applicationmanagement appruntime appvirtualization

2025-05-12 13:27:23 +00:00 · 2022-12-13 20:10:29 -05:00 · 2022-12-13 20:10:29 -05:00 · 61adb8c414
commit 61adb8c414
parent 7ae8aa120f
4 changed files with 1732 additions and 1421 deletions
--- a/windows/client-management/mdm/policy-csp-applicationmanagement.md
+++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md
@ -315,6 +315,9 @@ If the setting is enabled or not configured, then Recording and Broadcasting (st
 <!-- AllowGameDVR-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 > [!NOTE]
 > The policy is only enforced in Windows 10 for desktop.
 <!-- AllowGameDVR-Editable-End -->
 <!-- AllowGameDVR-DFProperties-Begin -->
@ -669,6 +672,8 @@ List of semi-colon delimited Package Family Names of Windows apps. Listed Window
 <!-- LaunchAppAfterLogOn-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 This policy allows the IT admin to specify a list of applications that users can run after logging on to the device.
 <!-- LaunchAppAfterLogOn-Editable-End -->
 <!-- LaunchAppAfterLogOn-DFProperties-Begin -->
@ -683,6 +688,18 @@ List of semi-colon delimited Package Family Names of Windows apps. Listed Window
 <!-- LaunchAppAfterLogOn-Examples-Begin -->
 <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
 For this policy to work, the Windows apps need to declare in their manifest that they'll use the startup task. 
 Example of the declaration here:
 **Example**:
 ```xml
 <desktop:Extension Category="windows.startupTask">
   <desktop:StartupTask TaskId="CoffeeStartupTask" Enabled="true" DisplayName="ms-resource:Description" />
 </desktop:Extension>
 ```
 > [!NOTE]
 > This policy only works on modern apps.
 <!-- LaunchAppAfterLogOn-Examples-End -->
 <!-- LaunchAppAfterLogOn-End -->
@ -1118,6 +1135,40 @@ To ensure apps are up-to-date, this policy allows the admins to set a recurring
 <!-- ScheduleForceRestartForUpdateFailures-Examples-Begin -->
 <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
 > [!NOTE]
 > The check for recurrence is done in a case sensitive manner. For instance the value needs to be “Daily” instead of “daily”. The wrong case will cause SmartRetry to fail to execute.
 **Example**:
 <!--/SupportedValues-->
 <!--Example-->
 Sample SyncML:
 ```xml
 <SyncML xmlns="SYNCML:SYNCML1.1">
  <SyncBody>
    <Add>
      <CmdID>2</CmdID>
      <Item>
        <Target>
          <LocURI> ./Device/Vendor/MSFT/Policy/Config/ApplicationManagement/ScheduleForceRestartForUpdateFailures
          </LocURI>
        </Target>
        <Meta>
          <Format xmlns="syncml:metinf">xml</Format>
        </Meta>
        <Data>
          <ForceRestart StartDateTime="2018-03-28T22:21:52Z"
                        Recurrence="[None/Daily/Weekly/Monthly]"
                        DayOfWeek=”1”
                        DayOfMonth=”12”
                        RunIfTaskIsMissed=”1”/>
        </Data>
      </Item>
    </Add>
  </SyncBody>
 </SycnML>
 ```
 <!-- ScheduleForceRestartForUpdateFailures-Examples-End -->
 <!-- ScheduleForceRestartForUpdateFailures-End -->
--- a/windows/client-management/mdm/policy-csp-appruntime.md
+++ b/windows/client-management/mdm/policy-csp-appruntime.md
@ -1,90 +1,98 @@
 ---
-title: Policy CSP - AppRuntime
+title: AppRuntime Policy CSP
-description: Learn how the Policy CSP - AppRuntime setting controls whether Microsoft accounts are optional for Windows Store apps that require an account to sign in.
