mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 21:37:22 +00:00
Merge branch 'main' into cz-2301bugbash-11107
This commit is contained in:
Thomas Raya
GitHub
commit
ee042c3b2d
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Access Credential Manager as a trusted caller
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This article describes the recommended practices, location, values, policy management, and security considerations for the **Access Credential Manager as a trusted caller** security policy setting.
|
||||
|
||||
@ -20,7 +20,12 @@ ms.technology: itpro-security
|
||||
# Access this computer from the network - security policy setting
|
||||
|
||||
**Applies to**
|
||||
- Windows 10, Azure Stack HCI, Windows Server 2022, Windows Server 2019, Windows Server 2016
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
- Windows Server 2022
|
||||
- Windows Server 2019
|
||||
- Windows Server 2016
|
||||
- Azure Stack HCI
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Access this computer from the network** security policy setting.
|
||||
|
||||
|
||||
@ -20,7 +20,8 @@ ms.technology: itpro-security
|
||||
# Act as part of the operating system
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Act as part of the operating system** security policy setting.
|
||||
|
||||
|
||||
@ -1,17 +1,12 @@
|
||||
---
|
||||
title: Add workstations to domain (Windows 10)
|
||||
title: Add workstations to domain
|
||||
description: Describes the best practices, location, values, policy management and security considerations for the Add workstations to domain security policy setting.
|
||||
ms.assetid: b0c21af4-c928-4344-b1f1-58ef162ad0b3
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
manager: aaroncz
|
||||
audience: ITPro
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.technology: itpro-security
|
||||
@ -20,7 +15,7 @@ ms.technology: itpro-security
|
||||
# Add workstations to domain
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Add workstations to domain** security policy setting.
|
||||
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Adjust memory quotas for a process
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Adjust memory quotas for a process** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Allow log on locally - security policy setting
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Allow log on locally** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Allow log on through Remote Desktop Services
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Allow log on through Remote Desktop Services** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Back up files and directories - security policy setting
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This article describes the recommended practices, location, values, policy management, and security considerations for the **Back up files and directories** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Bypass traverse checking
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
>Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/WindowsForBusiness/Compare).
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Change the system time - security policy setting
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Change the system time** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Change the time zone - security policy setting
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Change the time zone** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Create a pagefile - security policy setting
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Create a pagefile** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Create a token object
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Create a token object** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Create global objects
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Create global objects** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Create permanent shared objects
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Create permanent shared objects** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Create symbolic links
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Create symbolic links** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Debug programs
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Debug programs** security policy setting.
|
||||
|
||||
@ -20,7 +20,8 @@ ms.technology: itpro-security
|
||||
# Deny access to this computer from the network
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Deny access to this computer from the network** security policy setting.
|
||||
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Deny log on as a batch job
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This article describes the recommended practices, location, values, policy management, and security considerations for the **Deny log on as a batch job** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Deny log on as a service
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This article describes the recommended practices, location, values, policy management, and security considerations for the **Deny log on as a service** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Deny log on locally
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Deny log on locally** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Deny log on through Remote Desktop Services
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Deny log on through Remote Desktop Services** security policy setting.
|
||||
|
||||
@ -1,17 +1,12 @@
|
||||
---
|
||||
title: Domain controller Allow server operators to schedule tasks (Windows 10)
|
||||
title: Domain controller Allow server operators to schedule tasks
|
||||
description: Describes the best practices, location, values, and security considerations for the Domain controller Allow server operators to schedule tasks security policy setting.
|
||||
ms.assetid: 198b12a4-8a5d-48e8-a752-2073b8a2cb0d
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
manager: aaroncz
|
||||
audience: ITPro
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.technology: itpro-security
|
||||
@ -20,7 +15,7 @@ ms.technology: itpro-security
|
||||
# Domain controller: Allow server operators to schedule tasks
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server
|
||||
|
||||
Describes the best practices, location, values, and security considerations for the **Domain controller: Allow server operators to schedule tasks** security policy setting.
