deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Add more CSPs

Browse Source
This commit is contained in:
Vinay Pamnani 2022-12-08 12:24:59 -05:00
parent 32c502a3b5
commit e6506ccd23
10 changed files with 2485 additions and 5969 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3010
windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
View File

File diff suppressed because it is too large Load Diff

920
windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
View File

@ -4,7 +4,7 @@ description: Learn about the policies in Policy CSP supported by Group Policy.
author: vinaypamnani-msft author: vinaypamnani-msft
manager: aaroncz manager: aaroncz
ms.author: vinpa ms.author: vinpa
ms.date: 12/07/2022 ms.date: 12/08/2022
ms.localizationpriority: medium ms.localizationpriority: medium
ms.prod: windows-client ms.prod: windows-client
ms.technology: itpro-manage ms.technology: itpro-manage
@ -17,924 +17,6 @@ ms.topic: reference
This article lists the policies in Policy CSP that have a group policy mapping. This article lists the policies in Policy CSP that have a group policy mapping.
## AboveLock
- [AllowCortanaAboveLock](policy-csp-abovelock.md)
## Accounts
- [RestrictToEnterpriseDeviceAuthenticationOnly](policy-csp-accounts.md)
## ApplicationDefaults
- [DefaultAssociationsConfiguration](policy-csp-applicationdefaults.md)
- [EnableAppUriHandlers](policy-csp-applicationdefaults.md)
## ApplicationManagement
- [RequirePrivateStoreOnly](policy-csp-applicationmanagement.md)
- [MSIAlwaysInstallWithElevatedPrivileges](policy-csp-applicationmanagement.md)
- [AllowAllTrustedApps](policy-csp-applicationmanagement.md)
- [AllowAppStoreAutoUpdate](policy-csp-applicationmanagement.md)
- [AllowAutomaticAppArchiving](policy-csp-applicationmanagement.md)
- [AllowDeveloperUnlock](policy-csp-applicationmanagement.md)
- [AllowGameDVR](policy-csp-applicationmanagement.md)
- [AllowSharedUserAppData](policy-csp-applicationmanagement.md)
- [RequirePrivateStoreOnly](policy-csp-applicationmanagement.md)
- [MSIAlwaysInstallWithElevatedPrivileges](policy-csp-applicationmanagement.md)
- [MSIAllowUserControlOverInstall](policy-csp-applicationmanagement.md)
- [RestrictAppDataToSystemVolume](policy-csp-applicationmanagement.md)
- [RestrictAppToSystemVolume](policy-csp-applicationmanagement.md)
- [DisableStoreOriginatedApps](policy-csp-applicationmanagement.md)
- [BlockNonAdminUserInstall](policy-csp-applicationmanagement.md)
## Audit
- [AccountLogon_AuditCredentialValidation](policy-csp-audit.md)
- [AccountLogon_AuditKerberosAuthenticationService](policy-csp-audit.md)
- [AccountLogon_AuditKerberosServiceTicketOperations](policy-csp-audit.md)
- [AccountLogon_AuditOtherAccountLogonEvents](policy-csp-audit.md)
- [AccountManagement_AuditApplicationGroupManagement](policy-csp-audit.md)
- [AccountManagement_AuditComputerAccountManagement](policy-csp-audit.md)
- [AccountManagement_AuditDistributionGroupManagement](policy-csp-audit.md)
- [AccountManagement_AuditOtherAccountManagementEvents](policy-csp-audit.md)
- [AccountManagement_AuditSecurityGroupManagement](policy-csp-audit.md)
- [AccountManagement_AuditUserAccountManagement](policy-csp-audit.md)
- [DetailedTracking_AuditDPAPIActivity](policy-csp-audit.md)
- [DetailedTracking_AuditPNPActivity](policy-csp-audit.md)
- [DetailedTracking_AuditProcessCreation](policy-csp-audit.md)
- [DetailedTracking_AuditProcessTermination](policy-csp-audit.md)
- [DetailedTracking_AuditRPCEvents](policy-csp-audit.md)
- [DetailedTracking_AuditTokenRightAdjusted](policy-csp-audit.md)
- [DSAccess_AuditDetailedDirectoryServiceReplication](policy-csp-audit.md)
- [DSAccess_AuditDirectoryServiceAccess](policy-csp-audit.md)
- [DSAccess_AuditDirectoryServiceChanges](policy-csp-audit.md)
- [DSAccess_AuditDirectoryServiceReplication](policy-csp-audit.md)
- [AccountLogonLogoff_AuditAccountLockout](policy-csp-audit.md)
- [AccountLogonLogoff_AuditUserDeviceClaims](policy-csp-audit.md)
- [AccountLogonLogoff_AuditGroupMembership](policy-csp-audit.md)
- [AccountLogonLogoff_AuditIPsecExtendedMode](policy-csp-audit.md)
- [AccountLogonLogoff_AuditIPsecMainMode](policy-csp-audit.md)
- [AccountLogonLogoff_AuditIPsecQuickMode](policy-csp-audit.md)
- [AccountLogonLogoff_AuditLogoff](policy-csp-audit.md)
- [AccountLogonLogoff_AuditLogon](policy-csp-audit.md)
- [AccountLogonLogoff_AuditNetworkPolicyServer](policy-csp-audit.md)
- [AccountLogonLogoff_AuditOtherLogonLogoffEvents](policy-csp-audit.md)
- [AccountLogonLogoff_AuditSpecialLogon](policy-csp-audit.md)
- [ObjectAccess_AuditApplicationGenerated](policy-csp-audit.md)
- [ObjectAccess_AuditCertificationServices](policy-csp-audit.md)
- [ObjectAccess_AuditDetailedFileShare](policy-csp-audit.md)
- [ObjectAccess_AuditFileShare](policy-csp-audit.md)
- [ObjectAccess_AuditFileSystem](policy-csp-audit.md)
- [ObjectAccess_AuditFilteringPlatformConnection](policy-csp-audit.md)
- [ObjectAccess_AuditFilteringPlatformPacketDrop](policy-csp-audit.md)
- [ObjectAccess_AuditHandleManipulation](policy-csp-audit.md)
- [ObjectAccess_AuditKernelObject](policy-csp-audit.md)
- [ObjectAccess_AuditOtherObjectAccessEvents](policy-csp-audit.md)
- [ObjectAccess_AuditRegistry](policy-csp-audit.md)
- [ObjectAccess_AuditRemovableStorage](policy-csp-audit.md)
- [ObjectAccess_AuditSAM](policy-csp-audit.md)
- [ObjectAccess_AuditCentralAccessPolicyStaging](policy-csp-audit.md)
- [PolicyChange_AuditPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditAuthenticationPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditAuthorizationPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditFilteringPlatformPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditMPSSVCRuleLevelPolicyChange](policy-csp-audit.md)
- [PolicyChange_AuditOtherPolicyChangeEvents](policy-csp-audit.md)
- [PrivilegeUse_AuditNonSensitivePrivilegeUse](policy-csp-audit.md)
- [PrivilegeUse_AuditOtherPrivilegeUseEvents](policy-csp-audit.md)
- [PrivilegeUse_AuditSensitivePrivilegeUse](policy-csp-audit.md)
- [System_AuditIPsecDriver](policy-csp-audit.md)
- [System_AuditOtherSystemEvents](policy-csp-audit.md)
- [System_AuditSecurityStateChange](policy-csp-audit.md)
- [System_AuditSecuritySystemExtension](policy-csp-audit.md)
- [System_AuditSystemIntegrity](policy-csp-audit.md)
## Authentication
- [AllowSecondaryAuthenticationDevice](policy-csp-authentication.md)
## BITS
- [JobInactivityTimeout](policy-csp-bits.md)
- [BandwidthThrottlingStartTime](policy-csp-bits.md)
- [BandwidthThrottlingEndTime](policy-csp-bits.md)
- [BandwidthThrottlingTransferRate](policy-csp-bits.md)
- [CostedNetworkBehaviorForegroundPriority](policy-csp-bits.md)
- [CostedNetworkBehaviorBackgroundPriority](policy-csp-bits.md)
## Browser
- [AllowAddressBarDropdown](policy-csp-browser.md)
- [AllowAutofill](policy-csp-browser.md)
- [AllowCookies](policy-csp-browser.md)
- [AllowDeveloperTools](policy-csp-browser.md)
- [AllowDoNotTrack](policy-csp-browser.md)
- [AllowExtensions](policy-csp-browser.md)
- [AllowFlash](policy-csp-browser.md)
- [AllowFlashClickToRun](policy-csp-browser.md)
- [AllowFullScreenMode](policy-csp-browser.md)
- [AllowInPrivate](policy-csp-browser.md)
- [AllowMicrosoftCompatibilityList](policy-csp-browser.md)
- [ConfigureTelemetryForMicrosoft365Analytics](policy-csp-browser.md)
- [AllowPasswordManager](policy-csp-browser.md)
- [AllowPopups](policy-csp-browser.md)
- [AllowPrinting](policy-csp-browser.md)
- [AllowSavingHistory](policy-csp-browser.md)
- [AllowSearchEngineCustomization](policy-csp-browser.md)
- [AllowSearchSuggestionsinAddressBar](policy-csp-browser.md)
- [AllowSideloadingOfExtensions](policy-csp-browser.md)
- [AllowSmartScreen](policy-csp-browser.md)
- [AllowWebContentOnNewTabPage](policy-csp-browser.md)
- [AlwaysEnableBooksLibrary](policy-csp-browser.md)
- [ClearBrowsingDataOnExit](policy-csp-browser.md)
- [ConfigureAdditionalSearchEngines](policy-csp-browser.md)
- [ConfigureFavoritesBar](policy-csp-browser.md)
- [ConfigureHomeButton](policy-csp-browser.md)
- [ConfigureOpenMicrosoftEdgeWith](policy-csp-browser.md)
- [DisableLockdownOfStartPages](policy-csp-browser.md)
- [EnableExtendedBooksTelemetry](policy-csp-browser.md)
- [AllowTabPreloading](policy-csp-browser.md)
- [AllowPrelaunch](policy-csp-browser.md)
- [EnterpriseModeSiteList](policy-csp-browser.md)
- [PreventTurningOffRequiredExtensions](policy-csp-browser.md)
- [HomePages](policy-csp-browser.md)
- [LockdownFavorites](policy-csp-browser.md)
- [ConfigureKioskMode](policy-csp-browser.md)
- [ConfigureKioskResetAfterIdleTimeout](policy-csp-browser.md)
- [PreventAccessToAboutFlagsInMicrosoftEdge](policy-csp-browser.md)
- [PreventFirstRunPage](policy-csp-browser.md)
- [PreventCertErrorOverrides](policy-csp-browser.md)
- [PreventSmartScreenPromptOverride](policy-csp-browser.md)
- [PreventSmartScreenPromptOverrideForFiles](policy-csp-browser.md)
- [PreventLiveTileDataCollection](policy-csp-browser.md)
- [PreventUsingLocalHostIPAddressForWebRTC](policy-csp-browser.md)
- [ProvisionFavorites](policy-csp-browser.md)
- [SendIntranetTraffictoInternetExplorer](policy-csp-browser.md)
- [SetDefaultSearchEngine](policy-csp-browser.md)
- [SetHomeButtonURL](policy-csp-browser.md)
- [SetNewTabPageURL](policy-csp-browser.md)
- [ShowMessageWhenOpeningSitesInInternetExplorer](policy-csp-browser.md)
- [SyncFavoritesBetweenIEAndMicrosoftEdge](policy-csp-browser.md)
- [UnlockHomeButton](policy-csp-browser.md)
- [UseSharedFolderForBooks](policy-csp-browser.md)
- [AllowAddressBarDropdown](policy-csp-browser.md)
- [AllowAutofill](policy-csp-browser.md)
- [AllowCookies](policy-csp-browser.md)
- [AllowDeveloperTools](policy-csp-browser.md)
- [AllowDoNotTrack](policy-csp-browser.md)
- [AllowExtensions](policy-csp-browser.md)
- [AllowFlash](policy-csp-browser.md)
- [AllowFlashClickToRun](policy-csp-browser.md)
- [AllowFullScreenMode](policy-csp-browser.md)
- [AllowInPrivate](policy-csp-browser.md)
- [AllowMicrosoftCompatibilityList](policy-csp-browser.md)
- [ConfigureTelemetryForMicrosoft365Analytics](policy-csp-browser.md)
- [AllowPasswordManager](policy-csp-browser.md)
- [AllowPopups](policy-csp-browser.md)
- [AllowPrinting](policy-csp-browser.md)
- [AllowSavingHistory](policy-csp-browser.md)
- [AllowSearchEngineCustomization](policy-csp-browser.md)
- [AllowSearchSuggestionsinAddressBar](policy-csp-browser.md)
- [AllowSideloadingOfExtensions](policy-csp-browser.md)
- [AllowSmartScreen](policy-csp-browser.md)
- [AllowWebContentOnNewTabPage](policy-csp-browser.md)
- [AlwaysEnableBooksLibrary](policy-csp-browser.md)
- [ClearBrowsingDataOnExit](policy-csp-browser.md)
- [ConfigureAdditionalSearchEngines](policy-csp-browser.md)
- [ConfigureFavoritesBar](policy-csp-browser.md)
- [ConfigureHomeButton](policy-csp-browser.md)
- [ConfigureOpenMicrosoftEdgeWith](policy-csp-browser.md)
- [DisableLockdownOfStartPages](policy-csp-browser.md)
- [EnableExtendedBooksTelemetry](policy-csp-browser.md)
- [AllowTabPreloading](policy-csp-browser.md)
- [AllowPrelaunch](policy-csp-browser.md)
- [EnterpriseModeSiteList](policy-csp-browser.md)
- [PreventTurningOffRequiredExtensions](policy-csp-browser.md)
- [HomePages](policy-csp-browser.md)
- [LockdownFavorites](policy-csp-browser.md)
- [ConfigureKioskMode](policy-csp-browser.md)
- [ConfigureKioskResetAfterIdleTimeout](policy-csp-browser.md)
- [PreventAccessToAboutFlagsInMicrosoftEdge](policy-csp-browser.md)
- [PreventFirstRunPage](policy-csp-browser.md)
- [PreventCertErrorOverrides](policy-csp-browser.md)
- [PreventSmartScreenPromptOverride](policy-csp-browser.md)
- [PreventSmartScreenPromptOverrideForFiles](policy-csp-browser.md)
- [PreventLiveTileDataCollection](policy-csp-browser.md)
- [PreventUsingLocalHostIPAddressForWebRTC](policy-csp-browser.md)
- [ProvisionFavorites](policy-csp-browser.md)
- [SendIntranetTraffictoInternetExplorer](policy-csp-browser.md)
- [SetDefaultSearchEngine](policy-csp-browser.md)
- [SetHomeButtonURL](policy-csp-browser.md)
- [SetNewTabPageURL](policy-csp-browser.md)
- [ShowMessageWhenOpeningSitesInInternetExplorer](policy-csp-browser.md)
- [SyncFavoritesBetweenIEAndMicrosoftEdge](policy-csp-browser.md)
- [UnlockHomeButton](policy-csp-browser.md)
- [UseSharedFolderForBooks](policy-csp-browser.md)
## Camera
- [AllowCamera](policy-csp-camera.md)
## Cellular
- [LetAppsAccessCellularData](policy-csp-cellular.md)
- [LetAppsAccessCellularData_ForceAllowTheseApps](policy-csp-cellular.md)
- [LetAppsAccessCellularData_ForceDenyTheseApps](policy-csp-cellular.md)
- [LetAppsAccessCellularData_UserInControlOfTheseApps](policy-csp-cellular.md)
## Connectivity
- [AllowCellularDataRoaming](policy-csp-connectivity.md)
- [AllowPhonePCLinking](policy-csp-connectivity.md)
- [DisallowNetworkConnectivityActiveTests](policy-csp-connectivity.md)
## Cryptography
- [AllowFipsAlgorithmPolicy](policy-csp-cryptography.md)
## Defender
- [AllowArchiveScanning](policy-csp-defender.md)
- [AllowBehaviorMonitoring](policy-csp-defender.md)
- [AllowCloudProtection](policy-csp-defender.md)
- [AllowEmailScanning](policy-csp-defender.md)
- [AllowFullScanOnMappedNetworkDrives](policy-csp-defender.md)
- [AllowFullScanRemovableDriveScanning](policy-csp-defender.md)
- [AllowIOAVProtection](policy-csp-defender.md)
- [AllowOnAccessProtection](policy-csp-defender.md)
- [AllowRealtimeMonitoring](policy-csp-defender.md)
- [AllowScanningNetworkFiles](policy-csp-defender.md)
- [AllowUserUIAccess](policy-csp-defender.md)
- [AttackSurfaceReductionOnlyExclusions](policy-csp-defender.md)
- [AttackSurfaceReductionRules](policy-csp-defender.md)
- [AvgCPULoadFactor](policy-csp-defender.md)
- [CloudBlockLevel](policy-csp-defender.md)
- [CloudExtendedTimeout](policy-csp-defender.md)
