, or at worst, install other software which might be unexpected or unwanted. By default in Windows 10 (version 2004 and later), Microsoft Defender Antivirus blocks apps that are considered PUA, for Enterprise (E5) devices. For more information about PUA, see [Detect and block potentially unwanted applications](/microsoft-365/security/defender-endpoint/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus).
@@ -2344,31 +2561,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2419,31 +2643,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2490,31 +2721,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2567,31 +2805,38 @@ Valid values: 0–1380
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2648,31 +2893,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2725,31 +2977,38 @@ Valid values: 0–1380.
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 5 |
+ Yes |
+ Yes |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -2809,31 +3068,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 5 |
+ Yes |
+ Yes |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -2888,31 +3154,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -2963,31 +3236,38 @@ Valid values: 0–24.
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -3036,31 +3316,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -3111,16 +3398,6 @@ ADMX Info:
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
-- 9 - Available in Windows 10, version 20H2.
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
index a1644a0373..b889259061 100644
--- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md
+++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
@@ -14,6 +14,13 @@ manager: dansimp
# Policy CSP - DeliveryOptimization
+>[!TIP]
+> These are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
@@ -123,31 +130,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 1 |
+ Yes |
+ Yes |
| Business |
- 1 |
+ Yes |
+ Yes |
| Enterprise |
- 1 |
+ Yes |
+ Yes |
| Education |
- 1 |
+ Yes |
+ Yes |
+
@@ -165,7 +179,7 @@ manager: dansimp
> This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions and not supported in Windows 10 Mobile.
-Added in Windows 10, version 1607. Specifies the maximum size in GB of Delivery Optimization cache. This policy overrides the DOMaxCacheSize policy. The value 0 (zero) means "unlimited" cache. Delivery Optimization will clear the cache when the device is running low on disk space.
+Specifies the maximum size in GB of Delivery Optimization cache. This policy overrides the DOMaxCacheSize policy. The value 0 (zero) means "unlimited" cache. Delivery Optimization will clear the cache when the device is running low on disk space.
The default value is 10.
@@ -189,31 +203,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 2 |
+ Yes |
+ Yes |
| Business |
- 2 |
+ Yes |
+ Yes |
| Enterprise |
- 2 |
+ Yes |
+ Yes |
| Education |
- 2 |
+ Yes |
+ Yes |
+
@@ -231,7 +252,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions and not supported in Windows 10 Mobile.
-Added in Windows 10, version 1703. Specifies whether the device is allowed to participate in Peer Caching while connected via VPN to the domain network. This means the device can download from or upload to other domain network devices, either on VPN or on the corporate domain network.
+Specifies whether the device is allowed to participate in Peer Caching while connected via VPN to the domain network. This means the device can download from or upload to other domain network devices, either on VPN or on the corporate domain network.
@@ -260,31 +281,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -332,31 +360,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 8 |
+ Yes |
+ Yes |
| Business |
- 8 |
+ Yes |
+ Yes |
| Enterprise |
- 8 |
+ Yes |
+ Yes |
| Education |
- 8 |
+ Yes |
+ Yes |
+
@@ -412,31 +447,38 @@ When DHCP Option ID Force (2) is set, the client will query DHCP Option ID 235 a
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -450,7 +492,7 @@ When DHCP Option ID Force (2) is set, the client will query DHCP Option ID 235 a
-Added in Windows 10, version 1803. This policy allows you to delay the use of an HTTP source in a background download that is allowed to use peer-to-peer.
+This policy allows you to delay the use of an HTTP source in a background download that is allowed to use peer-to-peer.
After the max delay is reached, the download will resume using HTTP, either downloading the entire payload or complementing the bytes that could not be downloaded from peers. Note that a download that is waiting for peer sources, will appear to be stuck for the end user. The recommended value is 1 hour (3600).
