Add more CSPs

2025-05-12 05:17:22 +00:00 · 2022-12-08 12:24:59 -05:00 · 2022-12-08 12:24:59 -05:00 · e6506ccd23
commit e6506ccd23
parent 32c502a3b5
10 changed files with 2485 additions and 5969 deletions
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
@ -4,7 +4,7 @@ description: Learn about the policies in Policy CSP supported by Group Policy.
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.date: 12/07/2022
+ms.date: 12/08/2022
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
@ -17,924 +17,6 @@ ms.topic: reference

 This article lists the policies in Policy CSP that have a group policy mapping.

-## AboveLock
-
- [AllowCortanaAboveLock](policy-csp-abovelock.md)
-
-## Accounts
-
- [RestrictToEnterpriseDeviceAuthenticationOnly](policy-csp-accounts.md)
-
-## ApplicationDefaults
-
- [DefaultAssociationsConfiguration](policy-csp-applicationdefaults.md)
- [EnableAppUriHandlers](policy-csp-applicationdefaults.md)
-
-## ApplicationManagement
-
- [RequirePrivateStoreOnly](policy-csp-applicationmanagement.md)
- [MSIAlwaysInstallWithElevatedPrivileges](policy-csp-applicationmanagement.md)
- [AllowAllTrustedApps](policy-csp-applicationmanagement.md)
- [AllowAppStoreAutoUpdate](policy-csp-applicationmanagement.md)
- [AllowAutomaticAppArchiving](policy-csp-applicationmanagement.md)
- [AllowDeveloperUnlock](policy-csp-applicationmanagement.md)
- [AllowGameDVR](policy-csp-applicationmanagement.md)
- [AllowSharedUserAppData](policy-csp-applicationmanagement.md)
- [RequirePrivateStoreOnly](policy-csp-applicationmanagement.md)
- [MSIAlwaysInstallWithElevatedPrivileges](policy-csp-applicationmanagement.md)
- [MSIAllowUserControlOverInstall](policy-csp-applicationmanagement.md)
- [RestrictAppDataToSystemVolume](policy-csp-applicationmanagement.md)
- [RestrictAppToSystemVolume](policy-csp-applicationmanagement.md)
- [DisableStoreOriginatedApps](policy-csp-applicationmanagement.md)
- [BlockNonAdminUserInstall](policy-csp-applicationmanagement.md)
-
-## Audit
-
- [AccountLogon_AuditCredentialValidation](policy-csp-audit.md)
- [AccountLogon_AuditKerberosAuthenticationService](policy-csp-audit.md)
- [AccountLogon_AuditKerberosServiceTicketOperations](policy-csp-audit.md)
- [AccountLogon_AuditOtherAccountLogonEvents](policy-csp-audit.md)
- [AccountManagement_AuditApplicationGroupManagement](policy-csp-audit.md)
- [AccountManagement_AuditComputerAccountManagement](policy-csp-audit.md)
- [AccountManagement_AuditDistributionGroupManagement](policy-csp-audit.md)
- [AccountManagement_AuditOtherAccountManagementEvents](policy-csp-audit.md)
- [AccountManagement_AuditSecurityGroupManagement](policy-csp-audit.md)
- [AccountManagement_AuditUserAccountManagement](policy-csp-audit.md)
- [DetailedTracking_AuditDPAPIActivity](policy-csp-audit.md)
- [DetailedTracking_AuditPNPActivity](policy-csp-audit.md)
- [DetailedTracking_AuditProcessCreation](policy-csp-audit.md)
- [DetailedTracking_AuditProcessTermination](policy-csp-audit.md)
- [DetailedTracking_AuditRPCEvents](policy-csp-audit.md)
- [DetailedTracking_AuditTokenRightAdjusted](policy-csp-audit.md)
- [DSAccess_AuditDetailedDirectoryServiceReplication](policy-csp-audit.md)
- [DSAccess_AuditDirectoryServiceAccess](policy-csp-audit.md)
- [DSAccess_AuditDirectoryServiceChanges](policy-csp-audit.md)
- [DSAccess_AuditDirectoryServiceReplication](policy-csp-audit.md)
- [AccountLogonLogoff_AuditAccountLockout](policy-csp-audit.md)
- [AccountLogonLogoff_AuditUserDeviceClaims](policy-csp-audit.md)
- [AccountLogonLogoff_AuditGroupMembership](policy-csp-audit.md)
- [AccountLogonLogoff_AuditIPsecExtendedMode](policy-csp-audit.md)
- [AccountLogonLogoff_AuditIPsecMainMode](policy-csp-audit.md)
- [AccountLogonLogoff_AuditIPsecQuickMode](policy-csp-audit.md)
- [AccountLogonLogoff_AuditLogoff](policy-csp-audit.md)
- [AccountLogonLogoff_AuditLogon](policy-csp-audit.md)
- [AccountLogonLogoff_AuditNetworkPolicyServer](policy-csp-audit.md)
- [AccountLogonLogoff_AuditOtherLogonLogoffEvents](policy-csp-audit.md)
- [AccountLogonLogoff_AuditSpecialLogon](policy-csp-audit.md)
- [ObjectAccess_AuditApplicationGenerated](policy-csp-audit.md)
- [ObjectAccess_AuditCertificationServices](policy-csp-audit.md)
- [ObjectAccess_AuditDetailedFileShare](policy-csp-audit.md)
- [ObjectAccess_AuditFileShare](policy-csp-audit.md)
- [ObjectAccess_AuditFileSystem](policy-csp-audit.md)
- [ObjectAccess_AuditFilteringPlatformConnection](policy-csp-audit.md)
- [ObjectAccess_AuditFilteringPlatformPacketDrop](policy-csp-audit.md)
- [ObjectAccess_AuditHandleManipulation](policy-csp-audit.md)
- [ObjectAccess_AuditKernelObject](policy-csp-audit.md)
- [ObjectAccess_AuditOtherObjectAccessEvents](policy-csp-audit.md)
- [ObjectAccess_AuditRegistry](policy-csp-audit.md)
- [ObjectAccess_AuditRemovableStorage](policy-csp-audit.md)
- [ObjectAccess_AuditSAM](policy-csp-audit.md)
- [ObjectAccess_AuditCentralAccessPolicyStaging](policy-csp-audit.md)
- [PolicyChange_AuditPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditAuthenticationPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditAuthorizationPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditFilteringPlatformPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditMPSSVCRuleLevelPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditOtherPolicyChangeEvents](policy-csp-audit.md)
- [PrivilegeUse_AuditNonSensitivePrivilegeUse](policy-csp-audit.md)
- [PrivilegeUse_AuditOtherPrivilegeUseEvents](policy-csp-audit.md)
- [PrivilegeUse_AuditSensitivePrivilegeUse](policy-csp-audit.md)
- [System_AuditIPsecDriver](policy-csp-audit.md)
- [System_AuditOtherSystemEvents](policy-csp-audit.md)
- [System_AuditSecurityStateChange](policy-csp-audit.md)
- [System_AuditSecuritySystemExtension](policy-csp-audit.md)
- [System_AuditSystemIntegrity](policy-csp-audit.md)
-
-## Authentication
-
- [AllowSecondaryAuthenticationDevice](policy-csp-authentication.md)
-
-## BITS
-
- [JobInactivityTimeout](policy-csp-bits.md)
- [BandwidthThrottlingStartTime](policy-csp-bits.md)
- [BandwidthThrottlingEndTime](policy-csp-bits.md)
- [BandwidthThrottlingTransferRate](policy-csp-bits.md)
- [CostedNetworkBehaviorForegroundPriority](policy-csp-bits.md)
- [CostedNetworkBehaviorBackgroundPriority](policy-csp-bits.md)
-
-## Browser
-
- [AllowAddressBarDropdown](policy-csp-browser.md)
- [AllowAutofill](policy-csp-browser.md)
- [AllowCookies](policy-csp-browser.md)
- [AllowDeveloperTools](policy-csp-browser.md)
- [AllowDoNotTrack](policy-csp-browser.md)
- [AllowExtensions](policy-csp-browser.md)
- [AllowFlash](policy-csp-browser.md)
- [AllowFlashClickToRun](policy-csp-browser.md)
- [AllowFullScreenMode](policy-csp-browser.md)
- [AllowInPrivate](policy-csp-browser.md)
- [AllowMicrosoftCompatibilityList](policy-csp-browser.md)
- [ConfigureTelemetryForMicrosoft365Analytics](policy-csp-browser.md)
- [AllowPasswordManager](policy-csp-browser.md)
- [AllowPopups](policy-csp-browser.md)
- [AllowPrinting](policy-csp-browser.md)
- [AllowSavingHistory](policy-csp-browser.md)
- [AllowSearchEngineCustomization](policy-csp-browser.md)
- [AllowSearchSuggestionsinAddressBar](policy-csp-browser.md)
- [AllowSideloadingOfExtensions](policy-csp-browser.md)
- [AllowSmartScreen](policy-csp-browser.md)
- [AllowWebContentOnNewTabPage](policy-csp-browser.md)
- [AlwaysEnableBooksLibrary](policy-csp-browser.md)
- [ClearBrowsingDataOnExit](policy-csp-browser.md)
- [ConfigureAdditionalSearchEngines](policy-csp-browser.md)
- [ConfigureFavoritesBar](policy-csp-browser.md)
- [ConfigureHomeButton](policy-csp-browser.md)
- [ConfigureOpenMicrosoftEdgeWith](policy-csp-browser.md)
- [DisableLockdownOfStartPages](policy-csp-browser.md)
- [EnableExtendedBooksTelemetry](policy-csp-browser.md)
- [AllowTabPreloading](policy-csp-browser.md)
- [AllowPrelaunch](policy-csp-browser.md)
- [EnterpriseModeSiteList](policy-csp-browser.md)
- [PreventTurningOffRequiredExtensions](policy-csp-browser.md)
- [HomePages](policy-csp-browser.md)
- [LockdownFavorites](policy-csp-browser.md)
- [ConfigureKioskMode](policy-csp-browser.md)
- [ConfigureKioskResetAfterIdleTimeout](policy-csp-browser.md)
- [PreventAccessToAboutFlagsInMicrosoftEdge](policy-csp-browser.md)
- [PreventFirstRunPage](policy-csp-browser.md)
- [PreventCertErrorOverrides](policy-csp-browser.md)
- [PreventSmartScreenPromptOverride](policy-csp-browser.md)
- [PreventSmartScreenPromptOverrideForFiles](policy-csp-browser.md)
- [PreventLiveTileDataCollection](policy-csp-browser.md)
- [PreventUsingLocalHostIPAddressForWebRTC](policy-csp-browser.md)
- [ProvisionFavorites](policy-csp-browser.md)
- [SendIntranetTraffictoInternetExplorer](policy-csp-browser.md)
- [SetDefaultSearchEngine](policy-csp-browser.md)
- [SetHomeButtonURL](policy-csp-browser.md)
- [SetNewTabPageURL](policy-csp-browser.md)
- [ShowMessageWhenOpeningSitesInInternetExplorer](policy-csp-browser.md)
- [SyncFavoritesBetweenIEAndMicrosoftEdge](policy-csp-browser.md)
- [UnlockHomeButton](policy-csp-browser.md)
- [UseSharedFolderForBooks](policy-csp-browser.md)
- [AllowAddressBarDropdown](policy-csp-browser.md)
- [AllowAutofill](policy-csp-browser.md)
- [AllowCookies](policy-csp-browser.md)
- [AllowDeveloperTools](policy-csp-browser.md)
- [AllowDoNotTrack](policy-csp-browser.md)
- [AllowExtensions](policy-csp-browser.md)
- [AllowFlash](policy-csp-browser.md)
- [AllowFlashClickToRun](policy-csp-browser.md)
- [AllowFullScreenMode](policy-csp-browser.md)
- [AllowInPrivate](policy-csp-browser.md)
- [AllowMicrosoftCompatibilityList](policy-csp-browser.md)
- [ConfigureTelemetryForMicrosoft365Analytics](policy-csp-browser.md)
- [AllowPasswordManager](policy-csp-browser.md)
- [AllowPopups](policy-csp-browser.md)
- [AllowPrinting](policy-csp-browser.md)
- [AllowSavingHistory](policy-csp-browser.md)
- [AllowSearchEngineCustomization](policy-csp-browser.md)
- [AllowSearchSuggestionsinAddressBar](policy-csp-browser.md)
- [AllowSideloadingOfExtensions](policy-csp-browser.md)
- [AllowSmartScreen](policy-csp-browser.md)
- [AllowWebContentOnNewTabPage](policy-csp-browser.md)
- [AlwaysEnableBooksLibrary](policy-csp-browser.md)
- [ClearBrowsingDataOnExit](policy-csp-browser.md)
- [ConfigureAdditionalSearchEngines](policy-csp-browser.md)
- [ConfigureFavoritesBar](policy-csp-browser.md)
- [ConfigureHomeButton](policy-csp-browser.md)
- [ConfigureOpenMicrosoftEdgeWith](policy-csp-browser.md)
- [DisableLockdownOfStartPages](policy-csp-browser.md)
- [EnableExtendedBooksTelemetry](policy-csp-browser.md)
- [AllowTabPreloading](policy-csp-browser.md)
- [AllowPrelaunch](policy-csp-browser.md)
- [EnterpriseModeSiteList](policy-csp-browser.md)
- [PreventTurningOffRequiredExtensions](policy-csp-browser.md)
- [HomePages](policy-csp-browser.md)
- [LockdownFavorites](policy-csp-browser.md)
- [ConfigureKioskMode](policy-csp-browser.md)
- [ConfigureKioskResetAfterIdleTimeout](policy-csp-browser.md)
- [PreventAccessToAboutFlagsInMicrosoftEdge](policy-csp-browser.md)
- [PreventFirstRunPage](policy-csp-browser.md)
- [PreventCertErrorOverrides](policy-csp-browser.md)
- [PreventSmartScreenPromptOverride](policy-csp-browser.md)
- [PreventSmartScreenPromptOverrideForFiles](policy-csp-browser.md)
- [PreventLiveTileDataCollection](policy-csp-browser.md)
- [PreventUsingLocalHostIPAddressForWebRTC](policy-csp-browser.md)
- [ProvisionFavorites](policy-csp-browser.md)
- [SendIntranetTraffictoInternetExplorer](policy-csp-browser.md)
- [SetDefaultSearchEngine](policy-csp-browser.md)
- [SetHomeButtonURL](policy-csp-browser.md)
- [SetNewTabPageURL](policy-csp-browser.md)
- [ShowMessageWhenOpeningSitesInInternetExplorer](policy-csp-browser.md)
- [SyncFavoritesBetweenIEAndMicrosoftEdge](policy-csp-browser.md)
- [UnlockHomeButton](policy-csp-browser.md)
- [UseSharedFolderForBooks](policy-csp-browser.md)
-
-## Camera
-
- [AllowCamera](policy-csp-camera.md)
-
-## Cellular
-
- [LetAppsAccessCellularData](policy-csp-cellular.md)
- [LetAppsAccessCellularData_ForceAllowTheseApps](policy-csp-cellular.md)
- [LetAppsAccessCellularData_ForceDenyTheseApps](policy-csp-cellular.md)
- [LetAppsAccessCellularData_UserInControlOfTheseApps](policy-csp-cellular.md)
-
-## Connectivity
-
- [AllowCellularDataRoaming](policy-csp-connectivity.md)
- [AllowPhonePCLinking](policy-csp-connectivity.md)
- [DisallowNetworkConnectivityActiveTests](policy-csp-connectivity.md)
-
-## Cryptography
-
- [AllowFipsAlgorithmPolicy](policy-csp-cryptography.md)
-
-## Defender
-
- [AllowArchiveScanning](policy-csp-defender.md)
- [AllowBehaviorMonitoring](policy-csp-defender.md)
- [AllowCloudProtection](policy-csp-defender.md)
- [AllowEmailScanning](policy-csp-defender.md)
- [AllowFullScanOnMappedNetworkDrives](policy-csp-defender.md)
- [AllowFullScanRemovableDriveScanning](policy-csp-defender.md)
- [AllowIOAVProtection](policy-csp-defender.md)
- [AllowOnAccessProtection](policy-csp-defender.md)
- [AllowRealtimeMonitoring](policy-csp-defender.md)
- [AllowScanningNetworkFiles](policy-csp-defender.md)
- [AllowUserUIAccess](policy-csp-defender.md)
- [AttackSurfaceReductionOnlyExclusions](policy-csp-defender.md)
- [AttackSurfaceReductionRules](policy-csp-defender.md)
- [AvgCPULoadFactor](policy-csp-defender.md)
- [CloudBlockLevel](policy-csp-defender.md)
- [CloudExtendedTimeout](policy-csp-defender.md)
- [ControlledFolderAccessAllowedApplications](policy-csp-defender.md)
- [CheckForSignaturesBeforeRunningScan](policy-csp-defender.md)
- [SecurityIntelligenceLocation](policy-csp-defender.md)
- [ControlledFolderAccessProtectedFolders](policy-csp-defender.md)
- [DaysToRetainCleanedMalware](policy-csp-defender.md)
- [DisableCatchupFullScan](policy-csp-defender.md)
- [DisableCatchupQuickScan](policy-csp-defender.md)
- [EnableControlledFolderAccess](policy-csp-defender.md)
- [EnableLowCPUPriority](policy-csp-defender.md)
- [EnableNetworkProtection](policy-csp-defender.md)
- [ExcludedPaths](policy-csp-defender.md)
- [ExcludedExtensions](policy-csp-defender.md)
- [ExcludedProcesses](policy-csp-defender.md)
- [PUAProtection](policy-csp-defender.md)
- [RealTimeScanDirection](policy-csp-defender.md)
- [ScanParameter](policy-csp-defender.md)
- [ScheduleQuickScanTime](policy-csp-defender.md)
- [ScheduleScanDay](policy-csp-defender.md)
- [ScheduleScanTime](policy-csp-defender.md)
- [SignatureUpdateFallbackOrder](policy-csp-defender.md)
- [SignatureUpdateFileSharesSources](policy-csp-defender.md)
- [SignatureUpdateInterval](policy-csp-defender.md)
- [SubmitSamplesConsent](policy-csp-defender.md)
- [ThreatSeverityDefaultAction](policy-csp-defender.md)
-
-## DeliveryOptimization
-
- [DODownloadMode](policy-csp-deliveryoptimization.md)
- [DOGroupId](policy-csp-deliveryoptimization.md)
- [DOMaxCacheSize](policy-csp-deliveryoptimization.md)
- [DOAbsoluteMaxCacheSize](policy-csp-deliveryoptimization.md)
- [DOMaxCacheAge](policy-csp-deliveryoptimization.md)
- [DOMonthlyUploadDataCap](policy-csp-deliveryoptimization.md)
- [DOMinBackgroundQos](policy-csp-deliveryoptimization.md)
- [DOModifyCacheDrive](policy-csp-deliveryoptimization.md)
- [DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md)
- [DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md)
- [DOPercentageMaxBackgroundBandwidth](policy-csp-deliveryoptimization.md)
- [DOPercentageMaxForegroundBandwidth](policy-csp-deliveryoptimization.md)
- [DOMinFileSizeToCache](policy-csp-deliveryoptimization.md)
- [DOAllowVPNPeerCaching](policy-csp-deliveryoptimization.md)
- [DOMinRAMAllowedToPeer](policy-csp-deliveryoptimization.md)
- [DOMinDiskSizeAllowedToPeer](policy-csp-deliveryoptimization.md)
- [DOMinBatteryPercentageAllowedToUpload](policy-csp-deliveryoptimization.md)
- [DOCacheHost](policy-csp-deliveryoptimization.md)
- [DOCacheHostSource](policy-csp-deliveryoptimization.md)
- [DODisallowCacheServerDownloadsOnVPN](policy-csp-deliveryoptimization.md)
- [DOGroupIdSource](policy-csp-deliveryoptimization.md)
- [DODelayBackgroundDownloadFromHttp](policy-csp-deliveryoptimization.md)
- [DODelayForegroundDownloadFromHttp](policy-csp-deliveryoptimization.md)
- [DODelayCacheServerFallbackBackground](policy-csp-deliveryoptimization.md)
- [DODelayCacheServerFallbackForeground](policy-csp-deliveryoptimization.md)
- [DORestrictPeerSelectionBy](policy-csp-deliveryoptimization.md)
- [DOVpnKeywords](policy-csp-deliveryoptimization.md)
-
-## DeviceGuard
-
- [EnableVirtualizationBasedSecurity](policy-csp-deviceguard.md)
- [RequirePlatformSecurityFeatures](policy-csp-deviceguard.md)
- [LsaCfgFlags](policy-csp-deviceguard.md)
- [ConfigureSystemGuardLaunch](policy-csp-deviceguard.md)
-
-## DeviceLock
-
- [MinimumPasswordAge](policy-csp-devicelock.md)
- [MaximumPasswordAge](policy-csp-devicelock.md)
- [ClearTextPassword](policy-csp-devicelock.md)
- [PasswordComplexity](policy-csp-devicelock.md)
- [PasswordHistorySize](policy-csp-devicelock.md)
-
-## Display
-
- [EnablePerProcessDpi](policy-csp-display.md)
- [TurnOnGdiDPIScalingForApps](policy-csp-display.md)
- [TurnOffGdiDPIScalingForApps](policy-csp-display.md)
- [EnablePerProcessDpi](policy-csp-display.md)
- [EnablePerProcessDpiForApps](policy-csp-display.md)
- [DisablePerProcessDpiForApps](policy-csp-display.md)
-
-## DmaGuard
-
- [DeviceEnumerationPolicy](policy-csp-dmaguard.md)
-
-## Education
-
- [AllowGraphingCalculator](policy-csp-education.md)
- [PreventAddingNewPrinters](policy-csp-education.md)
-
-## Experience
-
- [AllowSpotlightCollection](policy-csp-experience.md)
- [AllowThirdPartySuggestionsInWindowsSpotlight](policy-csp-experience.md)
- [AllowWindowsSpotlight](policy-csp-experience.md)
- [AllowWindowsSpotlightOnActionCenter](policy-csp-experience.md)
- [AllowWindowsSpotlightOnSettings](policy-csp-experience.md)
- [AllowWindowsSpotlightWindowsWelcomeExperience](policy-csp-experience.md)
- [AllowTailoredExperiencesWithDiagnosticData](policy-csp-experience.md)
- [ConfigureWindowsSpotlightOnLockScreen](policy-csp-experience.md)
- [AllowCortana](policy-csp-experience.md)
- [AllowWindowsConsumerFeatures](policy-csp-experience.md)
- [AllowWindowsTips](policy-csp-experience.md)
- [DoNotShowFeedbackNotifications](policy-csp-experience.md)
- [AllowFindMyDevice](policy-csp-experience.md)
- [AllowClipboardHistory](policy-csp-experience.md)
- [DoNotSyncBrowserSettings](policy-csp-experience.md)
- [PreventUsersFromTurningOnBrowserSyncing](policy-csp-experience.md)
- [ShowLockOnUserTile](policy-csp-experience.md)
- [DisableCloudOptimizedContent](policy-csp-experience.md)
- [DisableConsumerAccountStateContent](policy-csp-experience.md)
- [ConfigureChatIcon](policy-csp-experience.md)
-
-## ExploitGuard
-
- [ExploitProtectionSettings](policy-csp-exploitguard.md)
-
-## FileExplorer
-
- [DisableGraphRecentItems](policy-csp-fileexplorer.md)
-
-## Handwriting
-
- [PanelDefaultModeDocked](policy-csp-handwriting.md)
-
-## HumanPresence
-
- [ForceInstantWake](policy-csp-humanpresence.md)
- [ForceInstantLock](policy-csp-humanpresence.md)
- [ForceLockTimeout](policy-csp-humanpresence.md)
- [ForceInstantDim](policy-csp-humanpresence.md)
-
-## Kerberos
-
- [PKInitHashAlgorithmConfiguration](policy-csp-kerberos.md)
- [PKInitHashAlgorithmSHA1](policy-csp-kerberos.md)
- [PKInitHashAlgorithmSHA256](policy-csp-kerberos.md)
- [PKInitHashAlgorithmSHA384](policy-csp-kerberos.md)
- [PKInitHashAlgorithmSHA512](policy-csp-kerberos.md)
- [CloudKerberosTicketRetrievalEnabled](policy-csp-kerberos.md)
-
-## LanmanWorkstation
-
- [EnableInsecureGuestLogons](policy-csp-lanmanworkstation.md)
-
-## Licensing
-
- [AllowWindowsEntitlementReactivation](policy-csp-licensing.md)
- [DisallowKMSClientOnlineAVSValidation](policy-csp-licensing.md)
-
-## LocalPoliciesSecurityOptions
-
- [Accounts_EnableAdministratorAccountStatus](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_BlockMicrosoftAccounts](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_EnableGuestAccountStatus](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_RenameAdministratorAccount](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_RenameGuestAccount](policy-csp-localpoliciessecurityoptions.md)
- [Devices_AllowUndockWithoutHavingToLogon](policy-csp-localpoliciessecurityoptions.md)
- [Devices_AllowedToFormatAndEjectRemovableMedia](policy-csp-localpoliciessecurityoptions.md)
- [Devices_PreventUsersFromInstallingPrinterDriversWhenConnectingToSharedPrinters](policy-csp-localpoliciessecurityoptions.md)
- [Devices_RestrictCDROMAccessToLocallyLoggedOnUserOnly](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_DoNotRequireCTRLALTDEL](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_DoNotDisplayLastSignedIn](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_DoNotDisplayUsernameAtSignIn](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_MachineInactivityLimit](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_MessageTextForUsersAttemptingToLogOn](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_MessageTitleForUsersAttemptingToLogOn](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_SmartCardRemovalBehavior](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkClient_DigitallySignCommunicationsAlways](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkServer_DigitallySignCommunicationsAlways](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkServer_DigitallySignCommunicationsIfClientAgrees](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_AllowAnonymousSIDOrNameTranslation](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_AllowPKU2UAuthenticationRequests](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_ForceLogoffWhenLogonHoursExpire](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_LANManagerAuthenticationLevel](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_RestrictNTLM_AddRemoteServerExceptionsForNTLMAuthentication](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_RestrictNTLM_AuditIncomingNTLMTraffic](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_RestrictNTLM_IncomingNTLMTraffic](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_RestrictNTLM_OutgoingNTLMTrafficToRemoteServers](policy-csp-localpoliciessecurityoptions.md)