- [ControlledFolderAccessAllowedApplications](policy-csp-defender.md)
- [CheckForSignaturesBeforeRunningScan](policy-csp-defender.md)
- [SecurityIntelligenceLocation](policy-csp-defender.md)
- [ControlledFolderAccessProtectedFolders](policy-csp-defender.md)
- [DaysToRetainCleanedMalware](policy-csp-defender.md)
- [DisableCatchupFullScan](policy-csp-defender.md)
- [DisableCatchupQuickScan](policy-csp-defender.md)
- [EnableControlledFolderAccess](policy-csp-defender.md)
- [EnableLowCPUPriority](policy-csp-defender.md)
- [EnableNetworkProtection](policy-csp-defender.md)
- [ExcludedPaths](policy-csp-defender.md)
- [ExcludedExtensions](policy-csp-defender.md)
- [ExcludedProcesses](policy-csp-defender.md)
- [PUAProtection](policy-csp-defender.md)
- [RealTimeScanDirection](policy-csp-defender.md)
- [ScanParameter](policy-csp-defender.md)
- [ScheduleQuickScanTime](policy-csp-defender.md)
- [ScheduleScanDay](policy-csp-defender.md)
- [ScheduleScanTime](policy-csp-defender.md)
- [SignatureUpdateFallbackOrder](policy-csp-defender.md)
- [SignatureUpdateFileSharesSources](policy-csp-defender.md)
- [SignatureUpdateInterval](policy-csp-defender.md)
- [SubmitSamplesConsent](policy-csp-defender.md)
- [ThreatSeverityDefaultAction](policy-csp-defender.md)
## DeliveryOptimization
- [DODownloadMode](policy-csp-deliveryoptimization.md)
- [DOGroupId](policy-csp-deliveryoptimization.md)
- [DOMaxCacheSize](policy-csp-deliveryoptimization.md)
- [DOAbsoluteMaxCacheSize](policy-csp-deliveryoptimization.md)
- [DOMaxCacheAge](policy-csp-deliveryoptimization.md)
- [DOMonthlyUploadDataCap](policy-csp-deliveryoptimization.md)
- [DOMinBackgroundQos](policy-csp-deliveryoptimization.md)
- [DOModifyCacheDrive](policy-csp-deliveryoptimization.md)
- [DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md)
- [DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md)
- [DOPercentageMaxBackgroundBandwidth](policy-csp-deliveryoptimization.md)
- [DOPercentageMaxForegroundBandwidth](policy-csp-deliveryoptimization.md)
- [DOMinFileSizeToCache](policy-csp-deliveryoptimization.md)
- [DOAllowVPNPeerCaching](policy-csp-deliveryoptimization.md)
- [DOMinRAMAllowedToPeer](policy-csp-deliveryoptimization.md)
- [DOMinDiskSizeAllowedToPeer](policy-csp-deliveryoptimization.md)
- [DOMinBatteryPercentageAllowedToUpload](policy-csp-deliveryoptimization.md)
- [DOCacheHost](policy-csp-deliveryoptimization.md)
- [DOCacheHostSource](policy-csp-deliveryoptimization.md)
- [DODisallowCacheServerDownloadsOnVPN](policy-csp-deliveryoptimization.md)
- [DOGroupIdSource](policy-csp-deliveryoptimization.md)
- [DODelayBackgroundDownloadFromHttp](policy-csp-deliveryoptimization.md)
- [DODelayForegroundDownloadFromHttp](policy-csp-deliveryoptimization.md)
- [DODelayCacheServerFallbackBackground](policy-csp-deliveryoptimization.md)
- [DODelayCacheServerFallbackForeground](policy-csp-deliveryoptimization.md)
- [DORestrictPeerSelectionBy](policy-csp-deliveryoptimization.md)
- [DOVpnKeywords](policy-csp-deliveryoptimization.md)
## DeviceGuard
- [EnableVirtualizationBasedSecurity](policy-csp-deviceguard.md)
- [RequirePlatformSecurityFeatures](policy-csp-deviceguard.md)
- [LsaCfgFlags](policy-csp-deviceguard.md)
- [ConfigureSystemGuardLaunch](policy-csp-deviceguard.md)
## DeviceLock
- [MinimumPasswordAge](policy-csp-devicelock.md)
- [MaximumPasswordAge](policy-csp-devicelock.md)
- [ClearTextPassword](policy-csp-devicelock.md)
- [PasswordComplexity](policy-csp-devicelock.md)
- [PasswordHistorySize](policy-csp-devicelock.md)
## Display
- [EnablePerProcessDpi](policy-csp-display.md)
- [TurnOnGdiDPIScalingForApps](policy-csp-display.md)
- [TurnOffGdiDPIScalingForApps](policy-csp-display.md)
- [EnablePerProcessDpi](policy-csp-display.md)
- [EnablePerProcessDpiForApps](policy-csp-display.md)
- [DisablePerProcessDpiForApps](policy-csp-display.md)
## DmaGuard
- [DeviceEnumerationPolicy](policy-csp-dmaguard.md)
## Education
- [AllowGraphingCalculator](policy-csp-education.md)
- [PreventAddingNewPrinters](policy-csp-education.md)
## Experience
- [AllowSpotlightCollection](policy-csp-experience.md)
- [AllowThirdPartySuggestionsInWindowsSpotlight](policy-csp-experience.md)
- [AllowWindowsSpotlight](policy-csp-experience.md)
- [AllowWindowsSpotlightOnActionCenter](policy-csp-experience.md)
- [AllowWindowsSpotlightOnSettings](policy-csp-experience.md)
- [AllowWindowsSpotlightWindowsWelcomeExperience](policy-csp-experience.md)
- [AllowTailoredExperiencesWithDiagnosticData](policy-csp-experience.md)
- [ConfigureWindowsSpotlightOnLockScreen](policy-csp-experience.md)
- [AllowCortana](policy-csp-experience.md)
- [AllowWindowsConsumerFeatures](policy-csp-experience.md)
- [AllowWindowsTips](policy-csp-experience.md)
- [DoNotShowFeedbackNotifications](policy-csp-experience.md)
- [AllowFindMyDevice](policy-csp-experience.md)
- [AllowClipboardHistory](policy-csp-experience.md)
- [DoNotSyncBrowserSettings](policy-csp-experience.md)
- [PreventUsersFromTurningOnBrowserSyncing](policy-csp-experience.md)
- [ShowLockOnUserTile](policy-csp-experience.md)
- [DisableCloudOptimizedContent](policy-csp-experience.md)
- [DisableConsumerAccountStateContent](policy-csp-experience.md)
- [ConfigureChatIcon](policy-csp-experience.md)
## ExploitGuard
- [ExploitProtectionSettings](policy-csp-exploitguard.md)
## FileExplorer
- [DisableGraphRecentItems](policy-csp-fileexplorer.md)
## Handwriting
- [PanelDefaultModeDocked](policy-csp-handwriting.md)
## HumanPresence
- [ForceInstantWake](policy-csp-humanpresence.md)
- [ForceInstantLock](policy-csp-humanpresence.md)
- [ForceLockTimeout](policy-csp-humanpresence.md)
- [ForceInstantDim](policy-csp-humanpresence.md)
## Kerberos
- [PKInitHashAlgorithmConfiguration](policy-csp-kerberos.md)
- [PKInitHashAlgorithmSHA1](policy-csp-kerberos.md)
- [PKInitHashAlgorithmSHA256](policy-csp-kerberos.md)
- [PKInitHashAlgorithmSHA384](policy-csp-kerberos.md)
- [PKInitHashAlgorithmSHA512](policy-csp-kerberos.md)
- [CloudKerberosTicketRetrievalEnabled](policy-csp-kerberos.md)
## LanmanWorkstation
- [EnableInsecureGuestLogons](policy-csp-lanmanworkstation.md)
## Licensing
- [AllowWindowsEntitlementReactivation](policy-csp-licensing.md)
- [DisallowKMSClientOnlineAVSValidation](policy-csp-licensing.md)
## LocalPoliciesSecurityOptions
- [Accounts_EnableAdministratorAccountStatus](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_BlockMicrosoftAccounts](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_EnableGuestAccountStatus](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_RenameAdministratorAccount](policy-csp-localpoliciessecurityoptions.md)
- [Accounts_RenameGuestAccount](policy-csp-localpoliciessecurityoptions.md)
- [Devices_AllowUndockWithoutHavingToLogon](policy-csp-localpoliciessecurityoptions.md)
- [Devices_AllowedToFormatAndEjectRemovableMedia](policy-csp-localpoliciessecurityoptions.md)
- [Devices_PreventUsersFromInstallingPrinterDriversWhenConnectingToSharedPrinters](policy-csp-localpoliciessecurityoptions.md)
- [Devices_RestrictCDROMAccessToLocallyLoggedOnUserOnly](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_DoNotRequireCTRLALTDEL](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_DoNotDisplayLastSignedIn](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_DoNotDisplayUsernameAtSignIn](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_MachineInactivityLimit](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_MessageTextForUsersAttemptingToLogOn](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_MessageTitleForUsersAttemptingToLogOn](policy-csp-localpoliciessecurityoptions.md)
- [InteractiveLogon_SmartCardRemovalBehavior](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkClient_DigitallySignCommunicationsAlways](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkClient_DigitallySignCommunicationsIfServerAgrees](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkClient_SendUnencryptedPasswordToThirdPartySMBServers](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkServer_DigitallySignCommunicationsAlways](policy-csp-localpoliciessecurityoptions.md)
- [MicrosoftNetworkServer_DigitallySignCommunicationsIfClientAgrees](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_AllowAnonymousSIDOrNameTranslation](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccounts](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_DoNotAllowAnonymousEnumerationOfSamAccountsAndShares](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares](policy-csp-localpoliciessecurityoptions.md)
- [NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_AllowPKU2UAuthenticationRequests](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_DoNotStoreLANManagerHashValueOnNextPasswordChange](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_ForceLogoffWhenLogonHoursExpire](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_LANManagerAuthenticationLevel](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedClients](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_MinimumSessionSecurityForNTLMSSPBasedServers](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_RestrictNTLM_AddRemoteServerExceptionsForNTLMAuthentication](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_RestrictNTLM_AuditIncomingNTLMTraffic](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_RestrictNTLM_IncomingNTLMTraffic](policy-csp-localpoliciessecurityoptions.md)
- [NetworkSecurity_RestrictNTLM_OutgoingNTLMTrafficToRemoteServers](policy-csp-localpoliciessecurityoptions.md)
- [Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn](policy-csp-localpoliciessecurityoptions.md)
- [Shutdown_ClearVirtualMemoryPageFile](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_UseAdminApprovalMode](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_AllowUIAccessApplicationsToPromptForElevation](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_BehaviorOfTheElevationPromptForAdministrators](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_RunAllAdministratorsInAdminApprovalMode](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations](policy-csp-localpoliciessecurityoptions.md)
- [UserAccountControl_DetectApplicationInstallationsAndPromptForElevation](policy-csp-localpoliciessecurityoptions.md)
## LocalSecurityAuthority
- [ConfigureLsaProtectedProcess](policy-csp-lsa.md)
## LockDown
- [AllowEdgeSwipe](policy-csp-lockdown.md)
## Maps
- [EnableOfflineMapsAutoUpdate](policy-csp-maps.md)
## Messaging
- [AllowMessageSync](policy-csp-messaging.md)
## Multitasking
- [BrowserAltTabBlowout](policy-csp-multitasking.md)
## NetworkIsolation
- [EnterpriseCloudResources](policy-csp-networkisolation.md)
- [EnterpriseInternalProxyServers](policy-csp-networkisolation.md)
- [EnterpriseIPRange](policy-csp-networkisolation.md)
- [EnterpriseIPRangesAreAuthoritative](policy-csp-networkisolation.md)
- [EnterpriseProxyServers](policy-csp-networkisolation.md)
- [EnterpriseProxyServersAreAuthoritative](policy-csp-networkisolation.md)
- [NeutralResources](policy-csp-networkisolation.md)
## NewsAndInterests
- [AllowNewsAndInterests](policy-csp-newsandinterests.md)
## Notifications
- [DisallowNotificationMirroring](policy-csp-notifications.md)
- [DisallowTileNotification](policy-csp-notifications.md)
- [DisallowCloudNotification](policy-csp-notifications.md)
- [WnsEndpoint](policy-csp-notifications.md)
## Power
- [EnergySaverBatteryThresholdPluggedIn](policy-csp-power.md)
- [EnergySaverBatteryThresholdOnBattery](policy-csp-power.md)
- [SelectPowerButtonActionPluggedIn](policy-csp-power.md)
- [SelectPowerButtonActionOnBattery](policy-csp-power.md)
- [SelectSleepButtonActionPluggedIn](policy-csp-power.md)
- [SelectSleepButtonActionOnBattery](policy-csp-power.md)
- [SelectLidCloseActionPluggedIn](policy-csp-power.md)
- [SelectLidCloseActionOnBattery](policy-csp-power.md)
- [TurnOffHybridSleepPluggedIn](policy-csp-power.md)
- [TurnOffHybridSleepOnBattery](policy-csp-power.md)
- [UnattendedSleepTimeoutPluggedIn](policy-csp-power.md)
- [UnattendedSleepTimeoutOnBattery](policy-csp-power.md)
## Privacy
- [DisablePrivacyExperience](policy-csp-privacy.md)
- [DisableAdvertisingId](policy-csp-privacy.md)
- [LetAppsGetDiagnosticInfo](policy-csp-privacy.md)
- [LetAppsGetDiagnosticInfo_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsGetDiagnosticInfo_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsGetDiagnosticInfo_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsRunInBackground](policy-csp-privacy.md)
- [LetAppsRunInBackground_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsRunInBackground_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsRunInBackground_UserInControlOfTheseApps](policy-csp-privacy.md)
- [AllowInputPersonalization](policy-csp-privacy.md)
- [LetAppsAccessAccountInfo](policy-csp-privacy.md)
- [LetAppsAccessAccountInfo_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessAccountInfo_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessAccountInfo_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCalendar](policy-csp-privacy.md)
- [LetAppsAccessCalendar_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCalendar_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCalendar_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCallHistory](policy-csp-privacy.md)
- [LetAppsAccessCallHistory_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCallHistory_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCallHistory_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCamera](policy-csp-privacy.md)
