Merged PR 2634: adding GP paths to ADMX policies

adding GP paths
2025-05-12 05:17:22 +00:00 · 2017-08-09 17:28:41 +00:00 · 2017-08-09 17:28:41 +00:00 · ba5ad6f2e2
commit ba5ad6f2e2
parent 3d5d3f5671
67 changed files with 481 additions and 161 deletions
--- a/windows/client-management/mdm/policy-csp-abovelock.md
+++ b/windows/client-management/mdm/policy-csp-abovelock.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - AboveLock
--- a/windows/client-management/mdm/policy-csp-accounts.md
+++ b/windows/client-management/mdm/policy-csp-accounts.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Accounts
--- a/windows/client-management/mdm/policy-csp-activexcontrols.md
+++ b/windows/client-management/mdm/policy-csp-activexcontrols.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - ActiveXControls
@ -66,6 +66,7 @@ Note: Wild card characters cannot be used when specifying the host URLs.
 ADMX Info:  
 -   GP english name: *Approved Installation Sites for ActiveX Controls*
 -   GP name: *ApprovedActiveXInstallSites*
+-   GP path: *Windows Components/ActiveX Installer Service*
 -   GP ADMX file name: *ActiveXInstallService.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-applicationdefaults.md
+++ b/windows/client-management/mdm/policy-csp-applicationdefaults.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - ApplicationDefaults
--- a/windows/client-management/mdm/policy-csp-applicationmanagement.md
+++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - ApplicationManagement
--- a/windows/client-management/mdm/policy-csp-appvirtualization.md
+++ b/windows/client-management/mdm/policy-csp-appvirtualization.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - AppVirtualization
--- a/windows/client-management/mdm/policy-csp-attachmentmanager.md
+++ b/windows/client-management/mdm/policy-csp-attachmentmanager.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - AttachmentManager
@ -66,6 +66,7 @@ If you do not configure this policy setting, Windows marks file attachments with
 ADMX Info:  
 -   GP english name: *Do not preserve zone information in file attachments*
 -   GP name: *AM_MarkZoneOnSavedAtttachments*
+-   GP path: *Windows Components/Attachment Manager*
 -   GP ADMX file name: *AttachmentManager.admx*

 <!--EndADMX-->
@ -117,6 +118,7 @@ If you do not configure this policy setting, Windows hides the check box and Unb
 ADMX Info:  
 -   GP english name: *Hide mechanisms to remove zone information*
 -   GP name: *AM_RemoveZoneInfo*
+-   GP path: *Windows Components/Attachment Manager*
 -   GP ADMX file name: *AttachmentManager.admx*

 <!--EndADMX-->
@ -168,6 +170,7 @@ If you do not configure this policy setting, Windows does not call the registere
 ADMX Info:  
 -   GP english name: *Notify antivirus programs when opening attachments*
 -   GP name: *AM_CallIOfficeAntiVirus*
+-   GP path: *Windows Components/Attachment Manager*
 -   GP ADMX file name: *AttachmentManager.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-authentication.md
+++ b/windows/client-management/mdm/policy-csp-authentication.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Authentication
--- a/windows/client-management/mdm/policy-csp-autoplay.md
+++ b/windows/client-management/mdm/policy-csp-autoplay.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Autoplay
@ -64,6 +64,7 @@ If you disable or do not configure this policy setting, AutoPlay is enabled for
 ADMX Info:  
 -   GP english name: *Disallow Autoplay for non-volume devices*
 -   GP name: *NoAutoplayfornonVolume*
+-   GP path: *Windows Components/AutoPlay Policies*
 -   GP ADMX file name: *AutoPlay.admx*

 <!--EndADMX-->
@ -122,6 +123,7 @@ If you disable or not configure this policy setting, Windows Vista or later will
 ADMX Info:  
 -   GP english name: *Set the default behavior for AutoRun*
 -   GP name: *NoAutorun*
+-   GP path: *Windows Components/AutoPlay Policies*
 -   GP ADMX file name: *AutoPlay.admx*

 <!--EndADMX-->
@ -181,6 +183,7 @@ Note: This policy setting appears in both the Computer Configuration and User Co
 ADMX Info:  
 -   GP english name: *Turn off Autoplay*
 -   GP name: *Autorun*
+-   GP path: *Windows Components/AutoPlay Policies*
 -   GP ADMX file name: *AutoPlay.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-bitlocker.md
+++ b/windows/client-management/mdm/policy-csp-bitlocker.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Bitlocker
--- a/windows/client-management/mdm/policy-csp-bluetooth.md
+++ b/windows/client-management/mdm/policy-csp-bluetooth.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Bluetooth
--- a/windows/client-management/mdm/policy-csp-browser.md
+++ b/windows/client-management/mdm/policy-csp-browser.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Browser
--- a/windows/client-management/mdm/policy-csp-camera.md
+++ b/windows/client-management/mdm/policy-csp-camera.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Camera
--- a/windows/client-management/mdm/policy-csp-cellular.md
+++ b/windows/client-management/mdm/policy-csp-cellular.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Cellular
@ -58,6 +58,7 @@ ms.date: 07/14/2017
 ADMX Info:  
 -   GP english name: *Set Per-App Cellular Access UI Visibility*
 -   GP name: *ShowAppCellularAccessUI*
+-   GP path: *Network/WWAN Service/WWAN UI Settings*
 -   GP ADMX file name: *wwansvc.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-connectivity.md
+++ b/windows/client-management/mdm/policy-csp-connectivity.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Connectivity
@ -521,6 +521,7 @@ If you enable this policy, Windows only allows access to the specified UNC paths
 ADMX Info:  
 -   GP english name: *Hardened UNC Paths*
 -   GP name: *Pol_HardenedPaths*
+-   GP path: *Network/Network Provider*
 -   GP ADMX file name: *networkprovider.admx*