+description: Learn more about the AppRuntime Area in Policy CSP
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.topic: article
+ms.date: 12/12/2022
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
-author: vinaypamnani-msft
+ms.topic: reference
 ms.localizationpriority: medium
 ms.date: 09/27/2019
 ms.reviewer: 
 manager: aaroncz
 ---
 <!-- Auto-Generated CSP Document -->
 <!-- AppRuntime-Begin -->
 # Policy CSP - AppRuntime
 > [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](../understanding-admx-backed-policies.md).
+> Some of these are ADMX-backed policies and require a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
 >
-> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](../understanding-admx-backed-policies.md#enabling-a-policy).
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
 >
 > The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
 <!-- AppRuntime-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- AppRuntime-Editable-End -->
-<hr/>
+<!-- AllowMicrosoftAccountsToBeOptional-Begin -->
 ## AllowMicrosoftAccountsToBeOptional
-<!--Policies-->
+<!-- AllowMicrosoftAccountsToBeOptional-Applicability-Begin -->
-## AppRuntime policies
+| Scope | Editions | Applicable OS |
 |:--|:--|:--|
 | :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1803 [10.0.17134] and later |
 <!-- AllowMicrosoftAccountsToBeOptional-Applicability-End -->
-<dl>
+<!-- AllowMicrosoftAccountsToBeOptional-OmaUri-Begin -->
-  <dd>
+```Device
-    <a href="#appruntime-allowmicrosoftaccountstobeoptional">AppRuntime/AllowMicrosoftAccountsToBeOptional</a>
+./Device/Vendor/MSFT/Policy/Config/AppRuntime/AllowMicrosoftAccountsToBeOptional
-  </dd>
+```
-</dl>
+<!-- AllowMicrosoftAccountsToBeOptional-OmaUri-End -->
-
+<!-- AllowMicrosoftAccountsToBeOptional-Description-Begin -->
-<hr/>
+<!-- Description-Source-ADMX -->
 <!--Policy-->
 <a href="" id="appruntime-allowmicrosoftaccountstobeoptional"></a>**AppRuntime/AllowMicrosoftAccountsToBeOptional**
 <!--SupportedSKUs-->
 |Edition|Windows 10|Windows 11|
 |--- |--- |--- |
 |Home|No|No|
 |Pro|Yes|Yes|
 |Windows SE|No|Yes|
 |Business|Yes|Yes|
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 <!--/SupportedSKUs-->
 <hr/>
 <!--Scope-->
 [Scope](./policy-configuration-service-provider.md#policy-scope):
 > [!div class = "checklist"]
 > * Device
 <hr/>
 <!--/Scope-->
 <!--Description-->
 This policy setting lets you control whether Microsoft accounts are optional for Windows Store apps that require an account to sign in. This policy only affects Windows Store apps that support it.
 If you enable this policy setting, Windows Store apps that typically require a Microsoft account to sign in will allow users to sign in with an enterprise account instead.
 If you disable or do not configure this policy setting, users will need to sign in with a Microsoft account.