- [LetAppsAccessCamera_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCamera_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessCamera_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessContacts](policy-csp-privacy.md)
- [LetAppsAccessContacts_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessContacts_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessContacts_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessEmail](policy-csp-privacy.md)
- [LetAppsAccessEmail_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessEmail_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessEmail_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureProgrammatic](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureProgrammatic_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureProgrammatic_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureProgrammatic_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureWithoutBorder](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureWithoutBorder_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureWithoutBorder_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessGraphicsCaptureWithoutBorder_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessLocation](policy-csp-privacy.md)
- [LetAppsAccessLocation_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessLocation_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessLocation_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMessaging](policy-csp-privacy.md)
- [LetAppsAccessMessaging_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMessaging_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMessaging_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMicrophone](policy-csp-privacy.md)
- [LetAppsAccessMicrophone_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMicrophone_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMicrophone_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMotion](policy-csp-privacy.md)
- [LetAppsAccessMotion_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMotion_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessMotion_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessNotifications](policy-csp-privacy.md)
- [LetAppsAccessNotifications_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessNotifications_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessNotifications_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessPhone](policy-csp-privacy.md)
- [LetAppsAccessPhone_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessPhone_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessPhone_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessRadios](policy-csp-privacy.md)
- [LetAppsAccessRadios_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessRadios_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessRadios_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTasks](policy-csp-privacy.md)
- [LetAppsAccessTasks_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTasks_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTasks_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTrustedDevices](policy-csp-privacy.md)
- [LetAppsAccessTrustedDevices_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTrustedDevices_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsAccessTrustedDevices_UserInControlOfTheseApps](policy-csp-privacy.md)
- [LetAppsSyncWithDevices](policy-csp-privacy.md)
- [LetAppsSyncWithDevices_ForceAllowTheseApps](policy-csp-privacy.md)
- [LetAppsSyncWithDevices_ForceDenyTheseApps](policy-csp-privacy.md)
- [LetAppsSyncWithDevices_UserInControlOfTheseApps](policy-csp-privacy.md)
- [EnableActivityFeed](policy-csp-privacy.md)
- [PublishUserActivities](policy-csp-privacy.md)
- [UploadUserActivities](policy-csp-privacy.md)
- [AllowCrossDeviceClipboard](policy-csp-privacy.md)
- [DisablePrivacyExperience](policy-csp-privacy.md)
- [LetAppsActivateWithVoice](policy-csp-privacy.md)
- [LetAppsActivateWithVoiceAboveLock](policy-csp-privacy.md)
## RemoteDesktop
- [AutoSubscription](policy-csp-remotedesktop.md)
## Search
- [AllowIndexingEncryptedStoresOrItems](policy-csp-search.md)
- [AllowSearchToUseLocation](policy-csp-search.md)
- [AllowUsingDiacritics](policy-csp-search.md)
- [AlwaysUseAutoLangDetection](policy-csp-search.md)
- [DisableBackoff](policy-csp-search.md)
- [DisableRemovableDriveIndexing](policy-csp-search.md)
- [DisableSearch](policy-csp-search.md)
- [PreventIndexingLowDiskSpaceMB](policy-csp-search.md)
- [PreventRemoteQueries](policy-csp-search.md)
- [AllowCloudSearch](policy-csp-search.md)
- [DoNotUseWebResults](policy-csp-search.md)
- [AllowCortanaInAAD](policy-csp-search.md)
- [AllowFindMyFiles](policy-csp-search.md)
- [AllowSearchHighlights](policy-csp-search.md)
## Security
- [ClearTPMIfNotReady](policy-csp-security.md)
## Settings
- [ConfigureTaskbarCalendar](policy-csp-settings.md)
- [PageVisibilityList](policy-csp-settings.md)
- [PageVisibilityList](policy-csp-settings.md)
- [AllowOnlineTips](policy-csp-settings.md)
## SmartScreen
- [EnableSmartScreenInShell](policy-csp-smartscreen.md)
- [PreventOverrideForFilesInShell](policy-csp-smartscreen.md)
- [EnableAppInstallControl](policy-csp-smartscreen.md)
## Speech
- [AllowSpeechModelUpdate](policy-csp-speech.md)
## Start
- [ForceStartSize](policy-csp-start.md)
- [DisableContextMenus](policy-csp-start.md)
- [ShowOrHideMostUsedApps](policy-csp-start.md)
- [HideFrequentlyUsedApps](policy-csp-start.md)
- [HideRecentlyAddedApps](policy-csp-start.md)
- [HidePeopleBar](policy-csp-start.md)
- [StartLayout](policy-csp-start.md)
- [ConfigureStartPins](policy-csp-start.md)
- [HideRecommendedSection](policy-csp-start.md)
- [HideTaskViewButton](policy-csp-start.md)
- [DisableControlCenter](policy-csp-start.md)
- [ForceStartSize](policy-csp-start.md)
- [DisableContextMenus](policy-csp-start.md)
- [ShowOrHideMostUsedApps](policy-csp-start.md)
- [HideFrequentlyUsedApps](policy-csp-start.md)
- [HideRecentlyAddedApps](policy-csp-start.md)
- [StartLayout](policy-csp-start.md)
- [ConfigureStartPins](policy-csp-start.md)
- [HideRecommendedSection](policy-csp-start.md)
- [SimplifyQuickSettings](policy-csp-start.md)
- [DisableEditingQuickSettings](policy-csp-start.md)
- [HideTaskViewButton](policy-csp-start.md)
## Storage
- [AllowDiskHealthModelUpdates](policy-csp-storage.md)
- [RemovableDiskDenyWriteAccess](policy-csp-storage.md)
- [AllowStorageSenseGlobal](policy-csp-storage.md)
- [ConfigStorageSenseGlobalCadence](policy-csp-storage.md)
- [AllowStorageSenseTemporaryFilesCleanup](policy-csp-storage.md)
- [ConfigStorageSenseRecycleBinCleanupThreshold](policy-csp-storage.md)
- [ConfigStorageSenseDownloadsCleanupThreshold](policy-csp-storage.md)
- [ConfigStorageSenseCloudContentDehydrationThreshold](policy-csp-storage.md)
## System
- [AllowTelemetry](policy-csp-system.md)
- [AllowBuildPreview](policy-csp-system.md)
- [AllowFontProviders](policy-csp-system.md)
- [AllowLocation](policy-csp-system.md)
- [AllowTelemetry](policy-csp-system.md)
- [TelemetryProxy](policy-csp-system.md)
- [DisableOneDriveFileSync](policy-csp-system.md)
- [AllowWUfBCloudProcessing](policy-csp-system.md)
- [AllowUpdateComplianceProcessing](policy-csp-system.md)
- [AllowDesktopAnalyticsProcessing](policy-csp-system.md)
- [DisableEnterpriseAuthProxy](policy-csp-system.md)
- [LimitEnhancedDiagnosticDataWindowsAnalytics](policy-csp-system.md)
- [AllowDeviceNameInDiagnosticData](policy-csp-system.md)
- [ConfigureTelemetryOptInSettingsUx](policy-csp-system.md)
- [ConfigureTelemetryOptInChangeNotification](policy-csp-system.md)
- [DisableDeviceDelete](policy-csp-system.md)
- [DisableDiagnosticDataViewer](policy-csp-system.md)
- [ConfigureMicrosoft365UploadEndpoint](policy-csp-system.md)
- [TurnOffFileHistory](policy-csp-system.md)
- [DisableDirectXDatabaseUpdate](policy-csp-system.md)
- [AllowCommercialDataPipeline](policy-csp-system.md)
- [LimitDiagnosticLogCollection](policy-csp-system.md)
- [LimitDumpCollection](policy-csp-system.md)
- [EnableOneSettingsAuditing](policy-csp-system.md)
- [DisableOneSettingsDownloads](policy-csp-system.md)
- [HideUnsupportedHardwareNotifications](policy-csp-system.md)
## SystemServices
- [ConfigureHomeGroupListenerServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureHomeGroupProviderServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureXboxAccessoryManagementServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureXboxLiveAuthManagerServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureXboxLiveGameSaveServiceStartupMode](policy-csp-systemservices.md)
- [ConfigureXboxLiveNetworkingServiceStartupMode](policy-csp-systemservices.md)
## TextInput
- [AllowLanguageFeaturesUninstall](policy-csp-textinput.md)
- [AllowLinguisticDataCollection](policy-csp-textinput.md)
- [ConfigureSimplifiedChineseIMEVersion](policy-csp-textinput.md)
- [ConfigureTraditionalChineseIMEVersion](policy-csp-textinput.md)
- [ConfigureJapaneseIMEVersion](policy-csp-textinput.md)
- [ConfigureKoreanIMEVersion](policy-csp-textinput.md)
## TimeLanguageSettings
- [RestrictLanguagePacksAndFeaturesInstall](policy-csp-timelanguagesettings.md)
- [BlockCleanupOfUnusedPreinstalledLangPacks](policy-csp-timelanguagesettings.md)
- [MachineUILanguageOverwrite](policy-csp-timelanguagesettings.md)
- [RestrictLanguagePacksAndFeaturesInstall](policy-csp-timelanguagesettings.md)
## Troubleshooting
- [AllowRecommendations](policy-csp-troubleshooting.md)
## Update
- [ActiveHoursEnd](policy-csp-update.md)
- [ActiveHoursStart](policy-csp-update.md)
- [ActiveHoursMaxRange](policy-csp-update.md)
- [AutoRestartRequiredNotificationDismissal](policy-csp-update.md)
- [AutoRestartNotificationSchedule](policy-csp-update.md)
- [SetAutoRestartNotificationDisable](policy-csp-update.md)
- [ScheduleRestartWarning](policy-csp-update.md)
- [ScheduleImminentRestartWarning](policy-csp-update.md)
- [AllowAutoUpdate](policy-csp-update.md)
- [AutoRestartDeadlinePeriodInDays](policy-csp-update.md)
- [AutoRestartDeadlinePeriodInDaysForFeatureUpdates](policy-csp-update.md)
- [EngagedRestartTransitionSchedule](policy-csp-update.md)
- [EngagedRestartSnoozeSchedule](policy-csp-update.md)
- [EngagedRestartDeadline](policy-csp-update.md)
- [EngagedRestartTransitionScheduleForFeatureUpdates](policy-csp-update.md)
- [EngagedRestartSnoozeScheduleForFeatureUpdates](policy-csp-update.md)
- [EngagedRestartDeadlineForFeatureUpdates](policy-csp-update.md)
- [DetectionFrequency](policy-csp-update.md)
- [ManagePreviewBuilds](policy-csp-update.md)
- [BranchReadinessLevel](policy-csp-update.md)
- [ProductVersion](policy-csp-update.md)
- [TargetReleaseVersion](policy-csp-update.md)
- [AllowUpdateService](policy-csp-update.md)
- [DeferFeatureUpdatesPeriodInDays](policy-csp-update.md)
- [DeferQualityUpdatesPeriodInDays](policy-csp-update.md)
- [DeferUpdatePeriod](policy-csp-update.md)
- [DeferUpgradePeriod](policy-csp-update.md)
- [ExcludeWUDriversInQualityUpdate](policy-csp-update.md)
- [PauseDeferrals](policy-csp-update.md)
- [PauseFeatureUpdates](policy-csp-update.md)
- [PauseQualityUpdates](policy-csp-update.md)
- [PauseFeatureUpdatesStartTime](policy-csp-update.md)
- [PauseQualityUpdatesStartTime](policy-csp-update.md)
- [RequireDeferUpgrade](policy-csp-update.md)
- [AllowMUUpdateService](policy-csp-update.md)
- [ScheduledInstallDay](policy-csp-update.md)
- [ScheduledInstallTime](policy-csp-update.md)
- [ScheduledInstallEveryWeek](policy-csp-update.md)
- [ScheduledInstallFirstWeek](policy-csp-update.md)
- [ScheduledInstallSecondWeek](policy-csp-update.md)
- [ScheduledInstallThirdWeek](policy-csp-update.md)
- [ScheduledInstallFourthWeek](policy-csp-update.md)
- [UpdateServiceUrl](policy-csp-update.md)
- [UpdateServiceUrlAlternate](policy-csp-update.md)
- [FillEmptyContentUrls](policy-csp-update.md)
- [SetProxyBehaviorForUpdateDetection](policy-csp-update.md)
- [DoNotEnforceEnterpriseTLSCertPinningForUpdateDetection](policy-csp-update.md)
- [SetPolicyDrivenUpdateSourceForFeatureUpdates](policy-csp-update.md)
- [SetPolicyDrivenUpdateSourceForQualityUpdates](policy-csp-update.md)
- [SetPolicyDrivenUpdateSourceForDriverUpdates](policy-csp-update.md)
- [SetPolicyDrivenUpdateSourceForOtherUpdates](policy-csp-update.md)
- [SetEDURestart](policy-csp-update.md)
- [AllowAutoWindowsUpdateDownloadOverMeteredNetwork](policy-csp-update.md)
- [SetDisableUXWUAccess](policy-csp-update.md)
- [SetDisablePauseUXAccess](policy-csp-update.md)
- [UpdateNotificationLevel](policy-csp-update.md)
- [NoUpdateNotificationsDuringActiveHours](policy-csp-update.md)
- [DisableDualScan](policy-csp-update.md)
- [AutomaticMaintenanceWakeUp](policy-csp-update.md)
- [ConfigureDeadlineForQualityUpdates](policy-csp-update.md)
- [ConfigureDeadlineForFeatureUpdates](policy-csp-update.md)
- [ConfigureDeadlineGracePeriod](policy-csp-update.md)
- [ConfigureDeadlineGracePeriodForFeatureUpdates](policy-csp-update.md)
- [ConfigureDeadlineNoAutoReboot](policy-csp-update.md)
- [ConfigureDeadlineNoAutoRebootForFeatureUpdates](policy-csp-update.md)
- [ConfigureDeadlineNoAutoRebootForQualityUpdates](policy-csp-update.md)
## UserRights
- [AccessCredentialManagerAsTrustedCaller](policy-csp-userrights.md)
- [AccessFromNetwork](policy-csp-userrights.md)
- [ActAsPartOfTheOperatingSystem](policy-csp-userrights.md)
- [AllowLocalLogOn](policy-csp-userrights.md)
- [BackupFilesAndDirectories](policy-csp-userrights.md)
- [ChangeSystemTime](policy-csp-userrights.md)
- [CreatePageFile](policy-csp-userrights.md)
- [CreateToken](policy-csp-userrights.md)
- [CreateGlobalObjects](policy-csp-userrights.md)
- [CreatePermanentSharedObjects](policy-csp-userrights.md)
- [CreateSymbolicLinks](policy-csp-userrights.md)