 <!--EndADMX-->
@ -564,6 +565,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Prohibit installation and configuration of Network Bridge on your DNS domain network*
 -   GP name: *NC_AllowNetBridge_NLA*
+-   GP path: *Network/Network Connections*
 -   GP ADMX file name: *NetworkConnections.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-credentialproviders.md
+++ b/windows/client-management/mdm/policy-csp-credentialproviders.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - CredentialProviders
@ -155,7 +155,7 @@ Added in Windows 10, version 1709. Boolean policy to disable the visibility of t
 The Windows 10 Automatic ReDeployment feature allows admin to reset devices to a known good managed state while preserving the management enrollment. After the automatic redeployment is triggered the devices are for ready for use by information workers or students.

 - 0 - Enable the visibility of the credentials for Windows 10 Automatic ReDeployment
- 1 - Disable visibility of the credentials for Windows 10 Automatic ReDeployment 
+- 1 - Disable visibility of the credentials for Windows 10 Automatic ReDeployment

 <!--EndDescription-->
 <!--EndPolicy-->
--- a/windows/client-management/mdm/policy-csp-credentialsui.md
+++ b/windows/client-management/mdm/policy-csp-credentialsui.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - CredentialsUI
@ -68,6 +68,7 @@ The policy applies to all Windows components and applications that use the Windo
 ADMX Info:  
 -   GP english name: *Do not display the password reveal button*
 -   GP name: *DisablePasswordReveal*
+-   GP path: *Windows Components/Credential User Interface*
 -   GP ADMX file name: *credui.admx*

 <!--EndADMX-->
@ -117,6 +118,7 @@ If you disable this policy setting, users will always be required to type a user
 ADMX Info:  
 -   GP english name: *Enumerate administrator accounts on elevation*
 -   GP name: *EnumerateAdministrators*
+-   GP path: *Windows Components/Credential User Interface*
 -   GP ADMX file name: *credui.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-cryptography.md
+++ b/windows/client-management/mdm/policy-csp-cryptography.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Cryptography
--- a/windows/client-management/mdm/policy-csp-dataprotection.md
+++ b/windows/client-management/mdm/policy-csp-dataprotection.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - DataProtection
--- a/windows/client-management/mdm/policy-csp-datausage.md
+++ b/windows/client-management/mdm/policy-csp-datausage.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - DataUsage
@ -70,6 +70,7 @@ If this policy setting is disabled or is not configured, the cost of 3G connecti
 ADMX Info:  
 -   GP english name: *Set 3G Cost*
 -   GP name: *SetCost3G*
+-   GP path: *Network/WWAN Service/WWAN Media Cost*
 -   GP ADMX file name: *wwansvc.admx*

 <!--EndADMX-->
@ -125,6 +126,7 @@ If this policy setting is disabled or is not configured, the cost of 4G connecti
 ADMX Info:  
 -   GP english name: *Set 4G Cost*
 -   GP name: *SetCost4G*
+-   GP path: *Network/WWAN Service/WWAN Media Cost*
 -   GP ADMX file name: *wwansvc.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-defender.md
+++ b/windows/client-management/mdm/policy-csp-defender.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Defender
--- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md
+++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - DeliveryOptimization
--- a/windows/client-management/mdm/policy-csp-desktop.md
+++ b/windows/client-management/mdm/policy-csp-desktop.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Desktop
--- a/windows/client-management/mdm/policy-csp-deviceguard.md
+++ b/windows/client-management/mdm/policy-csp-deviceguard.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - DeviceGuard
--- a/windows/client-management/mdm/policy-csp-deviceinstallation.md
+++ b/windows/client-management/mdm/policy-csp-deviceinstallation.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - DeviceInstallation
@ -64,6 +64,7 @@ If you disable or do not configure this policy setting, devices can be installed
 ADMX Info:  
 -   GP english name: *Prevent installation of devices that match any of these device IDs*
 -   GP name: *DeviceInstall_IDs_Deny*
+-   GP path: *System/Device Installation/Device Installation Restrictions*
 -   GP ADMX file name: *deviceinstallation.admx*