- [Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn](policy-csp-localpoliciessecurityoptions.md)
- [Shutdown_ClearVirtualMemoryPageFile](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_UseAdminApprovalMode](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_AllowUIAccessApplicationsToPromptForElevation](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_BehaviorOfTheElevationPromptForAdministrators](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_RunAllAdministratorsInAdminApprovalMode](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_DetectApplicationInstallationsAndPromptForElevation](policy-csp-localpoliciessecurityoptions.md)
-
-## LocalSecurityAuthority
-
- [ConfigureLsaProtectedProcess](policy-csp-lsa.md)
-
-## LockDown
-
- [AllowEdgeSwipe](policy-csp-lockdown.md)
-
-## Maps
-
- [EnableOfflineMapsAutoUpdate](policy-csp-maps.md)
-
-## Messaging
-
- [AllowMessageSync](policy-csp-messaging.md)
-
-## Multitasking
-
- [BrowserAltTabBlowout](policy-csp-multitasking.md)
-
-## NetworkIsolation
-
- [EnterpriseCloudResources](policy-csp-networkisolation.md)
- [EnterpriseInternalProxyServers](policy-csp-networkisolation.md)
- [EnterpriseIPRange](policy-csp-networkisolation.md)
- [EnterpriseIPRangesAreAuthoritative](policy-csp-networkisolation.md)
- [EnterpriseProxyServers](policy-csp-networkisolation.md)
- [EnterpriseProxyServersAreAuthoritative](policy-csp-networkisolation.md)
- [NeutralResources](policy-csp-networkisolation.md)
-
-## NewsAndInterests
-
- [AllowNewsAndInterests](policy-csp-newsandinterests.md)
-
-## Notifications
-
- [DisallowNotificationMirroring](policy-csp-notifications.md)
- [DisallowTileNotification](policy-csp-notifications.md)
- [DisallowCloudNotification](policy-csp-notifications.md)
- [WnsEndpoint](policy-csp-notifications.md)
-
-## Power
-
- [EnergySaverBatteryThresholdPluggedIn](policy-csp-power.md)
- [EnergySaverBatteryThresholdOnBattery](policy-csp-power.md)
- [SelectPowerButtonActionPluggedIn](policy-csp-power.md)
- [SelectPowerButtonActionOnBattery](policy-csp-power.md)
- [SelectSleepButtonActionPluggedIn](policy-csp-power.md)
- [SelectSleepButtonActionOnBattery](policy-csp-power.md)
- [SelectLidCloseActionPluggedIn](policy-csp-power.md)
- [SelectLidCloseActionOnBattery](policy-csp-power.md)
- [TurnOffHybridSleepPluggedIn](policy-csp-power.md)
- [TurnOffHybridSleepOnBattery](policy-csp-power.md)
- [UnattendedSleepTimeoutPluggedIn](policy-csp-power.md)
- [UnattendedSleepTimeoutOnBattery](policy-csp-power.md)
-
-## Privacy
-
- [DisablePrivacyExperience](policy-csp-privacy.md)
- [DisableAdvertisingId](policy-csp-privacy.md)
- [LetAppsGetDiagnosticInfo](policy-csp-privacy.md)
- [LetAppsGetDiagnosticInfo_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsGetDiagnosticInfo_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsGetDiagnosticInfo_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsRunInBackground](policy-csp-privacy.md)
- [LetAppsRunInBackground_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsRunInBackground_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsRunInBackground_UserInControlOfTheseApps](policy-csp-privacy.md)
- [AllowInputPersonalization](policy-csp-privacy.md)
- [LetAppsAccessAccountInfo](policy-csp-privacy.md)
- [LetAppsAccessAccountInfo_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessAccountInfo_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessAccountInfo_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCalendar](policy-csp-privacy.md)
- [LetAppsAccessCalendar_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCalendar_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCalendar_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCallHistory](policy-csp-privacy.md)
- [LetAppsAccessCallHistory_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCallHistory_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCallHistory_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCamera](policy-csp-privacy.md)
- [LetAppsAccessCamera_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCamera_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCamera_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessContacts](policy-csp-privacy.md)
- [LetAppsAccessContacts_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessContacts_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessContacts_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessEmail](policy-csp-privacy.md)
- [LetAppsAccessEmail_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessEmail_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessEmail_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureProgrammatic](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureProgrammatic_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureProgrammatic_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureProgrammatic_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureWithoutBorder](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureWithoutBorder_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureWithoutBorder_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureWithoutBorder_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessLocation](policy-csp-privacy.md)
- [LetAppsAccessLocation_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessLocation_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessLocation_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMessaging](policy-csp-privacy.md)
- [LetAppsAccessMessaging_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMessaging_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMessaging_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMicrophone](policy-csp-privacy.md)
- [LetAppsAccessMicrophone_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMicrophone_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMicrophone_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMotion](policy-csp-privacy.md)
- [LetAppsAccessMotion_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMotion_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMotion_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessNotifications](policy-csp-privacy.md)
- [LetAppsAccessNotifications_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessNotifications_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessNotifications_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessPhone](policy-csp-privacy.md)
- [LetAppsAccessPhone_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessPhone_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessPhone_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessRadios](policy-csp-privacy.md)
- [LetAppsAccessRadios_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessRadios_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessRadios_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTasks](policy-csp-privacy.md)
- [LetAppsAccessTasks_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTasks_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTasks_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTrustedDevices](policy-csp-privacy.md)
- [LetAppsAccessTrustedDevices_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTrustedDevices_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTrustedDevices_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsSyncWithDevices](policy-csp-privacy.md)
- [LetAppsSyncWithDevices_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsSyncWithDevices_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsSyncWithDevices_UserInControlOfTheseApps](policy-csp-privacy.md)
- [EnableActivityFeed](policy-csp-privacy.md)
- [PublishUserActivities](policy-csp-privacy.md)
- [UploadUserActivities](policy-csp-privacy.md)
- [AllowCrossDeviceClipboard](policy-csp-privacy.md)
- [DisablePrivacyExperience](policy-csp-privacy.md)
- [LetAppsActivateWithVoice](policy-csp-privacy.md)
- [LetAppsActivateWithVoiceAboveLock](policy-csp-privacy.md)
-
-## RemoteDesktop
-
- [AutoSubscription](policy-csp-remotedesktop.md)
-
-## Search
-
- [AllowIndexingEncryptedStoresOrItems](policy-csp-search.md)
- [AllowSearchToUseLocation](policy-csp-search.md)
- [AllowUsingDiacritics](policy-csp-search.md)
- [AlwaysUseAutoLangDetection](policy-csp-search.md)
- [DisableBackoff](policy-csp-search.md)
- [DisableRemovableDriveIndexing](policy-csp-search.md)
- [DisableSearch](policy-csp-search.md)
- [PreventIndexingLowDiskSpaceMB](policy-csp-search.md)
- [PreventRemoteQueries](policy-csp-search.md)
- [AllowCloudSearch](policy-csp-search.md)
- [DoNotUseWebResults](policy-csp-search.md)
- [AllowCortanaInAAD](policy-csp-search.md)
- [AllowFindMyFiles](policy-csp-search.md)
- [AllowSearchHighlights](policy-csp-search.md)
-
-## Security
-
- [ClearTPMIfNotReady](policy-csp-security.md)
-
-## Settings
-
- [ConfigureTaskbarCalendar](policy-csp-settings.md)
- [PageVisibilityList](policy-csp-settings.md)
- [PageVisibilityList](policy-csp-settings.md)
- [AllowOnlineTips](policy-csp-settings.md)
-
-## SmartScreen
-
- [EnableSmartScreenInShell](policy-csp-smartscreen.md)
- [PreventOverrideForFilesInShell](policy-csp-smartscreen.md)
- [EnableAppInstallControl](policy-csp-smartscreen.md)
-
-## Speech
-
- [AllowSpeechModelUpdate](policy-csp-speech.md)
-
-## Start
-
- [ForceStartSize](policy-csp-start.md)
- [DisableContextMenus](policy-csp-start.md)
- [ShowOrHideMostUsedApps](policy-csp-start.md)
- [HideFrequentlyUsedApps](policy-csp-start.md)
- [HideRecentlyAddedApps](policy-csp-start.md)
- [HidePeopleBar](policy-csp-start.md)
- [StartLayout](policy-csp-start.md)
- [ConfigureStartPins](policy-csp-start.md)
- [HideRecommendedSection](policy-csp-start.md)
- [HideTaskViewButton](policy-csp-start.md)
- [DisableControlCenter](policy-csp-start.md)
- [ForceStartSize](policy-csp-start.md)
- [DisableContextMenus](policy-csp-start.md)
- [ShowOrHideMostUsedApps](policy-csp-start.md)
- [HideFrequentlyUsedApps](policy-csp-start.md)
- [HideRecentlyAddedApps](policy-csp-start.md)
- [StartLayout](policy-csp-start.md)
- [ConfigureStartPins](policy-csp-start.md)
- [HideRecommendedSection](policy-csp-start.md)
- [SimplifyQuickSettings](policy-csp-start.md)
- [DisableEditingQuickSettings](policy-csp-start.md)
- [HideTaskViewButton](policy-csp-start.md)
-
-## Storage
-
- [AllowDiskHealthModelUpdates](policy-csp-storage.md)
- [RemovableDiskDenyWriteAccess](policy-csp-storage.md)
- [AllowStorageSenseGlobal](policy-csp-storage.md)
- [ConfigStorageSenseGlobalCadence](policy-csp-storage.md)
- [AllowStorageSenseTemporaryFilesCleanup](policy-csp-storage.md)
- [ConfigStorageSenseRecycleBinCleanupThreshold](policy-csp-storage.md)
- [ConfigStorageSenseDownloadsCleanupThreshold](policy-csp-storage.md)
- [ConfigStorageSenseCloudContentDehydrationThreshold](policy-csp-storage.md)
-
-## System
-
- [AllowTelemetry](policy-csp-system.md)
- [AllowBuildPreview](policy-csp-system.md)
- [AllowFontProviders](policy-csp-system.md)
- [AllowLocation](policy-csp-system.md)
- [AllowTelemetry](policy-csp-system.md)
- [TelemetryProxy](policy-csp-system.md)
- [DisableOneDriveFileSync](policy-csp-system.md)
- [AllowWUfBCloudProcessing](policy-csp-system.md)
- [AllowUpdateComplianceProcessing](policy-csp-system.md)
- [AllowDesktopAnalyticsProcessing](policy-csp-system.md)
- [DisableEnterpriseAuthProxy](policy-csp-system.md)
- [LimitEnhancedDiagnosticDataWindowsAnalytics](policy-csp-system.md)
- [AllowDeviceNameInDiagnosticData](policy-csp-system.md)
- [ConfigureTelemetryOptInSettingsUx](policy-csp-system.md)
- [ConfigureTelemetryOptInChangeNotification](policy-csp-system.md)
- [DisableDeviceDelete](policy-csp-system.md)
- [DisableDiagnosticDataViewer](policy-csp-system.md)
- [ConfigureMicrosoft365UploadEndpoint](policy-csp-system.md)
- [TurnOffFileHistory](policy-csp-system.md)
- [DisableDirectXDatabaseUpdate](policy-csp-system.md)
- [AllowCommercialDataPipeline](policy-csp-system.md)
- [LimitDiagnosticLogCollection](policy-csp-system.md)
- [LimitDumpCollection](policy-csp-system.md)
- [EnableOneSettingsAuditing](policy-csp-system.md)
- [DisableOneSettingsDownloads](policy-csp-system.md)
- [HideUnsupportedHardwareNotifications](policy-csp-system.md)
-
-## SystemServices
-
- [ConfigureHomeGroupListenerServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureHomeGroupProviderServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureXboxAccessoryManagementServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureXboxLiveAuthManagerServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureXboxLiveGameSaveServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureXboxLiveNetworkingServiceStartupMode](policy-csp-systemservices.md)
-
-## TextInput
-
- [AllowLanguageFeaturesUninstall](policy-csp-textinput.md)
- [AllowLinguisticDataCollection](policy-csp-textinput.md)
- [ConfigureSimplifiedChineseIMEVersion](policy-csp-textinput.md)
- [ConfigureTraditionalChineseIMEVersion](policy-csp-textinput.md)
- [ConfigureJapaneseIMEVersion](policy-csp-textinput.md)
- [ConfigureKoreanIMEVersion](policy-csp-textinput.md)
-
-## TimeLanguageSettings
-
- [RestrictLanguagePacksAndFeaturesInstall](policy-csp-timelanguagesettings.md)
- [BlockCleanupOfUnusedPreinstalledLangPacks](policy-csp-timelanguagesettings.md)
- [MachineUILanguageOverwrite](policy-csp-timelanguagesettings.md)
- [RestrictLanguagePacksAndFeaturesInstall](policy-csp-timelanguagesettings.md)
-
-## Troubleshooting
-
- [AllowRecommendations](policy-csp-troubleshooting.md)
-
-## Update
-
- [ActiveHoursEnd](policy-csp-update.md)
- [ActiveHoursStart](policy-csp-update.md)
- [ActiveHoursMaxRange](policy-csp-update.md)
- [AutoRestartRequiredNotificationDismissal](policy-csp-update.md)
- [AutoRestartNotificationSchedule](policy-csp-update.md)
- [SetAutoRestartNotificationDisable](policy-csp-update.md)
- [ScheduleRestartWarning](policy-csp-update.md)
- [ScheduleImminentRestartWarning](policy-csp-update.md)
- [AllowAutoUpdate](policy-csp-update.md)
- [AutoRestartDeadlinePeriodInDays](policy-csp-update.md)
- [AutoRestartDeadlinePeriodInDaysForFeatureUpdates](policy-csp-update.md)
- [EngagedRestartTransitionSchedule](policy-csp-update.md)
- [EngagedRestartSnoozeSchedule](policy-csp-update.md)
- [EngagedRestartDeadline](policy-csp-update.md)
- [EngagedRestartTransitionScheduleForFeatureUpdates](policy-csp-update.md)
- [EngagedRestartSnoozeScheduleForFeatureUpdates](policy-csp-update.md)
- [EngagedRestartDeadlineForFeatureUpdates](policy-csp-update.md)
- [DetectionFrequency](policy-csp-update.md)
- [ManagePreviewBuilds](policy-csp-update.md)
- [BranchReadinessLevel](policy-csp-update.md)
- [ProductVersion](policy-csp-update.md)
- [TargetReleaseVersion](policy-csp-update.md)
- [AllowUpdateService](policy-csp-update.md)
- [DeferFeatureUpdatesPeriodInDays](policy-csp-update.md)
- [DeferQualityUpdatesPeriodInDays](policy-csp-update.md)
- [DeferUpdatePeriod](policy-csp-update.md)
- [DeferUpgradePeriod](policy-csp-update.md)
- [ExcludeWUDriversInQualityUpdate](policy-csp-update.md)
- [PauseDeferrals](policy-csp-update.md)
- [PauseFeatureUpdates](policy-csp-update.md)
- [PauseQualityUpdates](policy-csp-update.md)
- [PauseFeatureUpdatesStartTime](policy-csp-update.md)
- [PauseQualityUpdatesStartTime](policy-csp-update.md)
- [RequireDeferUpgrade](policy-csp-update.md)
- [AllowMUUpdateService](policy-csp-update.md)
- [ScheduledInstallDay](policy-csp-update.md)
- [ScheduledInstallTime](policy-csp-update.md)
- [ScheduledInstallEveryWeek](policy-csp-update.md)
- [ScheduledInstallFirstWeek](policy-csp-update.md)
- [ScheduledInstallSecondWeek](policy-csp-update.md)
- [ScheduledInstallThirdWeek](policy-csp-update.md)
- [ScheduledInstallFourthWeek](policy-csp-update.md)
- [UpdateServiceUrl](policy-csp-update.md)
- [UpdateServiceUrlAlternate](policy-csp-update.md)
- [FillEmptyContentUrls](policy-csp-update.md)
- [SetProxyBehaviorForUpdateDetection](policy-csp-update.md)
- [DoNotEnforceEnterpriseTLSCertPinningForUpdateDetection](policy-csp-update.md)
- [SetPolicyDrivenUpdateSourceForFeatureUpdates](policy-csp-update.md)
- [SetPolicyDrivenUpdateSourceForQualityUpdates](policy-csp-update.md)
- [SetPolicyDrivenUpdateSourceForDriverUpdates](policy-csp-update.md)
- [SetPolicyDrivenUpdateSourceForOtherUpdates](policy-csp-update.md)
- [SetEDURestart](policy-csp-update.md)
- [AllowAutoWindowsUpdateDownloadOverMeteredNetwork](policy-csp-update.md)
- [SetDisableUXWUAccess](policy-csp-update.md)
- [SetDisablePauseUXAccess](policy-csp-update.md)
- [UpdateNotificationLevel](policy-csp-update.md)
- [NoUpdateNotificationsDuringActiveHours](policy-csp-update.md)
- [DisableDualScan](policy-csp-update.md)
- [AutomaticMaintenanceWakeUp](policy-csp-update.md)
- [ConfigureDeadlineForQualityUpdates](policy-csp-update.md)
- [ConfigureDeadlineForFeatureUpdates](policy-csp-update.md)
- [ConfigureDeadlineGracePeriod](policy-csp-update.md)
- [ConfigureDeadlineGracePeriodForFeatureUpdates](policy-csp-update.md)
- [ConfigureDeadlineNoAutoReboot](policy-csp-update.md)
- [ConfigureDeadlineNoAutoRebootForFeatureUpdates](policy-csp-update.md)
- [ConfigureDeadlineNoAutoRebootForQualityUpdates](policy-csp-update.md)
-
-## UserRights
-
- [AccessCredentialManagerAsTrustedCaller](policy-csp-userrights.md)
- [AccessFromNetwork](policy-csp-userrights.md)
- [ActAsPartOfTheOperatingSystem](policy-csp-userrights.md)
- [AllowLocalLogOn](policy-csp-userrights.md)
- [BackupFilesAndDirectories](policy-csp-userrights.md)
- [ChangeSystemTime](policy-csp-userrights.md)
- [CreatePageFile](policy-csp-userrights.md)
- [CreateToken](policy-csp-userrights.md)
- [CreateGlobalObjects](policy-csp-userrights.md)
- [CreatePermanentSharedObjects](policy-csp-userrights.md)
- [CreateSymbolicLinks](policy-csp-userrights.md)
- [DebugPrograms](policy-csp-userrights.md)
- [DenyAccessFromNetwork](policy-csp-userrights.md)
- [DenyLocalLogOn](policy-csp-userrights.md)
- [DenyRemoteDesktopServicesLogOn](policy-csp-userrights.md)
- [EnableDelegation](policy-csp-userrights.md)
- [RemoteShutdown](policy-csp-userrights.md)
- [GenerateSecurityAudits](policy-csp-userrights.md)
- [ImpersonateClient](policy-csp-userrights.md)
- [IncreaseSchedulingPriority](policy-csp-userrights.md)
- [LoadUnloadDeviceDrivers](policy-csp-userrights.md)
- [LockMemory](policy-csp-userrights.md)
- [ManageAuditingAndSecurityLog](policy-csp-userrights.md)
- [ModifyObjectLabel](policy-csp-userrights.md)
- [ModifyFirmwareEnvironment](policy-csp-userrights.md)
- [ManageVolume](policy-csp-userrights.md)
- [ProfileSingleProcess](policy-csp-userrights.md)
- [RestoreFilesAndDirectories](policy-csp-userrights.md)
- [TakeOwnership](policy-csp-userrights.md)
- [BypassTraverseChecking](policy-csp-userrights.md)
- [ReplaceProcessLevelToken](policy-csp-userrights.md)
- [ChangeTimeZone](policy-csp-userrights.md)
- [ShutDownTheSystem](policy-csp-userrights.md)
- [LogOnAsBatchJob](policy-csp-userrights.md)
- [ProfileSystemPerformance](policy-csp-userrights.md)
- [DenyLogOnAsBatchJob](policy-csp-userrights.md)
- [LogOnAsService](policy-csp-userrights.md)
- [IncreaseProcessWorkingSet](policy-csp-userrights.md)
-
-## VirtualizationBasedTechnology
-
- [HypervisorEnforcedCodeIntegrity](policy-csp-virtualizationbasedtechnology.md)
- [RequireUEFIMemoryAttributesTable](policy-csp-virtualizationbasedtechnology.md)
-
-## WebThreatDefense
-
- [ServiceEnabled](policy-csp-webthreatdefense.md)
- [NotifyMalicious](policy-csp-webthreatdefense.md)
- [NotifyPasswordReuse](policy-csp-webthreatdefense.md)
- [NotifyUnsafeApp](policy-csp-webthreatdefense.md)
- [CaptureThreatWindow](policy-csp-webthreatdefense.md)
-
-## Wifi
-
- [AllowAutoConnectToWiFiSenseHotspots](policy-csp-wifi.md)
- [AllowInternetSharing](policy-csp-wifi.md)
-
-## WindowsDefenderSecurityCenter
-
- [CompanyName](policy-csp-windowsdefendersecuritycenter.md)
- [DisableAppBrowserUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableEnhancedNotifications](policy-csp-windowsdefendersecuritycenter.md)
- [DisableFamilyUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableAccountProtectionUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableClearTpmButton](policy-csp-windowsdefendersecuritycenter.md)
- [DisableDeviceSecurityUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableHealthUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableNetworkUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableNotifications](policy-csp-windowsdefendersecuritycenter.md)
- [DisableTpmFirmwareUpdateWarning](policy-csp-windowsdefendersecuritycenter.md)
- [DisableVirusUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisallowExploitProtectionOverride](policy-csp-windowsdefendersecuritycenter.md)
- [Email](policy-csp-windowsdefendersecuritycenter.md)
- [EnableCustomizedToasts](policy-csp-windowsdefendersecuritycenter.md)
- [EnableInAppCustomization](policy-csp-windowsdefendersecuritycenter.md)
- [HideRansomwareDataRecovery](policy-csp-windowsdefendersecuritycenter.md)
- [HideSecureBoot](policy-csp-windowsdefendersecuritycenter.md)
- [HideTPMTroubleshooting](policy-csp-windowsdefendersecuritycenter.md)
- [HideWindowsSecurityNotificationAreaControl](policy-csp-windowsdefendersecuritycenter.md)
- [Phone](policy-csp-windowsdefendersecuritycenter.md)
- [URL](policy-csp-windowsdefendersecuritycenter.md)
-
-## WindowsInkWorkspace
-
- [AllowWindowsInkWorkspace](policy-csp-windowsinkworkspace.md)
- [AllowSuggestedAppsInWindowsInkWorkspace](policy-csp-windowsinkworkspace.md)
-
-## WindowsLogon
-
- [HideFastUserSwitching](policy-csp-windowslogon.md)
- [EnableFirstLogonAnimation](policy-csp-windowslogon.md)
-
-## WindowsSandbox
-
- [AllowVGPU](policy-csp-windowssandbox.md)
- [AllowNetworking](policy-csp-windowssandbox.md)
- [AllowAudioInput](policy-csp-windowssandbox.md)
- [AllowVideoInput](policy-csp-windowssandbox.md)
- [AllowPrinterRedirection](policy-csp-windowssandbox.md)
- [AllowClipboardRedirection](policy-csp-windowssandbox.md)
-
-## WirelessDisplay
-
- [AllowProjectionToPC](policy-csp-wirelessdisplay.md)
- [RequirePinForPairing](policy-csp-wirelessdisplay.md)
-
 ## Related articles