- [DebugPrograms](policy-csp-userrights.md)
- [DenyAccessFromNetwork](policy-csp-userrights.md)
- [DenyLocalLogOn](policy-csp-userrights.md)
- [DenyRemoteDesktopServicesLogOn](policy-csp-userrights.md)
- [EnableDelegation](policy-csp-userrights.md)
- [RemoteShutdown](policy-csp-userrights.md)
- [GenerateSecurityAudits](policy-csp-userrights.md)
- [ImpersonateClient](policy-csp-userrights.md)
- [IncreaseSchedulingPriority](policy-csp-userrights.md)
- [LoadUnloadDeviceDrivers](policy-csp-userrights.md)
- [LockMemory](policy-csp-userrights.md)
- [ManageAuditingAndSecurityLog](policy-csp-userrights.md)
- [ModifyObjectLabel](policy-csp-userrights.md)
- [ModifyFirmwareEnvironment](policy-csp-userrights.md)
- [ManageVolume](policy-csp-userrights.md)
- [ProfileSingleProcess](policy-csp-userrights.md)
- [RestoreFilesAndDirectories](policy-csp-userrights.md)
- [TakeOwnership](policy-csp-userrights.md)
- [BypassTraverseChecking](policy-csp-userrights.md)
- [ReplaceProcessLevelToken](policy-csp-userrights.md)
- [ChangeTimeZone](policy-csp-userrights.md)
- [ShutDownTheSystem](policy-csp-userrights.md)
- [LogOnAsBatchJob](policy-csp-userrights.md)
- [ProfileSystemPerformance](policy-csp-userrights.md)
- [DenyLogOnAsBatchJob](policy-csp-userrights.md)
- [LogOnAsService](policy-csp-userrights.md)
- [IncreaseProcessWorkingSet](policy-csp-userrights.md)
## VirtualizationBasedTechnology
- [HypervisorEnforcedCodeIntegrity](policy-csp-virtualizationbasedtechnology.md)
- [RequireUEFIMemoryAttributesTable](policy-csp-virtualizationbasedtechnology.md)
## WebThreatDefense
- [ServiceEnabled](policy-csp-webthreatdefense.md)
- [NotifyMalicious](policy-csp-webthreatdefense.md)
- [NotifyPasswordReuse](policy-csp-webthreatdefense.md)
- [NotifyUnsafeApp](policy-csp-webthreatdefense.md)
- [CaptureThreatWindow](policy-csp-webthreatdefense.md)
## Wifi
- [AllowAutoConnectToWiFiSenseHotspots](policy-csp-wifi.md)
- [AllowInternetSharing](policy-csp-wifi.md)
## WindowsDefenderSecurityCenter
- [CompanyName](policy-csp-windowsdefendersecuritycenter.md)
- [DisableAppBrowserUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableEnhancedNotifications](policy-csp-windowsdefendersecuritycenter.md)
- [DisableFamilyUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableAccountProtectionUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableClearTpmButton](policy-csp-windowsdefendersecuritycenter.md)
- [DisableDeviceSecurityUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableHealthUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableNetworkUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisableNotifications](policy-csp-windowsdefendersecuritycenter.md)
- [DisableTpmFirmwareUpdateWarning](policy-csp-windowsdefendersecuritycenter.md)
- [DisableVirusUI](policy-csp-windowsdefendersecuritycenter.md)
- [DisallowExploitProtectionOverride](policy-csp-windowsdefendersecuritycenter.md)
- [Email](policy-csp-windowsdefendersecuritycenter.md)
- [EnableCustomizedToasts](policy-csp-windowsdefendersecuritycenter.md)
- [EnableInAppCustomization](policy-csp-windowsdefendersecuritycenter.md)
- [HideRansomwareDataRecovery](policy-csp-windowsdefendersecuritycenter.md)
- [HideSecureBoot](policy-csp-windowsdefendersecuritycenter.md)
- [HideTPMTroubleshooting](policy-csp-windowsdefendersecuritycenter.md)
- [HideWindowsSecurityNotificationAreaControl](policy-csp-windowsdefendersecuritycenter.md)
- [Phone](policy-csp-windowsdefendersecuritycenter.md)
- [URL](policy-csp-windowsdefendersecuritycenter.md)
## WindowsInkWorkspace
- [AllowWindowsInkWorkspace](policy-csp-windowsinkworkspace.md)
- [AllowSuggestedAppsInWindowsInkWorkspace](policy-csp-windowsinkworkspace.md)
## WindowsLogon
- [HideFastUserSwitching](policy-csp-windowslogon.md)
- [EnableFirstLogonAnimation](policy-csp-windowslogon.md)
## WindowsSandbox
- [AllowVGPU](policy-csp-windowssandbox.md)
- [AllowNetworking](policy-csp-windowssandbox.md)
- [AllowAudioInput](policy-csp-windowssandbox.md)
- [AllowVideoInput](policy-csp-windowssandbox.md)
- [AllowPrinterRedirection](policy-csp-windowssandbox.md)
- [AllowClipboardRedirection](policy-csp-windowssandbox.md)
## WirelessDisplay
- [AllowProjectionToPC](policy-csp-wirelessdisplay.md)
- [RequirePinForPairing](policy-csp-wirelessdisplay.md)
## Related articles ## Related articles
[Policy configuration service provider](policy-configuration-service-provider.md) [Policy configuration service provider](policy-configuration-service-provider.md)

3
windows/client-management/mdm/policy-configuration-service-provider.md
View File

@ -4,7 +4,7 @@ description: Learn more about the Policy CSP
author: vinaypamnani-msft author: vinaypamnani-msft
manager: aaroncz manager: aaroncz
ms.author: vinpa ms.author: vinpa
ms.date: 12/07/2022 ms.date: 12/08/2022
ms.localizationpriority: medium ms.localizationpriority: medium
ms.prod: windows-client ms.prod: windows-client
ms.technology: itpro-manage ms.technology: itpro-manage
@ -1094,6 +1094,7 @@ Specifies the name/value pair used in the policy. See the individual Area DDFs f
- [Browser](policy-csp-browser.md) - [Browser](policy-csp-browser.md)
- [Camera](policy-csp-camera.md) - [Camera](policy-csp-camera.md)
- [Cellular](policy-csp-cellular.md) - [Cellular](policy-csp-cellular.md)
- [CloudDesktop](policy-csp-clouddesktop.md)
- [CloudPC](policy-csp-cloudpc.md) - [CloudPC](policy-csp-cloudpc.md)
- [Connectivity](policy-csp-connectivity.md) - [Connectivity](policy-csp-connectivity.md)
- [ControlPolicyConflict](policy-csp-controlpolicyconflict.md) - [ControlPolicyConflict](policy-csp-controlpolicyconflict.md)

2515
windows/client-management/mdm/policy-csp-textinput.md
View File

File diff suppressed because it is too large Load Diff

420
windows/client-management/mdm/policy-csp-timelanguagesettings.md
View File

@ -1,248 +1,320 @@
--- ---
title: Policy CSP - TimeLanguageSettings title: TimeLanguageSettings Policy CSP
description: Learn to use the Policy CSP - TimeLanguageSettings setting to specify the time zone to be applied to the device. description: Learn more about the TimeLanguageSettings Area in Policy CSP
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa ms.author: vinpa
ms.topic: article ms.date: 12/07/2022
ms.localizationpriority: medium
ms.prod: windows-client ms.prod: windows-client
ms.technology: itpro-manage ms.technology: itpro-manage
author: vinaypamnani-msft ms.topic: reference
ms.localizationpriority: medium
ms.date: 09/28/2021
ms.reviewer:
manager: aaroncz
--- ---
<!-- Auto-Generated CSP Document -->
<!-- TimeLanguageSettings-Begin -->
# Policy CSP - TimeLanguageSettings # Policy CSP - TimeLanguageSettings
<hr/> <!-- TimeLanguageSettings-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- TimeLanguageSettings-Editable-End -->
<!--Policies--> <!-- AllowSet24HourClock-Begin -->
## TimeLanguageSettings policies ## AllowSet24HourClock
<dl> > [!NOTE]
<dd> > This policy is deprecated and may be removed in a future release.
<a href="#timelanguagesettings-blockcleanupofunusedpreinstalledlangpacks">TimeLanguageSettings/BlockCleanupOfUnusedPreinstalledLangPacks</a>
</dd>
<dd>
<a href="#timelanguagesettings-configuretimezone">TimeLanguageSettings/ConfigureTimeZone</a>
</dd>
<dd>
<a href="#timelanguagesettings-machineuilanguageoverwrite">TimeLanguageSettings/MachineUILanguageOverwrite</a>
</dd>
<dd>
<a href="#timelanguagesettings-restrictlanguagepacksandfeaturesinstall">TimeLanguageSettings/RestrictLanguagePacksAndFeaturesInstall</a>
</dd>
</dl>
<!-- AllowSet24HourClock-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :x: Pro <br> :x: Enterprise <br> :x: Education <br> :x: Windows SE | :heavy_check_mark: Windows 10, version 1703 [10.0.15063] and later |
<!-- AllowSet24HourClock-Applicability-End -->
<hr/> <!-- AllowSet24HourClock-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/AllowSet24HourClock
```
<!-- AllowSet24HourClock-OmaUri-End -->
<!--Policy--> <!-- AllowSet24HourClock-Description-Begin -->
<a href="" id="timelanguagesettings-blockcleanupofunusedpreinstalledlangpacks"></a>**TimeLanguageSettings/BlockCleanupOfUnusedPreinstalledLangPacks** <!-- Description-Source-DDF -->
This policy is deprecated.
<!-- AllowSet24HourClock-Description-End -->
<!--SupportedSKUs--> <!-- AllowSet24HourClock-Editable-Begin -->
The table below shows the applicability of Windows: <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- AllowSet24HourClock-Editable-End -->
|Edition|Windows 10|Windows 11| <!-- AllowSet24HourClock-DFProperties-Begin -->
|--- |--- |--- | **Description framework properties**:
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs--> | Property name | Property value |
<hr/> |:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- AllowSet24HourClock-DFProperties-End -->
<!--Scope--> <!-- AllowSet24HourClock-AllowedValues-Begin -->
[Scope](./policy-configuration-service-provider.md#policy-scope): **Allowed values**:
> [!div class = "checklist"] | Value | Description |
> * Device |:--|:--|
| 0 (Default) | Not allowed. |
| 1 | Allowed. |
<!-- AllowSet24HourClock-AllowedValues-End -->
<hr/> <!-- AllowSet24HourClock-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- AllowSet24HourClock-Examples-End -->
<!--/Scope--> <!-- AllowSet24HourClock-End -->
<!--Description-->
This policy setting controls whether the maintenance task will run to clean up language packs installed on a machine but aren't used by any users on that machine.
If you enable this policy setting (value 1), language packs that are installed as part of the system image will remain installed even if they aren't used by any user on that system. <!-- BlockCleanupOfUnusedPreinstalledLangPacks-Begin -->
## BlockCleanupOfUnusedPreinstalledLangPacks
If you disable (value 0) or don't configure this policy setting, language packs that are installed as part of the system image but aren't used by any user on that system will be removed as part of a scheduled cleanup task. <!-- BlockCleanupOfUnusedPreinstalledLangPacks-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Applicability-End -->
<!--/Description--> <!-- BlockCleanupOfUnusedPreinstalledLangPacks-OmaUri-Begin -->
<!--SupportedValues--> ```Device
./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/BlockCleanupOfUnusedPreinstalledLangPacks
```
<!-- BlockCleanupOfUnusedPreinstalledLangPacks-OmaUri-End -->
<!--/SupportedValues--> <!-- BlockCleanupOfUnusedPreinstalledLangPacks-Description-Begin -->
<!--ADMXMapped--> <!-- Description-Source-ADMX -->
ADMX Info: This policy setting controls whether the LPRemove task will run to clean up language packs installed on a machine but are not used by any users on that machine.
- GP Friendly name: *Block cleanup of unused language packs*
- GP name: *BlockCleanupOfUnusedPreinstalledLangPacks*
- GP path: *Computer Configuration/Administrative Templates/Control Panel/Regional and Language Options*
- GP ADMX file name: *Globalization.admx*
<!--/ADMXMapped--> If you enable this policy setting, language packs that are installed as part of the system image will remain installed even if they are not used by any user on that system.
<!--Example-->
<!--/Example--> If you disable or do not configure this policy setting, language packs that are installed as part of the system image but are not used by any user on that system will be removed as part of a scheduled clean up task.
<!--Validation--> <!-- BlockCleanupOfUnusedPreinstalledLangPacks-Description-End -->
<!--/Validation--> <!-- BlockCleanupOfUnusedPreinstalledLangPacks-Editable-Begin -->
<!--/Policy--> <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Editable-End -->
<hr/> <!-- BlockCleanupOfUnusedPreinstalledLangPacks-DFProperties-Begin -->
**Description framework properties**:
<!--Policy--> | Property name | Property value |
<a href="" id="timelanguagesettings-configuretimezone"></a>**TimeLanguageSettings/ConfigureTimeZone** |:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- BlockCleanupOfUnusedPreinstalledLangPacks-DFProperties-End -->
<!--SupportedSKUs--> <!-- BlockCleanupOfUnusedPreinstalledLangPacks-AllowedValues-Begin -->
The table below shows the applicability of Windows: **Allowed values**:
|Edition|Windows 10|Windows 11| | Value | Description |
|--- |--- |--- | |:--|:--|
|Home|No|No| | 0 (Default) | Not blocked. |
|Pro|Yes|Yes| | 1 | Blocked. |
|Windows SE|No|Yes| <!-- BlockCleanupOfUnusedPreinstalledLangPacks-AllowedValues-End -->
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs--> <!-- BlockCleanupOfUnusedPreinstalledLangPacks-GpMapping-Begin -->
<hr/> **Group policy mapping**:
<!--Scope--> | Name | Value |
[Scope](./policy-configuration-service-provider.md#policy-scope): |:--|:--|
| Name | BlockCleanupOfUnusedPreinstalledLangPacks |
| Friendly Name | Block clean-up of unused language packs |
| Location | Computer Configuration |
| Path | Control Panel > Regional and Language Options |
| Registry Key Name | Software\Policies\Microsoft\Control Panel\International |
| Registry Value Name | BlockCleanupOfUnusedPreinstalledLangPacks |
| ADMX File Name | Globalization.admx |
<!-- BlockCleanupOfUnusedPreinstalledLangPacks-GpMapping-End -->
> [!div class = "checklist"] <!-- BlockCleanupOfUnusedPreinstalledLangPacks-Examples-Begin -->
> * Device <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- BlockCleanupOfUnusedPreinstalledLangPacks-Examples-End -->
<hr/> <!-- BlockCleanupOfUnusedPreinstalledLangPacks-End -->
<!--/Scope--> <!-- ConfigureTimeZone-Begin -->
<!--Description--> ## ConfigureTimeZone
Specifies the time zone to be applied to the device. This policy name is the standard Windows name for the target time zone.