 <!--EndADMX-->
@ -113,6 +114,7 @@ If you disable or do not configure this policy setting, Windows can install and
 ADMX Info:  
 -   GP english name: *Prevent installation of devices using drivers that match these device setup classes*
 -   GP name: *DeviceInstall_Classes_Deny*
+-   GP path: *System/Device Installation/Device Installation Restrictions*
 -   GP ADMX file name: *deviceinstallation.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-devicelock.md
+++ b/windows/client-management/mdm/policy-csp-devicelock.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - DeviceLock
@ -769,6 +769,7 @@ If you enable this setting, users will no longer be able to modify slide show se
 ADMX Info:  
 -   GP english name: *Prevent enabling lock screen slide show*
 -   GP name: *CPL_Personalization_NoLockScreenSlideshow*
+-   GP path: *Control Panel/Personalization*
 -   GP ADMX file name: *ControlPanelDisplay.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-display.md
+++ b/windows/client-management/mdm/policy-csp-display.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Display
--- a/windows/client-management/mdm/policy-csp-education.md
+++ b/windows/client-management/mdm/policy-csp-education.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/27/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Education
--- a/windows/client-management/mdm/policy-csp-enterprisecloudprint.md
+++ b/windows/client-management/mdm/policy-csp-enterprisecloudprint.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - EnterpriseCloudPrint
--- a/windows/client-management/mdm/policy-csp-errorreporting.md
+++ b/windows/client-management/mdm/policy-csp-errorreporting.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - ErrorReporting
@ -123,6 +123,7 @@ If you disable or do not configure this policy setting, the Turn off Windows Err
 ADMX Info:  
 -   GP english name: *Disable Windows Error Reporting*
 -   GP name: *WerDisable_2*
+-   GP path: *Windows Components/Windows Error Reporting*
 -   GP ADMX file name: *ErrorReporting.admx*

 <!--EndADMX-->
@ -176,6 +177,7 @@ See also the Configure Error Reporting policy setting.
 ADMX Info:  
 -   GP english name: *Display Error Notification*
 -   GP name: *PCH_ShowUI*
+-   GP path: *Windows Components/Windows Error Reporting*
 -   GP ADMX file name: *ErrorReporting.admx*

 <!--EndADMX-->
@ -225,6 +227,7 @@ If you disable or do not configure this policy setting, then consent policy sett
 ADMX Info:  
 -   GP english name: *Do not send additional data*
 -   GP name: *WerNoSecondLevelData_2*
+-   GP path: *Windows Components/Windows Error Reporting*
 -   GP ADMX file name: *ErrorReporting.admx*

 <!--EndADMX-->
@ -274,6 +277,7 @@ If you disable or do not configure this policy setting, Windows Error Reporting
 ADMX Info:  
 -   GP english name: *Prevent display of the user interface for critical errors*
 -   GP name: *WerDoNotShowUI*
+-   GP path: *Windows Components/Windows Error Reporting*
 -   GP ADMX file name: *ErrorReporting.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-eventlogservice.md
+++ b/windows/client-management/mdm/policy-csp-eventlogservice.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - EventLogService
@ -66,6 +66,7 @@ Note: Old events may or may not be retained according to the "Backup log automat
 ADMX Info:  
 -   GP english name: *Control Event Log behavior when the log file reaches its maximum size*
 -   GP name: *Channel_Log_Retention_1*
+-   GP path: *Windows Components/Event Log Service/Application*
 -   GP ADMX file name: *eventlog.admx*

 <!--EndADMX-->
@ -115,6 +116,7 @@ If you disable or do not configure this policy setting, the maximum size of the
 ADMX Info:  
 -   GP english name: *Specify the maximum log file size (KB)*
 -   GP name: *Channel_LogMaxSize_1*
+-   GP path: *Windows Components/Event Log Service/Application*
 -   GP ADMX file name: *eventlog.admx*

 <!--EndADMX-->
@ -164,6 +166,7 @@ If you disable or do not configure this policy setting, the maximum size of the
 ADMX Info:  
 -   GP english name: *Specify the maximum log file size (KB)*
 -   GP name: *Channel_LogMaxSize_2*
+-   GP path: *Windows Components/Event Log Service/Security*
 -   GP ADMX file name: *eventlog.admx*

 <!--EndADMX-->
@ -213,6 +216,7 @@ If you disable or do not configure this policy setting, the maximum size of the
 ADMX Info:  
 -   GP english name: *Specify the maximum log file size (KB)*
 -   GP name: *Channel_LogMaxSize_4*
+-   GP path: *Windows Components/Event Log Service/System*
 -   GP ADMX file name: *eventlog.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-experience.md
+++ b/windows/client-management/mdm/policy-csp-experience.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Experience
--- a/windows/client-management/mdm/policy-csp-games.md
+++ b/windows/client-management/mdm/policy-csp-games.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Games
@ -22,9 +22,6 @@ ms.date: 07/14/2017
 <!--StartPolicy-->
 <a href="" id="games-allowadvancedgamingservices"></a>**Games/AllowAdvancedGamingServices**  

-<!--StartSKU-->
-
-<!--EndSKU-->
 <!--StartDescription-->
 <p style="margin-left: 20px">Placeholder only. Currently not supported.

--- a/windows/client-management/mdm/policy-csp-internetexplorer.md
+++ b/windows/client-management/mdm/policy-csp-internetexplorer.md
--- a/windows/client-management/mdm/policy-csp-kerberos.md
+++ b/windows/client-management/mdm/policy-csp-kerberos.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Kerberos
@ -64,6 +64,7 @@ If you disable or do not configure this policy setting, the Kerberos client does
 ADMX Info:  
 -   GP english name: *Use forest search order*
 -   GP name: *ForestSearch*
+-   GP path: *System/Kerberos*
 -   GP ADMX file name: *Kerberos.admx*

 <!--EndADMX-->
@ -112,6 +113,7 @@ If you disable or do not configure this policy setting, the client devices will
 ADMX Info:  
 -   GP english name: *Kerberos client support for claims, compound authentication and Kerberos armoring*
 -   GP name: *EnableCbacAndArmor*
+-   GP path: *System/Kerberos*
 -   GP ADMX file name: *Kerberos.admx*