 [Policy configuration service provider](policy-configuration-service-provider.md)
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@ -4,7 +4,7 @@ description: Learn more about the Policy CSP
 author: vinaypamnani-msft
 manager: aaroncz
 ms.author: vinpa
-ms.date: 12/07/2022
+ms.date: 12/08/2022
 ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
@ -1094,6 +1094,7 @@ Specifies the name/value pair used in the policy. See the individual Area DDFs f
 - [Browser](policy-csp-browser.md)
 - [Camera](policy-csp-camera.md)
 - [Cellular](policy-csp-cellular.md)
+- [CloudDesktop](policy-csp-clouddesktop.md)
 - [CloudPC](policy-csp-cloudpc.md)
 - [Connectivity](policy-csp-connectivity.md)
 - [ControlPolicyConflict](policy-csp-controlpolicyconflict.md)
--- a/windows/client-management/mdm/policy-csp-textinput.md
+++ b/windows/client-management/mdm/policy-csp-textinput.md
--- a/windows/client-management/mdm/policy-csp-timelanguagesettings.md
+++ b/windows/client-management/mdm/policy-csp-timelanguagesettings.md
@ -1,248 +1,320 @@
 ---
-title: Policy CSP - TimeLanguageSettings
-description: Learn to use the Policy CSP - TimeLanguageSettings setting to specify the time zone to be applied to the device.
+title: TimeLanguageSettings Policy CSP
+description: Learn more about the TimeLanguageSettings Area in Policy CSP
+author: vinaypamnani-msft
+manager: aaroncz
 ms.author: vinpa
-ms.topic: article
+ms.date: 12/07/2022
+ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
-author: vinaypamnani-msft
-ms.localizationpriority: medium
-ms.date: 09/28/2021
-ms.reviewer: 
-manager: aaroncz
+ms.topic: reference
 ---