|
||||
|
||||
|
||||
@ -1,17 +1,12 @@
|
||||
---
|
||||
title: Domain controller LDAP server signing requirements (Windows 10)
|
||||
title: Domain controller LDAP server signing requirements
|
||||
description: Describes the best practices, location, values, and security considerations for the Domain controller LDAP server signing requirements security policy setting.
|
||||
ms.assetid: fe122179-7571-465b-98d0-b8ce0f224390
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
manager: aaroncz
|
||||
audience: ITPro
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.technology: itpro-security
|
||||
@ -20,7 +15,7 @@ ms.technology: itpro-security
|
||||
# Domain controller: LDAP server signing requirements
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server
|
||||
|
||||
This article describes the best practices, location, values, and security considerations for the **Domain controller: LDAP server signing requirements** security policy setting.
|
||||
|
||||
|
||||
@ -1,17 +1,12 @@
|
||||
---
|
||||
title: Refuse machine account password changes policy (Windows 10)
|
||||
title: Refuse machine account password changes policy
|
||||
description: Describes the best practices, location, values, and security considerations for the Domain controller Refuse machine account password changes security policy setting.
|
||||
ms.assetid: 5a7fa2e2-e1a8-4833-90f7-aa83e3b456a9
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
manager: aaroncz
|
||||
audience: ITPro
|
||||
ms.topic: conceptual
|
||||
ms.technology: itpro-security
|
||||
ms.date: 12/31/2017
|
||||
@ -20,7 +15,7 @@ ms.date: 12/31/2017
|
||||
# Domain controller: Refuse machine account password changes
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server
|
||||
|
||||
Describes the best practices, location, values, and security considerations for the **Domain controller: Refuse machine account password changes** security policy setting.
|
||||
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Enable computer and user accounts to be trusted for delegation
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Enable computer and user accounts to be trusted for delegation** security policy setting.
|
||||
@ -108,4 +109,4 @@ None. Not defined is the default configuration.
|
||||
|
||||
## Related topics
|
||||
|
||||
- [User Rights Assignment](user-rights-assignment.md)
|
||||
- [User Rights Assignment](user-rights-assignment.md)
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Force shutdown from a remote system
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Force shutdown from a remote system** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Generate security audits
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Generate security audits** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Impersonate a client after authentication
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Impersonate a client after authentication** security policy setting.
|
||||
@ -109,4 +110,4 @@ In IIS 7.0 and later, a built-in account (IUSR) replaces the IUSR_MachineName ac
|
||||
|
||||
## Related topics
|
||||
|
||||
- [User Rights Assignment](user-rights-assignment.md)
|
||||
- [User Rights Assignment](user-rights-assignment.md)
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Increase a process working set
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Increase a process working set** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Increase scheduling priority
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Increase scheduling priority** security policy setting.
|
||||
@ -89,4 +90,4 @@ None. Restricting the **Increase scheduling priority** user right to members of
|
||||
## Related topics
|
||||
|
||||
- [User Rights Assignment](user-rights-assignment.md)
|
||||
- [Increase scheduling priority for Windows Server 2012 and earlier](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn221960(v%3dws.11))
|
||||
- [Increase scheduling priority for Windows Server 2012 and earlier](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn221960(v%3dws.11))
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Load and unload device drivers
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Load and unload device drivers** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Lock pages in memory
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Lock pages in memory** security policy setting.
|
||||
|
||||
@ -22,6 +22,7 @@ ms.technology: itpro-security
|
||||
# Log on as a batch job
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This article describes the recommended practices, location, values, policy management, and security considerations for the **Log on as a batch job** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Log on as a service
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This article describes the recommended practices, location, values, policy management, and security considerations for the **Log on as a service** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Manage auditing and security log
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Manage auditing and security log** security policy setting.
|
||||
|
||||
@ -21,6 +21,7 @@ ms.technology: itpro-security
|
||||
# Microsoft network client: Send unencrypted password to third-party SMB servers
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Microsoft network client: Send unencrypted password to third-party SMB servers** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Microsoft network server: Amount of idle time required before suspending session
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, and security considerations for the **Microsoft network server: Amount of idle time required before suspending session** security policy setting.