 <!--EndADMX-->
@ -165,6 +167,7 @@ If you disable or do not configure this policy setting, the client computers in
 ADMX Info:  
 -   GP english name: *Fail authentication requests when Kerberos armoring is not available*
 -   GP name: *ClientRequireFast*
+-   GP path: *System/Kerberos*
 -   GP ADMX file name: *Kerberos.admx*

 <!--EndADMX-->
@ -214,6 +217,7 @@ If you disable or do not configure this policy setting, the Kerberos client requ
 ADMX Info:  
 -   GP english name: *Require strict KDC validation*
 -   GP name: *ValidateKDC*
+-   GP path: *System/Kerberos*
 -   GP ADMX file name: *Kerberos.admx*

 <!--EndADMX-->
@ -267,6 +271,7 @@ Note: This policy setting configures the existing MaxTokenSize registry value in
 ADMX Info:  
 -   GP english name: *Set maximum Kerberos SSPI context token buffer size*
 -   GP name: *MaxTokenSize*
+-   GP path: *System/Kerberos*
 -   GP ADMX file name: *Kerberos.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-licensing.md
+++ b/windows/client-management/mdm/policy-csp-licensing.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Licensing
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 08/04/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - LocalPoliciesSecurityOptions
@ -672,6 +672,46 @@ Valid values:
 - 0 - disabled
 - 1 - enabled (allow system to be shut down without having to log on)

+Value type is integer. Supported operations are Add, Get, Replace, and Delete.
+
+<!--EndDescription-->
+<!--EndPolicy-->
+<!--StartPolicy-->
+<a href="" id="localpoliciessecurityoptions-tbuseraccountcontrol-runalladministratorsinadminapprovalmoded"></a>**LocalPoliciesSecurityOptions/TBUserAccountControl_RunAllAdministratorsInAdminApprovalModeD**  
+
+<!--StartSKU-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--EndSKU-->
+<!--StartDescription-->
+User Account Control: Turn on Admin Approval Mode
+
+This policy setting controls the behavior of all User Account Control (UAC) policy settings for the computer. If you change this policy setting, you must restart your computer.
+
+The options are:
+- 0 - Disabled: Admin Approval Mode and all related UAC policy settings are disabled. Note: If this policy setting is disabled, the Security Center notifies you that the overall security of the operating system has been reduced.
+- 1 - Enabled: (Default) Admin Approval Mode is enabled. This policy must be enabled and related UAC policy settings must also be set appropriately to allow the built-in Administrator account and all other users who are members of the Administrators group to run in Admin Approval Mode. 
+
+
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.

 <!--EndDescription-->
@ -891,46 +931,6 @@ The options are:
 - 0 - Disabled: An application runs with UIAccess integrity even if it does not reside in a secure location in the file system.
 - 1 - Enabled: (Default) If an application resides in a secure location in the file system, it runs only with UIAccess integrity.

-Value type is integer. Supported operations are Add, Get, Replace, and Delete.
-
-<!--EndDescription-->
-<!--EndPolicy-->
-<!--StartPolicy-->
-<a href="" id="localpoliciessecurityoptions-tbuseraccountcontrol-runalladministratorsinadminapprovalmode"></a>**LocalPoliciesSecurityOptions/TBUserAccountControl_RunAllAdministratorsInAdminApprovalModeD**  
-
-<!--StartSKU-->
-<table>
-<tr>
-	<th>Home</th>
-	<th>Pro</th>
-	<th>Business</th>
-	<th>Enterprise</th>
-	<th>Education</th>
-	<th>Mobile</th>
-	<th>Mobile Enterprise</th>
-</tr>
-<tr>
-	<td><img src="images/crossmark.png" alt="cross mark" /></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
-	<td><img src="images/crossmark.png" alt="cross mark" /></td>
-	<td><img src="images/crossmark.png" alt="cross mark" /></td>
-</tr>
-</table>
-
-<!--EndSKU-->
-<!--StartDescription-->
-User Account Control: Turn on Admin Approval Mode
-
-This policy setting controls the behavior of all User Account Control (UAC) policy settings for the computer. If you change this policy setting, you must restart your computer.
-
-The options are:
- 0 - Disabled: Admin Approval Mode and all related UAC policy settings are disabled. Note: If this policy setting is disabled, the Security Center notifies you that the overall security of the operating system has been reduced.
- 1 - Enabled: (Default) Admin Approval Mode is enabled. This policy must be enabled and related UAC policy settings must also be set appropriately to allow the built-in Administrator account and all other users who are members of the Administrators group to run in Admin Approval Mode. 
-
-
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.

 <!--EndDescription-->
@ -1021,4 +1021,5 @@ Footnote:
 -   2 - Added in Windows 10, version 1703.
 -   3 - Added in Windows 10, version 1709.