+<!-- Auto-Generated CSP Document -->
+
+<!-- TimeLanguageSettings-Begin -->
 # Policy CSP - TimeLanguageSettings

-<hr/>
+<!-- TimeLanguageSettings-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- TimeLanguageSettings-Editable-End -->

-<!--Policies-->
-## TimeLanguageSettings policies
+<!-- AllowSet24HourClock-Begin -->
+## AllowSet24HourClock

-<dl>
-  <dd>
-    <a href="#timelanguagesettings-blockcleanupofunusedpreinstalledlangpacks">TimeLanguageSettings/BlockCleanupOfUnusedPreinstalledLangPacks</a>
-  </dd>
-  <dd>
-    <a href="#timelanguagesettings-configuretimezone">TimeLanguageSettings/ConfigureTimeZone</a>
-  </dd>
-  <dd>
-    <a href="#timelanguagesettings-machineuilanguageoverwrite">TimeLanguageSettings/MachineUILanguageOverwrite</a>
-  </dd>
-  <dd>
-    <a href="#timelanguagesettings-restrictlanguagepacksandfeaturesinstall">TimeLanguageSettings/RestrictLanguagePacksAndFeaturesInstall</a>
-  </dd>
-</dl>
+> [!NOTE]
+> This policy is deprecated and may be removed in a future release.

+<!-- AllowSet24HourClock-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :x: Pro <br> :x: Enterprise <br> :x: Education <br> :x: Windows SE | :heavy_check_mark: Windows 10, version 1703 [10.0.15063] and later |
+<!-- AllowSet24HourClock-Applicability-End -->

-<hr/>
+<!-- AllowSet24HourClock-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/AllowSet24HourClock
+```
+<!-- AllowSet24HourClock-OmaUri-End -->

-<!--Policy-->
-<a href="" id="timelanguagesettings-blockcleanupofunusedpreinstalledlangpacks"></a>**TimeLanguageSettings/BlockCleanupOfUnusedPreinstalledLangPacks**
+<!-- AllowSet24HourClock-Description-Begin -->
+<!-- Description-Source-DDF -->
+This policy is deprecated.
+<!-- AllowSet24HourClock-Description-End -->

-<!--SupportedSKUs-->
-The table below shows the applicability of Windows:
+<!-- AllowSet24HourClock-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- AllowSet24HourClock-Editable-End -->

-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
+<!-- AllowSet24HourClock-DFProperties-Begin -->
+**Description framework properties**:

-<!--/SupportedSKUs-->
-<hr/>
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- AllowSet24HourClock-DFProperties-End -->

-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
+<!-- AllowSet24HourClock-AllowedValues-Begin -->
+**Allowed values**:

-> [!div class = "checklist"]
-> * Device
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Not allowed. |
+| 1 | Allowed. |
+<!-- AllowSet24HourClock-AllowedValues-End -->

-<hr/>
+<!-- AllowSet24HourClock-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- AllowSet24HourClock-Examples-End -->

-<!--/Scope-->
-<!--Description-->
-This policy setting controls whether the maintenance task will run to clean up language packs installed on a machine but aren't used by any users on that machine.
+<!-- AllowSet24HourClock-End -->

-If you enable this policy setting (value 1), language packs that are installed as part of the system image will remain installed even if they aren't used by any user on that system.
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Begin -->
+## BlockCleanupOfUnusedPreinstalledLangPacks

-If you disable (value 0) or don't configure this policy setting, language packs that are installed as part of the system image but aren't used by any user on that system will be removed as part of a scheduled cleanup task.
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Applicability-End -->

-<!--/Description-->
-<!--SupportedValues-->
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/BlockCleanupOfUnusedPreinstalledLangPacks
+```
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-OmaUri-End -->

-<!--/SupportedValues-->
-<!--ADMXMapped-->
-ADMX Info:
-   GP Friendly name: *Block cleanup of unused language packs*
-   GP name: *BlockCleanupOfUnusedPreinstalledLangPacks*
-   GP path: *Computer Configuration/Administrative Templates/Control Panel/Regional and Language Options*
-   GP ADMX file name: *Globalization.admx*
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Description-Begin -->
+<!-- Description-Source-ADMX -->
+This policy setting controls whether the LPRemove task will run to clean up language packs installed on a machine but are not used by any users on that machine.

-<!--/ADMXMapped-->
-<!--Example-->
+If you enable this policy setting, language packs that are installed as part of the system image will remain installed even if they are not used by any user on that system.

