From f45f167b9be4f7d7c50098cfcf19ff63fd67e466 Mon Sep 17 00:00:00 2001 From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Date: Mon, 6 Feb 2023 12:59:17 -0500 Subject: [PATCH 1/5] Draft for CSP DDF files --- .../mdm/configuration-service-provider-ddf.md | 575 +++++++++++++++++- 1 file changed, 572 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/configuration-service-provider-ddf.md b/windows/client-management/mdm/configuration-service-provider-ddf.md index 4a903492c4..0825b38037 100644 --- a/windows/client-management/mdm/configuration-service-provider-ddf.md +++ b/windows/client-management/mdm/configuration-service-provider-ddf.md @@ -1,7 +1,7 @@ --- title: Configuration service provider DDF files description: Learn more about the OMA DM device description framework (DDF) for various configuration service providers -ms.reviewer: +ms.reviewer: manager: aaroncz ms.author: vinpa ms.topic: article @@ -14,7 +14,565 @@ ms.collection: highpri # Configuration service provider DDF files -This topic shows the OMA DM device description framework (DDF) for various configuration service providers. DDF files are used only with OMA DM provisioning XML. +This article lists the OMA DM device description framework (DDF) files for various configuration service providers. DDF files are used only with OMA DM provisioning XML. + +As of December 2022, DDF files schema was updated to include additional information such as OS build applicability. DDF v2 files for Windows 10 and Windows 11 are combined, and provided in a single download: + +- [DDF v2 Files, December 2022](https://download.microsoft.com/download/7/4/c/74c6daca-983e-4f16-964a-eef65b553a37/DDFv2December2022.zip) + +## DDF v2 schema + +DDF v2 schema is listed below: + +```xml + + + + + + Starting point for DDF + + + + + + + + + + + + + Main Recurring XML tag describing nodes of the CSP + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +``` + +DDF v2 files also include a reference to the `MSFT` namespace. Schema for the `MSFT` namespace is listed below: + +```xml + + + + + This node contains an XML blob that can be used as an argument to the DiagnosticsLogCSP to pull diagnostics for a feature. + + + + + This node marks that a feature is deprecated. If included, OsBuildDeprecated gives the OS Build version that the node is no longer recommended to be set. + + + + + + + + This node contains information on how to dynamically name the node such that the name is valid. + + + + + + This indicates that the server should generate a unique identifier for the node. + + + + + This indicates that the client will generate the name of the node based on the device state (such as inventorying apps). + + + + + This indicates that the server should name the node, and the value listed gives a regex to define what is allowed. + + + + + + + + + The type of the conflict resolution. + + + + + No policy merge. + + + + + The lowest value is the most secure policy value. + + + + + The highest value is the most secure policy value. + + + + + The last written value is current value + + + + + The lowest value is the most secure policy value unless the value is zero. + + + + + The highest value is the most secure policy value unless the value is zero. + + + + + + + + These tags indicate what are required on the device for the node to be applicable to configured. These tags can be inherited by children nodes. + + + + + + This tag describes the first build that a feature is released to. If the feature was backported, multiple OS versions will be listed, such that the OS build version without a minor number is the first "major release." + + + + + This tag describes the lowest CSP Version that the node was released to. + + + + + This tag describes the list of Edition IDs that the features is allowed on. 0x88* refers to Windows Holographic for Business. + + + + + This tag indicates that the node requires the device to be Azure Active Directory Joined to be applicable. + + + + + + + + These tags describe what values are allowed to be set for this particular node. + + + + + + + + + + This attribute describes what kind of Allowed Values tag this is. + + + + + + This attribute indicates that the Value tag contains an XSD for the node. + + + + + This attribute indicates that the Value tag contains a RegEx for the node. + + + + + This attribute indicates that the node can be described by an external ADMX file. + + + + + This attribute indicates that the node can be described by a JSON schema. + + + + + This attribute indicates that the allowed values are an enumeration. + + + + + This attribute indicates that the allowed values can be combined into a bitwise flag. + + + + + This attribute indicates that the allowed values are a numerical range. + + + + + This attribute indicates that the allowed values are a string in the SDDL format. + + + + + This attribute indicates there is no data-driven way to define the allowed values of the node. This potentially means that all string values are valid values. + + + + + + + + + + + + This tag indicates that the node input can contain multiple, delimited values. + + + + + This attribute details the delimeter used for the list of values. + + + + + + + + + + + This tag indicates an allowed value. + + + + + This