-<!--EndPolicies-->
+<!--EndPolicies-->
+
--- a/windows/client-management/mdm/policy-csp-location.md
+++ b/windows/client-management/mdm/policy-csp-location.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Location
--- a/windows/client-management/mdm/policy-csp-lockdown.md
+++ b/windows/client-management/mdm/policy-csp-lockdown.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - LockDown
--- a/windows/client-management/mdm/policy-csp-maps.md
+++ b/windows/client-management/mdm/policy-csp-maps.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Maps
--- a/windows/client-management/mdm/policy-csp-messaging.md
+++ b/windows/client-management/mdm/policy-csp-messaging.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Messaging
--- a/windows/client-management/mdm/policy-csp-networkisolation.md
+++ b/windows/client-management/mdm/policy-csp-networkisolation.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - NetworkIsolation
--- a/windows/client-management/mdm/policy-csp-notifications.md
+++ b/windows/client-management/mdm/policy-csp-notifications.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Notifications
--- a/windows/client-management/mdm/policy-csp-power.md
+++ b/windows/client-management/mdm/policy-csp-power.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Power
@ -64,6 +64,7 @@ If you disable this policy setting, standby states (S1-S3) are not allowed.
 ADMX Info:  
 -   GP english name: *Allow standby states (S1-S3) when sleeping (plugged in)*
 -   GP name: *AllowStandbyStatesAC_2*
+-   GP path: *System/Power Management/Sleep Settings*
 -   GP ADMX file name: *power.admx*

 <!--EndADMX-->
@ -115,6 +116,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Turn off the display (on battery)*
 -   GP name: *VideoPowerDownTimeOutDC_2*
+-   GP path: *System/Power Management/Video and Display Settings*
 -   GP ADMX file name: *power.admx*

 <!--EndADMX-->
@ -166,6 +168,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Turn off the display (plugged in)*
 -   GP name: *VideoPowerDownTimeOutAC_2*
+-   GP path: *System/Power Management/Video and Display Settings*
 -   GP ADMX file name: *power.admx*

 <!--EndADMX-->
@ -218,6 +221,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify the system hibernate timeout (on battery)*
 -   GP name: *DCHibernateTimeOut_2*
+-   GP path: *System/Power Management/Sleep Settings*
 -   GP ADMX file name: *power.admx*

 <!--EndADMX-->
@ -269,6 +273,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify the system hibernate timeout (plugged in)*
 -   GP name: *ACHibernateTimeOut_2*
+-   GP path: *System/Power Management/Sleep Settings*
 -   GP ADMX file name: *power.admx*

 <!--EndADMX-->
@ -318,6 +323,7 @@ If you disable this policy setting, the user is not prompted for a password when
 ADMX Info:  
 -   GP english name: *Require a password when a computer wakes (on battery)*
 -   GP name: *DCPromptForPasswordOnResume_2*
+-   GP path: *System/Power Management/Sleep Settings*
 -   GP ADMX file name: *power.admx*

 <!--EndADMX-->
@ -367,6 +373,7 @@ If you disable this policy setting, the user is not prompted for a password when
 ADMX Info:  
 -   GP english name: *Require a password when a computer wakes (plugged in)*
 -   GP name: *ACPromptForPasswordOnResume_2*
+-   GP path: *System/Power Management/Sleep Settings*
 -   GP ADMX file name: *power.admx*

 <!--EndADMX-->
@ -418,6 +425,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify the system sleep timeout (on battery)*
 -   GP name: *DCStandbyTimeOut_2*
+-   GP path: *System/Power Management/Sleep Settings*
 -   GP ADMX file name: *power.admx*

 <!--EndADMX-->
@ -469,6 +477,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify the system sleep timeout (plugged in)*
 -   GP name: *ACStandbyTimeOut_2*
+-   GP path: *System/Power Management/Sleep Settings*
 -   GP ADMX file name: *power.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-printers.md
+++ b/windows/client-management/mdm/policy-csp-printers.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Printers
@ -139,6 +139,7 @@ If you disable this policy setting:
 ADMX Info:  
 -   GP english name: *Point and Print Restrictions*
 -   GP name: *PointAndPrint_Restrictions*
+-   GP path: *Control Panel/Printers*
 -   GP ADMX file name: *Printing.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-privacy.md
+++ b/windows/client-management/mdm/policy-csp-privacy.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Privacy
--- a/windows/client-management/mdm/policy-csp-remoteassistance.md
+++ b/windows/client-management/mdm/policy-csp-remoteassistance.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - RemoteAssistance
@ -70,6 +70,7 @@ If you do not configure this policy setting, the user sees the default warning m
 ADMX Info:  
 -   GP english name: *Customize warning messages*
 -   GP name: *RA_Options*
+-   GP path: *System/Remote Assistance*
 -   GP ADMX file name: *remoteassistance.admx*

 <!--EndADMX-->
@ -121,6 +122,7 @@ If you do not configure this setting, application-based settings are used.
 ADMX Info:  
 -   GP english name: *Turn on session logging*
 -   GP name: *RA_Logging*
+-   GP path: *System/Remote Assistance*
 -   GP ADMX file name: *remoteassistance.admx*

 <!--EndADMX-->
@ -180,6 +182,7 @@ If you enable this policy setting you should also enable appropriate firewall ex
 ADMX Info:  
 -   GP english name: *Configure Solicited Remote Assistance*
 -   GP name: *RA_Solicit*
+-   GP path: *System/Remote Assistance*
 -   GP ADMX file name: *remoteassistance.admx*