<!-- ConfigureTimeZone-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1903 [10.0.18362] and later |
<!-- ConfigureTimeZone-Applicability-End -->
<!-- ConfigureTimeZone-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/ConfigureTimeZone
```
<!-- ConfigureTimeZone-OmaUri-End -->
<!-- ConfigureTimeZone-Description-Begin -->
<!-- Description-Source-DDF -->
Specifies the time zone to be applied to the device. This is the standard Windows name for the target time zone.
<!-- ConfigureTimeZone-Description-End -->
<!-- ConfigureTimeZone-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
> [!TIP] > [!TIP]
> To get the list of available time zones, run `Get-TimeZone -ListAvailable` in PowerShell. > To get the list of available time zones, run `Get-TimeZone -ListAvailable` in PowerShell.
<!-- ConfigureTimeZone-Editable-End -->
<!--/Description--> <!-- ConfigureTimeZone-DFProperties-Begin -->
<!--SupportedValues--> **Description framework properties**:
<!--/SupportedValues--> | Property name | Property value |
<!--Example--> |:--|:--|
| Format | chr (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- ConfigureTimeZone-DFProperties-End -->
<!--/Example--> <!-- ConfigureTimeZone-Examples-Begin -->
<!--Validation--> <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- ConfigureTimeZone-Examples-End -->
<!--/Validation--> <!-- ConfigureTimeZone-End -->
<!--/Policy-->
<hr/>
<!--Policy--> <!-- MachineUILanguageOverwrite-Begin -->
<a href="" id="timelanguagesettings-machineuilanguageoverwrite"></a>**TimeLanguageSettings/MachineUILanguageOverwrite** ## MachineUILanguageOverwrite
<!--SupportedSKUs--> <!-- MachineUILanguageOverwrite-Applicability-Begin -->
The table below shows the applicability of Windows: | Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
<!-- MachineUILanguageOverwrite-Applicability-End -->
|Edition|Windows 10|Windows 11| <!-- MachineUILanguageOverwrite-OmaUri-Begin -->
|--- |--- |--- | ```Device
|Home|No|No| ./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/MachineUILanguageOverwrite
|Pro|Yes|Yes| ```
|Windows SE|No|Yes| <!-- MachineUILanguageOverwrite-OmaUri-End -->
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs--> <!-- MachineUILanguageOverwrite-Description-Begin -->
<hr/> <!-- Description-Source-ADMX -->
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
This policy setting controls which UI language is used for computers with more than one UI language installed. This policy setting controls which UI language is used for computers with more than one UI language installed.
If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language is restricted to a specified language. If the specified language isn't installed on the target computer or you disable this policy setting, the language selection defaults to the language selected by the local administrator. If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language is restricted to a specified language. If the specified language is not installed on the target computer or you disable this policy setting, the language selection defaults to the language selected by the local administrator.
If you disable or don't configure this policy setting, there's no restriction of a specific language used for the Windows menus and dialogs. If you disable or do not configure this policy setting, there is no restriction of a specific language used for the Windows menus and dialogs.
<!-- MachineUILanguageOverwrite-Description-End -->
<!--/Description--> <!-- MachineUILanguageOverwrite-Editable-Begin -->
<!--SupportedValues--> <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- MachineUILanguageOverwrite-Editable-End -->
<!--/SupportedValues--> <!-- MachineUILanguageOverwrite-DFProperties-Begin -->
<!--ADMXMapped--> **Description framework properties**:
ADMX Info:
- GP Friendly name: *Force selected system UI language to overwrite the user UI language*
- GP name: *MachineUILanguageOverwrite*
- GP path: *Computer Configuration/Administrative Templates/Control Panel/Regional and Language Options*
- GP ADMX file name: *Globalization.admx*
<!--/ADMXMapped--> | Property name | Property value |
<!--Example--> |:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- MachineUILanguageOverwrite-DFProperties-End -->
<!--/Example--> <!-- MachineUILanguageOverwrite-AllowedValues-Begin -->
<!--Validation--> **Allowed values**:
<!--/Validation--> | Value | Description |
<!--/Policy--> |:--|:--|
| 0 (Default) | Disabled. |
| 1 | Enabled. |
<!-- MachineUILanguageOverwrite-AllowedValues-End -->
<hr/> <!-- MachineUILanguageOverwrite-GpMapping-Begin -->
**Group policy mapping**:
<!--Policy--> | Name | Value |
<a href="" id="timelanguagesettings-restrictlanguagepacksandfeaturesinstall"></a>**TimeLanguageSettings/RestrictLanguagePacksAndFeaturesInstall** |:--|:--|
| Name | MachineUILanguageOverwrite |
| Friendly Name | Force selected system UI language to overwrite the user UI language |
| Location | Computer Configuration |
| Path | Control Panel > Regional and Language Options |
| Registry Key Name | Software\Policies\Microsoft\MUI\Settings |
| Registry Value Name | MachineUILock |
| ADMX File Name | Globalization.admx |
<!-- MachineUILanguageOverwrite-GpMapping-End -->
<!--SupportedSKUs--> <!-- MachineUILanguageOverwrite-Examples-Begin -->
The table below shows the applicability of Windows: <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- MachineUILanguageOverwrite-Examples-End -->
|Edition|Windows 10|Windows 11| <!-- MachineUILanguageOverwrite-End -->
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs--> <!-- RestrictLanguagePacksAndFeaturesInstall-Begin -->
<hr/> ## RestrictLanguagePacksAndFeaturesInstall
<!--Scope--> <!-- RestrictLanguagePacksAndFeaturesInstall-Applicability-Begin -->
[Scope](./policy-configuration-service-provider.md#policy-scope): | Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :heavy_check_mark: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
<!-- RestrictLanguagePacksAndFeaturesInstall-Applicability-End -->
> [!div class = "checklist"] <!-- RestrictLanguagePacksAndFeaturesInstall-OmaUri-Begin -->
> * Device ```User
./User/Vendor/MSFT/Policy/Config/TimeLanguageSettings/RestrictLanguagePacksAndFeaturesInstall
```
<hr/> ```Device
./Device/Vendor/MSFT/Policy/Config/TimeLanguageSettings/RestrictLanguagePacksAndFeaturesInstall
```
<!-- RestrictLanguagePacksAndFeaturesInstall-OmaUri-End -->
<!--/Scope--> <!-- RestrictLanguagePacksAndFeaturesInstall-Description-Begin -->
<!--Description--> <!-- Description-Source-DDF -->
This policy setting restricts standard users from installing language features on demand. This policy doesn't restrict the Windows language, if you want to restrict the Windows language use the following policy: “Restricts the UI languages Windows should use for the selected user.” This policy setting restricts the install of language packs and language features, such as spell checkers, on a device.
<!-- RestrictLanguagePacksAndFeaturesInstall-Description-End -->
If you enable this policy setting, the installation of language features is prevented for standard users. <!-- RestrictLanguagePacksAndFeaturesInstall-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- RestrictLanguagePacksAndFeaturesInstall-Editable-End -->
If you disable or don't configure this policy setting, there's no language feature installation restriction for the standard users. <!-- RestrictLanguagePacksAndFeaturesInstall-DFProperties-Begin -->
**Description framework properties**:
<!--/Description--> | Property name | Property value |
<!--SupportedValues--> |:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- RestrictLanguagePacksAndFeaturesInstall-DFProperties-End -->
<!--/SupportedValues--> <!-- RestrictLanguagePacksAndFeaturesInstall-AllowedValues-Begin -->
<!--Example--> **Allowed values**:
<!--/Example--> | Value | Description |
<!--Validation--> |:--|:--|
| 0 (Default) | Not restricted. |
| 1 | Restricted. |
<!-- RestrictLanguagePacksAndFeaturesInstall-AllowedValues-End -->
<!--/Validation--> <!-- RestrictLanguagePacksAndFeaturesInstall-GpMapping-Begin -->
<!--/Policy--> **Group policy mapping**:
<!--/Policies--> | Name | Value |
|:--|:--|
| Name | RestrictLanguagePacksAndFeaturesInstall |
| Path | Globalization > AT > ControlPanel > RegionalOptions |
<!-- RestrictLanguagePacksAndFeaturesInstall-GpMapping-End -->
## Related topics <!-- RestrictLanguagePacksAndFeaturesInstall-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- RestrictLanguagePacksAndFeaturesInstall-Examples-End -->
<!-- RestrictLanguagePacksAndFeaturesInstall-End -->
<!-- TimeLanguageSettings-CspMoreInfo-Begin -->
<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
<!-- TimeLanguageSettings-CspMoreInfo-End -->
<!-- TimeLanguageSettings-End -->
## Related articles
[Policy configuration service provider](policy-configuration-service-provider.md) [Policy configuration service provider](policy-configuration-service-provider.md)

219
windows/client-management/mdm/policy-csp-virtualizationbasedtechnology.md
View File

@ -1,139 +1,158 @@
--- ---
title: Policy CSP - VirtualizationBasedTechnology title: VirtualizationBasedTechnology Policy CSP
description: Learn to use the Policy CSP - VirtualizationBasedTechnology setting to control the state of Hypervisor-protected Code Integrity (HVCI) on devices. description: Learn more about the VirtualizationBasedTechnology Area in Policy CSP
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa ms.author: vinpa
ms.topic: article ms.date: 12/07/2022
ms.localizationpriority: medium
ms.prod: windows-client ms.prod: windows-client
ms.technology: itpro-manage ms.technology: itpro-manage
author: vinaypamnani-msft ms.topic: reference
ms.localizationpriority: medium
ms.date: 11/25/2021
ms.reviewer:
manager: aaroncz
--- ---
<!-- Auto-Generated CSP Document -->
<!-- VirtualizationBasedTechnology-Begin -->
# Policy CSP - VirtualizationBasedTechnology # Policy CSP - VirtualizationBasedTechnology
<hr/> <!-- VirtualizationBasedTechnology-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- VirtualizationBasedTechnology-Editable-End -->
<!--Policies--> <!-- HypervisorEnforcedCodeIntegrity-Begin -->
## VirtualizationBasedTechnology policies ## HypervisorEnforcedCodeIntegrity
<dl> <!-- HypervisorEnforcedCodeIntegrity-Applicability-Begin -->
<dd> | Scope | Editions | Applicable OS |
<a href="#virtualizationbasedtechnology-hypervisorenforcedcodeintegrity">VirtualizationBasedTechnology/HypervisorEnforcedCodeIntegrity</a> |:--|:--|:--|
</dd> | :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :x: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
<dd> <!-- HypervisorEnforcedCodeIntegrity-Applicability-End -->
<a href="#virtualizationbasedtechnology-requireuefimemoryattributestable">VirtualizationBasedTechnology/RequireUEFIMemoryAttributesTable</a>
</dd>
</dl>
<hr/> <!-- HypervisorEnforcedCodeIntegrity-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/VirtualizationBasedTechnology/HypervisorEnforcedCodeIntegrity
```
<!-- HypervisorEnforcedCodeIntegrity-OmaUri-End -->
<!--Policy--> <!-- HypervisorEnforcedCodeIntegrity-Description-Begin -->
<a href="" id="virtualizationbasedtechnology-hypervisorenforcedcodeintegrity"></a>**VirtualizationBasedTechnology/HypervisorEnforcedCodeIntegrity** <!-- Description-Source-DDF -->
Hypervisor-Protected Code Integrity: 0 - Turns off Hypervisor-Protected Code Integrity remotely if configured previously without UEFI Lock, 1 - Turns on Hypervisor-Protected Code Integrity with UEFI lock, 2 - Turns on Hypervisor-Protected Code Integrity without UEFI lock.
<!-- HypervisorEnforcedCodeIntegrity-Description-End -->
<!--SupportedSKUs--> <!-- HypervisorEnforcedCodeIntegrity-Editable-Begin -->
The table below shows the applicability of Windows: <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- HypervisorEnforcedCodeIntegrity-Editable-End -->
|Edition|Windows 10|Windows 11| <!-- HypervisorEnforcedCodeIntegrity-DFProperties-Begin -->
|--- |--- |--- | **Description framework properties**:
|Home|Yes|Yes|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs--> | Property name | Property value |
<hr/> |:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- HypervisorEnforcedCodeIntegrity-DFProperties-End -->
<!--Scope--> <!-- HypervisorEnforcedCodeIntegrity-AllowedValues-Begin -->
[Scope](./policy-configuration-service-provider.md#policy-scope): **Allowed values**:
> [!div class = "checklist"] | Value | Description |
> * Device |:--|:--|
| 0 (Default) | (Disabled) Turns off Hypervisor-Protected Code Integrity remotely if configured previously without UEFI Lock. |
| 1 | (Enabled with UEFI lock) Turns on Hypervisor-Protected Code Integrity with UEFI lock. |
| 2 | (Enabled without lock) Turns on Hypervisor-Protected Code Integrity without UEFI lock. |
<!-- HypervisorEnforcedCodeIntegrity-AllowedValues-End -->
<hr/> <!-- HypervisorEnforcedCodeIntegrity-GpMapping-Begin -->
**Group policy mapping**:
<!--/Scope--> | Name | Value |
<!--Description--> |:--|:--|
Allows the IT admin to control the state of Hypervisor-Protected Code Integrity (HVCI) on devices. HVCI is a feature within Virtualization Based Security, and is frequently referred to as Memory integrity. Learn more [here](/windows-hardware/design/device-experiences/oem-vbs). | Name | VirtualizationBasedSecurity |
| Friendly Name | Turn On Virtualization Based Security |
| Element Name | Virtualization Based Protection of Code Integrity |
| Location | Computer Configuration |
| Path | System > Device Guard |
| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\DeviceGuard |
| ADMX File Name | DeviceGuard.admx |
<!-- HypervisorEnforcedCodeIntegrity-GpMapping-End -->
>[!NOTE] <!-- HypervisorEnforcedCodeIntegrity-Examples-Begin -->
>After the policy is pushed, a system reboot will be required to change the state of HVCI. <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- HypervisorEnforcedCodeIntegrity-Examples-End -->
<!--/Description--> <!-- HypervisorEnforcedCodeIntegrity-End -->
<!--SupportedValues-->
The following are the supported values:
- 0: (Disabled) Turns off Hypervisor-Protected Code Integrity remotely if configured previously without UEFI Lock. <!-- RequireUEFIMemoryAttributesTable-Begin -->
- 1: (Enabled with UEFI lock) Turns on Hypervisor-Protected Code Integrity with UEFI lock. ## RequireUEFIMemoryAttributesTable
- 2: (Enabled without lock) Turns on Hypervisor-Protected Code Integrity without UEFI lock.