@@ -474,31 +516,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 6 |
+ Yes |
+ Yes |
| Business |
- 6 |
+ Yes |
+ Yes |
| Enterprise |
- 6 |
+ Yes |
+ Yes |
| Education |
- 6 |
+ Yes |
+ Yes |
+
@@ -547,31 +596,38 @@ Supported values: 0 - one month (in seconds)
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 6 |
+ Yes |
+ Yes |
| Business |
- 6 |
+ Yes |
+ Yes |
| Enterprise |
- 6 |
+ Yes |
+ Yes |
| Education |
- 6 |
+ Yes |
+ Yes |
+
@@ -618,31 +674,38 @@ Supported values: 0 - one month (in seconds)
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -656,7 +719,7 @@ Supported values: 0 - one month (in seconds)
-Added in Windows 10, version 1803. This policy allows you to delay the use of an HTTP source in a foreground (interactive) download that is allowed to use peer-to-peer.
+This policy allows you to delay the use of an HTTP source in a foreground (interactive) download that is allowed to use peer-to-peer.
After the max delay has reached, the download will resume using HTTP, either downloading the entire payload or complementing the bytes that could not be downloaded from Peers.
@@ -692,31 +755,38 @@ The following list shows the supported values as number of seconds:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -766,31 +836,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -833,31 +910,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -871,7 +955,7 @@ ADMX Info:
-Added in Windows 10, version 1803. Set this policy to restrict peer selection to a specific source. Available options are: 1 = AD Site, 2 = Authenticated domain SID, 3 = DHCP Option ID, 4 = DNS Suffix, 5 = AAD.
+Set this policy to restrict peer selection to a specific source. Available options are: 1 = AD Site, 2 = Authenticated domain SID, 3 = DHCP Option ID, 4 = DNS Suffix, 5 = AAD.
When set, the Group ID will be assigned automatically from the selected source.
@@ -913,31 +997,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 8 |
+ Yes |
+ Yes |
| Business |
- 8 |
+ Yes |
+ Yes |
| Enterprise |
- 8 |
+ Yes |
+ Yes |
| Education |
- 8 |
+ Yes |
+ Yes |
+
@@ -975,28 +1066,34 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
@@ -1041,31 +1138,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -1130,31 +1234,38 @@ This policy is deprecated. Use [DOMaxForegroundDownloadBandwidth](#deliveryoptim
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 8 |
+ Yes |
+ Yes |
| Business |
- 8 |
+ Yes |
+ Yes |
| Enterprise |
- 8 |
+ Yes |
+ Yes |
| Education |
- 8 |
+ Yes |
+ Yes |
+
@@ -1211,31 +1322,38 @@ This policy is deprecated because it only applies to uploads to Internet peers (
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 1 |
+ Yes |
+ Yes |
| Business |
- 1 |
+ Yes |
+ Yes |
| Enterprise |
- 1 |
+ Yes |
+ Yes |
| Education |
- 1 |
+ Yes |
+ Yes |
+
@@ -1253,7 +1371,7 @@ This policy is deprecated because it only applies to uploads to Internet peers (
> This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions and not supported in Windows 10 Mobile.
-Added in Windows 10, version 1607. Specifies the minimum download QoS (Quality of Service or speed) in KiloBytes/sec for background downloads. This policy affects the blending of peer and HTTP sources. Delivery Optimization complements the download from the HTTP source to achieve the minimum QoS value set.
+Specifies the minimum download QoS (Quality of Service or speed) in KiloBytes/sec for background downloads. This policy affects the blending of peer and HTTP sources. Delivery Optimization complements the download from the HTTP source to achieve the minimum QoS value set.
The default value is 500.
@@ -1277,31 +1395,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 2 |
+ Yes |
+ Yes |
| Business |
- 2 |
+ Yes |
+ Yes |
| Enterprise |
- 2 |
+ Yes |
+ Yes |
| Education |
- 2 |
+ Yes |
+ Yes |
+
@@ -1318,7 +1443,7 @@ ADMX Info:
> [!NOTE]
> This policy is only enforced in Windows 10 Pro, Business, Enterprise, and Education editions and not supported in Windows 10 Mobile.