 <!-- AllowMicrosoftAccountsToBeOptional-Description-End -->
-<!--/Description-->
+<!-- AllowMicrosoftAccountsToBeOptional-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- AllowMicrosoftAccountsToBeOptional-Editable-End -->
 <!-- AllowMicrosoftAccountsToBeOptional-DFProperties-Begin -->
 **Description framework properties**:
-<!--ADMXBacked-->
+| Property name | Property value |
-ADMX Info:
+|:--|:--|
-   GP Friendly name: *Allow Microsoft accounts to be optional*
+| Format | chr (string) |
-   GP name: *AppxRuntimeMicrosoftAccountsOptional*
+| Access Type | Add, Delete, Get, Replace |
-   GP path: *Windows Components/App runtime*
+<!-- AllowMicrosoftAccountsToBeOptional-DFProperties-End -->
 -   GP ADMX file name: *AppXRuntime.admx*
-<!--/ADMXBacked-->
+<!-- AllowMicrosoftAccountsToBeOptional-AdmxBacked-Begin -->
-<!--/Policy-->
+> [!TIP]
-<hr/>
+> This is an ADMX-backed policy and requires SyncML format for configuration. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
 **ADMX mapping**:
 | Name | Value |
 |:--|:--|
 | Name | AppxRuntimeMicrosoftAccountsOptional |
 | Friendly Name | Allow Microsoft accounts to be optional |
 | Location | Computer Configuration |
 | Path | Windows Components > App runtime |
 | Registry Key Name | Software\Microsoft\Windows\CurrentVersion\Policies\System |
 | Registry Value Name | MSAOptional |
 | ADMX File Name | AppXRuntime.admx |
 <!-- AllowMicrosoftAccountsToBeOptional-AdmxBacked-End -->
-<!--/Policies-->
+<!-- AllowMicrosoftAccountsToBeOptional-Examples-Begin -->
 <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
 <!-- AllowMicrosoftAccountsToBeOptional-Examples-End -->
 <!-- AllowMicrosoftAccountsToBeOptional-End -->
 <!-- AppRuntime-CspMoreInfo-Begin -->
 <!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
 <!-- AppRuntime-CspMoreInfo-End -->
 <!-- AppRuntime-End -->
 ## Related articles
 [Policy configuration service provider](policy-configuration-service-provider.md)
--- a/windows/client-management/mdm/policy-csp-appvirtualization.md
+++ b/windows/client-management/mdm/policy-csp-appvirtualization.md
--- a/windows/client-management/mdm/policy-csp-attachmentmanager.md
+++ b/windows/client-management/mdm/policy-csp-attachmentmanager.md
@ -1,202 +1,224 @@
 ---
-title: Policy CSP - AttachmentManager
+title: AttachmentManager Policy CSP
-description: Manage Windows marks file attachments with information about their zone of origin, such as restricted, internet, intranet, local.
+description: Learn more about the AttachmentManager Area in Policy CSP
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.topic: article
+ms.date: 12/13/2022
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
-author: vinaypamnani-msft
+ms.topic: reference
 ms.localizationpriority: medium
 ms.date: 09/27/2019
 ms.reviewer: 
 manager: aaroncz
 ---
 <!-- Auto-Generated CSP Document -->
 <!-- AttachmentManager-Begin -->
 # Policy CSP - AttachmentManager
 > [!TIP]
-> These are ADMX-backed policies and require a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](../understanding-admx-backed-policies.md).
+> Some of these are ADMX-backed policies and require a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
 >
-> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](../understanding-admx-backed-policies.md#enabling-a-policy).
+> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
 >
 > The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
 <!-- AttachmentManager-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- AttachmentManager-Editable-End -->
 <!-- DoNotPreserveZoneInformation-Begin -->
 ## DoNotPreserveZoneInformation
-<hr/>
+<!-- DoNotPreserveZoneInformation-Applicability-Begin -->
 | Scope | Editions | Applicable OS |
 |:--|:--|:--|
 | :x: Device <br> :heavy_check_mark: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1703 [10.0.15063] and later |
 <!-- DoNotPreserveZoneInformation-Applicability-End -->
-<!--Policies-->
+<!-- DoNotPreserveZoneInformation-OmaUri-Begin -->
-## AttachmentManager policies
+```User
 ./User/Vendor/MSFT/Policy/Config/AttachmentManager/DoNotPreserveZoneInformation
 ```
 <!-- DoNotPreserveZoneInformation-OmaUri-End -->
-<dl>
+<!-- DoNotPreserveZoneInformation-Description-Begin -->
-  <dd>
+<!-- Description-Source-ADMX -->
-    <a href="#attachmentmanager-donotpreservezoneinformation">AttachmentManager/DoNotPreserveZoneInformation</a>
+This policy setting allows you to manage whether Windows marks file attachments with information about their zone of origin (such as restricted, Internet, intranet, local). This requires NTFS in order to function correctly, and will fail without notice on FAT32. By not preserving the zone information, Windows cannot make proper risk assessments.