<!--/SupportedValues--> <!-- RequireUEFIMemoryAttributesTable-Applicability-Begin -->
<!--Example--> | Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :x: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
<!-- RequireUEFIMemoryAttributesTable-Applicability-End -->
<!--/Example--> <!-- RequireUEFIMemoryAttributesTable-OmaUri-Begin -->
<!--Validation--> ```Device
./Device/Vendor/MSFT/Policy/Config/VirtualizationBasedTechnology/RequireUEFIMemoryAttributesTable
```
<!-- RequireUEFIMemoryAttributesTable-OmaUri-End -->
<!--/Validation--> <!-- RequireUEFIMemoryAttributesTable-Description-Begin -->
<!--/Policy--> <!-- Description-Source-DDF -->
<hr/> Require UEFI Memory Attributes Table
<!-- RequireUEFIMemoryAttributesTable-Description-End -->
<!--Policy--> <!-- RequireUEFIMemoryAttributesTable-Editable-Begin -->
<a href="" id="virtualizationbasedtechnology-requireuefimemoryattributestable"></a>**VirtualizationBasedTechnology/RequireUEFIMemoryAttributesTable** <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- RequireUEFIMemoryAttributesTable-Editable-End -->
<!--SupportedSKUs--> <!-- RequireUEFIMemoryAttributesTable-DFProperties-Begin -->
The table below shows the applicability of Windows: **Description framework properties**:
|Edition|Windows 10|Windows 11| | Property name | Property value |
|--- |--- |--- | |:--|:--|
|Home|Yes|Yes| | Format | int |
|Pro|Yes|Yes| | Access Type | Add, Delete, Get, Replace |
|Windows SE|No|Yes| | Default Value | 0 |
|Business|Yes|Yes| <!-- RequireUEFIMemoryAttributesTable-DFProperties-End -->
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs--> <!-- RequireUEFIMemoryAttributesTable-AllowedValues-Begin -->
<hr/> **Allowed values**:
<!--Scope--> | Value | Description |
[Scope](./policy-configuration-service-provider.md#policy-scope): |:--|:--|
| 0 (Default) | Do not require UEFI Memory Attributes Table |
| 1 | Require UEFI Memory Attributes Table |
<!-- RequireUEFIMemoryAttributesTable-AllowedValues-End -->
> [!div class = "checklist"] <!-- RequireUEFIMemoryAttributesTable-GpMapping-Begin -->
> * Device **Group policy mapping**:
<hr/> | Name | Value |
|:--|:--|
| Name | VirtualizationBasedSecurity |
| Friendly Name | Turn On Virtualization Based Security |
| Element Name | Require UEFI Memory Attributes Table |
| Location | Computer Configuration |
| Path | System > Device Guard |
| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\DeviceGuard |
| ADMX File Name | DeviceGuard.admx |
<!-- RequireUEFIMemoryAttributesTable-GpMapping-End -->
<!--/Scope--> <!-- RequireUEFIMemoryAttributesTable-Examples-Begin -->
<!--Description--> <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
Allows the IT admin to control the state of Hypervisor-Protected Code Integrity (HVCI) on devices. HVCI is a feature within Virtualization Based Security, and is frequently referred to as Memory integrity. Learn more [here](/windows-hardware/design/device-experiences/oem-vbs). <!-- RequireUEFIMemoryAttributesTable-Examples-End -->
>[!NOTE] <!-- RequireUEFIMemoryAttributesTable-End -->
>After the policy is pushed, a system reboot will be required to change the state of HVCI.
<!--/Description--> <!-- VirtualizationBasedTechnology-CspMoreInfo-Begin -->
<!--SupportedValues--> <!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
<!-- VirtualizationBasedTechnology-CspMoreInfo-End -->
The following are the supported values: <!-- VirtualizationBasedTechnology-End -->
- 0: (Disabled) Do not require UEFI Memory Attributes Table. ## Related articles
- 1: (Enabled) Require UEFI Memory Attributes Table.
<!--/SupportedValues-->
<!--Example-->
<!--/Example-->
<!--Validation-->
<!--/Validation-->
<!--/Policy-->
<hr/>
<!--/Policies-->
## Related topics
[Policy configuration service provider](policy-configuration-service-provider.md) [Policy configuration service provider](policy-configuration-service-provider.md)

448
windows/client-management/mdm/policy-csp-webthreatdefense.md
View File

@ -1,233 +1,361 @@
--- ---
title: Policy CSP - WebThreatDefense title: WebThreatDefense Policy CSP
description: Learn about the Policy CSP - WebThreatDefense. description: Learn more about the WebThreatDefense Area in Policy CSP
ms.author: v-aljupudi author: vinaypamnani-msft
ms.topic: article manager: aaroncz
ms.author: vinpa
ms.date: 12/07/2022
ms.localizationpriority: medium
ms.prod: windows-client ms.prod: windows-client
ms.technology: itpro-manage ms.technology: itpro-manage
author: alekyaj ms.topic: reference
ms.localizationpriority: medium
ms.date: 09/27/2019
ms.reviewer:
manager: aaroncz
--- ---
<!-- Auto-Generated CSP Document -->
<!-- WebThreatDefense-Begin -->
# Policy CSP - WebThreatDefense # Policy CSP - WebThreatDefense
<!-- WebThreatDefense-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
> [!NOTE]
> In Microsoft Intune, this CSP is listed under the **Enhanced Phishing Protection** category.
<!-- WebThreatDefense-Editable-End -->
<hr/> <!-- CaptureThreatWindow-Begin -->
## CaptureThreatWindow
<!--Policies--> <!-- CaptureThreatWindow-Applicability-Begin -->
## WebThreatDefense policies | Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
<!-- CaptureThreatWindow-Applicability-End -->
<dl> <!-- CaptureThreatWindow-OmaUri-Begin -->
<dd> ```Device
<a href="#webthreatdefense-enableservice">WebThreatDefense/EnableService</a> ./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/CaptureThreatWindow
</dd> ```
<dd> <!-- CaptureThreatWindow-OmaUri-End -->
<a href="#webthreatdefense-notifymalicious">WebThreatDefense/NotifyMalicious</a>
</dd>
<dd>
<a href="#webthreatdefense-notifypasswordreuse">WebThreatDefense/NotifyPasswordReuse</a>
</dd>
<dd>
<a href="#webthreatdefense-notifyunsafeapp">WebThreatDefense/NotifyUnsafeApp</a>
</dd>
</dl>
>[!NOTE] <!-- CaptureThreatWindow-Description-Begin -->
>In Microsoft Intune, this CSP is under the “Enhanced Phishing Protection” category. <!-- Description-Source-DDF -->
Configures Enhanced Phishing Protection notifications to allow to capture the suspicious window on client machines for further threat analysis.
<!-- CaptureThreatWindow-Description-End -->
<!--Policy--> <!-- CaptureThreatWindow-Editable-Begin -->
<a href="" id="webthreatdefense-enableservice"></a>**WebThreatDefense/EnableService** <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- CaptureThreatWindow-Editable-End -->
<!--SupportedSKUs--> <!-- CaptureThreatWindow-DFProperties-Begin -->
**Description framework properties**:
|Edition|Windows 10|Windows 11| | Property name | Property value |
|--- |--- |--- | |:--|:--|
|Home|No|No| | Format | int |
|Pro|No|No| | Access Type | Add, Delete, Get, Replace |
|Windows SE|No|Yes| | Default Value | 1 |
|Business|No|No| <!-- CaptureThreatWindow-DFProperties-End -->
|Enterprise|No|Yes|
|Education|No|Yes|
<!--/SupportedSKUs--> <!-- CaptureThreatWindow-AllowedValues-Begin -->
<hr/> **Allowed values**:
<!--Scope--> | Value | Description |
[Scope](./policy-configuration-service-provider.md#policy-scope): |:--|:--|
| 0 | Disabled |
| 1 (Default) | Enabled |
<!-- CaptureThreatWindow-AllowedValues-End -->
> [!div class = "checklist"] <!-- CaptureThreatWindow-GpMapping-Begin -->
> * Device **Group policy mapping**:
<hr/> | Name | Value |
|:--|:--|
| Name | CaptureThreatWindow |
| Path | WebThreatDefense > AT > WindowsComponents > WebThreatDefense |
<!-- CaptureThreatWindow-GpMapping-End -->
<!--/Scope--> <!-- CaptureThreatWindow-Examples-Begin -->
<!--Description--> <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- CaptureThreatWindow-Examples-End -->
This policy setting determines whether Enhanced Phishing Protection is in audit mode or off. Users don't see any notifications for any protection scenarios when Enhanced Phishing Protection is in audit mode. When in audit mode, Enhanced Phishing Protection captures unsafe password entry events and sends telemetry through Microsoft Defender. <!-- CaptureThreatWindow-End -->
If you enable this policy setting or dont configure this setting, Enhanced Phishing Protection is enabled in audit mode, and your users are unable to turn it off. <!-- NotifyMalicious-Begin -->
## NotifyMalicious
If you disable this policy setting, Enhanced Phishing Protection is off. When off, Enhanced Phishing Protection doesn't capture events, send telemetry, or notify users. Additionally, your users are unable to turn it on. <!-- NotifyMalicious-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
<!-- NotifyMalicious-Applicability-End -->
<!--/Description--> <!-- NotifyMalicious-OmaUri-Begin -->
<!--ADMXMapped--> ```Device
ADMX Info: ./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/NotifyMalicious
- GP Friendly name: *Configure Web Threat Defense* ```
- GP name: *EnableWebThreatDefenseService* <!-- NotifyMalicious-OmaUri-End -->
- GP path: *Windows Security\App & browser control\Reputation-based protection\Phishing protections*
- GP ADMX file name: *WebThreatDefense.admx*
<!--/ADMXMapped--> <!-- NotifyMalicious-Description-Begin -->
<!--SupportedValues--> <!-- Description-Source-ADMX -->
The following list shows the supported values: This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a Microsoft login URL with an invalid certificate, or into an application connecting to either a reported phishing site or a Microsoft login URL with an invalid certificate.
- 0:Turns off Enhanced Phishing Protection. If you enable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they type their work or school password into one of the malicious scenarios described above and encourages them to change their password.
- 1:Turns on Enhanced Phishing Protection in audit mode, which captures work or school password entry events and sends telemetry but doesn't show any notifications to your users.
If you disable or dont configure this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen will not warn your users if they type their work or school password into one of the malicious scenarios described above.
<!-- NotifyMalicious-Description-End -->
<!--/SupportedValues--> <!-- NotifyMalicious-Editable-Begin -->
<!--/Policy--> <!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- NotifyMalicious-Editable-End -->
<hr/> <!-- NotifyMalicious-DFProperties-Begin -->
**Description framework properties**:
<!--Policy--> | Property name | Property value |
<a href="" id="webthreatdefense-notifymalicious"></a>**WebThreatDefense/NotifyMalicious** |:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- NotifyMalicious-DFProperties-End -->
<!--SupportedSKUs--> <!-- NotifyMalicious-AllowedValues-Begin -->
**Allowed values**:
|Edition|Windows 10|Windows 11| | Value | Description |
|--- |--- |--- | |:--|:--|
|Home|No|No| | 0 (Default) | Disabled |
|Pro|No|No| | 1 | Enabled |
|Windows SE|No|Yes| <!-- NotifyMalicious-AllowedValues-End -->
|Business|No|No|
|Enterprise|No|Yes|
|Education|No|Yes|
<!--/SupportedSKUs--> <!-- NotifyMalicious-GpMapping-Begin -->
<hr/> **Group policy mapping**:
<!--Scope--> | Name | Value |
[Scope](./policy-configuration-service-provider.md#policy-scope): |:--|:--|
| Name | NotifyMalicious |
| Friendly Name | Notify Malicious |
| Location | Computer Configuration |
| Path | Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection |
| Registry Key Name | Software\Policies\Microsoft\Windows\WTDS\Components |
| Registry Value Name | NotifyMalicious |
| ADMX File Name | WebThreatDefense.admx |
<!-- NotifyMalicious-GpMapping-End -->
> [!div class = "checklist"] <!-- NotifyMalicious-Examples-Begin -->
> * Device <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- NotifyMalicious-Examples-End -->
<hr/> <!-- NotifyMalicious-End -->
<!--/Scope--> <!-- NotifyPasswordReuse-Begin -->
<!--Description--> ## NotifyPasswordReuse
This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school password into one of the following malicious scenarios: into a reported phishing site, into a login URL with an invalid certificate, or into an application connecting to either a reported phishing site or a login URL with an invalid certificate. <!-- NotifyPasswordReuse-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
<!-- NotifyPasswordReuse-Applicability-End -->
If you enable this policy setting, Enhanced Phishing Protection warns your users if they type their work or school password into one of the malicious scenarios described above, and encourages them to change their password. <!-- NotifyPasswordReuse-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/NotifyPasswordReuse
```
<!-- NotifyPasswordReuse-OmaUri-End -->
If you disable or dont configure this policy setting, Enhanced Phishing Protection won't warn your users if they type their work or school password into one of the malicious scenarios described above. <!-- NotifyPasswordReuse-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they reuse their work or school password.
<!--/Description--> If you enable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen warns users if they reuse their work or school password and encourages them to change it.
<!--SupportedValues-->
The following list shows the supported values:
- 0:Turns off Enhanced Phishing Protection notifications when users type their work or school password into one of the following malicious scenarios: a reported phishing site, a login URL with an invalid certificate, or into an application connecting to either a reported phishing site or a login URL with an invalid certificate. If you disable or dont configure this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen will not warn users if they reuse their work or school password.