tag gives further description to an allowed value, such as for an enumeration. + + + + + + + + + + + + + + This tag gives details for one particular enumeration of the allowed values. + + + + + + + + + + This tag indicates the relevent details for the corresponding ADMX policy for this node. + + + + + This attribute gives the area path of the ADMX policy. + + + + + This attribute gives the name of the ADMX policy. + + + + + This attribute gives the filename for the ADMX policy. + + + + + + + This tag details the replace behavior of the node. + + + + + + When performing a replace operation on this node, the value is appending to the existing node data. + + + + + When performing a replace operation on this node, the existing node data is removed before new data is added. + + + + + + + + This tag describes the reboot behavior of the node. + + + + + + No reboot is required for this node. + + + + + This node will automatically perform a reboot to take effect. + + + + + This node needs a reboot initiated from an external source to take effect. + + + + + + + + This tag details the information necessary to map this node to an existing group policy. + + + + + This attribute details the English name of the GP. + + + + + This attribute details the area path of the GP. + + + + + This attribute details a particular element of a GP that the CSP node maps to. + + + + + + + This tag lists out common error HRESULTS reported by the CSP and English text to associate with them. + + + + + + + + + + + + + + + + + + + This tag indicates that this node and all children nodes should be enclosed by an Atomic tag when being sent to the client. + + + + + These tags detail potential dependencies that the current CSP node has on other nodes in the same CSP. + + + + + + + + + + This tag describes a dependency that the current CSP node has on another nodes in the same CSP. + + + + + + The URI that the current CSP node has a dependency on. + + + + + + + This tag details the kind of dependency. + + + + + + The current node depends on the dependency holding a certain value. + + + + + The current node depends on the dependency not holding a certain value. + + + + + + + + + + This tag details one specific dependency. A node might have multiple different dependencies. + + + + + + + + + This attribute gives a friendly ID to the dependency, to differentiate it from other dependencies. + + + + + + + This tag details the values that the dependency must be set to for the dependency to be satisfied. + + + + + + + + + This tag details a change to the current node's allowed values if the dependency is satisfied. + + + + + + + +``` + +## Older DDF files You can download the DDF files for various CSPs from the links below: @@ -26,4 +584,15 @@ You can download the DDF files for various CSPs from the links below: - [Download all the DDF files for Windows 10, version 1703](https://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip) - [Download all the DDF files for Windows 10, version 1607](https://download.microsoft.com/download/2/3/E/23E27D6B-6E23-4833-B143-915EDA3BDD44/Windows10_1607_DDF.zip) -You can download DDF file for Policy CSP from [Policy DDF file](policy-ddf-file.md). +You can view various Policy area DDF files by clicking the following links: + +- [View the Policy DDF file for Windows 10, version 20H2](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_20H2.xml) +- [View the Policy DDF file for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_2004.xml) +- [View the Policy DDF file for Windows 10, version 1903](https://download.microsoft.com/download/0/C/D/0CD61812-8B9C-4846-AC4A-1545BFD201EE/PolicyDDF_all_1903.xml) +- [View the Policy DDF file for Windows 10, version 1809](https://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/Policy_DDF_all_1809.xml) +- [View the Policy DDF file for Windows 10, version 1803](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all.xml) +- [View the Policy DDF file for Windows 10, version 1803 release C](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all_1809C_release.xml) +- [View the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml) +- [View the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml) +- [View the Policy DDF file for Windows 10, version 1607](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607.xml) +- [View the Policy DDF file for Windows 10, version 1607 release 8C](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml) From 22ab373428424a3e15682609b2aa8f970761557c Mon Sep 17 00:00:00 2001 From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Date: Mon, 6 Feb 2023 14:11:04 -0500 Subject: [PATCH 2/5] Update --- .openpublishing.redirection.json | 27 +- .../mdm/configuration-service-provider-ddf.md | 1058 +++++++++-------- .../client-management/mdm/policy-ddf-file.md | 32 - 3 files changed, 547 insertions(+), 570 deletions(-) delete mode 100644 windows/client-management/mdm/policy-ddf-file.md diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index e6a9c13cf5..22639222c2 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -19463,7 +19463,7 @@ { "source_path": "windows/security/threat-protection/intelligence/rootkits-malware.md", "redirect_url": "/microsoft-365/security/intelligence/rootkits-malware", - "redirect_document_id": false + "redirect_document_id": false }, { "source_path": "windows/security/threat-protection/intelligence/safety-scanner-download.md", @@ -20114,7 +20114,7 @@ "source_path": "windows/deployment/update/update-compliance-v2-enable.md", "redirect_url": "/windows/deployment/update/wufb-reports-enable", "redirect_document_id": false - }, + }, { "source_path": "windows/deployment/update/update-compliance-v2-help.md", "redirect_url": "/windows/deployment/update/wufb-reports-help", @@ -20124,22 +20124,22 @@ "source_path": "windows/deployment/update/update-compliance-v2-overview.md", "redirect_url": "/windows/deployment/update/wufb-reports-overview", "redirect_document_id": false - }, + }, { "source_path": "windows/deployment/update/update-compliance-v2-prerequisites.md", "redirect_url": "/windows/deployment/update/wufb-reports-prerequisites", "redirect_document_id": false - }, + }, { "source_path": "windows/deployment/update/update-compliance-v2-schema-ucclient.md", "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucclient", "redirect_document_id": false - }, + }, { "source_path": "windows/deployment/update/update-compliance-v2-schema-ucclientreadinessstatus.md", "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucclientreadinessstatus", "redirect_document_id": false - }, + }, { "source_path": "windows/deployment/update/update-compliance-v2-schema-ucclientupdatestatus.md", "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucclientupdatestatus", @@ -20149,17 +20149,17 @@ "source_path": "windows/deployment/update/update-compliance-v2-schema-ucdevicealert.md", "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucdevicealert", "redirect_document_id": false - }, + }, { "source_path": "windows/deployment/update/update-compliance-v2-schema-ucserviceupdatestatus.md", "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucserviceupdatestatus", "redirect_document_id": false - }, + }, { "source_path": "windows/deployment/update/update-compliance-v2-schema-ucupdatealert.md", "redirect_url": "/windows/deployment/update/wufb-reports-schema-ucupdatealert", "redirect_document_id": false - }, + }, { "source_path": "windows/deployment/update/update-compliance-v2-schema.md", "redirect_url": "/windows/deployment/update/wufb-reports-schema", @@ -20194,7 +20194,7 @@ "source_path": "windows/deployment/planning/features-lifecycle.md", "redirect_url": "/windows/whats-new/feature-lifecycle", "redirect_document_id": false - }, + }, { "source_path": "windows/deployment/planning/windows-10-deprecated-features.md", "redirect_url": "/windows/whats-new/deprecated-features", @@ -20205,7 +20205,7 @@ "redirect_url": "/windows/whats-new/removed-features", "redirect_document_id": false }, - { + { "source_path": "windows/deployment/usmt/usmt-common-issues.md", "redirect_url": "/troubleshoot/windows-client/deployment/usmt-common-issues", "redirect_document_id": false @@ -20514,6 +20514,11 @@ "source_path": "windows/deployment/windows-autopatch/references/windows-autopatch-wqu-unsupported-policies.md", "redirect_url": "/windows/deployment/windows-autopatch/references/windows-autopatch-windows-update-unsupported-policies", "redirect_document_id": true + }, + { + "source_path": "windows-docs-pr/windows/client-management/mdm/policy-ddf-file.md", + "redirect_url": "/windows/client-management/mdm/configuration-service-provider-ddf", + "redirect_document_id": true } ] } diff --git a/windows/client-management/mdm/configuration-service-provider-ddf.md b/windows/client-management/mdm/configuration-service-provider-ddf.md index 0825b38037..b55b3ce963 100644 --- a/windows/client-management/mdm/configuration-service-provider-ddf.md +++ b/windows/client-management/mdm/configuration-service-provider-ddf.md @@ -16,565 +16,569 @@ ms.collection: highpri This article lists the OMA DM device description framework (DDF) files for various configuration service providers. DDF files are used only with OMA DM provisioning XML. -As of December 2022, DDF files schema was updated to include additional information such as OS build applicability. DDF v2 files for Windows 10 and Windows 11 are combined, and provided in a single download: +As of December 2022, DDF XML schema was updated to include additional information such as OS build applicability. DDF v2 XML files for Windows 10 and Windows 11 are combined, and provided in a single download: - [DDF v2 Files, December 2022](https://download.microsoft.com/download/7/4/c/74c6daca-983e-4f16-964a-eef65b553a37/DDFv2December2022.zip) ## DDF v2 schema -DDF v2 schema is listed below: +DDF v2 XML schema definition is listed below along with the schema definition for the referenced `MSFT` namespace. -```xml - - - - - - Starting point for DDF - - - - - - - - - - - - - Main Recurring XML tag describing nodes of the CSP - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -``` +- Schema definition for DDF v2: -DDF v2 files also include a reference to the `MSFT` namespace. Schema for the `MSFT` namespace is listed below: - -```xml - - - - - This node contains an XML blob that can be used as an argument to the DiagnosticsLogCSP to pull diagnostics for a feature. - - - - - This node marks that a feature is deprecated. If