  </dd>
  <dd>
    <a href="#attachmentmanager-hidezoneinfomechanism">AttachmentManager/HideZoneInfoMechanism</a>
  </dd>
  <dd>
    <a href="#attachmentmanager-notifyantivirusprograms">AttachmentManager/NotifyAntivirusPrograms</a>
  </dd>
 </dl>
-
+If you enable this policy setting, Windows does not mark file attachments with their zone information.
 <hr/>
 <!--Policy-->
 <a href="" id="attachmentmanager-donotpreservezoneinformation"></a>**AttachmentManager/DoNotPreserveZoneInformation**
 <!--SupportedSKUs-->
 |Edition|Windows 10|Windows 11|
 |--- |--- |--- |
 |Home|No|No|
 |Pro|Yes|Yes|
 |Windows SE|No|Yes|
 |Business|Yes|Yes|
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 <!--/SupportedSKUs-->
 <hr/>
 <!--Scope-->
 [Scope](./policy-configuration-service-provider.md#policy-scope):
 > [!div class = "checklist"]
 > * User
 <hr/>
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to manage whether Windows marks file attachments with information about their zone of origin (such as restricted, Internet, intranet, local). This feature requires NTFS in order to function correctly, and will fail without notice on FAT32. If the zone information is not preserved, Windows can't make proper risk assessments.
 If you enable this policy setting, Windows doesn't mark file attachments with their zone information.
 If you disable this policy setting, Windows marks file attachments with their zone information.
-If you don't configure this policy setting, Windows marks file attachments with their zone information.
+If you do not configure this policy setting, Windows marks file attachments with their zone information.
 <!-- DoNotPreserveZoneInformation-Description-End -->
-<!--/Description-->
+<!-- DoNotPreserveZoneInformation-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- DoNotPreserveZoneInformation-Editable-End -->
 <!-- DoNotPreserveZoneInformation-DFProperties-Begin -->
 **Description framework properties**:
-<!--ADMXBacked-->
+| Property name | Property value |
-ADMX Info:
+|:--|:--|
-   GP Friendly name: *Do not preserve zone information in file attachments*
+| Format | chr (string) |
-   GP name: *AM_MarkZoneOnSavedAtttachments*
+| Access Type | Add, Delete, Get, Replace |
-   GP path: *Windows Components/Attachment Manager*
+<!-- DoNotPreserveZoneInformation-DFProperties-End -->
 -   GP ADMX file name: *AttachmentManager.admx*
-<!--/ADMXBacked-->
+<!-- DoNotPreserveZoneInformation-AdmxBacked-Begin -->
-<!--/Policy-->
+> [!TIP]
 > This is an ADMX-backed policy and requires SyncML format for configuration. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
-<hr/>
+**ADMX mapping**:
-<!--Policy-->
+| Name | Value |
-<a href="" id="attachmentmanager-hidezoneinfomechanism"></a>**AttachmentManager/HideZoneInfoMechanism**
+|:--|:--|
 | Name | AM_MarkZoneOnSavedAtttachments |
 | Friendly Name | Do not preserve zone information in file attachments |
 | Location | User Configuration |
 | Path | Windows Components > Attachment Manager |
 | Registry Key Name | Software\Microsoft\Windows\CurrentVersion\Policies\Attachments |
 | Registry Value Name | SaveZoneInformation |
 | ADMX File Name | AttachmentManager.admx |
 <!-- DoNotPreserveZoneInformation-AdmxBacked-End -->
-<!--SupportedSKUs-->
+<!-- DoNotPreserveZoneInformation-Examples-Begin -->
 <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
 <!-- DoNotPreserveZoneInformation-Examples-End -->
-|Edition|Windows 10|Windows 11|
+<!-- DoNotPreserveZoneInformation-End -->
 |--- |--- |--- |
 |Home|No|No|
 |Pro|Yes|Yes|
 |Windows SE|No|Yes|
 |Business|Yes|Yes|
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 <!-- HideZoneInfoMechanism-Begin -->
 ## HideZoneInfoMechanism
-<!--/SupportedSKUs-->
+<!-- HideZoneInfoMechanism-Applicability-Begin -->
-<hr/>
+| Scope | Editions | Applicable OS |
 |:--|:--|:--|
 | :x: Device <br> :heavy_check_mark: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1703 [10.0.15063] and later |
 <!-- HideZoneInfoMechanism-Applicability-End -->
-<!--Scope-->
+<!-- HideZoneInfoMechanism-OmaUri-Begin -->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
+```User
 ./User/Vendor/MSFT/Policy/Config/AttachmentManager/HideZoneInfoMechanism
 ```
 <!-- HideZoneInfoMechanism-OmaUri-End -->
-> [!div class = "checklist"]
+<!-- HideZoneInfoMechanism-Description-Begin -->
-> * User
+<!-- Description-Source-ADMX -->
 <hr/>
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to manage whether users can manually remove the zone information from saved file attachments by clicking the Unblock button in the file's property sheet or by using a check box in the security warning dialog. Removing the zone information allows users to open potentially dangerous file attachments that Windows has blocked users from opening.