-Added in Windows 10, version 1703. Specifies any value between 1 and 100 (in percentage) to allow the device to upload data to LAN and Group peers while on battery power. Uploads will automatically pause when the battery level drops below the set minimum battery level. The recommended value to set is 40 (for 40%) if you allow uploads on battery.
+Specifies any value between 1 and 100 (in percentage) to allow the device to upload data to LAN and Group peers while on battery power. Uploads will automatically pause when the battery level drops below the set minimum battery level. The recommended value to set is 40 (for 40%) if you allow uploads on battery.
The default value is 0. The value 0 (zero) means "not limited" and the cloud service default value will be used.
@@ -1342,31 +1467,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 2 |
+ Yes |
+ Yes |
| Business |
- 2 |
+ Yes |
+ Yes |
| Enterprise |
- 2 |
+ Yes |
+ Yes |
| Education |
- 2 |
+ Yes |
+ Yes |
+
@@ -1384,7 +1516,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 Pro, Business, Enterprise, and Education editions and not supported in Windows 10 Mobile.
-Added in Windows 10, version 1703. Specifies the required minimum disk size (capacity in GB) for the device to use Peer Caching. Recommended values: 64 GB to 256 GB.
+Specifies the required minimum disk size (capacity in GB) for the device to use Peer Caching. Recommended values: 64 GB to 256 GB.
> [!NOTE]
> If the DOMofidyCacheDrive policy is set, the disk size check will apply to the new working directory specified by this policy.
@@ -1411,31 +1543,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 2 |
+ Yes |
+ Yes |
| Business |
- 2 |
+ Yes |
+ Yes |
| Enterprise |
- 2 |
+ Yes |
+ Yes |
| Education |
- 2 |
+ Yes |
+ Yes |
+
@@ -1453,7 +1592,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 Pro, Business, Enterprise, and Education editions and not supported in Windows 10 Mobile.
-Added in Windows 10, version 1703. Specifies the minimum content file size in MB enabled to use Peer Caching. Recommended values: 1 MB to 100,000 MB.
+Specifies the minimum content file size in MB enabled to use Peer Caching. Recommended values: 1 MB to 100,000 MB.
The default value is 100 MB.
@@ -1477,31 +1616,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 2 |
+ Yes |
+ Yes |
| Business |
- 2 |
+ Yes |
+ Yes |
| Enterprise |
- 2 |
+ Yes |
+ Yes |
| Education |
- 2 |
+ Yes |
+ Yes |
+
@@ -1519,7 +1665,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 Pro, Business, Enterprise, and Education editions and not supported in Windows 10 Mobile.
-Added in Windows 10, version 1703. Specifies the minimum RAM size in GB required to use Peer Caching. For example, if the minimum set is 1 GB, then devices with 1 GB or higher available RAM will be allowed to use Peer caching. Recommended values: 1 GB to 4 GB.
+Specifies the minimum RAM size in GB required to use Peer Caching. For example, if the minimum set is 1 GB, then devices with 1 GB or higher available RAM will be allowed to use Peer caching. Recommended values: 1 GB to 4 GB.
The default value is 4 GB.
@@ -1543,31 +1689,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 1 |
+ Yes |
+ Yes |
| Business |
- 1 |
+ Yes |
+ Yes |
| Enterprise |
- 1 |
+ Yes |
+ Yes |
| Education |
- 1 |
+ Yes |
+ Yes |
+
@@ -1585,7 +1738,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions and not supported in Windows 10 Mobile.
-Added in Windows 10, version 1607. Specifies the drive that Delivery Optimization should use for its cache. The drive location can be specified using environment variables, drive letter or using a full path.
+Specifies the drive that Delivery Optimization should use for its cache. The drive location can be specified using environment variables, drive letter or using a full path.
By default, %SystemDrive% is used to store the cache.