 <!--EndADMX-->
@ -262,6 +265,7 @@ Allow Remote Desktop Exception
 ADMX Info:  
 -   GP english name: *Configure Offer Remote Assistance*
 -   GP name: *RA_Unsolicit*
+-   GP path: *System/Remote Assistance*
 -   GP ADMX file name: *remoteassistance.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-remotedesktopservices.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - RemoteDesktopServices
@ -70,6 +70,7 @@ You can limit the number of users who can connect simultaneously by configuring
 ADMX Info:  
 -   GP english name: *Allow users to connect remotely by using Remote Desktop Services*
 -   GP name: *TS_DISABLE_CONNECTIONS*
+-   GP path: *Windows Components/Remote Desktop Services/Remote Desktop Session Host/Connections*
 -   GP ADMX file name: *terminalserver.admx*

 <!--EndADMX-->
@ -129,6 +130,7 @@ FIPS compliance can be configured through the System cryptography. Use FIPS comp
 ADMX Info:  
 -   GP english name: *Set client connection encryption level*
 -   GP name: *TS_ENCRYPTION_POLICY*
+-   GP path: *Windows Components/Remote Desktop Services/Remote Desktop Session Host/Security*
 -   GP ADMX file name: *terminalserver.admx*

 <!--EndADMX-->
@ -182,6 +184,7 @@ If you do not configure this policy setting, client drive redirection and Clipbo
 ADMX Info:  
 -   GP english name: *Do not allow drive redirection*
 -   GP name: *TS_CLIENT_DRIVE_M*
+-   GP path: *Windows Components/Remote Desktop Services/Remote Desktop Session Host/Device and Resource Redirection*
 -   GP ADMX file name: *terminalserver.admx*

 <!--EndADMX-->
@ -231,6 +234,7 @@ If you disable this setting or leave it not configured, the user will be able to
 ADMX Info:  
 -   GP english name: *Do not allow passwords to be saved*
 -   GP name: *TS_CLIENT_DISABLE_PASSWORD_SAVING_2*
+-   GP path: *Windows Components/Remote Desktop Services/Remote Desktop Connection Client*
 -   GP ADMX file name: *terminalserver.admx*

 <!--EndADMX-->
@ -286,6 +290,7 @@ If you do not configure this policy setting, automatic logon is not specified at
 ADMX Info:  
 -   GP english name: *Always prompt for password upon connection*
 -   GP name: *TS_PASSWORD*
+-   GP path: *Windows Components/Remote Desktop Services/Remote Desktop Session Host/Security*
 -   GP ADMX file name: *terminalserver.admx*

 <!--EndADMX-->
@ -341,6 +346,7 @@ Note: The RPC interface is used for administering and configuring Remote Desktop
 ADMX Info:  
 -   GP english name: *Require secure RPC communication*
 -   GP name: *TS_RPC_ENCRYPTION*
+-   GP path: *Windows Components/Remote Desktop Services/Remote Desktop Session Host/Security*
 -   GP ADMX file name: *terminalserver.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-remotemanagement.md
+++ b/windows/client-management/mdm/policy-csp-remotemanagement.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - RemoteManagement
@ -58,6 +58,7 @@ ms.date: 07/14/2017
 ADMX Info:  
 -   GP english name: *Allow Basic authentication*
 -   GP name: *AllowBasic_2*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Client*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -101,6 +102,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Allow Basic authentication*
 -   GP name: *AllowBasic_1*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Service*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -144,6 +146,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Allow CredSSP authentication*
 -   GP name: *AllowCredSSP_2*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Client*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -187,6 +190,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Allow CredSSP authentication*
 -   GP name: *AllowCredSSP_1*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Service*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -230,6 +234,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Allow remote server management through WinRM*
 -   GP name: *AllowAutoConfig*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Service*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -273,6 +278,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Allow unencrypted traffic*
 -   GP name: *AllowUnencrypted_2*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Client*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -316,6 +322,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Allow unencrypted traffic*
 -   GP name: *AllowUnencrypted_1*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Service*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -359,6 +366,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Disallow Digest authentication*
 -   GP name: *DisallowDigest*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Client*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -402,6 +410,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Disallow Negotiate authentication*
 -   GP name: *DisallowNegotiate_2*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Client*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -445,6 +454,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Disallow Negotiate authentication*
 -   GP name: *DisallowNegotiate_1*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Service*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -488,6 +498,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Disallow WinRM from storing RunAs credentials*
 -   GP name: *DisableRunAs*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Service*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -531,6 +542,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify channel binding token hardening level*
 -   GP name: *CBTHardeningLevel_1*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Service*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -574,6 +586,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Trusted Hosts*
 -   GP name: *TrustedHosts*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Client*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -617,6 +630,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Turn On Compatibility HTTP Listener*
 -   GP name: *HttpCompatibilityListener*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Service*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
@ -660,6 +674,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Turn On Compatibility HTTPS Listener*
 -   GP name: *HttpsCompatibilityListener*
+-   GP path: *Windows Components/Windows Remote Management (WinRM)/WinRM Service*
 -   GP ADMX file name: *WindowsRemoteManagement.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-remoteprocedurecall.md
+++ b/windows/client-management/mdm/policy-csp-remoteprocedurecall.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - RemoteProcedureCall
@ -68,6 +68,7 @@ Note: This policy will not be applied until the system is rebooted.
 ADMX Info:  
 -   GP english name: *Enable RPC Endpoint Mapper Client Authentication*
 -   GP name: *RpcEnableAuthEpResolution*
+-   GP path: *System/Remote Procedure Call*
 -   GP ADMX file name: *rpc.admx*