-<!--/Example-->
-<!--Validation-->
+If you disable or do not configure this policy setting, language packs that are installed as part of the system image but are not used by any user on that system will be removed as part of a scheduled clean up task.
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Description-End -->

-<!--/Validation-->
-<!--/Policy-->
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Editable-End -->

-<hr/>
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-DFProperties-Begin -->
+**Description framework properties**:

-<!--Policy-->
-<a href="" id="timelanguagesettings-configuretimezone"></a>**TimeLanguageSettings/ConfigureTimeZone**
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-DFProperties-End -->

-<!--SupportedSKUs-->
-The table below shows the applicability of Windows:
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-AllowedValues-Begin -->
+**Allowed values**:

-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Not blocked. |
+| 1 | Blocked. |
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-AllowedValues-End -->

-<!--/SupportedSKUs-->
-<hr/>
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-GpMapping-Begin -->
+**Group policy mapping**:

-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
+| Name | Value |
+|:--|:--|
+| Name | BlockCleanupOfUnusedPreinstalledLangPacks |
+| Friendly Name | Block clean-up of unused language packs |
+| Location | Computer Configuration |
+| Path | Control Panel > Regional and Language Options |
+| Registry Key Name | Software\Policies\Microsoft\Control Panel\International |
+| Registry Value Name | BlockCleanupOfUnusedPreinstalledLangPacks |
+| ADMX File Name | Globalization.admx |
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-GpMapping-End -->

-> [!div class = "checklist"]
-> * Device
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Examples-End -->

-<hr/>
+<!-- BlockCleanupOfUnusedPreinstalledLangPacks-End -->

-<!--/Scope-->
-<!--Description-->
-Specifies the time zone to be applied to the device. This policy name is the standard Windows name for the target time zone.
+<!-- ConfigureTimeZone-Begin -->
+## ConfigureTimeZone

+<!-- ConfigureTimeZone-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1903 [10.0.18362] and later |
+<!-- ConfigureTimeZone-Applicability-End -->
+
+<!-- ConfigureTimeZone-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/ConfigureTimeZone
+```
+<!-- ConfigureTimeZone-OmaUri-End -->
+
+<!-- ConfigureTimeZone-Description-Begin -->
+<!-- Description-Source-DDF -->
+Specifies the time zone to be applied to the device. This is the standard Windows name for the target time zone.
+<!-- ConfigureTimeZone-Description-End -->
+
+<!-- ConfigureTimeZone-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
 > [!TIP]
 > To get the list of available time zones, run `Get-TimeZone -ListAvailable` in PowerShell.
+<!-- ConfigureTimeZone-Editable-End -->

-<!--/Description-->
-<!--SupportedValues-->
+<!-- ConfigureTimeZone-DFProperties-Begin -->
+**Description framework properties**:

-<!--/SupportedValues-->
-<!--Example-->
+| Property name | Property value |
+|:--|:--|
+| Format | chr (string) |
+| Access Type | Add, Delete, Get, Replace |
+<!-- ConfigureTimeZone-DFProperties-End -->

-<!--/Example-->
-<!--Validation-->
+<!-- ConfigureTimeZone-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- ConfigureTimeZone-Examples-End -->

-<!--/Validation-->
-<!--/Policy-->
-<hr/>
+<!-- ConfigureTimeZone-End -->

-<!--Policy-->
-<a href="" id="timelanguagesettings-machineuilanguageoverwrite"></a>**TimeLanguageSettings/MachineUILanguageOverwrite**
+<!-- MachineUILanguageOverwrite-Begin -->
+## MachineUILanguageOverwrite

-<!--SupportedSKUs-->
-The table below shows the applicability of Windows:
+<!-- MachineUILanguageOverwrite-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
+<!-- MachineUILanguageOverwrite-Applicability-End -->

-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
+<!-- MachineUILanguageOverwrite-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/MachineUILanguageOverwrite
+```
+<!-- MachineUILanguageOverwrite-OmaUri-End -->

-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
+<!-- MachineUILanguageOverwrite-Description-Begin -->
+<!-- Description-Source-ADMX -->
 This policy setting controls which UI language is used for computers with more than one UI language installed.

-If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language is restricted to a specified language. If the specified language isn't installed on the target computer or you disable this policy setting, the language selection defaults to the language selected by the local administrator.
+If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language is restricted to a specified language. If the specified language is not installed on the target computer or you disable this policy setting, the language selection defaults to the language selected by the local administrator.

-If you disable or don't configure this policy setting, there's no restriction of a specific language used for the Windows menus and dialogs.
+If you disable or do not configure this policy setting, there is no restriction of a specific language used for the Windows menus and dialogs.
+<!-- MachineUILanguageOverwrite-Description-End -->

-<!--/Description-->
-<!--SupportedValues-->
+<!-- MachineUILanguageOverwrite-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- MachineUILanguageOverwrite-Editable-End -->

-<!--/SupportedValues-->
-<!--ADMXMapped-->
-ADMX Info:
-   GP Friendly name: *Force selected system UI language to overwrite the user UI language*
-   GP name: *MachineUILanguageOverwrite*
-   GP path: *Computer Configuration/Administrative Templates/Control Panel/Regional and Language Options*
-   GP ADMX file name: *Globalization.admx*
+<!-- MachineUILanguageOverwrite-DFProperties-Begin -->
+**Description framework properties**:

-<!--/ADMXMapped-->
-<!--Example-->
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- MachineUILanguageOverwrite-DFProperties-End -->

-<!--/Example-->
-<!--Validation-->
+<!-- MachineUILanguageOverwrite-AllowedValues-Begin -->
+**Allowed values**:

-<!--/Validation-->
-<!--/Policy-->
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Disabled. |
+| 1 | Enabled. |
+<!-- MachineUILanguageOverwrite-AllowedValues-End -->

-<hr/>
+<!-- MachineUILanguageOverwrite-GpMapping-Begin -->
+**Group policy mapping**:

-<!--Policy-->
-<a href="" id="timelanguagesettings-restrictlanguagepacksandfeaturesinstall"></a>**TimeLanguageSettings/RestrictLanguagePacksAndFeaturesInstall**
+| Name | Value |
+|:--|:--|
+| Name | MachineUILanguageOverwrite |
+| Friendly Name | Force selected system UI language to overwrite the user UI language |
+| Location | Computer Configuration |
+| Path | Control Panel > Regional and Language Options |
+| Registry Key Name | Software\Policies\Microsoft\MUI\Settings |
+| Registry Value Name | MachineUILock |
+| ADMX File Name | Globalization.admx |
+<!-- MachineUILanguageOverwrite-GpMapping-End -->

-<!--SupportedSKUs-->
-The table below shows the applicability of Windows:
+<!-- MachineUILanguageOverwrite-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- MachineUILanguageOverwrite-Examples-End -->

-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
+<!-- MachineUILanguageOverwrite-End -->

-<!--/SupportedSKUs-->
-<hr/>
+<!-- RestrictLanguagePacksAndFeaturesInstall-Begin -->
+## RestrictLanguagePacksAndFeaturesInstall

-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
+<!-- RestrictLanguagePacksAndFeaturesInstall-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :heavy_check_mark: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
+<!-- RestrictLanguagePacksAndFeaturesInstall-Applicability-End -->

-> [!div class = "checklist"]
-> * Device
+<!-- RestrictLanguagePacksAndFeaturesInstall-OmaUri-Begin -->
+```User
+./User/Vendor/MSFT/Policy/Config/TimeLanguageSettings/RestrictLanguagePacksAndFeaturesInstall
+```

-<hr/>
+```Device
+./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/RestrictLanguagePacksAndFeaturesInstall
+```
+<!-- RestrictLanguagePacksAndFeaturesInstall-OmaUri-End -->

-<!--/Scope-->
-<!--Description-->
-This policy setting restricts standard users from installing language features on demand. This policy doesn't restrict the Windows language, if you want to restrict the Windows language use the following policy: “Restricts the UI languages Windows should use for the selected user.”
+<!-- RestrictLanguagePacksAndFeaturesInstall-Description-Begin -->
+<!-- Description-Source-DDF -->
+This policy setting restricts the install of language packs and language features, such as spell checkers, on a device.
+<!-- RestrictLanguagePacksAndFeaturesInstall-Description-End -->

-If you enable this policy setting, the installation of language features is prevented for standard users.
+<!-- RestrictLanguagePacksAndFeaturesInstall-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- RestrictLanguagePacksAndFeaturesInstall-Editable-End -->

-If you disable or don't configure this policy setting, there's no language feature installation restriction for the standard users.
+<!-- RestrictLanguagePacksAndFeaturesInstall-DFProperties-Begin -->
+**Description framework properties**:

-<!--/Description-->
-<!--SupportedValues-->
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- RestrictLanguagePacksAndFeaturesInstall-DFProperties-End -->

-<!--/SupportedValues-->
-<!--Example-->
+<!-- RestrictLanguagePacksAndFeaturesInstall-AllowedValues-Begin -->
+**Allowed values**:

-<!--/Example-->
-<!--Validation-->
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Not restricted. |
+| 1 | Restricted. |
+<!-- RestrictLanguagePacksAndFeaturesInstall-AllowedValues-End -->

-<!--/Validation-->
-<!--/Policy-->
+<!-- RestrictLanguagePacksAndFeaturesInstall-GpMapping-Begin -->
+**Group policy mapping**:

-<!--/Policies-->
+| Name | Value |
+|:--|:--|
+| Name | RestrictLanguagePacksAndFeaturesInstall |
+| Path | Globalization > AT > ControlPanel > RegionalOptions |
+<!-- RestrictLanguagePacksAndFeaturesInstall-GpMapping-End -->

-## Related topics
+<!-- RestrictLanguagePacksAndFeaturesInstall-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- RestrictLanguagePacksAndFeaturesInstall-Examples-End -->

-[Policy configuration service provider](policy-configuration-service-provider.md)
+<!-- RestrictLanguagePacksAndFeaturesInstall-End -->
+
+<!-- TimeLanguageSettings-CspMoreInfo-Begin -->
+<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
+<!-- TimeLanguageSettings-CspMoreInfo-End -->
+
+<!-- TimeLanguageSettings-End -->
+
+## Related articles
+
+[Policy configuration service provider](policy-configuration-service-provider.md)
--- a/windows/client-management/mdm/policy-csp-virtualizationbasedtechnology.md
+++ b/windows/client-management/mdm/policy-csp-virtualizationbasedtechnology.md
@ -1,139 +1,158 @@
 ---
-title: Policy CSP - VirtualizationBasedTechnology
-description: Learn to use the Policy CSP - VirtualizationBasedTechnology setting to control the state of Hypervisor-protected Code Integrity (HVCI) on devices.
+title: VirtualizationBasedTechnology Policy CSP
+description: Learn more about the VirtualizationBasedTechnology Area in Policy CSP
+author: vinaypamnani-msft
+manager: aaroncz
 ms.author: vinpa
-ms.topic: article
+ms.date: 12/07/2022
+ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
-author: vinaypamnani-msft
-ms.localizationpriority: medium
-ms.date: 11/25/2021
-ms.reviewer: 
-manager: aaroncz
+ms.topic: reference
 ---

+<!-- Auto-Generated CSP Document -->
+
+<!-- VirtualizationBasedTechnology-Begin -->
 # Policy CSP - VirtualizationBasedTechnology

-<hr/>
+<!-- VirtualizationBasedTechnology-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- VirtualizationBasedTechnology-Editable-End -->

-<!--Policies-->
-## VirtualizationBasedTechnology policies
+<!-- HypervisorEnforcedCodeIntegrity-Begin -->
+## HypervisorEnforcedCodeIntegrity

-<dl>
-  <dd>
-    <a href="#virtualizationbasedtechnology-hypervisorenforcedcodeintegrity">VirtualizationBasedTechnology/HypervisorEnforcedCodeIntegrity</a>
-  </dd>
-  <dd>
-    <a href="#virtualizationbasedtechnology-requireuefimemoryattributestable">VirtualizationBasedTechnology/RequireUEFIMemoryAttributesTable</a>
-  </dd>
-</dl>
+<!-- HypervisorEnforcedCodeIntegrity-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :x: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
+<!-- HypervisorEnforcedCodeIntegrity-Applicability-End -->

-<hr/>
+<!-- HypervisorEnforcedCodeIntegrity-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/VirtualizationBasedTechnology/HypervisorEnforcedCodeIntegrity
+```
+<!-- HypervisorEnforcedCodeIntegrity-OmaUri-End -->

-<!--Policy-->
-<a href="" id="virtualizationbasedtechnology-hypervisorenforcedcodeintegrity"></a>**VirtualizationBasedTechnology/HypervisorEnforcedCodeIntegrity**
+<!-- HypervisorEnforcedCodeIntegrity-Description-Begin -->
+<!-- Description-Source-DDF -->
+Hypervisor-Protected Code Integrity: 0 - Turns off Hypervisor-Protected Code Integrity remotely if configured previously without UEFI Lock, 1 - Turns on Hypervisor-Protected Code Integrity with UEFI lock, 2 - Turns on Hypervisor-Protected Code Integrity without UEFI lock.
+<!-- HypervisorEnforcedCodeIntegrity-Description-End -->

-<!--SupportedSKUs-->
-The table below shows the applicability of Windows:
+<!-- HypervisorEnforcedCodeIntegrity-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- HypervisorEnforcedCodeIntegrity-Editable-End -->

-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|Yes|Yes|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
+<!-- HypervisorEnforcedCodeIntegrity-DFProperties-Begin -->
+**Description framework properties**:

-<!--/SupportedSKUs-->
-<hr/>
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- HypervisorEnforcedCodeIntegrity-DFProperties-End -->

-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
+<!-- HypervisorEnforcedCodeIntegrity-AllowedValues-Begin -->
+**Allowed values**:

-> [!div class = "checklist"]
-> * Device
+| Value | Description |
+|:--|:--|
+| 0 (Default) | (Disabled) Turns off Hypervisor-Protected Code Integrity remotely if configured previously without UEFI Lock. |
+| 1 | (Enabled with UEFI lock) Turns on Hypervisor-Protected Code Integrity with UEFI lock. |
+| 2 | (Enabled without lock) Turns on Hypervisor-Protected Code Integrity without UEFI lock. |
+<!-- HypervisorEnforcedCodeIntegrity-AllowedValues-End -->

-<hr/>
+<!-- HypervisorEnforcedCodeIntegrity-GpMapping-Begin -->
+**Group policy mapping**:

-<!--/Scope-->
-<!--Description-->
-Allows the IT admin to control the state of Hypervisor-Protected Code Integrity (HVCI) on devices. HVCI is a feature within Virtualization Based Security, and is frequently referred to as Memory integrity. Learn more [here](/windows-hardware/design/device-experiences/oem-vbs).
+| Name | Value |
+|:--|:--|
+| Name | VirtualizationBasedSecurity |
+| Friendly Name | Turn On Virtualization Based Security |
+| Element Name | Virtualization Based Protection of Code Integrity |
+| Location | Computer Configuration |
+| Path | System > Device Guard |
+| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\DeviceGuard |
+| ADMX File Name | DeviceGuard.admx |
+<!-- HypervisorEnforcedCodeIntegrity-GpMapping-End -->

->[!NOTE]
->After the policy is pushed, a system reboot will be required to change the state of HVCI.
+<!-- HypervisorEnforcedCodeIntegrity-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- HypervisorEnforcedCodeIntegrity-Examples-End -->

-<!--/Description-->
-<!--SupportedValues-->
-The following are the supported values:
+<!-- HypervisorEnforcedCodeIntegrity-End -->

- 0: (Disabled) Turns off Hypervisor-Protected Code Integrity remotely if configured previously without UEFI Lock.
- 1: (Enabled with UEFI lock) Turns on Hypervisor-Protected Code Integrity with UEFI lock.
- 2: (Enabled without lock) Turns on Hypervisor-Protected Code Integrity without UEFI lock.
+<!-- RequireUEFIMemoryAttributesTable-Begin -->
+## RequireUEFIMemoryAttributesTable

-<!--/SupportedValues-->
-<!--Example-->
+<!-- RequireUEFIMemoryAttributesTable-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :x: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
+<!-- RequireUEFIMemoryAttributesTable-Applicability-End -->

-<!--/Example-->
-<!--Validation-->
+<!-- RequireUEFIMemoryAttributesTable-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/VirtualizationBasedTechnology/RequireUEFIMemoryAttributesTable
+```
+<!-- RequireUEFIMemoryAttributesTable-OmaUri-End -->

-<!--/Validation-->
-<!--/Policy-->
-<hr/>
+<!-- RequireUEFIMemoryAttributesTable-Description-Begin -->
+<!-- Description-Source-DDF -->
+Require UEFI Memory Attributes Table
+<!-- RequireUEFIMemoryAttributesTable-Description-End -->

-<!--Policy-->
-<a href="" id="virtualizationbasedtechnology-requireuefimemoryattributestable"></a>**VirtualizationBasedTechnology/RequireUEFIMemoryAttributesTable**
+<!-- RequireUEFIMemoryAttributesTable-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- RequireUEFIMemoryAttributesTable-Editable-End -->

-<!--SupportedSKUs-->
-The table below shows the applicability of Windows:
+<!-- RequireUEFIMemoryAttributesTable-DFProperties-Begin -->
+**Description framework properties**:

-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|Yes|Yes|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- RequireUEFIMemoryAttributesTable-DFProperties-End -->

-<!--/SupportedSKUs-->
-<hr/>
+<!-- RequireUEFIMemoryAttributesTable-AllowedValues-Begin -->
+**Allowed values**:

-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Do not require UEFI Memory Attributes Table |
+| 1 | Require UEFI Memory Attributes Table |
+<!-- RequireUEFIMemoryAttributesTable-AllowedValues-End -->

-> [!div class = "checklist"]
-> * Device
+<!-- RequireUEFIMemoryAttributesTable-GpMapping-Begin -->
+**Group policy mapping**:

-<hr/>
+| Name | Value |
+|:--|:--|
+| Name | VirtualizationBasedSecurity |
+| Friendly Name | Turn On Virtualization Based Security |
+| Element Name | Require UEFI Memory Attributes Table |
+| Location | Computer Configuration |
+| Path | System > Device Guard |
+| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\DeviceGuard |
+| ADMX File Name | DeviceGuard.admx |
+<!-- RequireUEFIMemoryAttributesTable-GpMapping-End -->

-<!--/Scope-->
-<!--Description-->
-Allows the IT admin to control the state of Hypervisor-Protected Code Integrity (HVCI) on devices. HVCI is a feature within Virtualization Based Security, and is frequently referred to as Memory integrity. Learn more [here](/windows-hardware/design/device-experiences/oem-vbs).
+<!-- RequireUEFIMemoryAttributesTable-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- RequireUEFIMemoryAttributesTable-Examples-End -->

->[!NOTE]
->After the policy is pushed, a system reboot will be required to change the state of HVCI.
+<!-- RequireUEFIMemoryAttributesTable-End -->

-<!--/Description-->
-<!--SupportedValues-->
+<!-- VirtualizationBasedTechnology-CspMoreInfo-Begin -->
+<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
+<!-- VirtualizationBasedTechnology-CspMoreInfo-End -->

-The following are the supported values:
+<!-- VirtualizationBasedTechnology-End -->

- 0: (Disabled) Do not require UEFI Memory Attributes Table.
- 1: (Enabled) Require UEFI Memory Attributes Table.
+## Related articles

-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
-<!--/Policy-->
-<hr/>
-
-<!--/Policies-->
-
-## Related topics
-
-[Policy configuration service provider](policy-configuration-service-provider.md)
+[Policy configuration service provider](policy-configuration-service-provider.md)
--- a/windows/client-management/mdm/policy-csp-webthreatdefense.md
+++ b/windows/client-management/mdm/policy-csp-webthreatdefense.md
@ -1,233 +1,361 @@
 ---
-title: Policy CSP - WebThreatDefense
-description: Learn about the Policy CSP - WebThreatDefense.
-ms.author: v-aljupudi
-ms.topic: article
+title: WebThreatDefense Policy CSP
+description: Learn more about the WebThreatDefense Area in Policy CSP
+author: vinaypamnani-msft
+manager: aaroncz
+ms.author: vinpa
+ms.date: 12/07/2022
+ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
-author: alekyaj
-ms.localizationpriority: medium
-ms.date: 09/27/2019
-ms.reviewer: 
-manager: aaroncz
+ms.topic: reference
 ---

+<!-- Auto-Generated CSP Document -->
+
+<!-- WebThreatDefense-Begin -->
 # Policy CSP - WebThreatDefense

+<!-- WebThreatDefense-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+> [!NOTE]
+> In Microsoft Intune, this CSP is listed under the **Enhanced Phishing Protection** category.
+<!-- WebThreatDefense-Editable-End -->
+
+<!-- CaptureThreatWindow-Begin -->
+## CaptureThreatWindow
+
+<!-- CaptureThreatWindow-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
+<!-- CaptureThreatWindow-Applicability-End -->
+
+<!-- CaptureThreatWindow-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/CaptureThreatWindow
+```
+<!-- CaptureThreatWindow-OmaUri-End -->
+
+<!-- CaptureThreatWindow-Description-Begin -->
+<!-- Description-Source-DDF -->
+Configures Enhanced Phishing Protection notifications to allow to capture the suspicious window on client machines for further threat analysis.
+<!-- CaptureThreatWindow-Description-End -->
+
+<!-- CaptureThreatWindow-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- CaptureThreatWindow-Editable-End -->
+
+<!-- CaptureThreatWindow-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 1 |
+<!-- CaptureThreatWindow-DFProperties-End -->
+
+<!-- CaptureThreatWindow-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 | Disabled |
+| 1 (Default) | Enabled |
+<!-- CaptureThreatWindow-AllowedValues-End -->
+
+<!-- CaptureThreatWindow-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | CaptureThreatWindow |
+| Path | WebThreatDefense > AT > WindowsComponents > WebThreatDefense |
+<!-- CaptureThreatWindow-GpMapping-End -->
+
+<!-- CaptureThreatWindow-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- CaptureThreatWindow-Examples-End -->
+
+<!-- CaptureThreatWindow-End -->
+
+<!-- NotifyMalicious-Begin -->
+## NotifyMalicious
+
+<!-- NotifyMalicious-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
+<!-- NotifyMalicious-Applicability-End -->
+
+<!-- NotifyMalicious-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/NotifyMalicious
+```
+<!-- NotifyMalicious-OmaUri-End -->
+
+<!-- NotifyMalicious-Description-Begin -->
+<!-- Description-Source-ADMX -->
+This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a Microsoft login URL with an invalid certificate, or into an application connecting to either a reported phishing site or a Microsoft login URL with an invalid certificate.
+
+If you enable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they type their work or school password into one of the malicious scenarios described above and encourages them to change their password.
+
+If you disable or don’t configure this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen will not warn your users if they type their work or school password into one of the malicious scenarios described above.
+<!-- NotifyMalicious-Description-End -->
+
+<!-- NotifyMalicious-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- NotifyMalicious-Editable-End -->
+
+<!-- NotifyMalicious-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- NotifyMalicious-DFProperties-End -->
+
+<!-- NotifyMalicious-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Disabled |
+| 1 | Enabled |
+<!-- NotifyMalicious-AllowedValues-End -->
+
+<!-- NotifyMalicious-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | NotifyMalicious |
+| Friendly Name | Notify Malicious |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection |
+| Registry Key Name | Software\Policies\Microsoft\Windows\WTDS\Components |
+| Registry Value Name | NotifyMalicious |
+| ADMX File Name | WebThreatDefense.admx |
+<!-- NotifyMalicious-GpMapping-End -->
+
+<!-- NotifyMalicious-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- NotifyMalicious-Examples-End -->
+
+<!-- NotifyMalicious-End -->
+
+<!-- NotifyPasswordReuse-Begin -->
+## NotifyPasswordReuse
+
+<!-- NotifyPasswordReuse-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
+<!-- NotifyPasswordReuse-Applicability-End -->
+
+<!-- NotifyPasswordReuse-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/NotifyPasswordReuse
+```
+<!-- NotifyPasswordReuse-OmaUri-End -->
+
+<!-- NotifyPasswordReuse-Description-Begin -->
+<!-- Description-Source-ADMX -->
+This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they reuse their work or school password.
+
+If you enable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen warns users if they reuse their work or school password and encourages them to change it.
+
+If you disable or don’t configure this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen will not warn users if they reuse their work or school password.
+<!-- NotifyPasswordReuse-Description-End -->
+
+<!-- NotifyPasswordReuse-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- NotifyPasswordReuse-Editable-End -->
+
+<!-- NotifyPasswordReuse-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- NotifyPasswordReuse-DFProperties-End -->
+
+<!-- NotifyPasswordReuse-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Disabled |
+| 1 | Enabled |
+<!-- NotifyPasswordReuse-AllowedValues-End -->
+
+<!-- NotifyPasswordReuse-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | NotifyPasswordReuse |
+| Friendly Name | Notify Password Reuse |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection |
+| Registry Key Name | Software\Policies\Microsoft\Windows\WTDS\Components |
+| Registry Value Name | NotifyPasswordReuse |
+| ADMX File Name | WebThreatDefense.admx |
+<!-- NotifyPasswordReuse-GpMapping-End -->
+
+<!-- NotifyPasswordReuse-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- NotifyPasswordReuse-Examples-End -->
+
+<!-- NotifyPasswordReuse-End -->
+
+<!-- NotifyUnsafeApp-Begin -->
+## NotifyUnsafeApp
+
+<!-- NotifyUnsafeApp-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
+<!-- NotifyUnsafeApp-Applicability-End -->
+
+<!-- NotifyUnsafeApp-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/NotifyUnsafeApp
+```
+<!-- NotifyUnsafeApp-OmaUri-End -->
+
+<!-- NotifyUnsafeApp-Description-Begin -->
+<!-- Description-Source-ADMX -->
+This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they type their work or school passwords in Notepad, Winword, or M365 Office apps like OneNote, Word, Excel, etc.
+
+If you enable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they store their password in text editor apps.
+
+If you disable or don’t configure this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen will not warn users if they store their password in text editor apps.
+<!-- NotifyUnsafeApp-Description-End -->
+
+<!-- NotifyUnsafeApp-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- NotifyUnsafeApp-Editable-End -->
+
+<!-- NotifyUnsafeApp-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- NotifyUnsafeApp-DFProperties-End -->
+
+<!-- NotifyUnsafeApp-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Disabled |
+| 1 | Enabled |
+<!-- NotifyUnsafeApp-AllowedValues-End -->
+
+<!-- NotifyUnsafeApp-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | NotifyUnsafeApp |
+| Friendly Name | Notify Unsafe App |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection |
+| Registry Key Name | Software\Policies\Microsoft\Windows\WTDS\Components |
+| Registry Value Name | NotifyUnsafeApp |
+| ADMX File Name | WebThreatDefense.admx |
+<!-- NotifyUnsafeApp-GpMapping-End -->
+
+<!-- NotifyUnsafeApp-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- NotifyUnsafeApp-Examples-End -->
+
+<!-- NotifyUnsafeApp-End -->
+
+<!-- ServiceEnabled-Begin -->
+## ServiceEnabled
+
+<!-- ServiceEnabled-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
+<!-- ServiceEnabled-Applicability-End -->
+
+<!-- ServiceEnabled-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/ServiceEnabled
+```
+<!-- ServiceEnabled-OmaUri-End -->
+
+<!-- ServiceEnabled-Description-Begin -->
+<!-- Description-Source-ADMX -->
+This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen is in audit mode or off. Users do not see notifications for any protection scenarios when Enhanced Phishing Protection in Microsoft Defender is in audit mode. Audit mode captures unsafe password entry events and sends telemetry through Microsoft Defender.
+
+If you enable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen is enabled in audit mode and your users are unable to turn it off.
+
+If you disable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen is off and it will not capture events, send telemetry, or notify users. Additionally, your users are unable to turn it on.
+
+If you don’t configure this setting, users can decide whether or not they will enable Enhanced Phishing Protection in Microsoft Defender SmartScreen.
+<!-- ServiceEnabled-Description-End -->
+
+<!-- ServiceEnabled-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- ServiceEnabled-Editable-End -->
+
+<!-- ServiceEnabled-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 1 |
+<!-- ServiceEnabled-DFProperties-End -->
+
+<!-- ServiceEnabled-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 | Disabled |
+| 1 (Default) | Enabled |
+<!-- ServiceEnabled-AllowedValues-End -->
+
+<!-- ServiceEnabled-GpMapping-Begin -->
+**Group policy mapping**:

-<hr/>
-
-<!--Policies-->
-## WebThreatDefense policies
-
-<dl>
-  <dd>
-    <a href="#webthreatdefense-enableservice">WebThreatDefense/EnableService</a>
-  </dd>
-  <dd>
-    <a href="#webthreatdefense-notifymalicious">WebThreatDefense/NotifyMalicious</a>
-  </dd>
-  <dd>
-    <a href="#webthreatdefense-notifypasswordreuse">WebThreatDefense/NotifyPasswordReuse</a>
-  </dd>
-  <dd>
-    <a href="#webthreatdefense-notifyunsafeapp">WebThreatDefense/NotifyUnsafeApp</a>
-  </dd>
-</dl>
-
->[!NOTE]
->In Microsoft Intune, this CSP is under the “Enhanced Phishing Protection” category.
-
-<!--Policy-->
-<a href="" id="webthreatdefense-enableservice"></a>**WebThreatDefense/EnableService**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|No|No|
-|Windows SE|No|Yes|
-|Business|No|No|
-|Enterprise|No|Yes|
-|Education|No|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-
-This policy setting determines whether Enhanced Phishing Protection is in audit mode or off. Users don't see any notifications for any protection scenarios when Enhanced Phishing Protection is in audit mode. When in audit mode, Enhanced Phishing Protection captures unsafe password entry events and sends telemetry through Microsoft Defender.
-
-If you enable this policy setting or don’t configure this setting, Enhanced Phishing Protection is enabled in audit mode, and your users are unable to turn it off.
-
-If you disable this policy setting, Enhanced Phishing Protection is off. When off, Enhanced Phishing Protection doesn't capture events, send telemetry, or notify users. Additionally, your users are unable to turn it on.
-
-<!--/Description-->
-<!--ADMXMapped-->
-ADMX Info:
-   GP Friendly name: *Configure Web Threat Defense*
-   GP name: *EnableWebThreatDefenseService*
-   GP path: *Windows Security\App & browser control\Reputation-based protection\Phishing protections*
-   GP ADMX file name: *WebThreatDefense.admx*
-
-<!--/ADMXMapped-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-	0: Turns off Enhanced Phishing Protection.
-	1: Turns on Enhanced Phishing Protection in audit mode, which captures work or school password entry events and sends telemetry but doesn't show any notifications to your users.
-
-
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
-<!--Policy-->
-<a href="" id="webthreatdefense-notifymalicious"></a>**WebThreatDefense/NotifyMalicious**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|No|No|
-|Windows SE|No|Yes|
-|Business|No|No|
-|Enterprise|No|Yes|
-|Education|No|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-
-This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a login URL with an invalid certificate, or into an application connecting to either a reported phishing site or a login URL with an invalid certificate.
-
-If you enable this policy setting, Enhanced Phishing Protection warns your users if they type their work or school password into one of the malicious scenarios described above, and encourages them to change their password.
-
-If you disable or don’t configure this policy setting, Enhanced Phishing Protection won't warn your users if they type their work or school password into one of the malicious scenarios described above.
-
-<!--/Description-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-	0: Turns off Enhanced Phishing Protection notifications when users type their work or school password into one of the following malicious scenarios: a reported phishing site, a login URL with an invalid certificate, or into an application connecting to either a reported phishing site or a login URL with an invalid certificate.
-	1: Turns on Enhanced Phishing Protection notifications when users type their work or school password into one of the previously described malicious scenarios and encourages them to change their password.
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
-<!--Policy-->
-<a href="" id="webthreatdefense-notifypasswordreuse"></a>**WebThreatDefense/NotifyPasswordReuse**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|No|No|
-|Windows SE|No|Yes|
-|Business|No|No|
-|Enterprise|No|Yes|
-|Education|No|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-
-This policy setting determines whether Enhanced Phishing Protection warns your users if they reuse their work or school password.
-
-If you enable this policy setting, Enhanced Phishing Protection warns users if they reuse their work or school password and encourages them to change it.
-
-If you disable or don’t configure this policy setting, Enhanced Phishing Protection won't warn users if they reuse their work or school password.
-
-<!--/Description-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-	0: Turns off Enhanced Phishing Protection notifications when users reuse their work or school password.
-	1: Turns on Enhanced Phishing Protection notifications when users reuse their work or school password and encourages them to change their password.
-
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
-<!--Policy-->
-<a href="" id="webthreatdefense-notifyunsafeapp"></a>**WebThreatDefense/NotifyUnsafeApp**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|No|No|
-|Windows SE|No|Yes|
-|Business|No|No|
-|Enterprise|No|Yes|
-|Education|No|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-
-This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school passwords in text editor apps like OneNote, Word, Notepad, etc.
-
-If you enable this policy setting, Enhanced Phishing Protection warns your users if they store their password in text editor apps.
-
-If you disable or don’t configure this policy setting, Enhanced Phishing Protection won't warn users if they store their password in text editor apps.
-<!--/Description-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-	0: Turns off Enhanced Phishing Protection notifications when users type their work or school passwords in text editor apps like OneNote, Word, Notepad, etc.
-	1: Turns on Enhanced Phishing Protection notifications when users type their work or school passwords in text editor apps.
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
-## Related topics
-
-[Policy configuration service provider](policy-configuration-service-provider.md)
+| Name | Value |
+|:--|:--|
+| Name | ServiceEnabled |
+| Friendly Name | Service Enabled |
+| Location | Computer Configuration |
+| Path | Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection |
+| Registry Key Name | Software\Policies\Microsoft\Windows\WTDS\Components |
+| Registry Value Name | ServiceEnabled |
+| ADMX File Name | WebThreatDefense.admx |
+<!-- ServiceEnabled-GpMapping-End -->
+
+<!-- ServiceEnabled-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- ServiceEnabled-Examples-End -->
+
+<!-- ServiceEnabled-End -->
+
+<!-- WebThreatDefense-CspMoreInfo-Begin -->
+<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
+<!-- WebThreatDefense-CspMoreInfo-End -->
+
+<!-- WebThreatDefense-End -->
+
+## Related articles
+
+[Policy configuration service provider](policy-configuration-service-provider.md)
--- a/windows/client-management/mdm/policy-csp-wifi.md
+++ b/windows/client-management/mdm/policy-csp-wifi.md
@ -1,336 +1,371 @@
 ---
-title: Policy CSP - Wifi
-description: Learn how the Policy CSP - Wifi setting allows or disallows the device to automatically connect to Wi-Fi hotspots.
+title: Wifi Policy CSP
+description: Learn more about the Wifi Area in Policy CSP
+author: vinaypamnani-msft
+manager: aaroncz
 ms.author: vinpa
-ms.topic: article
+ms.date: 12/07/2022
+ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
-author: vinaypamnani-msft
-ms.localizationpriority: medium
-ms.date: 09/27/2019
-ms.reviewer: 
-manager: aaroncz
+ms.topic: reference
 ---

+<!-- Auto-Generated CSP Document -->
+
+<!-- Wifi-Begin -->
 # Policy CSP - Wifi

+<!-- Wifi-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- Wifi-Editable-End -->

-<hr/>
+<!-- AllowAutoConnectToWiFiSenseHotspots-Begin -->
+## AllowAutoConnectToWiFiSenseHotspots

-<!--Policies-->
-## Wifi policies
+<!-- AllowAutoConnectToWiFiSenseHotspots-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1507 [10.0.10240] and later |
+<!-- AllowAutoConnectToWiFiSenseHotspots-Applicability-End -->

-<dl>
-  <dd>
-    <a href="#wifi-allowwifihotspotreporting">WiFi/AllowWiFiHotSpotReporting</a>
-  </dd>
-  <dd>
-    <a href="#wifi-allowautoconnecttowifisensehotspots">Wifi/AllowAutoConnectToWiFiSenseHotspots</a>
-  </dd>
-  <dd>
-    <a href="#wifi-allowinternetsharing">Wifi/AllowInternetSharing</a>
-  </dd>
-  <dd>
-    <a href="#wifi-allowmanualwificonfiguration">Wifi/AllowManualWiFiConfiguration</a>
-  </dd>
-  <dd>
-    <a href="#wifi-allowwifi">Wifi/AllowWiFi</a>
-  </dd>
-  <dd>
-    <a href="#wifi-allowwifidirect">Wifi/AllowWiFiDirect</a>
-  </dd>
-  <dd>
-    <a href="#wifi-wlanscanmode">Wifi/WLANScanMode</a>
-  </dd>
-</dl>
+<!-- AllowAutoConnectToWiFiSenseHotspots-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Wifi/AllowAutoConnectToWiFiSenseHotspots
+```
+<!-- AllowAutoConnectToWiFiSenseHotspots-OmaUri-End -->

+<!-- AllowAutoConnectToWiFiSenseHotspots-Description-Begin -->
+<!-- Description-Source-ADMX -->
+This policy setting determines whether users can enable the following WLAN settings: "Connect to suggested open hotspots," "Connect to networks shared by my contacts," and "Enable paid services".

-<hr/>
+"Connect to suggested open hotspots" enables Windows to automatically connect users to open hotspots it knows about by crowdsourcing networks that other people using Windows have connected to.

-<!--Policy-->
-<a href="" id="wifi-allowwifihotspotreporting"></a>**WiFi/AllowWiFiHotSpotReporting**
+"Connect to networks shared by my contacts" enables Windows to automatically connect to networks that the user's contacts have shared with them, and enables users on this device to share networks with their contacts.

-<hr/>
+"Enable paid services" enables Windows to temporarily connect to open hotspots to determine if paid services are available.