@@ -1609,31 +1762,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 1 |
+ Yes |
+ Yes |
| Business |
- 1 |
+ Yes |
+ Yes |
| Enterprise |
- 1 |
+ Yes |
+ Yes |
| Education |
- 1 |
+ Yes |
+ Yes |
+
@@ -1651,7 +1811,7 @@ ADMX Info:
> This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions and not supported in Windows 10 Mobile.
-Added in Windows 10, version 1607. Specifies the maximum total bytes in GB that Delivery Optimization is allowed to upload to Internet peers in each calendar month.
+Specifies the maximum total bytes in GB that Delivery Optimization is allowed to upload to Internet peers in each calendar month.
The value 0 (zero) means "unlimited"; No monthly upload limit is applied if 0 is set.
@@ -1677,31 +1837,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -1715,7 +1882,7 @@ ADMX Info:
-Added in Windows 10, version 1803. Specifies the maximum background download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for background downloads.
+Specifies the maximum background download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for background downloads.
Note that downloads from LAN peers will not be throttled even when this policy is set.
@@ -1752,31 +1919,38 @@ This policy is deprecated. Use [DOPercentageMaxForegroundBandwidth](#deliveryopt
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -1790,7 +1964,7 @@ This policy is deprecated. Use [DOPercentageMaxForegroundBandwidth](#deliveryopt
-Added in Windows 10, version 1803. Specifies the maximum foreground download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for foreground downloads.
+Specifies the maximum foreground download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for foreground downloads.
Note that downloads from LAN peers will not be throttled even when this policy is set.
@@ -1814,31 +1988,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -1852,7 +2033,7 @@ ADMX Info:
-Added in Windows 10, version 1803. Set this policy to restrict peer selection via selected option.
+Set this policy to restrict peer selection via selected option.
Options available are: 1=Subnet mask (more options will be added in a future release).
Option 1 (Subnet mask) applies to both Download Mode LAN (1) and Group (2).
@@ -1883,31 +2064,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -1921,15 +2109,10 @@ The following list shows the supported values:
-Added in Windows 10, version 1803. Specifies the maximum background download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth.
+Specifies the maximum background download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -1957,31 +2140,38 @@ This policy allows an IT Admin to define the following:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -1995,15 +2185,10 @@ This policy allows an IT Admin to define the following:
-Added in Windows 10, version 1803. Specifies the maximum foreground download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth.
+Specifies the maximum foreground download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -2024,16 +2209,6 @@ This policy allows an IT Admin to define the following:
-Footnotes:
-
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-desktop.md b/windows/client-management/mdm/policy-csp-desktop.md
index 9a3bcc48ee..1c8ca1f094 100644
--- a/windows/client-management/mdm/policy-csp-desktop.md
+++ b/windows/client-management/mdm/policy-csp-desktop.md
@@ -14,7 +14,12 @@ manager: dansimp
# Policy CSP - Desktop
-
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
@@ -36,31 +41,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -81,12 +93,7 @@ By default, a user can change the location of their individual profile folders l
If you enable this setting, users are unable to type a new location in the Target box.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -99,16 +106,7 @@ ADMX Info:
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-deviceguard.md b/windows/client-management/mdm/policy-csp-deviceguard.md
index 157279f8f5..a7b099ab6f 100644
--- a/windows/client-management/mdm/policy-csp-deviceguard.md
+++ b/windows/client-management/mdm/policy-csp-deviceguard.md
@@ -44,31 +44,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ No |
+ No |
| Business |
- |
+ No |
+ No |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -121,31 +128,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ No |
+ No |
| Business |
- |
+ No |
+ No |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -159,7 +173,7 @@ ADMX Info:
-Added in Windows 10, version 1709. Turns on virtualization based security(VBS) at the next reboot. virtualization based security uses the Windows Hypervisor to provide support for security services. Value type is integer.
+Turns on virtualization based security(VBS) at the next reboot. virtualization based security uses the Windows Hypervisor to provide support for security services. Value type is integer.