- 1:Turns on Enhanced Phishing Protection notifications when users type their work or school password into one of the previously described malicious scenarios and encourages them to change their password. <!-- NotifyPasswordReuse-Description-End -->
<!--/SupportedValues-->
<!--/Policy-->
<hr/> <!-- NotifyPasswordReuse-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- NotifyPasswordReuse-Editable-End -->
<!--Policy--> <!-- NotifyPasswordReuse-DFProperties-Begin -->
<a href="" id="webthreatdefense-notifypasswordreuse"></a>**WebThreatDefense/NotifyPasswordReuse** **Description framework properties**:
<!--SupportedSKUs--> | Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- NotifyPasswordReuse-DFProperties-End -->
|Edition|Windows 10|Windows 11| <!-- NotifyPasswordReuse-AllowedValues-Begin -->
|--- |--- |--- | **Allowed values**:
|Home|No|No|
|Pro|No|No|
|Windows SE|No|Yes|
|Business|No|No|
|Enterprise|No|Yes|
|Education|No|Yes|
<!--/SupportedSKUs--> | Value | Description |
<hr/> |:--|:--|
| 0 (Default) | Disabled |
| 1 | Enabled |
<!-- NotifyPasswordReuse-AllowedValues-End -->
<!--Scope--> <!-- NotifyPasswordReuse-GpMapping-Begin -->
[Scope](./policy-configuration-service-provider.md#policy-scope): **Group policy mapping**:
> [!div class = "checklist"] | Name | Value |
> * Device |:--|:--|
| Name | NotifyPasswordReuse |
| Friendly Name | Notify Password Reuse |
| Location | Computer Configuration |
| Path | Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection |
| Registry Key Name | Software\Policies\Microsoft\Windows\WTDS\Components |
| Registry Value Name | NotifyPasswordReuse |
| ADMX File Name | WebThreatDefense.admx |
<!-- NotifyPasswordReuse-GpMapping-End -->
<hr/> <!-- NotifyPasswordReuse-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- NotifyPasswordReuse-Examples-End -->
<!--/Scope--> <!-- NotifyPasswordReuse-End -->
<!--Description-->
This policy setting determines whether Enhanced Phishing Protection warns your users if they reuse their work or school password. <!-- NotifyUnsafeApp-Begin -->
## NotifyUnsafeApp
If you enable this policy setting, Enhanced Phishing Protection warns users if they reuse their work or school password and encourages them to change it. <!-- NotifyUnsafeApp-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
<!-- NotifyUnsafeApp-Applicability-End -->
If you disable or dont configure this policy setting, Enhanced Phishing Protection won't warn users if they reuse their work or school password. <!-- NotifyUnsafeApp-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/NotifyUnsafeApp
```
<!-- NotifyUnsafeApp-OmaUri-End -->
<!--/Description--> <!-- NotifyUnsafeApp-Description-Begin -->
<!--SupportedValues--> <!-- Description-Source-ADMX -->
The following list shows the supported values: This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they type their work or school passwords in Notepad, Winword, or M365 Office apps like OneNote, Word, Excel, etc.
- 0:Turns off Enhanced Phishing Protection notifications when users reuse their work or school password. If you enable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen warns your users if they store their password in text editor apps.
- 1:Turns on Enhanced Phishing Protection notifications when users reuse their work or school password and encourages them to change their password.
<!--/SupportedValues--> If you disable or dont configure this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen will not warn users if they store their password in text editor apps.
<!--/Policy--> <!-- NotifyUnsafeApp-Description-End -->
<hr/> <!-- NotifyUnsafeApp-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- NotifyUnsafeApp-Editable-End -->
<!--Policy--> <!-- NotifyUnsafeApp-DFProperties-Begin -->
<a href="" id="webthreatdefense-notifyunsafeapp"></a>**WebThreatDefense/NotifyUnsafeApp** **Description framework properties**:
<!--SupportedSKUs--> | Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- NotifyUnsafeApp-DFProperties-End -->
|Edition|Windows 10|Windows 11| <!-- NotifyUnsafeApp-AllowedValues-Begin -->
|--- |--- |--- | **Allowed values**:
|Home|No|No|
|Pro|No|No|
|Windows SE|No|Yes|
|Business|No|No|
|Enterprise|No|Yes|
|Education|No|Yes|
<!--/SupportedSKUs--> | Value | Description |
<hr/> |:--|:--|
| 0 (Default) | Disabled |
| 1 | Enabled |
<!-- NotifyUnsafeApp-AllowedValues-End -->
<!--Scope--> <!-- NotifyUnsafeApp-GpMapping-Begin -->
[Scope](./policy-configuration-service-provider.md#policy-scope): **Group policy mapping**:
> [!div class = "checklist"] | Name | Value |
> * Device |:--|:--|
| Name | NotifyUnsafeApp |
| Friendly Name | Notify Unsafe App |
| Location | Computer Configuration |
| Path | Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection |
| Registry Key Name | Software\Policies\Microsoft\Windows\WTDS\Components |
| Registry Value Name | NotifyUnsafeApp |
| ADMX File Name | WebThreatDefense.admx |
<!-- NotifyUnsafeApp-GpMapping-End -->
<hr/> <!-- NotifyUnsafeApp-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- NotifyUnsafeApp-Examples-End -->
<!--/Scope--> <!-- NotifyUnsafeApp-End -->
<!--Description-->
This policy setting determines whether Enhanced Phishing Protection warns your users if they type their work or school passwords in text editor apps like OneNote, Word, Notepad, etc. <!-- ServiceEnabled-Begin -->
## ServiceEnabled
If you enable this policy setting, Enhanced Phishing Protection warns your users if they store their password in text editor apps. <!-- ServiceEnabled-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 11, version 22H2 [10.0.22621] and later |
<!-- ServiceEnabled-Applicability-End -->
If you disable or dont configure this policy setting, Enhanced Phishing Protection won't warn users if they store their password in text editor apps. <!-- ServiceEnabled-OmaUri-Begin -->
<!--/Description--> ```Device
<!--SupportedValues--> ./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/ServiceEnabled
The following list shows the supported values: ```
<!-- ServiceEnabled-OmaUri-End -->
- 0:Turns off Enhanced Phishing Protection notifications when users type their work or school passwords in text editor apps like OneNote, Word, Notepad, etc. <!-- ServiceEnabled-Description-Begin -->
- 1:Turns on Enhanced Phishing Protection notifications when users type their work or school passwords in text editor apps. <!-- Description-Source-ADMX -->
<!--/SupportedValues--> This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen is in audit mode or off. Users do not see notifications for any protection scenarios when Enhanced Phishing Protection in Microsoft Defender is in audit mode. Audit mode captures unsafe password entry events and sends telemetry through Microsoft Defender.
<!--/Policy-->
<hr/> If you enable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen is enabled in audit mode and your users are unable to turn it off.
## Related topics If you disable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen is off and it will not capture events, send telemetry, or notify users. Additionally, your users are unable to turn it on.
If you dont configure this setting, users can decide whether or not they will enable Enhanced Phishing Protection in Microsoft Defender SmartScreen.
<!-- ServiceEnabled-Description-End -->
<!-- ServiceEnabled-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- ServiceEnabled-Editable-End -->
<!-- ServiceEnabled-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 1 |
<!-- ServiceEnabled-DFProperties-End -->
<!-- ServiceEnabled-AllowedValues-Begin -->
**Allowed values**:
| Value | Description |
|:--|:--|
| 0 | Disabled |
| 1 (Default) | Enabled |
<!-- ServiceEnabled-AllowedValues-End -->
<!-- ServiceEnabled-GpMapping-Begin -->
**Group policy mapping**:
| Name | Value |
|:--|:--|
| Name | ServiceEnabled |
| Friendly Name | Service Enabled |
| Location | Computer Configuration |
| Path | Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection |
| Registry Key Name | Software\Policies\Microsoft\Windows\WTDS\Components |
| Registry Value Name | ServiceEnabled |
| ADMX File Name | WebThreatDefense.admx |
<!-- ServiceEnabled-GpMapping-End -->
<!-- ServiceEnabled-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- ServiceEnabled-Examples-End -->
<!-- ServiceEnabled-End -->
<!-- WebThreatDefense-CspMoreInfo-Begin -->
<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
<!-- WebThreatDefense-CspMoreInfo-End -->
<!-- WebThreatDefense-End -->
## Related articles
[Policy configuration service provider](policy-configuration-service-provider.md) [Policy configuration service provider](policy-configuration-service-provider.md)

669
windows/client-management/mdm/policy-csp-wifi.md
View File

@ -1,336 +1,371 @@
--- ---
title: Policy CSP - Wifi title: Wifi Policy CSP
description: Learn how the Policy CSP - Wifi setting allows or disallows the device to automatically connect to Wi-Fi hotspots. description: Learn more about the Wifi Area in Policy CSP
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa ms.author: vinpa
ms.topic: article ms.date: 12/07/2022
ms.localizationpriority: medium
ms.prod: windows-client ms.prod: windows-client
ms.technology: itpro-manage ms.technology: itpro-manage
author: vinaypamnani-msft ms.topic: reference
ms.localizationpriority: medium
ms.date: 09/27/2019
ms.reviewer:
manager: aaroncz
--- ---
<!-- Auto-Generated CSP Document -->
<!-- Wifi-Begin -->
# Policy CSP - Wifi # Policy CSP - Wifi
<!-- Wifi-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- Wifi-Editable-End -->
<hr/> <!-- AllowAutoConnectToWiFiSenseHotspots-Begin -->
## AllowAutoConnectToWiFiSenseHotspots
<!--Policies--> <!-- AllowAutoConnectToWiFiSenseHotspots-Applicability-Begin -->
## Wifi policies | Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1507 [10.0.10240] and later |
<!-- AllowAutoConnectToWiFiSenseHotspots-Applicability-End -->
<dl> <!-- AllowAutoConnectToWiFiSenseHotspots-OmaUri-Begin -->
<dd> ```Device
<a href="#wifi-allowwifihotspotreporting">WiFi/AllowWiFiHotSpotReporting</a> ./Device/Vendor/MSFT/Policy/Config/Wifi/AllowAutoConnectToWiFiSenseHotspots
</dd> ```
<dd> <!-- AllowAutoConnectToWiFiSenseHotspots-OmaUri-End -->
<a href="#wifi-allowautoconnecttowifisensehotspots">Wifi/AllowAutoConnectToWiFiSenseHotspots</a>
</dd>
<dd>
<a href="#wifi-allowinternetsharing">Wifi/AllowInternetSharing</a>
</dd>
<dd>
<a href="#wifi-allowmanualwificonfiguration">Wifi/AllowManualWiFiConfiguration</a>
</dd>
<dd>
<a href="#wifi-allowwifi">Wifi/AllowWiFi</a>
</dd>
<dd>
<a href="#wifi-allowwifidirect">Wifi/AllowWiFiDirect</a>
</dd>
<dd>
<a href="#wifi-wlanscanmode">Wifi/WLANScanMode</a>
</dd>
</dl>
<!-- AllowAutoConnectToWiFiSenseHotspots-Description-Begin -->
<!-- Description-Source-ADMX -->
This policy setting determines whether users can enable the following WLAN settings: "Connect to suggested open hotspots," "Connect to networks shared by my contacts," and "Enable paid services".
<hr/> "Connect to suggested open hotspots" enables Windows to automatically connect users to open hotspots it knows about by crowdsourcing networks that other people using Windows have connected to.
<!--Policy--> "Connect to networks shared by my contacts" enables Windows to automatically connect to networks that the user's contacts have shared with them, and enables users on this device to share networks with their contacts.
<a href="" id="wifi-allowwifihotspotreporting"></a>**WiFi/AllowWiFiHotSpotReporting**
<hr/> "Enable paid services" enables Windows to temporarily connect to open hotspots to determine if paid services are available.
<!--Description--> If this policy setting is disabled, both "Connect to suggested open hotspots," "Connect to networks shared by my contacts," and "Enable paid services" will be turned off and users on this device will be prevented from enabling them.
If this policy setting is not configured or is enabled, users can choose to enable or disable either "Connect to suggested open hotspots" or "Connect to networks shared by my contacts".
<!-- AllowAutoConnectToWiFiSenseHotspots-Description-End -->
<!-- AllowAutoConnectToWiFiSenseHotspots-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- AllowAutoConnectToWiFiSenseHotspots-Editable-End -->
<!-- AllowAutoConnectToWiFiSenseHotspots-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 1 |
<!-- AllowAutoConnectToWiFiSenseHotspots-DFProperties-End -->
<!-- AllowAutoConnectToWiFiSenseHotspots-AllowedValues-Begin -->
**Allowed values**:
| Value | Description |
|:--|:--|
| 0 | Not allowed. |
| 1 (Default) | Allowed. |
<!-- AllowAutoConnectToWiFiSenseHotspots-AllowedValues-End -->
<!-- AllowAutoConnectToWiFiSenseHotspots-GpMapping-Begin -->
**Group policy mapping**:
| Name | Value |
|:--|:--|
| Name | WiFiSense |
| Friendly Name | Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services |
| Location | Computer Configuration |
| Path | Network > WLAN Service > WLAN Settings |
| Registry Key Name | Software\Microsoft\wcmsvc\wifinetworkmanager\config |
| Registry Value Name | AutoConnectAllowedOEM |
| ADMX File Name | wlansvc.admx |
<!-- AllowAutoConnectToWiFiSenseHotspots-GpMapping-End -->
<!-- AllowAutoConnectToWiFiSenseHotspots-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- AllowAutoConnectToWiFiSenseHotspots-Examples-End -->
<!-- AllowAutoConnectToWiFiSenseHotspots-End -->
<!-- AllowInternetSharing-Begin -->
## AllowInternetSharing
<!-- AllowInternetSharing-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1507 [10.0.10240] and later |
<!-- AllowInternetSharing-Applicability-End -->
<!-- AllowInternetSharing-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/Wifi/AllowInternetSharing
```
<!-- AllowInternetSharing-OmaUri-End -->
<!-- AllowInternetSharing-Description-Begin -->
<!-- Description-Source-ADMX -->
Determines whether administrators can enable and configure the Internet Connection Sharing (ICS) feature of an Internet connection and if the ICS service can run on the computer.
ICS lets administrators configure their system as an Internet gateway for a small network and provides network services, such as name resolution and addressing through DHCP, to the local private network.
If you enable this setting, ICS cannot be enabled or configured by administrators, and the ICS service cannot run on the computer. The Advanced tab in the Properties dialog box for a LAN or remote access connection is removed. The Internet Connection Sharing page is removed from the New Connection Wizard. The Network Setup Wizard is disabled.
If you disable this setting or do not configure it and have two or more connections, administrators can enable ICS. The Advanced tab in the properties dialog box for a LAN or remote access connection is available. In addition, the user is presented with the option to enable Internet Connection Sharing in the Network Setup Wizard and Make New Connection Wizard. (The Network Setup Wizard is available only in Windows XP Professional.)
By default, ICS is disabled when you create a remote access connection, but administrators can use the Advanced tab to enable it. When running the New Connection Wizard or Network Setup Wizard, administrators can choose to enable ICS.
Note: Internet Connection Sharing is only available when two or more network connections are present.
Note: When the "Prohibit access to properties of a LAN connection," "Ability to change properties of an all user remote access connection," or "Prohibit changing properties of a private remote access connection" settings are set to deny access to the Connection Properties dialog box, the Advanced tab for the connection is blocked.
Note: Nonadministrators are already prohibited from configuring Internet Connection Sharing, regardless of this setting.
Note: Disabling this setting does not prevent Wireless Hosted Networking from using the ICS service for DHCP services. To prevent the ICS service from running, on the Network Permissions tab in the network's policy properties, select the "Don't use hosted networks" check box.