included, OsBuildDeprecated gives the OS Build version that the node is no longer recommended to be set. - - - - - - - - This node contains information on how to dynamically name the node such that the name is valid. - - - - - - This indicates that the server should generate a unique identifier for the node. - - - - - This indicates that the client will generate the name of the node based on the device state (such as inventorying apps). - - - - - This indicates that the server should name the node, and the value listed gives a regex to define what is allowed. - - - - - - - - - The type of the conflict resolution. - - - - - No policy merge. - - - - - The lowest value is the most secure policy value. - - - - - The highest value is the most secure policy value. - - - - - The last written value is current value - - - - - The lowest value is the most secure policy value unless the value is zero. - - - - - The highest value is the most secure policy value unless the value is zero. - - - - - - - - These tags indicate what are required on the device for the node to be applicable to configured. These tags can be inherited by children nodes. - - - - - - This tag describes the first build that a feature is released to. If the feature was backported, multiple OS versions will be listed, such that the OS build version without a minor number is the first "major release." - - - - - This tag describes the lowest CSP Version that the node was released to. - - - - - This tag describes the list of Edition IDs that the features is allowed on. 0x88* refers to Windows Holographic for Business. - - - - - This tag indicates that the node requires the device to be Azure Active Directory Joined to be applicable. - - - - - - - - These tags describe what values are allowed to be set for this particular node. - - - - - - - - - - This attribute describes what kind of Allowed Values tag this is. - - - - - - This attribute indicates that the Value tag contains an XSD for the node. - - - - - This attribute indicates that the Value tag contains a RegEx for the node. - - - - - This attribute indicates that the node can be described by an external ADMX file. - - - - - This attribute indicates that the node can be described by a JSON schema. - - - - - This attribute indicates that the allowed values are an enumeration. - - - - - This attribute indicates that the allowed values can be combined into a bitwise flag. - - - - - This attribute indicates that the allowed values are a numerical range. - - - - - This attribute indicates that the allowed values are a string in the SDDL format. - - - - - This attribute indicates there is no data-driven way to define the allowed values of the node. This potentially means that all string values are valid values. - - - - - - - - - - + ```xml + + + + - This tag indicates that the node input can contain multiple, delimited values. + Starting point for DDF - - - This attribute details the delimeter used for the list of values. - - + + + + + - - - - - + + - This tag indicates an allowed value. + Main Recurring XML tag describing nodes of the CSP + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ``` + +- Schema definition for the `MSFT` namespace: + + ```xml + + + + + This node contains an XML blob that can be used as an argument to the DiagnosticsLogCSP to pull diagnostics for a feature. - + - This tag gives further description to an allowed value, such as for an enumeration. + This node marks that a feature is deprecated. If included, OsBuildDeprecated gives the OS Build version that the node is no longer recommended to be set. + + + - - - - - - - - - - - - This tag gives details for one particular enumeration of the allowed values. - - - - - - - - - - This tag indicates the relevent details for the corresponding ADMX policy for this node. - - - + - This attribute gives the area path of the ADMX policy. + This node contains information on how to dynamically name the node such that the name is valid. - - - - This attribute gives the name of the ADMX policy. - - - - - This attribute gives the filename for the ADMX policy. - - - - - - - This tag details the replace behavior of the node. - - - - - - When performing a replace operation on this node, the value is appending to the existing node data. - - - - - When performing a replace operation on this node, the existing node data is removed before new data is added. - - - - - - - - This tag describes the reboot behavior of the node. - - - - - - No reboot is required for this node. - - - - - This node will automatically perform a reboot to take effect. - - - - - This node needs a reboot initiated from an external source to take effect. - - - - - - - - This tag details the information necessary to map this node to an existing group policy. - - - - - This attribute details the English name of the GP. - - - - - This attribute details the area path of the GP. - - - - - This attribute details a particular element of a GP that the CSP node maps to. - - - - - - - This tag lists out common error HRESULTS reported by the CSP and English text to associate with them. - - - - - - - - - - - - - - - - - - - This tag indicates that this node and all children nodes should be enclosed by an Atomic tag when being sent to the