Merged PR 5280: Added DeviceLock/MinimumPasswordAge in Policy CSP

windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md

@@ -10,7 +10,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 01/08/2018
+ms.date: 01/12/2018
 ---
 
 # What's new in MDM enrollment and management
@@ -1037,6 +1037,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
 <li>DeviceGuard/EnableVirtualizationBasedSecurity</li>
 <li>DeviceGuard/RequirePlatformSecurityFeatures</li>
 <li>DeviceGuard/LsaCfgFlags</li>
+<li>DeviceLock/MinimumPasswordAge</li>
 <li>ExploitGuard/ExploitProtectionSettings</li>
 <li>Games/AllowAdvancedGamingServices</li>
 <li>Handwriting/PanelDefaultModeDocked</li>
@@ -1085,8 +1086,10 @@ For details about Microsoft mobile device management protocols for Windows 10 s
 <li>Education/PrinterNames</li>
 <li>Search/AllowCloudSearch</li>
 <li>Security/ClearTPMIfNotReady</li>
+<li>Settings/AllowOnlineTips</li>
 <li>Start/HidePeopleBar</li>
 <li>Storage/AllowDiskHealthModelUpdates</li>
+<li>System/DisableEnterpriseAuthProxy </li>
 <li>System/LimitEnhancedDiagnosticDataWindowsAnalytics</li>
 <li>Update/AllowAutoWindowsUpdateDownloadOverMeteredNetwork</li>
 <li>Update/DisableDualScan</li>
@@ -1495,6 +1498,12 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
 <li>WindowsDefenderSecurityCenter/HideSecureBoot</li>
 <li>WindowsDefenderSecurityCenter/HideTPMTroubleshooting</li> 
 </ul>
+<p>Added the following policies the were added in Windows 10, version 1709</p>
+<ul>
+<li>DeviceLock/MinimumPasswordAge</li>
+<li>Settings/AllowOnlineTips</li>
+<li>System/DisableEnterpriseAuthProxy </li>
+</ul>
 </tbody>
 </table>
 

windows/client-management/mdm/policy-configuration-service-provider.md

@@ -7,7 +7,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 11/17/2017
+ms.date: 01/12/2018
 ---
 
 # Policy CSP
@@ -950,6 +950,9 @@ The following diagram shows the Policy configuration service provider in tree fo
   <dd>
     <a href="./policy-csp-devicelock.md#devicelock-mindevicepasswordlength" id="devicelock-mindevicepasswordlength">DeviceLock/MinDevicePasswordLength</a>
   </dd>
+  <dd>
+    <a href="./policy-csp-devicelock.md#devicelock-minimumpasswordage" id="devicelock-minimumpasswordage">DeviceLock/MinimumPasswordAge</a>
+  </dd>
   <dd>
     <a href="./policy-csp-devicelock.md#devicelock-preventlockscreenslideshow" id="devicelock-preventlockscreenslideshow">DeviceLock/PreventLockScreenSlideShow</a>
   </dd>

windows/client-management/mdm/policy-csp-devicelock.md

@@ -6,11 +6,13 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: nickbrower
-ms.date: 12/14/2017
+ms.date: 01/12/2018
 ---
 
 # Policy CSP - DeviceLock
 
+> [!WARNING]
+> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 
 <hr/>
@@ -61,6 +63,9 @@ ms.date: 12/14/2017
   <dd>
     <a href="#devicelock-mindevicepasswordlength">DeviceLock/MinDevicePasswordLength</a>
   </dd>
+  <dd>
+    <a href="#devicelock-minimumpasswordage">DeviceLock/MinimumPasswordAge</a>
+  </dd>
   <dd>
     <a href="#devicelock-preventlockscreenslideshow">DeviceLock/PreventLockScreenSlideShow</a>
   </dd>
@@ -115,7 +120,6 @@ ms.date: 12/14/2017
 > [!NOTE]
 > This policy must be wrapped in an Atomic command.
 
-
 <!--EndDescription-->
 <!--SupportedValues-->
 The following list shows the supported values:
@@ -918,6 +922,60 @@ The number of authentication failures allowed before the device will be wiped. A
 <!--EndPolicy-->
 <hr/>
 <!--StartPolicy-->
+<a href="" id="devicelock-minimumpasswordage"></a>**DeviceLock/MinimumPasswordAge**  
+
+<!--StartSKU-->
+<table>
+<tr>
+	<th>Home</th>
+	<th>Pro</th>
+	<th>Business</th>
+	<th>Enterprise</th>
+	<th>Education</th>
+	<th>Mobile</th>
+	<th>Mobile Enterprise</th>
+</tr>
+<tr>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/checkmark.png" alt="check mark" /><sup>3</sup></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+	<td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+</table>
+
+<!--EndSKU-->
+<!--StartScope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+<hr/>
+
+<!--EndScope-->
+<!--StartDescription-->
+This security setting determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow changes immediately by setting the number of days to 0.
+
+The minimum password age must be less than the Maximum password age, unless the maximum password age is set to 0, indicating that passwords will never expire. If the maximum password age is set to 0, the minimum password age can be set to any value between 0 and 998.
+
+Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cycle through passwords repeatedly until they get to an old favorite. The default setting does not follow this recommendation, so that an administrator can specify a password for a user and then require the user to change the administrator-defined password when the user logs on. If the password history is set to 0, the user does not have to choose a new password. For this reason, Enforce password history is set to 1 by default.
+
+<!--EndDescription-->
+<!--SupportedValues-->
+
+<!--/SupportedValues-->
+<!--Example-->
+
+<!--/Example-->
+<!--Validation-->
+
+<!--/Validation-->
+<!--EndPolicy-->
+<hr/>
+<!--StartPolicy-->
 <a href="" id="devicelock-preventlockscreenslideshow"></a>**DeviceLock/PreventLockScreenSlideShow**  
 
 <!--StartSKU-->