 If you enable this policy setting, Windows hides the check box and Unblock button.
 If you disable this policy setting, Windows shows the check box and Unblock button.
-If you don't configure this policy setting, Windows hides the check box and Unblock button.
+If you do not configure this policy setting, Windows hides the check box and Unblock button.
 <!-- HideZoneInfoMechanism-Description-End -->
-<!--/Description-->
+<!-- HideZoneInfoMechanism-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- HideZoneInfoMechanism-Editable-End -->
 <!-- HideZoneInfoMechanism-DFProperties-Begin -->
 **Description framework properties**:
-<!--ADMXBacked-->
+| Property name | Property value |
-ADMX Info:
+|:--|:--|
-   GP Friendly name: *Hide mechanisms to remove zone information*
+| Format | chr (string) |
-   GP name: *AM_RemoveZoneInfo*
+| Access Type | Add, Delete, Get, Replace |
-   GP path: *Windows Components/Attachment Manager*
+<!-- HideZoneInfoMechanism-DFProperties-End -->
 -   GP ADMX file name: *AttachmentManager.admx*
-<!--/ADMXBacked-->
+<!-- HideZoneInfoMechanism-AdmxBacked-Begin -->
-<!--/Policy-->
+> [!TIP]
 > This is an ADMX-backed policy and requires SyncML format for configuration. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
-<hr/>
+**ADMX mapping**:
-<!--Policy-->
+| Name | Value |
-<a href="" id="attachmentmanager-notifyantivirusprograms"></a>**AttachmentManager/NotifyAntivirusPrograms**
+|:--|:--|
 | Name | AM_RemoveZoneInfo |
 | Friendly Name | Hide mechanisms to remove zone information |
 | Location | User Configuration |
 | Path | Windows Components > Attachment Manager |
 | Registry Key Name | Software\Microsoft\Windows\CurrentVersion\Policies\Attachments |
 | Registry Value Name | HideZoneInfoOnProperties |
 | ADMX File Name | AttachmentManager.admx |
 <!-- HideZoneInfoMechanism-AdmxBacked-End -->
-<!--SupportedSKUs-->
+<!-- HideZoneInfoMechanism-Examples-Begin -->
 <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
 <!-- HideZoneInfoMechanism-Examples-End -->
-|Edition|Windows 10|Windows 11|
+<!-- HideZoneInfoMechanism-End -->
 |--- |--- |--- |
 |Home|No|No|
 |Pro|Yes|Yes|
 |Windows SE|No|Yes|
 |Business|Yes|Yes|
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 <!-- NotifyAntivirusPrograms-Begin -->
 ## NotifyAntivirusPrograms
-<!--/SupportedSKUs-->
+<!-- NotifyAntivirusPrograms-Applicability-Begin -->
-<hr/>
+| Scope | Editions | Applicable OS |
 |:--|:--|:--|
 | :x: Device <br> :heavy_check_mark: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1703 [10.0.15063] and later |
 <!-- NotifyAntivirusPrograms-Applicability-End -->
-<!--Scope-->
+<!-- NotifyAntivirusPrograms-OmaUri-Begin -->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
+```User
 ./User/Vendor/MSFT/Policy/Config/AttachmentManager/NotifyAntivirusPrograms
 ```
 <!-- NotifyAntivirusPrograms-OmaUri-End -->
-> [!div class = "checklist"]
+<!-- NotifyAntivirusPrograms-Description-Begin -->
-> * User
+<!-- Description-Source-ADMX -->
-
+This policy setting allows you to manage the behavior for notifying registered antivirus programs. If multiple programs are registered, they will all be notified. If the registered antivirus program already performs on-access checks or scans files as they arrive on the computer's email server, additional calls would be redundant.