client. - - - - - These tags detail potential dependencies that the current CSP node has on other nodes in the same CSP. - - - - - - - - - - This tag describes a dependency that the current CSP node has on another nodes in the same CSP. - - - - - - The URI that the current CSP node has a dependency on. - - - - - - - This tag details the kind of dependency. - - - - + + + - The current node depends on the dependency holding a certain value. + This indicates that the server should generate a unique identifier for the node. + + + + + This indicates that the client will generate the name of the node based on the device state (such as inventorying apps). + + + + + This indicates that the server should name the node, and the value listed gives a regex to define what is allowed. + + + + + + + + + The type of the conflict resolution. + + + + + No policy merge. - + - The current node depends on the dependency not holding a certain value. + The lowest value is the most secure policy value. + + + + + The highest value is the most secure policy value. + + + + + The last written value is current value + + + + + The lowest value is the most secure policy value unless the value is zero. + + + + + The highest value is the most secure policy value unless the value is zero. - - - - - - This tag details one specific dependency. A node might have multiple different dependencies. - - - - - - - + + - This attribute gives a friendly ID to the dependency, to differentiate it from other dependencies. + These tags indicate what are required on the device for the node to be applicable to configured. These tags can be inherited by children nodes. - - - - - - This tag details the values that the dependency must be set to for the dependency to be satisfied. - - - - - - - - - This tag details a change to the current node's allowed values if the dependency is satisfied. - - - - - - - -``` + + + + + This tag describes the first build that a feature is released to. If the feature was backported, multiple OS versions will be listed, such that the OS build version without a minor number is the first "major release." + + + + + This tag describes the lowest CSP Version that the node was released to. + + + + + This tag describes the list of Edition IDs that the features is allowed on. 0x88* refers to Windows Holographic for Business. + + + + + This tag indicates that the node requires the device to be Azure Active Directory Joined to be applicable. + + + + + + + + These tags describe what values are allowed to be set for this particular node. + + + + + + + + + + This attribute describes what kind of Allowed Values tag this is. + + + + + + This attribute indicates that the Value tag contains an XSD for the node. + + + + + This attribute indicates that the Value tag contains a RegEx for the node. + + + + + This attribute indicates that the node can be described by an external ADMX file. + + + + + This attribute indicates that the node can be described by a JSON schema. + + + + + This attribute indicates that the allowed values are an enumeration. + + + + + This attribute indicates that the allowed values can be combined into a bitwise flag. + + + + + This attribute indicates that the allowed values are a numerical range. + + + + + This attribute indicates that the allowed values are a string in the SDDL format. + + + + + This attribute indicates there is no data-driven way to define the allowed values of the node. This potentially means that all string values are valid values. + + + + + + + + + + + + This tag indicates that the node input can contain multiple, delimited values. + + + + + This attribute details the delimeter used for the list of values. + + + + + + + + + + + This tag indicates an allowed value. + + + + + This tag gives further description to an allowed value, such as for an enumeration. + + + + + + + + + + + + + + This tag gives details for one particular enumeration of the allowed values. + + + + + + + + + + This tag indicates the relevent details for the corresponding ADMX policy for this node. + + + + + This attribute gives the area path of the ADMX policy. + + + + + This attribute gives the name of the ADMX policy. + + + + + This attribute gives the filename for the ADMX policy. + + + + + + + This tag details the replace behavior of the node. + + + + + + When performing a replace operation on this node, the value is appending to the existing node data. + + + + + When performing a replace operation on this node, the existing node data is removed before new data is added. + + + + + + + + This tag describes the reboot behavior of the node. + + + + + + No reboot is required for this node. + + + + + This node will automatically perform a reboot to take effect. + + + + + This node needs a reboot initiated from an external source to take effect. + + + + + + + + This tag details the information necessary to map this node to an existing group policy. + + + + + This attribute details the English name of the GP. + + + + + This attribute details the area path of the GP. + + + + + This attribute details a particular element of a GP that the CSP node maps to. + + + + + + + This tag lists out common error HRESULTS reported by the CSP and English text to associate with them. + + + + + + + + + + + + + + + + + + + This