@@ -187,31 +201,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ No |
+ No |
| Business |
- |
+ No |
+ No |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -225,7 +246,7 @@ The following list shows the supported values:
-Added in Windows 10, version 1709. This setting lets users turn on Credential Guard with virtualization-based security to help protect credentials at next reboot. Value type is integer.
+This setting lets users turn on Credential Guard with virtualization-based security to help protect credentials at next reboot. Value type is integer.
@@ -255,28 +276,34 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ No |
+ No |
| Business |
- |
+ No |
+ No |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
@@ -293,7 +320,7 @@ The following list shows the supported values:
-Added in Windows 10, version 1709. Specifies the platform security level at the next reboot. Value type is integer.
+Specifies the platform security level at the next reboot. Value type is integer.
@@ -315,15 +342,6 @@ The following list shows the supported values:
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md b/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md
index 35190895c9..2d0bfe0011 100644
--- a/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md
+++ b/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md
@@ -42,31 +42,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 6 |
+ Yes |
+ Yes |
| Business |
- 6 |
+ Yes |
+ Yes |
| Enterprise |
- 6 |
+ Yes |
+ Yes |
| Education |
- 6 |
+ Yes |
+ Yes |
+
@@ -106,31 +113,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 6 |
+ Yes |
+ Yes |
| Business |
- 6 |
+ Yes |
+ Yes |
| Enterprise |
- 6 |
+ Yes |
+ Yes |
| Education |
- 6 |
+ Yes |
+ Yes |
+
@@ -169,31 +183,38 @@ IT Pros do not need to set this policy. Instead, Microsoft Intune is expected to
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 6 |
+ Yes |
+ Yes |
| Business |
- 6 |
+ Yes |
+ Yes |
| Enterprise |
- 6 |
+ Yes |
+ Yes |
| Education |
- 6 |
+ Yes |
+ Yes |
+
@@ -225,16 +246,7 @@ In most cases, an IT Pro does not need to define this policy. Instead, it is exp
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-deviceinstallation.md b/windows/client-management/mdm/policy-csp-deviceinstallation.md
index 013edacaec..c14144ccd7 100644
--- a/windows/client-management/mdm/policy-csp-deviceinstallation.md
+++ b/windows/client-management/mdm/policy-csp-deviceinstallation.md
@@ -14,6 +14,13 @@ ms.localizationpriority: medium
# Policy CSP - DeviceInstallation
+>[!TIP]
+> These are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
@@ -59,31 +66,38 @@ ms.localizationpriority: medium
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -120,12 +134,7 @@ Peripherals can be specified by their [hardware identity](/windows-hardware/driv
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -183,31 +192,38 @@ To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 6 |
+ Yes |
+ Yes |
| Business |
- 6 |
+ Yes |
+ Yes |
| Enterprise |
- 6 |
+ Yes |
+ Yes |
| Education |
- 6 |
+ Yes |
+ Yes |
+
@@ -216,7 +232,7 @@ To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and
> [!div class = "checklist"]
> * Device
-Added in Windows 10, version 1903. Also available in Windows 10, version 1809.
+
@@ -244,12 +260,7 @@ If you disable or do not configure this policy setting, and no other policy sett
Peripherals can be specified by their [device instance ID](/windows-hardware/drivers/install/device-instance-ids). Test the configuration prior to rolling it out to ensure it allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -304,31 +315,38 @@ To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see i
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -367,12 +385,7 @@ If you disable or do not configure this policy setting, and no other policy sett
Peripherals can be specified by their [hardware identity](/windows-hardware/drivers/install/device-identification-strings). For a list of common identifier structures, see [Device Identifier Formats](/windows-hardware/drivers/install/device-identifier-formats). Test the configuration prior to rolling it out to ensure it allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -437,31 +450,38 @@ To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -500,12 +520,7 @@ Device instance IDs > Device IDs > Device setup class > Removable devices
If you disable or do not configure this policy setting, the default evaluation is used. By default, all "Prevent installation..." policy settings have precedence over any other policy setting that allows Windows to install a device.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -564,31 +579,38 @@ You can also change the evaluation order of device installation policy settings
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -609,12 +631,7 @@ If you enable this policy setting, Windows does not retrieve device metadata for
If you disable or do not configure this policy setting, the setting in the Device Installation Settings dialog box controls whether Windows retrieves device metadata from the Internet.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -643,31 +660,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -691,12 +715,7 @@ If you enable this policy setting, Windows is prevented from installing or updat
If you disable or do not configure this policy setting, Windows is allowed to install or update the driver package for any device that is not described by the "Prevent installation of devices that match any of these device IDs", "Prevent installation of devices for these device classes" policy setting, "Prevent installation of devices that match any of these device instance IDs", or "Prevent installation of removable devices" policy setting.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -758,31 +777,38 @@ You can also block installation by using a custom profile in Intune.