 <!--EndADMX-->
@ -129,6 +130,7 @@ Note: This policy setting will not be applied until the system is rebooted.
 ADMX Info:  
 -   GP english name: *Restrict Unauthenticated RPC clients*
 -   GP name: *RpcRestrictRemoteClients*
+-   GP path: *System/Remote Procedure Call*
 -   GP ADMX file name: *rpc.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-remoteshell.md
+++ b/windows/client-management/mdm/policy-csp-remoteshell.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - RemoteShell
@ -58,6 +58,7 @@ ms.date: 07/14/2017
 ADMX Info:  
 -   GP english name: *Allow Remote Shell Access*
 -   GP name: *AllowRemoteShellAccess*
+-   GP path: *Windows Components/Windows Remote Shell*
 -   GP ADMX file name: *WindowsRemoteShell.admx*

 <!--EndADMX-->
@ -101,6 +102,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *MaxConcurrentUsers*
 -   GP name: *MaxConcurrentUsers*
+-   GP path: *Windows Components/Windows Remote Shell*
 -   GP ADMX file name: *WindowsRemoteShell.admx*

 <!--EndADMX-->
@ -144,6 +146,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify idle Timeout*
 -   GP name: *IdleTimeout*
+-   GP path: *Windows Components/Windows Remote Shell*
 -   GP ADMX file name: *WindowsRemoteShell.admx*

 <!--EndADMX-->
@ -187,6 +190,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify maximum amount of memory in MB per Shell*
 -   GP name: *MaxMemoryPerShellMB*
+-   GP path: *Windows Components/Windows Remote Shell*
 -   GP ADMX file name: *WindowsRemoteShell.admx*

 <!--EndADMX-->
@ -230,6 +234,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify maximum number of processes per Shell*
 -   GP name: *MaxProcessesPerShell*
+-   GP path: *Windows Components/Windows Remote Shell*
 -   GP ADMX file name: *WindowsRemoteShell.admx*

 <!--EndADMX-->
@ -273,6 +278,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify maximum number of remote shells per user*
 -   GP name: *MaxShellsPerUser*
+-   GP path: *Windows Components/Windows Remote Shell*
 -   GP ADMX file name: *WindowsRemoteShell.admx*

 <!--EndADMX-->
@ -316,6 +322,7 @@ ADMX Info:
 ADMX Info:  
 -   GP english name: *Specify Shell Timeout*
 -   GP name: *ShellTimeOut*
+-   GP path: *Windows Components/Windows Remote Shell*
 -   GP ADMX file name: *WindowsRemoteShell.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-search.md
+++ b/windows/client-management/mdm/policy-csp-search.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Search
--- a/windows/client-management/mdm/policy-csp-security.md
+++ b/windows/client-management/mdm/policy-csp-security.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/26/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Security
@ -216,6 +216,45 @@ ms.date: 07/26/2017
 -   0 – Don't allow Anti Theft Mode.
 -   1 (default) – Anti Theft Mode will follow the default device configuration (region-dependent).

+<!--EndDescription-->
+<!--EndPolicy-->
+<!--StartPolicy-->
+<a href="" id="security-cleartpmifnotready"></a>**Security/ClearTPMIfNotReady**  
+
+<!--StartSKU-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--EndSKU-->
+<!--StartDescription-->
+> [!NOTE]
+> This policy is only enforced in Windows 10 for desktop and not supported in Windows 10 Mobile.
+
+Added in Windows 10, version 1709. Admin access is required. The prompt will appear on first admin logon after a reboot when the TPM is in a non-ready state that can be remediated with a TPM Clear. The prompt will have a description of what clearing the TPM does and that it requires a reboot. The user can dismiss it, but it will appear on next admin logon after restart.
+
+The following list shows the supported values:
+
+-   0 (default) – Will not force recovery from a non-ready TPM state.
+-   1 – Will prompt to clear the TPM if the TPM is in a non-ready state (or reduced functionality) which can be remediated with a TPM Clear.
+
 <!--EndDescription-->
 <!--EndPolicy-->
 <!--StartPolicy-->
@ -258,45 +297,6 @@ ms.date: 07/26/2017
 -   0 (default) – Encryption enabled.
 -   1 – Encryption disabled.