 <hr/>
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to manage the behavior for notifying registered antivirus programs. If multiple programs are registered, they'll all be notified. If the registered antivirus program already performs on-access checks or scans files as they arrive on the computer's email server, the subsequent calls would be redundant.
 If you enable this policy setting, Windows tells the registered antivirus program to scan the file when a user opens a file attachment. If the antivirus program fails, the attachment is blocked from being opened.
-If you disable this policy setting, Windows doesn't call the registered antivirus programs when file attachments are opened.
+If you disable this policy setting, Windows does not call the registered antivirus programs when file attachments are opened.
-If you don't configure this policy setting, Windows doesn't call the registered antivirus programs when file attachments are opened.
+If you do not configure this policy setting, Windows does not call the registered antivirus programs when file attachments are opened.
 <!-- NotifyAntivirusPrograms-Description-End -->
-<!--/Description-->
+<!-- NotifyAntivirusPrograms-Editable-Begin -->
 <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 <!-- NotifyAntivirusPrograms-Editable-End -->
 <!-- NotifyAntivirusPrograms-DFProperties-Begin -->
 **Description framework properties**:
-<!--ADMXBacked-->
+| Property name | Property value |
-ADMX Info:
+|:--|:--|
-   GP Friendly name: *Notify antivirus programs when opening attachments*
+| Format | chr (string) |
-   GP name: *AM_CallIOfficeAntiVirus*
+| Access Type | Add, Delete, Get, Replace |
-   GP path: *Windows Components/Attachment Manager*
+<!-- NotifyAntivirusPrograms-DFProperties-End -->
 -   GP ADMX file name: *AttachmentManager.admx*
-<!--/ADMXBacked-->
+<!-- NotifyAntivirusPrograms-AdmxBacked-Begin -->
-<!--/Policy-->
+> [!TIP]
-<hr/>
+> This is an ADMX-backed policy and requires SyncML format for configuration. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
 **ADMX mapping**:
 | Name | Value |
 |:--|:--|
 | Name | AM_CallIOfficeAntiVirus |
 | Friendly Name | Notify antivirus programs when opening attachments |
 | Location | User Configuration |
 | Path | Windows Components > Attachment Manager |
 | Registry Key Name | Software\Microsoft\Windows\CurrentVersion\Policies\Attachments |
 | Registry Value Name | ScanWithAntiVirus |
 | ADMX File Name | AttachmentManager.admx |
 <!-- NotifyAntivirusPrograms-AdmxBacked-End -->
-<!--/Policies-->
+<!-- NotifyAntivirusPrograms-Examples-Begin -->
 <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
 <!-- NotifyAntivirusPrograms-Examples-End -->
 <!-- NotifyAntivirusPrograms-End -->
 <!-- AttachmentManager-CspMoreInfo-Begin -->
 <!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
 <!-- AttachmentManager-CspMoreInfo-End -->
 <!-- AttachmentManager-End -->
 ## Related articles
 [Policy configuration service provider](policy-configuration-service-provider.md)