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -808,12 +834,7 @@ If you disable or do not configure this policy setting, devices can be installed
Peripherals can be specified by their [hardware identity](/windows-hardware/drivers/install/device-identification-strings). For a list of common identifier structures, see [Device Identifier Formats](/windows-hardware/drivers/install/device-identifier-formats). Test the configuration prior to rolling it out to ensure it blocks the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -878,31 +899,38 @@ For example, this custom profile blocks installation and usage of USB devices wi
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 6 |
+ Yes |
+ Yes |
| Business |
- 6 |
+ Yes |
+ Yes |
| Enterprise |
- 6 |
+ Yes |
+ Yes |
| Education |
- 6 |
+ Yes |
+ Yes |
+
@@ -916,7 +944,7 @@ For example, this custom profile blocks installation and usage of USB devices wi
-Added in Windows 10, version 1903. Also available in Windows 10, version 1809. This policy setting allows you to specify a list of Plug and Play device instance IDs for devices that Windows is prevented from installing. This policy setting takes precedence over any other policy setting that allows Windows to install a device.
+This policy setting allows you to specify a list of Plug and Play device instance IDs for devices that Windows is prevented from installing. This policy setting takes precedence over any other policy setting that allows Windows to install a device.
If you enable this policy setting, Windows is prevented from installing a device whose device instance ID appears in the list you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
@@ -925,12 +953,7 @@ If you disable or do not configure this policy setting, devices can be installed
Peripherals can be specified by their [device instance ID](/windows-hardware/drivers/install/device-instance-ids). Test the configuration prior to rolling it out to ensure it allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -1005,31 +1028,38 @@ with
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -1055,12 +1085,7 @@ If you disable or do not configure this policy setting, Windows can install and
Peripherals can be specified by their [hardware identity](/windows-hardware/drivers/install/device-identification-strings). For a list of common identifier structures, see [Device Identifier Formats](/windows-hardware/drivers/install/device-identifier-formats). Test the configuration prior to rolling it out to ensure it blocks the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
-> [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
->
-> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
->
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
ADMX Info:
@@ -1117,15 +1142,6 @@ To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see i
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-devicelock.md b/windows/client-management/mdm/policy-csp-devicelock.md
index 3df3e81293..0288d5c9c7 100644
--- a/windows/client-management/mdm/policy-csp-devicelock.md
+++ b/windows/client-management/mdm/policy-csp-devicelock.md
@@ -75,31 +75,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ No |
+ No |
| Business |
- |
+ No |
+ No |
| Enterprise |
- |
+ No |
+ No |
| Education |
- |
+ No |
+ No |
+
@@ -139,31 +146,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -204,31 +218,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -247,7 +268,7 @@ Determines the type of PIN required. This policy only applies if the **DeviceLoc
> [!NOTE]
> This policy must be wrapped in an Atomic command.
>
-> Always use the Replace command instead of Add for this policy in Windows 10 for desktop editions (Home, Pro, Enterprise, and Education).
+> Always use the Replace command instead of Add for this policy in Windows for desktop editions (Home, Pro, Enterprise, and Education).
@@ -275,31 +296,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -318,7 +346,7 @@ Specifies whether device lock is enabled.
> [!NOTE]
> This policy must be wrapped in an Atomic command.