tag indicates that this node and all children nodes should be enclosed by an Atomic tag when being sent to the client. + + + + + These tags detail potential dependencies that the current CSP node has on other nodes in the same CSP. + + + + + + + + + + This tag describes a dependency that the current CSP node has on another nodes in the same CSP. + + + + + + The URI that the current CSP node has a dependency on. + + + + + + + This tag details the kind of dependency. + + + + + + The current node depends on the dependency holding a certain value. + + + + + The current node depends on the dependency not holding a certain value. + + + + + + + + + + This tag details one specific dependency. A node might have multiple different dependencies. + + + + + + + + + This attribute gives a friendly ID to the dependency, to differentiate it from other dependencies. + + + + + + + This tag details the values that the dependency must be set to for the dependency to be satisfied. + + + + + + + + + This tag details a change to the current node's allowed values if the dependency is satisfied. + + + + + + + + ``` ## Older DDF files -You can download the DDF files for various CSPs from the links below: +You can download the older DDF files for various CSPs from the links below: - [Download all the DDF files for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/Windows10_2004_DDF_download.zip) - [Download all the DDF files for Windows 10, version 1903](https://download.microsoft.com/download/6/F/0/6F019079-6EB0-41B5-88E8-D1CE77DBA27B/Windows10_1903_DDF_download.zip) @@ -584,7 +588,7 @@ You can download the DDF files for various CSPs from the links below: - [Download all the DDF files for Windows 10, version 1703](https://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip) - [Download all the DDF files for Windows 10, version 1607](https://download.microsoft.com/download/2/3/E/23E27D6B-6E23-4833-B143-915EDA3BDD44/Windows10_1607_DDF.zip) -You can view various Policy area DDF files by clicking the following links: +You can download the older Policy area DDF files by clicking the following links: - [View the Policy DDF file for Windows 10, version 20H2](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_20H2.xml) - [View the Policy DDF file for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_2004.xml) diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md deleted file mode 100644 index 07c6ded973..0000000000 --- a/windows/client-management/mdm/policy-ddf-file.md +++ /dev/null @@ -1,32 +0,0 @@ ---- -title: Policy DDF file -description: Learn about the OMA DM device description framework (DDF) for the Policy configuration service provider. -ms.reviewer: -manager: aaroncz -ms.author: vinpa -ms.topic: article -ms.prod: windows-client -ms.technology: itpro-manage -author: vinaypamnani-msft -ms.localizationpriority: medium -ms.date: 10/28/2020 ---- - -# Policy DDF file - -This topic shows the OMA DM device description framework (DDF) for the **Policy** configuration service provider. DDF files are used only with OMA DM provisioning XML. - -You can view various Policy DDF files by clicking the following links: - -- [View the Policy DDF file for Windows 10, version 20H2](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_20H2.xml) -- [View the Policy DDF file for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_2004.xml) -- [View the Policy DDF file for Windows 10, version 1903](https://download.microsoft.com/download/0/C/D/0CD61812-8B9C-4846-AC4A-1545BFD201EE/PolicyDDF_all_1903.xml) -- [View the Policy DDF file for Windows 10, version 1809](https://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/Policy_DDF_all_1809.xml) -- [View the Policy DDF file for Windows 10, version 1803](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all.xml) -- [View the Policy DDF file for Windows 10, version 1803 release C](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all_1809C_release.xml) -- [View the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml) -- [View the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml) -- [View the Policy DDF file for Windows 10, version 1607](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607.xml) -- [View the Policy DDF file for Windows 10, version 1607 release 8C](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml) - -You can download DDF files for various CSPs from [CSP DDF files download](configuration-service-provider-ddf.md). From 7c4072364c07f884a57c5acf3dc4c6d74adc71d2 Mon Sep 17 00:00:00 2001 From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Date: Mon, 6 Feb 2023 14:12:19 -0500 Subject: [PATCH 3/5] Update TOC --- windows/client-management/mdm/toc.