-<!--EndDescription-->
-<!--EndPolicy-->
-<!--StartPolicy-->
-<a href="" id="security-cleartpmifnotready"></a>**Security/ClearTPMIfNotReady**  
-
-<!--StartSKU-->
-<table>
-<tr>
-	<th>Home</th>
-	<th>Pro</th>
-	<th>Business</th>
-	<th>Enterprise</th>
-	<th>Education</th>
-	<th>Mobile</th>
-	<th>Mobile Enterprise</th>
-</tr>
-<tr>
-	<td></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
-	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
-	<td><img src="images/crossmark.png" alt="cross mark" /></td>
-	<td><img src="images/crossmark.png" alt="cross mark" /></td>
-</tr>
-</table>
-
-<!--EndSKU-->
-<!--StartDescription-->
-> [!NOTE]
-> This policy is only enforced in Windows 10 for desktop and not supported in Windows 10 Mobile.
-
-Added in Windows 10, version 1709. Admin access is required. The prompt will appear on first admin logon after a reboot when the TPM is in a non-ready state that can be remediated with a TPM Clear. The prompt will have a description of what clearing the TPM does and that it requires a reboot. The user can dismiss it, but it will appear on next admin logon after restart.
-
-The following list shows the supported values:
-
-   0 (default) – Will not force recovery from a non-ready TPM state.
-   1 – Will prompt to clear the TPM if the TPM is in a non-ready state (or reduced functionality) which can be remediated with a TPM Clear.
-
 <!--EndDescription-->
 <!--EndPolicy-->
 <!--StartPolicy-->
--- a/windows/client-management/mdm/policy-csp-settings.md
+++ b/windows/client-management/mdm/policy-csp-settings.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Settings
--- a/windows/client-management/mdm/policy-csp-smartscreen.md
+++ b/windows/client-management/mdm/policy-csp-smartscreen.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - SmartScreen
--- a/windows/client-management/mdm/policy-csp-speech.md
+++ b/windows/client-management/mdm/policy-csp-speech.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Speech
--- a/windows/client-management/mdm/policy-csp-start.md
+++ b/windows/client-management/mdm/policy-csp-start.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Start
--- a/windows/client-management/mdm/policy-csp-storage.md
+++ b/windows/client-management/mdm/policy-csp-storage.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Storage
@ -64,6 +64,7 @@ If you disable or do not configure this policy setting, Windows will activate un
 ADMX Info:  
 -   GP english name: *Do not allow Windows to activate Enhanced Storage devices*
 -   GP name: *TCGSecurityActivationDisabled*
+-   GP path: *System/Enhanced Storage Access*
 -   GP ADMX file name: *enhancedstorage.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-system.md
+++ b/windows/client-management/mdm/policy-csp-system.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - System
@ -548,6 +548,7 @@ Also, see the "Turn off System Restore configuration" policy setting. If the "Tu
 ADMX Info:  
 -   GP english name: *Turn off System Restore*
 -   GP name: *SR_DisableSR*
+-   GP path: *System/System Restore*
 -   GP ADMX file name: *systemrestore.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-textinput.md
+++ b/windows/client-management/mdm/policy-csp-textinput.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - TextInput
@ -363,9 +363,6 @@ ms.date: 07/14/2017
 <!--StartPolicy-->
 <a href="" id="textinput-allowkoreanextendedhanja"></a>**TextInput/AllowKoreanExtendedHanja**  

-<!--StartSKU-->
-
-<!--EndSKU-->
 <!--StartDescription-->
 <p style="margin-left: 20px">This policy has been deprecated.

--- a/windows/client-management/mdm/policy-csp-timelanguagesettings.md
+++ b/windows/client-management/mdm/policy-csp-timelanguagesettings.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - TimeLanguageSettings
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Update
--- a/windows/client-management/mdm/policy-csp-wifi.md
+++ b/windows/client-management/mdm/policy-csp-wifi.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - Wifi
@ -22,9 +22,6 @@ ms.date: 07/14/2017
 <!--StartPolicy-->
 <a href="" id="wifi-allowwifihotspotreporting"></a>**WiFi/AllowWiFiHotSpotReporting**  

-<!--StartSKU-->
-
-<!--EndSKU-->
 <!--StartDescription-->
 <p style="margin-left: 20px">This policy has been deprecated.

@ -283,6 +280,8 @@ Footnote:
 <!--EndIoTCore-->

 <!--StartSurfaceHub-->
- 
+## <a href="" id="surfacehubpolicies"></a>Wifi policies supported by Microsoft Surface Hub  
+
+-   [WiFi/AllowWiFiHotSpotReporting](#wifi-allowwifihotspotreporting)  
 <!--EndSurfaceHub-->

--- a/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md
+++ b/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - WindowsDefenderSecurityCenter
--- a/windows/client-management/mdm/policy-csp-windowsinkworkspace.md
+++ b/windows/client-management/mdm/policy-csp-windowsinkworkspace.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - WindowsInkWorkspace
--- a/windows/client-management/mdm/policy-csp-windowslogon.md
+++ b/windows/client-management/mdm/policy-csp-windowslogon.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - WindowsLogon
@ -64,6 +64,7 @@ If you disable or do not configure this policy setting, users can choose which a
 ADMX Info:  
 -   GP english name: *Turn off app notifications on the lock screen*
 -   GP name: *DisableLockScreenAppNotifications*
+-   GP path: *System/Logon*
 -   GP ADMX file name: *logon.admx*

 <!--EndADMX-->
@ -113,6 +114,7 @@ If you disable or don't configure this policy setting, any user can disconnect t
 ADMX Info:  
 -   GP english name: *Do not display network selection UI*
 -   GP name: *DontDisplayNetworkSelectionUI*
+-   GP path: *System/Logon*
 -   GP ADMX file name: *logon.admx*

 <!--EndADMX-->
--- a/windows/client-management/mdm/policy-csp-wirelessdisplay.md
+++ b/windows/client-management/mdm/policy-csp-wirelessdisplay.md
@ -6,7 +6,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 07/14/2017
+ms.date: 08/09/2017
 ---

 # Policy CSP - WirelessDisplay
@ -162,9 +162,6 @@ ms.date: 07/14/2017
 <!--StartPolicy-->
 <a href="" id="wirelessdisplay-allowuserinputfromwirelessdisplayreceiver"></a>**WirelessDisplay/AllowUserInputFromWirelessDisplayReceiver**  

-<!--StartSKU-->
-
-<!--EndSKU-->
 <!--StartDescription-->
 <p style="margin-left: 20px">Added in Windows 10, version 1703.