>
-> Always use the Replace command instead of Add for this policy in Windows 10 for desktop editions.
+> Always use the Replace command instead of Add for this policy in Windows for desktop editions.
@@ -374,31 +402,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -441,31 +476,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -508,31 +550,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 1 |
+ Yes |
+ Yes |
| Pro |
- 1 |
+ Yes |
+ Yes |
| Business |
- 1 |
+ Yes |
+ Yes |
| Enterprise |
- 1 |
+ Yes |
+ Yes |
| Education |
- 1 |
+ Yes |
+ Yes |
+
@@ -546,7 +595,7 @@ The following list shows the supported values:
-Added in Windows 10, version 1607. Specifies the default lock screen and logon image shown when no user is signed in. It also sets the specified image for all users, which replaces the default image. The same image is used for both the lock and logon screens. Users will not be able to change this image.
+Specifies the default lock screen and logon image shown when no user is signed in. It also sets the specified image for all users, which replaces the default image. The same image is used for both the lock and logon screens. Users will not be able to change this image.
> [!NOTE]
> This policy is only enforced in Windows 10 Enterprise and Education editions and not supported in Windows 10 Home and Pro.
@@ -565,31 +614,38 @@ Value type is a string, which is the full image filepath and filename.
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -639,31 +695,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -707,31 +770,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -750,7 +820,7 @@ The number of complex element types (uppercase and lowercase letters, numbers, a
> [!NOTE]
> This policy must be wrapped in an Atomic command.
>
-> Always use the Replace command instead of Add for this policy in Windows 10 for desktop editions.
+> Always use the Replace command instead of Add for this policy in Windows for desktop editions.
PIN enforces the following behavior for desktop and mobile devices:
@@ -829,31 +899,38 @@ For additional information about this policy, see [Exchange ActiveSync Policy En
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -872,7 +949,7 @@ Specifies the minimum number or characters required in the PIN or password.
> [!NOTE]
> This policy must be wrapped in an Atomic command.
>
-> Always use the Replace command instead of Add for this policy in Windows 10 for desktop editions.
+> Always use the Replace command instead of Add for this policy in Windows for desktop editions.
@@ -922,31 +999,38 @@ The following example shows how to set the minimum password length to 4 characte
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 3 |
+ Yes |
+ Yes |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -983,31 +1067,38 @@ GP Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -1053,31 +1144,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ Yes |
+ Yes |
| Pro |
- |
+ Yes |
+ Yes |
| Business |
- |
+ Yes |
+ Yes |
| Enterprise |
- |
+ Yes |
+ Yes |
| Education |
- |
+ Yes |
+ Yes |
+
@@ -1117,15 +1215,6 @@ ADMX Info:
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-display.md b/windows/client-management/mdm/policy-csp-display.md
index 12a6952ffa..d24d5b7075 100644
--- a/windows/client-management/mdm/policy-csp-display.md
+++ b/windows/client-management/mdm/policy-csp-display.md
@@ -48,31 +48,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -108,31 +115,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -188,31 +202,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 4 |
+ Yes |
+ Yes |
| Business |
- 4 |
+ Yes |
+ Yes |
| Enterprise |
- 4 |
+ Yes |
+ Yes |
| Education |
- 4 |
+ Yes |
+ Yes |
+
@@ -248,31 +269,38 @@ ADMX Info:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 2 |
+ Yes |
+ Yes |
| Business |
- 2 |
+ Yes |
+ Yes |
| Enterprise |
- 2 |
+ Yes |
+ Yes |
| Education |
- 2 |
+ Yes |
+ Yes |
+
@@ -323,31 +351,38 @@ To validate on Desktop, do the following:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 2 |
+ Yes |
+ Yes |
| Business |
- 2 |
+ Yes |
+ Yes |