<!-- AllowInternetSharing-Description-End -->
<!-- AllowInternetSharing-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- AllowInternetSharing-Editable-End -->
<!-- AllowInternetSharing-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 1 |
<!-- AllowInternetSharing-DFProperties-End -->
<!-- AllowInternetSharing-AllowedValues-Begin -->
**Allowed values**:
| Value | Description |
|:--|:--|
| 0 | Not allowed. |
| 1 (Default) | Allowed. |
<!-- AllowInternetSharing-AllowedValues-End -->
<!-- AllowInternetSharing-GpMapping-Begin -->
**Group policy mapping**:
| Name | Value |
|:--|:--|
| Name | NC_ShowSharedAccessUI |
| Friendly Name | Prohibit use of Internet Connection Sharing on your DNS domain network |
| Location | Computer Configuration |
| Path | Network > Network Connections |
| Registry Key Name | Software\Policies\Microsoft\Windows\Network Connections |
| Registry Value Name | NC_ShowSharedAccessUI |
| ADMX File Name | NetworkConnections.admx |
<!-- AllowInternetSharing-GpMapping-End -->
<!-- AllowInternetSharing-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- AllowInternetSharing-Examples-End -->
<!-- AllowInternetSharing-End -->
<!-- AllowManualWiFiConfiguration-Begin -->
## AllowManualWiFiConfiguration
<!-- AllowManualWiFiConfiguration-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1507 [10.0.10240] and later |
<!-- AllowManualWiFiConfiguration-Applicability-End -->
<!-- AllowManualWiFiConfiguration-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/Wifi/AllowManualWiFiConfiguration
```
<!-- AllowManualWiFiConfiguration-OmaUri-End -->
<!-- AllowManualWiFiConfiguration-Description-Begin -->
<!-- Description-Source-DDF -->
Allow or disallow connecting to Wi-Fi outside of MDM server-installed networks. Most restricted value is 0. **Note**: Setting this policy deletes any previously installed user-configured and Wi-Fi sense Wi-Fi profiles from the device. Certain Wi-Fi profiles that are not user configured nor Wi-Fi sense might not be deleted. In addition, not all non-MDM profiles are completely deleted.
<!-- AllowManualWiFiConfiguration-Description-End -->
<!-- AllowManualWiFiConfiguration-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- AllowManualWiFiConfiguration-Editable-End -->
<!-- AllowManualWiFiConfiguration-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 1 |
<!-- AllowManualWiFiConfiguration-DFProperties-End -->
<!-- AllowManualWiFiConfiguration-AllowedValues-Begin -->
**Allowed values**:
| Value | Description |
|:--|:--|
| 0 | No Wi-Fi connection outside of MDM provisioned network is allowed. |
| 1 (Default) | Adding new network SSIDs beyond the already MDM provisioned ones is allowed. |
<!-- AllowManualWiFiConfiguration-AllowedValues-End -->
<!-- AllowManualWiFiConfiguration-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- AllowManualWiFiConfiguration-Examples-End -->
<!-- AllowManualWiFiConfiguration-End -->
<!-- AllowWiFi-Begin -->
## AllowWiFi
<!-- AllowWiFi-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1507 [10.0.10240] and later |
<!-- AllowWiFi-Applicability-End -->
<!-- AllowWiFi-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/Wifi/AllowWiFi
```
<!-- AllowWiFi-OmaUri-End -->
<!-- AllowWiFi-Description-Begin -->
<!-- Description-Source-DDF -->
This policy has been deprecated. This policy has been deprecated.
<!-- AllowWiFi-Description-End -->
<!-- AllowWiFi-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- AllowWiFi-Editable-End -->
<!-- AllowWiFi-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 1 |
<!-- AllowWiFi-DFProperties-End -->
<!-- AllowWiFi-AllowedValues-Begin -->
**Allowed values**:
| Value | Description |
|:--|:--|
| 0 | Not allowed. |
| 1 (Default) | Allowed. |
<!-- AllowWiFi-AllowedValues-End -->
<!-- AllowWiFi-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- AllowWiFi-Examples-End -->
<!-- AllowWiFi-End -->
<!-- AllowWiFiDirect-Begin -->
## AllowWiFiDirect
<!-- AllowWiFiDirect-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1703 [10.0.15063] and later |
<!-- AllowWiFiDirect-Applicability-End -->
<!-- AllowWiFiDirect-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/Wifi/AllowWiFiDirect
```
<!-- AllowWiFiDirect-OmaUri-End -->
<!-- AllowWiFiDirect-Description-Begin -->
<!-- Description-Source-DDF -->
Allow WiFi Direct connection. .
<!-- AllowWiFiDirect-Description-End -->
<!-- AllowWiFiDirect-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- AllowWiFiDirect-Editable-End -->
<!-- AllowWiFiDirect-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 1 |
<!-- AllowWiFiDirect-DFProperties-End -->
<!-- AllowWiFiDirect-AllowedValues-Begin -->
**Allowed values**:
| Value | Description |
|:--|:--|
| 0 | Not allowed. |
| 1 (Default) | Allowed. |
<!-- AllowWiFiDirect-AllowedValues-End -->
<!-- AllowWiFiDirect-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- AllowWiFiDirect-Examples-End -->
<!-- AllowWiFiDirect-End -->
<!-- WLANScanMode-Begin -->
## WLANScanMode
<!-- WLANScanMode-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :heavy_check_mark: Windows SE | :heavy_check_mark: Windows 10, version 1607 [10.0.14393] and later |
<!-- WLANScanMode-Applicability-End -->
<!-- WLANScanMode-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/Wifi/WLANScanMode
```
<!-- WLANScanMode-OmaUri-End -->
<!-- WLANScanMode-Description-Begin -->
<!-- Description-Source-DDF -->
Allow an enterprise to control the WLAN scanning behavior and how aggressively devices should be actively scanning for Wi-Fi networks to get devices connected. Supported values are 0-500, where 100 = normal scan frequency and 500 = low scan frequency. The default value is 0. Supported operations are Add, Delete, Get, and Replace.
<!-- WLANScanMode-Description-End -->
<!-- WLANScanMode-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- WLANScanMode-Editable-End -->
<!-- WLANScanMode-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Allowed Values | Range: `[0-500]` |
| Default Value | 0 |
<!-- WLANScanMode-DFProperties-End -->
<!-- WLANScanMode-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- WLANScanMode-Examples-End -->
<!-- WLANScanMode-End -->
<!-- Wifi-CspMoreInfo-Begin -->
<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
<!-- Wifi-CspMoreInfo-End -->
<!--/Description--> <!-- Wifi-End -->
<!--/Policy-->
## Related articles
<hr/>
<!--Policy-->
<a href="" id="wifi-allowautoconnecttowifisensehotspots"></a>**Wifi/AllowAutoConnectToWiFiSenseHotspots**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
Allow or disallow the device to automatically connect to Wi-Fi hotspots.
Most restricted value is 0.
<!--/Description-->
<!--ADMXMapped-->
ADMX Info:
- GP Friendly name: *Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services*
- GP name: *WiFiSense*
- GP path: *Network/WLAN Service/WLAN Settings*
- GP ADMX file name: *wlansvc.admx*
<!--/ADMXMapped-->
<!--SupportedValues-->
The following list shows the supported values:
- 0 Not allowed.
- 1 (default) Allowed.
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
<!--Policy-->
<a href="" id="wifi-allowinternetsharing"></a>**Wifi/AllowInternetSharing**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
Allow or disallow internet sharing.
Most restricted value is 0.
<!--/Description-->
<!--ADMXMapped-->
ADMX Info:
- GP Friendly name: *Prohibit use of Internet Connection Sharing on your DNS domain network*
- GP name: *NC_ShowSharedAccessUI*
- GP path: *Network/Network Connections*
- GP ADMX file name: *NetworkConnections.admx*
<!--/ADMXMapped-->
<!--SupportedValues-->
The following list shows the supported values:
- 0 Do not allow the use of Internet Sharing.
- 1 (default) Allow the use of Internet Sharing.
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
<!--Policy-->
<a href="" id="wifi-allowmanualwificonfiguration"></a>**Wifi/AllowManualWiFiConfiguration**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
Allow or disallow connecting to Wi-Fi outside of MDM server-installed networks.
Most restricted value is 0.
> [!NOTE]
> Setting this policy deletes any previously installed user-configured and Wi-Fi sense Wi-Fi profiles from the device. Certain Wi-Fi profiles that are not user configured nor Wi-Fi sense might not be deleted. In addition, not all non-MDM profiles are completely deleted.
<!--/Description-->
<!--SupportedValues-->
The following list shows the supported values:
- 0 No Wi-Fi connection outside of MDM provisioned network is allowed.
- 1 (default) Adding new network SSIDs beyond the already MDM provisioned ones is allowed.
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
<!--Policy-->
<a href="" id="wifi-allowwifi"></a>**Wifi/AllowWiFi**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
Allow or disallow WiFi connection.
Most restricted value is 0.
<!--/Description-->
<!--SupportedValues-->
The following list shows the supported values:
- 0 WiFi connection is not allowed.
- 1 (default) WiFi connection is allowed.
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
<!--Policy-->
<a href="" id="wifi-allowwifidirect"></a>**Wifi/AllowWiFiDirect**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
Allow WiFi Direct connection..
<!--/Description-->
<!--SupportedValues-->
The following list shows the supported values:
- 0 - WiFi Direct connection is not allowed.
- 1 - WiFi Direct connection is allowed.
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
<!--Policy-->
<a href="" id="wifi-wlanscanmode"></a>**Wifi/WLANScanMode**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
Allow an enterprise to control the WLAN scanning behavior and how aggressively devices should be actively scanning for Wi-Fi networks to get devices connected.
Supported values are 0-500, where 100 = normal scan frequency and 500 = low scan frequency.
The default value is 0.
Supported operations are Add, Delete, Get, and Replace.
<!--/Description-->
<!--/Policy-->
<hr/>
<!--/Policies-->
[Policy configuration service provider](policy-configuration-service-provider.md)

110
windows/client-management/mdm/policy-csp-windowsautopilot.md
View File

@ -1,78 +1,80 @@
--- ---
title: Policy CSP - WindowsAutoPilot title: WindowsAutopilot Policy CSP
description: Learn to use the Policy CSP - WindowsAutoPilot setting to enable or disable Autopilot Agility feature. description: Learn more about the WindowsAutopilot Area in Policy CSP
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa ms.author: vinpa
ms.topic: article ms.date: 12/07/2022
ms.localizationpriority: medium
ms.prod: windows-client ms.prod: windows-client
ms.technology: itpro-manage ms.technology: itpro-manage
author: vinaypamnani-msft ms.topic: reference
ms.localizationpriority: medium
ms.date: 11/25/2021
ms.reviewer:
manager: aaroncz
--- ---
# Policy CSP - WindowsAutoPilot <!-- Auto-Generated CSP Document -->
<!-- WindowsAutopilot-Begin -->
# Policy CSP - WindowsAutopilot
<!-- WindowsAutopilot-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- WindowsAutopilot-Editable-End -->
<hr/> <!-- EnableAgilityPostEnrollment-Begin -->
## EnableAgilityPostEnrollment
<!--Policies--> <!-- EnableAgilityPostEnrollment-Applicability-Begin -->
## WindowsAutoPilot policies | Scope | Editions | Applicable OS |
|:--|:--|:--|
| :heavy_check_mark: Device <br> :x: User | :x: Home <br> :heavy_check_mark: Pro <br> :heavy_check_mark: Enterprise <br> :heavy_check_mark: Education <br> :x: Windows SE | :heavy_check_mark: Windows 11, version 21H2 [10.0.22000] and later |
<!-- EnableAgilityPostEnrollment-Applicability-End -->
<dl> <!-- EnableAgilityPostEnrollment-OmaUri-Begin -->
<dd> ```Device
<a href="#windowsautopilot-enableagilitypostenrollment">WindowsAutoPilot/EnableAgilityPostEnrollment</a> ./Device/Vendor/MSFT/Policy/Config/WindowsAutopilot/EnableAgilityPostEnrollment
</dd> ```
</dl> <!-- EnableAgilityPostEnrollment-OmaUri-End -->
<!-- EnableAgilityPostEnrollment-Description-Begin -->
<!-- Description-Source-DDF -->
Specifies whether to check for Windows Autopilot updates after enrollment. Most restricted value is 0.
<!-- EnableAgilityPostEnrollment-Description-End -->
<hr/> <!-- EnableAgilityPostEnrollment-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- EnableAgilityPostEnrollment-Editable-End -->
<!--Policy--> <!-- EnableAgilityPostEnrollment-DFProperties-Begin -->
<a href="" id="windowsautopilot-enableagilitypostenrollment"></a>**WindowsAutoPilot/EnableAgilityPostEnrollment** **Description framework properties**:
<!--SupportedSKUs--> | Property name | Property value |
|:--|:--|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
| Default Value | 0 |
<!-- EnableAgilityPostEnrollment-DFProperties-End -->
|Edition|Windows 10|Windows 11| <!-- EnableAgilityPostEnrollment-AllowedValues-Begin -->
|--- |--- |--- | **Allowed values**:
|Home|No|No|
|Pro|Yes|Yes|
|Windows SE|No|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs--> | Value | Description |
<hr/> |:--|:--|
| 0 (Default) | Not enabled |
| 1 | Enabled |
<!-- EnableAgilityPostEnrollment-AllowedValues-End -->
<!--Scope--> <!-- EnableAgilityPostEnrollment-Examples-Begin -->
[Scope](./policy-configuration-service-provider.md#policy-scope): <!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- EnableAgilityPostEnrollment-Examples-End -->
> [!div class = "checklist"] <!-- EnableAgilityPostEnrollment-End -->
> * Device
<hr/> <!-- WindowsAutopilot-CspMoreInfo-Begin -->
<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
<!-- WindowsAutopilot-CspMoreInfo-End -->
<!--/Scope--> <!-- WindowsAutopilot-End -->
<!--Description-->
This policy enables Windows Autopilot to be kept up-to-date during the out-of-box experience after MDM enrollment.
<!--/Description--> ## Related articles
<!--SupportedValues-->
<!--/SupportedValues-->
<!--Example-->
<!--/Example-->
<!--Validation-->
<!--/Validation-->
<!--/Policy-->
<hr/>
<!--/Policies-->
## Related topics
[Policy configuration service provider](policy-configuration-service-provider.md) [Policy configuration service provider](policy-configuration-service-provider.md)

2
windows/client-management/mdm/toc.yml
View File

@ -540,7 +540,7 @@ items:
href: policy-csp-webthreatdefense.md href: policy-csp-webthreatdefense.md
- name: Wifi - name: Wifi
href: policy-csp-wifi.md href: policy-csp-wifi.md
- name: WindowsAutoPilot - name: WindowsAutopilot
href: policy-csp-windowsautopilot.md href: policy-csp-windowsautopilot.md
- name: WindowsConnectionManager - name: WindowsConnectionManager
href: policy-csp-windowsconnectionmanager.md href: policy-csp-windowsconnectionmanager.md