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/toc.yml b/windows/client-management/mdm/toc.yml index 919e4cac79..d35962adb6 100644 --- a/windows/client-management/mdm/toc.yml +++ b/windows/client-management/mdm/toc.yml @@ -34,7 +34,7 @@ items: href: policy-configuration-service-provider.md items: - name: Policy CSP DDF file - href: policy-ddf-file.md + href: configuration-service-provider-ddf.md - name: Policy CSP support scenarios items: - name: ADMX policies in Policy CSP From 8607282adad6d98f8843d5dcc5180b0cb9955e14 Mon Sep 17 00:00:00 2001 From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Date: Mon, 6 Feb 2023 14:20:41 -0500 Subject: [PATCH 4/5] Fix broken links --- .../change-history-for-mdm-documentation.md | 8 ++++---- windows/client-management/mdm/index.yml | 2 +- .../mdm/policy-csp-controlpolicyconflict.md | 2 +- .../mdm/policy-csp-localpoliciessecurityoptions.md | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/client-management/change-history-for-mdm-documentation.md b/windows/client-management/change-history-for-mdm-documentation.md index b77a1761a8..5b7f08ac50 100644 --- a/windows/client-management/change-history-for-mdm-documentation.md +++ b/windows/client-management/change-history-for-mdm-documentation.md @@ -185,7 +185,7 @@ As of November 2020 This page will no longer be updated. This article lists new |[RemoteWipe CSP](mdm/remotewipe-csp.md)|Added new settings in Windows 10, version 1809.| |[TenantLockdown CSP](mdm/tenantlockdown-csp.md)|Added new CSP in Windows 10, version 1809.| |[WindowsDefenderApplicationGuard CSP](mdm/windowsdefenderapplicationguard-csp.md)|Added new settings in Windows 10, version 1809.| -|[Policy DDF file](mdm/policy-ddf-file.md)|Posted an updated version of the Policy DDF for Windows 10, version 1809.| +|[Policy DDF file](mdm/configuration-service-provider-ddf.md)|Posted an updated version of the Policy DDF for Windows 10, version 1809.| |[Policy CSP](mdm/policy-configuration-service-provider.md)|Added the following new policies in Windows 10, version 1809:
  • Browser/AllowFullScreenMode
  • Browser/AllowPrelaunch
  • Browser/AllowPrinting
  • Browser/AllowSavingHistory
  • Browser/AllowSideloadingOfExtensions
  • Browser/AllowTabPreloading
  • Browser/AllowWebContentOnNewTabPage
  • Browser/ConfigureFavoritesBar
  • Browser/ConfigureHomeButton
  • Browser/ConfigureKioskMode
  • Browser/ConfigureKioskResetAfterIdleTimeout
  • Browser/ConfigureOpenMicrosoftEdgeWith
  • Browser/ConfigureTelemetryForMicrosoft365Analytics
  • Browser/PreventCertErrorOverrides
  • Browser/SetHomeButtonURL
  • Browser/SetNewTabPageURL
  • Browser/UnlockHomeButton
  • Experience/DoNotSyncBrowserSettings
  • Experience/PreventUsersFromTurningOnBrowserSyncing
  • Kerberos/UPNNameHints
  • Privacy/AllowCrossDeviceClipboard
  • Privacy
  • DisablePrivacyExperience
  • Privacy/UploadUserActivities
  • System/AllowDeviceNameInDiagnosticData
  • System/ConfigureMicrosoft365UploadEndpoint
  • System/DisableDeviceDelete
  • System/DisableDiagnosticDataViewer
  • Storage/RemovableDiskDenyWriteAccess
  • Update/UpdateNotificationLevel

    Start/DisableContextMenus - added in Windows 10, version 1803.

    RestrictedGroups/ConfigureGroupMembership - added new schema to apply and retrieve the policy.| ## July 2018 @@ -217,7 +217,7 @@ As of November 2020 This page will no longer be updated. This article lists new |New or updated article|Description| |--- |--- | -|[Policy DDF file](mdm/policy-ddf-file.md)|Updated the DDF files in the Windows 10 version 1703 and 1709.
  • [Download the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)
  • [Download the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml)| +|[Policy DDF file](mdm/configuration-service-provider-ddf.md)|Updated the DDF files in the Windows 10 version 1703 and 1709.
  • [Download the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)
  • [Download the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml)| ## April 2018 @@ -281,7 +281,7 @@ As of November 2020 This page will no longer be updated. This article lists new | New or updated article | Description | | --- | --- | -| [Policy DDF file](mdm/policy-ddf-file.md) | Updated the DDF content for Windows 10 version 1709. Added a link to the download of Policy DDF for Windows 10, version 1709. | +| [Policy DDF file](mdm/configuration-service-provider-ddf.md) | Updated the DDF content for Windows 10 version 1709. Added a link to the download of Policy DDF for Windows 10, version 1709. | | [Policy CSP](mdm/policy-configuration-service-provider.md) | Updated the following policies:

    - Defender/ControlledFolderAccessAllowedApplications - string separator is `|`
    - Defender/ControlledFolderAccessProtectedFolders - string separator is `|` | | [eUICCs CSP](mdm/euiccs-csp.md) | Added new CSP in Windows 10, version 1709. | | [AssignedAccess CSP](mdm/assignedaccess-csp.md) | Added SyncML examples for the new Configuration node. | @@ -313,5 +313,5 @@ As of November 2020 This page will no longer be updated. This article lists new |[Office CSP](mdm/office-csp.md)|Added the following setting in Windows 10, version 1709:
  • Installation/CurrentStatus| |[BitLocker CSP](mdm/bitlocker-csp.md)|Added information to the ADMX-backed policies. Changed the minimum personal identification number (PIN) length to four digits in SystemDrivesRequireStartupAuthentication and SystemDrivesMinimumPINLength in Windows 10, version 1709.| |[Firewall CSP](mdm/firewall-csp.md)|Updated the CSP and DDF topics. Here are the changes:
  • Removed the two settings - FirewallRules/FirewallRuleName/FriendlyName and FirewallRules/FirewallRuleName/IcmpTypesAndCodes.
  • Changed some data types from integer to bool.
  • Updated the list of supported operations for some settings.