| Enterprise |
- 2 |
+ Yes |
+ Yes |
| Education |
- 2 |
+ Yes |
+ Yes |
+
@@ -391,16 +426,7 @@ To validate on Desktop, do the following:
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
diff --git a/windows/client-management/mdm/policy-csp-dmaguard.md b/windows/client-management/mdm/policy-csp-dmaguard.md
index 2ca5164a50..e16f8e14e9 100644
--- a/windows/client-management/mdm/policy-csp-dmaguard.md
+++ b/windows/client-management/mdm/policy-csp-dmaguard.md
@@ -35,31 +35,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 5 |
+ Yes |
+ Yes |
| Business |
- 5 |
+ Yes |
+ Yes |
| Enterprise |
- 5 |
+ Yes |
+ Yes |
| Education |
- 5 |
+ Yes |
+ Yes |
+
@@ -111,15 +118,6 @@ ADMX Info:
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-education.md b/windows/client-management/mdm/policy-csp-education.md
index 7d2b8ebb1e..42ade7935c 100644
--- a/windows/client-management/mdm/policy-csp-education.md
+++ b/windows/client-management/mdm/policy-csp-education.md
@@ -44,31 +44,38 @@ manager: dansimp
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- 8 |
+ Yes |
+ Yes |
| Pro |
- 8 |
+ Yes |
+ Yes |
| Business |
- 8 |
+ Yes |
+ Yes |
| Enterprise |
- 8 |
+ Yes |
+ Yes |
| Education |
- 8 |
+ Yes |
+ Yes |
+
@@ -82,7 +89,7 @@ manager: dansimp
-Added in Windows 10, version 2004. This policy setting allows you to control whether graphing functionality is available in the Windows Calculator app. If you disable this policy setting, graphing functionality will not be accessible in the Windows Calculator app. If you enable or don't configure this policy setting, you will be able to access graphing functionality.
+This policy setting allows you to control whether graphing functionality is available in the Windows Calculator app. If you disable this policy setting, graphing functionality will not be accessible in the Windows Calculator app. If you enable or don't configure this policy setting, you will be able to access graphing functionality.
ADMX Info:
@@ -107,31 +114,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -145,7 +159,7 @@ The following list shows the supported values:
-Added in Windows 10, version 1709. This policy allows IT Admins to set the user's default printer.
+This policy allows IT Admins to set the user's default printer.
The policy value is expected to be the name (network host name) of an installed printer.
@@ -160,31 +174,38 @@ The policy value is expected to be the name (network host name) of an installed
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -198,7 +219,7 @@ The policy value is expected to be the name (network host name) of an installed
-Added in Windows 10, version 1709. Allows IT Admins to prevent user installation of additional printers from the printers settings.
+Allows IT Admins to prevent user installation of additional printers from the printers settings.
@@ -226,31 +247,38 @@ The following list shows the supported values:
- | Windows Edition |
- Supported? |
+ Edition |
+ Windows 10 |
+ Windows 11 |
| Home |
- |
+ No |
+ No |
| Pro |
- 3 |
+ Yes |
+ Yes |
| Business |
- 3 |
+ Yes |
+ Yes |
| Enterprise |
- 3 |
+ Yes |
+ Yes |
| Education |
- 3 |
+ Yes |
+ Yes |
+
@@ -264,7 +292,7 @@ The following list shows the supported values:
-Added in Windows 10, version 1709. Allows IT Admins to automatically provision printers based on their names (network host names).
+Allows IT Admins to automatically provision printers based on their names (network host names).
The policy value is expected to be a `````` separated list of printer names. The OS will attempt to search and install the matching printer driver for each listed printer.
@@ -272,16 +300,7 @@ The policy value is expected to be a `````` separated list of printer na
-Footnotes:
-- 1 - Available in Windows 10, version 1607.
-- 2 - Available in Windows 10, version 1703.
-- 3 - Available in Windows 10, version 1709.
-- 4 - Available in Windows 10, version 1803.
-- 5 - Available in Windows 10, version 1809.
-- 6 - Available in Windows 10, version 1903.
-- 7 - Available in Windows 10, version 1909.
-- 8 - Available in Windows 10, version 2004.