-<!--Description-->
+If this policy setting is disabled, both "Connect to suggested open hotspots," "Connect to networks shared by my contacts," and "Enable paid services" will be turned off and users on this device will be prevented from enabling them.
+
+If this policy setting is not configured or is enabled, users can choose to enable or disable either "Connect to suggested open hotspots" or "Connect to networks shared by my contacts".
+<!-- AllowAutoConnectToWiFiSenseHotspots-Description-End -->
+
+<!-- AllowAutoConnectToWiFiSenseHotspots-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- AllowAutoConnectToWiFiSenseHotspots-Editable-End -->
+
+<!-- AllowAutoConnectToWiFiSenseHotspots-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 1 |
+<!-- AllowAutoConnectToWiFiSenseHotspots-DFProperties-End -->
+
+<!-- AllowAutoConnectToWiFiSenseHotspots-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 | Not allowed. |
+| 1 (Default) | Allowed. |
+<!-- AllowAutoConnectToWiFiSenseHotspots-AllowedValues-End -->
+
+<!-- AllowAutoConnectToWiFiSenseHotspots-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | WiFiSense |
+| Friendly Name | Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services |
+| Location | Computer Configuration |
+| Path | Network > WLAN Service > WLAN Settings |
+| Registry Key Name | Software\Microsoft\wcmsvc\wifinetworkmanager\config |
+| Registry Value Name | AutoConnectAllowedOEM |
+| ADMX File Name | wlansvc.admx |
+<!-- AllowAutoConnectToWiFiSenseHotspots-GpMapping-End -->
+
+<!-- AllowAutoConnectToWiFiSenseHotspots-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- AllowAutoConnectToWiFiSenseHotspots-Examples-End -->
+
+<!-- AllowAutoConnectToWiFiSenseHotspots-End -->
+
+<!-- AllowInternetSharing-Begin -->
+## AllowInternetSharing
+
+<!-- AllowInternetSharing-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1507 [10.0.10240] and later |
+<!-- AllowInternetSharing-Applicability-End -->
+
+<!-- AllowInternetSharing-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Wifi/AllowInternetSharing
+```
+<!-- AllowInternetSharing-OmaUri-End -->
+
+<!-- AllowInternetSharing-Description-Begin -->
+<!-- Description-Source-ADMX -->
+Determines whether administrators can enable and configure the Internet Connection Sharing (ICS) feature of an Internet connection and if the ICS service can run on the computer.
+
+ICS lets administrators configure their system as an Internet gateway for a small network and provides network services, such as name resolution and addressing through DHCP, to the local private network.
+
+If you enable this setting, ICS cannot be enabled or configured by administrators, and the ICS service cannot run on the computer. The Advanced tab in the Properties dialog box for a LAN or remote access connection is removed. The Internet Connection Sharing page is removed from the New Connection Wizard. The Network Setup Wizard is disabled.
+
+If you disable this setting or do not configure it and have two or more connections, administrators can enable ICS. The Advanced tab in the properties dialog box for a LAN or remote access connection is available. In addition, the user is presented with the option to enable Internet Connection Sharing in the Network Setup Wizard and Make New Connection Wizard. (The Network Setup Wizard is available only in Windows XP Professional.)
+
+By default, ICS is disabled when you create a remote access connection, but administrators can use the Advanced tab to enable it. When running the New Connection Wizard or Network Setup Wizard, administrators can choose to enable ICS.
+
+Note: Internet Connection Sharing is only available when two or more network connections are present.
+
+Note: When the "Prohibit access to properties of a LAN connection," "Ability to change properties of an all user remote access connection," or "Prohibit changing properties of a private remote access connection" settings are set to deny access to the Connection Properties dialog box, the Advanced tab for the connection is blocked.
+
+Note: Nonadministrators are already prohibited from configuring Internet Connection Sharing, regardless of this setting.
+
+Note: Disabling this setting does not prevent Wireless Hosted Networking from using the ICS service for DHCP services. To prevent the ICS service from running, on the Network Permissions tab in the network's policy properties, select the "Don't use hosted networks" check box.
+<!-- AllowInternetSharing-Description-End -->
+
+<!-- AllowInternetSharing-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- AllowInternetSharing-Editable-End -->
+
+<!-- AllowInternetSharing-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 1 |
+<!-- AllowInternetSharing-DFProperties-End -->
+
+<!-- AllowInternetSharing-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 | Not allowed. |
+| 1 (Default) | Allowed. |
+<!-- AllowInternetSharing-AllowedValues-End -->
+
+<!-- AllowInternetSharing-GpMapping-Begin -->
+**Group policy mapping**:
+
+| Name | Value |
+|:--|:--|
+| Name | NC_ShowSharedAccessUI |
+| Friendly Name | Prohibit use of Internet Connection Sharing on your DNS domain network |
+| Location | Computer Configuration |
+| Path | Network > Network Connections |
+| Registry Key Name | Software\Policies\Microsoft\Windows\Network Connections |
+| Registry Value Name | NC_ShowSharedAccessUI |
+| ADMX File Name | NetworkConnections.admx |
+<!-- AllowInternetSharing-GpMapping-End -->
+
+<!-- AllowInternetSharing-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- AllowInternetSharing-Examples-End -->
+
+<!-- AllowInternetSharing-End -->
+
+<!-- AllowManualWiFiConfiguration-Begin -->
+## AllowManualWiFiConfiguration
+
+<!-- AllowManualWiFiConfiguration-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1507 [10.0.10240] and later |
+<!-- AllowManualWiFiConfiguration-Applicability-End -->
+
+<!-- AllowManualWiFiConfiguration-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Wifi/AllowManualWiFiConfiguration
+```
+<!-- AllowManualWiFiConfiguration-OmaUri-End -->
+
+<!-- AllowManualWiFiConfiguration-Description-Begin -->
+<!-- Description-Source-DDF -->
+Allow or disallow connecting to Wi-Fi outside of MDM server-installed networks. Most restricted value is 0. **Note**: Setting this policy deletes any previously installed user-configured and Wi-Fi sense Wi-Fi profiles from the device. Certain Wi-Fi profiles that are not user configured nor Wi-Fi sense might not be deleted. In addition, not all non-MDM profiles are completely deleted.
+<!-- AllowManualWiFiConfiguration-Description-End -->
+
+<!-- AllowManualWiFiConfiguration-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- AllowManualWiFiConfiguration-Editable-End -->
+
+<!-- AllowManualWiFiConfiguration-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 1 |
+<!-- AllowManualWiFiConfiguration-DFProperties-End -->
+
+<!-- AllowManualWiFiConfiguration-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 | No Wi-Fi connection outside of MDM provisioned network is allowed. |
+| 1 (Default) | Adding new network SSIDs beyond the already MDM provisioned ones is allowed. |
+<!-- AllowManualWiFiConfiguration-AllowedValues-End -->
+
+<!-- AllowManualWiFiConfiguration-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- AllowManualWiFiConfiguration-Examples-End -->
+
+<!-- AllowManualWiFiConfiguration-End -->
+
+<!-- AllowWiFi-Begin -->
+## AllowWiFi
+
+<!-- AllowWiFi-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1507 [10.0.10240] and later |
+<!-- AllowWiFi-Applicability-End -->
+
+<!-- AllowWiFi-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Wifi/AllowWiFi
+```
+<!-- AllowWiFi-OmaUri-End -->
+
+<!-- AllowWiFi-Description-Begin -->
+<!-- Description-Source-DDF -->
 This policy has been deprecated.
+<!-- AllowWiFi-Description-End -->
+
+<!-- AllowWiFi-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- AllowWiFi-Editable-End -->
+
+<!-- AllowWiFi-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 1 |
+<!-- AllowWiFi-DFProperties-End -->
+
+<!-- AllowWiFi-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 | Not allowed. |
+| 1 (Default) | Allowed. |
+<!-- AllowWiFi-AllowedValues-End -->
+
+<!-- AllowWiFi-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- AllowWiFi-Examples-End -->
+
+<!-- AllowWiFi-End -->
+
+<!-- AllowWiFiDirect-Begin -->
+## AllowWiFiDirect
+
+<!-- AllowWiFiDirect-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1703 [10.0.15063] and later |
+<!-- AllowWiFiDirect-Applicability-End -->
+
+<!-- AllowWiFiDirect-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Wifi/AllowWiFiDirect
+```
+<!-- AllowWiFiDirect-OmaUri-End -->
+
+<!-- AllowWiFiDirect-Description-Begin -->
+<!-- Description-Source-DDF -->
+Allow WiFi Direct connection. .
+<!-- AllowWiFiDirect-Description-End -->
+
+<!-- AllowWiFiDirect-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- AllowWiFiDirect-Editable-End -->
+
+<!-- AllowWiFiDirect-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 1 |
+<!-- AllowWiFiDirect-DFProperties-End -->
+
+<!-- AllowWiFiDirect-AllowedValues-Begin -->
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 0 | Not allowed. |
+| 1 (Default) | Allowed. |
+<!-- AllowWiFiDirect-AllowedValues-End -->
+
+<!-- AllowWiFiDirect-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- AllowWiFiDirect-Examples-End -->
+
+<!-- AllowWiFiDirect-End -->
+
+<!-- WLANScanMode-Begin -->
+## WLANScanMode
+
+<!-- WLANScanMode-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1607 [10.0.14393] and later |
+<!-- WLANScanMode-Applicability-End -->
+
+<!-- WLANScanMode-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/Wifi/WLANScanMode
+```
+<!-- WLANScanMode-OmaUri-End -->
+
+<!-- WLANScanMode-Description-Begin -->
+<!-- Description-Source-DDF -->
+Allow an enterprise to control the WLAN scanning behavior and how aggressively devices should be actively scanning for Wi-Fi networks to get devices connected. Supported values are 0-500, where 100 = normal scan frequency and 500 = low scan frequency. The default value is 0. Supported operations are Add, Delete, Get, and Replace.
+<!-- WLANScanMode-Description-End -->
+
+<!-- WLANScanMode-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- WLANScanMode-Editable-End -->
+
+<!-- WLANScanMode-DFProperties-Begin -->
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Allowed Values | Range: `[0-500]` |
+| Default Value  | 0 |
+<!-- WLANScanMode-DFProperties-End -->
+
+<!-- WLANScanMode-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- WLANScanMode-Examples-End -->
+
+<!-- WLANScanMode-End -->
+
+<!-- Wifi-CspMoreInfo-Begin -->
+<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
+<!-- Wifi-CspMoreInfo-End -->

-<!--/Description-->
-<!--/Policy-->
-
-<hr/>
-
-<!--Policy-->
-<a href="" id="wifi-allowautoconnecttowifisensehotspots"></a>**Wifi/AllowAutoConnectToWiFiSenseHotspots**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-Allow or disallow the device to automatically connect to Wi-Fi hotspots.
-
-Most restricted value is 0.
-
-<!--/Description-->
-<!--ADMXMapped-->
-ADMX Info:
-   GP Friendly name: *Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services*
-   GP name: *WiFiSense*
-   GP path: *Network/WLAN Service/WLAN Settings*
-   GP ADMX file name: *wlansvc.admx*
-
-<!--/ADMXMapped-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-   0 – Not allowed.
-   1 (default) – Allowed.
-
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
-<!--Policy-->
-<a href="" id="wifi-allowinternetsharing"></a>**Wifi/AllowInternetSharing**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-Allow or disallow internet sharing.
-
-Most restricted value is 0.
-
-<!--/Description-->
-<!--ADMXMapped-->
-ADMX Info:
-   GP Friendly name: *Prohibit use of Internet Connection Sharing on your DNS domain network*
-   GP name: *NC_ShowSharedAccessUI*
-   GP path: *Network/Network Connections*
-   GP ADMX file name: *NetworkConnections.admx*
-
-<!--/ADMXMapped-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-   0 – Do not allow the use of Internet Sharing.
-   1 (default) – Allow the use of Internet Sharing.
-
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
-<!--Policy-->
-<a href="" id="wifi-allowmanualwificonfiguration"></a>**Wifi/AllowManualWiFiConfiguration**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-Allow or disallow connecting to Wi-Fi outside of MDM server-installed networks.
-
-Most restricted value is 0.
-
-> [!NOTE]
-> Setting this policy deletes any previously installed user-configured and Wi-Fi sense Wi-Fi profiles from the device. Certain Wi-Fi profiles that are not user configured nor Wi-Fi sense might not be deleted. In addition, not all non-MDM profiles are completely deleted.
-
-<!--/Description-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-   0 – No Wi-Fi connection outside of MDM provisioned network is allowed.
-   1 (default) – Adding new network SSIDs beyond the already MDM provisioned ones is allowed.
-
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
-<!--Policy-->
-<a href="" id="wifi-allowwifi"></a>**Wifi/AllowWiFi**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-Allow or disallow WiFi connection.
-
-Most restricted value is 0.
-
-<!--/Description-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-   0 – WiFi connection is not allowed.
-   1 (default) – WiFi connection is allowed.
-
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
-<!--Policy-->
-<a href="" id="wifi-allowwifidirect"></a>**Wifi/AllowWiFiDirect**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-Allow WiFi Direct connection..
-
-<!--/Description-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
- 0 - WiFi Direct connection is not allowed.
- 1 - WiFi Direct connection is allowed.
-
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
-<!--Policy-->
-<a href="" id="wifi-wlanscanmode"></a>**Wifi/WLANScanMode**
-
-<!--SupportedSKUs-->
-
-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-Allow an enterprise to control the WLAN scanning behavior and how aggressively devices should be actively scanning for Wi-Fi networks to get devices connected.
-
-Supported values are 0-500, where 100 = normal scan frequency and 500 = low scan frequency.
-
-The default value is 0.
-
-Supported operations are Add, Delete, Get, and Replace.
-
-<!--/Description-->
-<!--/Policy-->
-<hr/>
-
-
-<!--/Policies-->
+<!-- Wifi-End -->
+
+## Related articles

+[Policy configuration service provider](policy-configuration-service-provider.md)
--- a/windows/client-management/mdm/policy-csp-windowsautopilot.md
+++ b/windows/client-management/mdm/policy-csp-windowsautopilot.md
@ -1,78 +1,80 @@
 ---
-title: Policy CSP - WindowsAutoPilot
-description: Learn to use the Policy CSP - WindowsAutoPilot setting to enable or disable Autopilot Agility feature.
+title: WindowsAutopilot Policy CSP
+description: Learn more about the WindowsAutopilot Area in Policy CSP
+author: vinaypamnani-msft
+manager: aaroncz
 ms.author: vinpa
-ms.topic: article
+ms.date: 12/07/2022
+ms.localizationpriority: medium
 ms.prod: windows-client
 ms.technology: itpro-manage
-author: vinaypamnani-msft
-ms.localizationpriority: medium
-ms.date: 11/25/2021
-ms.reviewer: 
-manager: aaroncz
+ms.topic: reference
 ---

-# Policy CSP - WindowsAutoPilot
+<!-- Auto-Generated CSP Document -->

+<!-- WindowsAutopilot-Begin -->
+# Policy CSP - WindowsAutopilot

+<!-- WindowsAutopilot-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- WindowsAutopilot-Editable-End -->

-<hr/>
+<!-- EnableAgilityPostEnrollment-Begin -->
+## EnableAgilityPostEnrollment

-<!--Policies-->
-## WindowsAutoPilot policies
+<!-- EnableAgilityPostEnrollment-Applicability-Begin -->
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :x: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
+<!-- EnableAgilityPostEnrollment-Applicability-End -->

-<dl>
-  <dd>
-    <a href="#windowsautopilot-enableagilitypostenrollment">WindowsAutoPilot/EnableAgilityPostEnrollment</a>
-  </dd>
-</dl>
+<!-- EnableAgilityPostEnrollment-OmaUri-Begin -->
+```Device
+./Device/Vendor/MSFT/Policy/Config/WindowsAutopilot/EnableAgilityPostEnrollment
+```
+<!-- EnableAgilityPostEnrollment-OmaUri-End -->

+<!-- EnableAgilityPostEnrollment-Description-Begin -->
+<!-- Description-Source-DDF -->
+Specifies whether to check for Windows Autopilot updates after enrollment. Most restricted value is 0.
+<!-- EnableAgilityPostEnrollment-Description-End -->

-<hr/>
+<!-- EnableAgilityPostEnrollment-Editable-Begin -->
+<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
+<!-- EnableAgilityPostEnrollment-Editable-End -->

-<!--Policy-->
-<a href="" id="windowsautopilot-enableagilitypostenrollment"></a>**WindowsAutoPilot/EnableAgilityPostEnrollment**
+<!-- EnableAgilityPostEnrollment-DFProperties-Begin -->
+**Description framework properties**:

-<!--SupportedSKUs-->
+| Property name | Property value |
+|:--|:--|
+| Format | int |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value  | 0 |
+<!-- EnableAgilityPostEnrollment-DFProperties-End -->

-|Edition|Windows 10|Windows 11|
-|--- |--- |--- |
-|Home|No|No|
-|Pro|Yes|Yes|
-|Windows SE|No|Yes|
-|Business|Yes|Yes|
-|Enterprise|Yes|Yes|
-|Education|Yes|Yes|
+<!-- EnableAgilityPostEnrollment-AllowedValues-Begin -->
+**Allowed values**:

-<!--/SupportedSKUs-->
-<hr/>
+| Value | Description |
+|:--|:--|
+| 0 (Default) | Not enabled |
+| 1 | Enabled |
+<!-- EnableAgilityPostEnrollment-AllowedValues-End -->

-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
+<!-- EnableAgilityPostEnrollment-Examples-Begin -->
+<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
+<!-- EnableAgilityPostEnrollment-Examples-End -->

-> [!div class = "checklist"]
-> * Device
+<!-- EnableAgilityPostEnrollment-End -->

-<hr/>
+<!-- WindowsAutopilot-CspMoreInfo-Begin -->
+<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
+<!-- WindowsAutopilot-CspMoreInfo-End -->

-<!--/Scope-->
-<!--Description-->
-This policy enables Windows Autopilot to be kept up-to-date during the out-of-box experience after MDM enrollment.
+<!-- WindowsAutopilot-End -->

-<!--/Description-->
-<!--SupportedValues-->
+## Related articles

-<!--/SupportedValues-->
-<!--Example-->
-
-<!--/Example-->
-<!--Validation-->
-
-<!--/Validation-->
-<!--/Policy-->
-<hr/>
-
-<!--/Policies-->
-
-## Related topics
-[Policy configuration service provider](policy-configuration-service-provider.md)
+[Policy configuration service provider](policy-configuration-service-provider.md)
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@ -540,7 +540,7 @@ items:
          href: policy-csp-webthreatdefense.md
        - name: Wifi
          href: policy-csp-wifi.md
-        - name: WindowsAutoPilot
+        - name: WindowsAutopilot
          href: policy-csp-windowsautopilot.md
        - name: WindowsConnectionManager
          href: policy-csp-windowsconnectionmanager.md