  • Added default values.| -|[Policy DDF file](mdm/policy-ddf-file.md)|Added another Policy DDF file [download](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml) for the 8C release of Windows 10, version 1607, which added the following policies:
  • Browser/AllowMicrosoftCompatibilityList
  • Update/DisableDualScan
  • Update/FillEmptyContentUrls| +|[Policy DDF file](mdm/configuration-service-provider-ddf.md)|Added another Policy DDF file [download](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml) for the 8C release of Windows 10, version 1607, which added the following policies:
  • Browser/AllowMicrosoftCompatibilityList
  • Update/DisableDualScan
  • Update/FillEmptyContentUrls| |[Policy CSP](mdm/policy-configuration-service-provider.md)|Added the following new policies for Windows 10, version 1709:
  • Browser/ProvisionFavorites
  • Browser/LockdownFavorites
  • ExploitGuard/ExploitProtectionSettings
  • Games/AllowAdvancedGamingServices
  • LocalPoliciesSecurityOptions/Accounts_BlockMicrosoftAccounts
  • LocalPoliciesSecurityOptions/Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly
  • LocalPoliciesSecurityOptions/Accounts_RenameAdministratorAccount
  • LocalPoliciesSecurityOptions/Accounts_RenameGuestAccount
  • LocalPoliciesSecurityOptions/InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked
  • LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayLastSignedIn
  • LocalPoliciesSecurityOptions/Interactivelogon_DoNotDisplayUsernameAtSignIn
  • LocalPoliciesSecurityOptions/Interactivelogon_DoNotRequireCTRLALTDEL
  • LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit
  • LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn
  • LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn
  • LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests
  • LocalPoliciesSecurityOptions/Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn
  • LocalPoliciesSecurityOptions/UserAccountControl_AllowUIAccessApplicationsToPromptForElevation
  • LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForAdministrators
  • LocalPoliciesSecurityOptions/UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers
  • LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated
  • LocalPoliciesSecurityOptions/UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations
  • LocalPoliciesSecurityOptions/UserAccountControl_RunAllAdministratorsInAdminApprovalMode
  • LocalPoliciesSecurityOptions/UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation
  • LocalPoliciesSecurityOptions/UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations
  • Privacy/EnableActivityFeed
  • Privacy/PublishUserActivities
  • Update/DisableDualScan
  • Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork

    Changed the name of new policy to CredentialProviders/DisableAutomaticReDeploymentCredentials from CredentialProviders/EnableWindowsAutopilotResetCredentials.

    Changed the names of the following policies:
  • Defender/GuardedFoldersAllowedApplications to Defender/ControlledFolderAccessAllowedApplications
  • Defender/GuardedFoldersList to Defender/ControlledFolderAccessProtectedFolders
  • Defender/EnableGuardMyFolders to Defender/EnableControlledFolderAccess

    Added links to the extra [ADMX-backed BitLocker policies](mdm/policy-csp-bitlocker.md).

    There were issues reported with the previous release of the following policies. These issues were fixed in Windows 10, version 1709:
  • Privacy/AllowAutoAcceptPairingAndPrivacyConsentPrompts
  • Start/HideAppList| diff --git a/windows/client-management/mdm/index.yml b/windows/client-management/mdm/index.yml index d8bd8ed982..db2be7efaf 100644 --- a/windows/client-management/mdm/index.yml +++ b/windows/client-management/mdm/index.yml @@ -47,7 +47,7 @@ landingContent: - text: Policy CSP url: policy-configuration-service-provider.md - text: Policy DDF file - url: policy-ddf-file.md + url: configuration-service-provider-ddf.md - text: Policy CSP - Start url: policy-csp-start.md - text: Policy CSP - Update diff --git a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md index f955123b29..b6865f7b07 100644 --- a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md +++ b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md @@ -58,7 +58,7 @@ This ensures that: - The current Policy Manager policies are refreshed from what MDM has set - Any values set by scripts/user outside of GP that conflict with MDM are removed -The [Policy DDF](policy-ddf-file.md) contains the following tags to identify the policies with equivalent GP: +The [Policy DDF](configuration-service-provider-ddf.md) contains the following tags to identify the policies with equivalent GP: - \ - \ diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md index 459b035faf..075a1bd389 100644 --- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md +++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md @@ -19,7 +19,7 @@ ms.topic: reference > [!NOTE] -> To find data formats (and other policy-related details), see [Policy DDF file](./policy-ddf-file.md). +> To find data formats (and other policy-related details), see [Policy DDF file](./configuration-service-provider-ddf.md). From fd9d7ac6ef6ee08dd128111579a334c9f1528a15 Mon Sep 17 00:00:00 2001 From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Date: Mon, 6 Feb 2023 14:21:48 -0500 Subject: [PATCH 5/5] Fix redirect --- .openpublishing.redirection.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 22639222c2..645db60d9e 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -20516,7 +20516,7 @@ "redirect_document_id": true }, { - "source_path": "windows-docs-pr/windows/client-management/mdm/policy-ddf-file.md", + "source_path": "windows/client-management/mdm/policy-ddf-file.md", "redirect_url": "/windows/client-management/mdm/configuration-service-provider-ddf", "redirect_document_id": true }