|
||||
|
||||
@ -20,7 +20,8 @@ ms.technology: itpro-security
|
||||
# Microsoft network server: Attempt S4U2Self to obtain claim information
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, management, and security considerations for the **Microsoft network server: Attempt S4U2Self to obtain claim information** security policy setting.
|
||||
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Microsoft network server: Disconnect clients when sign-in hours expire
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, and security considerations for the **Microsoft network server: Disconnect clients when logon hours expire** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Microsoft network server: Server SPN target name validation level
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, and values, policy management and security considerations for the **Microsoft network server: Server SPN target name validation level** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Modify an object label
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Modify an object label** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Modify firmware environment values
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Modify firmware environment values** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network access: Allow anonymous SID/Name translation
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network access: Allow anonymous SID/Name translation** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network access: Do not allow anonymous enumeration of SAM accounts
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, and security considerations for the **Network access: Do not allow anonymous enumeration of SAM accounts** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network access: Do not allow storage of passwords and credentials for network authentication
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network access: Do not allow storage of passwords and credentials for network authentication** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network access: Let Everyone permissions apply to anonymous users
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network access: Let Everyone permissions apply to anonymous users** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network access: Named Pipes that can be accessed anonymously
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network access: Named Pipes that can be accessed anonymously** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network access: Remotely accessible registry paths and subpaths
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, and security considerations for the **Network access: Remotely accessible registry paths and subpaths** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network access: Remotely accessible registry paths
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network access: Remotely accessible registry paths** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network access: Shares that can be accessed anonymously
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network access: Shares that can be accessed anonymously** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network access: Sharing and security model for local accounts
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network access: Sharing and security model for local accounts** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Allow Local System to use computer identity for NTLM
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the location, values, policy management, and security considerations for the **Network security: Allow Local System to use computer identity for NTLM** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Allow LocalSystem NULL session fallback
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, and security considerations for the **Network security: Allow LocalSystem NULL session fallback** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Allow PKU2U authentication requests to this computer to use online identities
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This article describes the best practices, location, and values for the **Network Security: Allow PKU2U authentication requests to this computer to use online identities** security policy setting.
|
||||
|
||||
@ -1,17 +1,12 @@
|
||||
---
|
||||
title: Network security Configure encryption types allowed for Kerberos
|
||||
description: Best practices, location, values and security considerations for the policy setting, Network security Configure encryption types allowed for Kerberos Win7 only.
|
||||
ms.assetid: 303d32cc-415b-44ba-96c0-133934046ece
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
manager: aaroncz
|
||||
audience: ITPro
|
||||
ms.collection:
|
||||
- highpri
|
||||
ms.topic: conceptual
|
||||
@ -22,7 +17,9 @@ ms.technology: itpro-security
|
||||
# Network security: Configure encryption types allowed for Kerberos
|
||||
|
||||
**Applies to**
|
||||
- Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
- Windows Server
|
||||
|
||||
Describes the best practices, location, values, and security considerations for the **Network security: Configure encryption types allowed for Kerberos** security policy setting.
|
||||
|
||||
@ -30,18 +27,18 @@ Describes the best practices, location, values, and security considerations for
|
||||
|
||||
This policy setting allows you to set the encryption types that the Kerberos protocol is allowed to use. If it isn't selected, the encryption type won't be allowed. This setting might affect compatibility with client computers or services and applications. Multiple selections are permitted.
|
||||
|
||||
For more information, see [article 977321](/troubleshoot/windows-server/windows-security/kdc-event-16-27-des-encryption-disabled) in the Microsoft Knowledge Base.
|
||||
For more information, see [KDC event ID 16 or 27 is logged if DES for Kerberos is disabled](/troubleshoot/windows-server/windows-security/kdc-event-16-27-des-encryption-disabled).
|
||||
|
||||
The following table lists and explains the allowed encryption types.
|
||||
|
||||
|
||||
| Encryption type | Description and version support |
|
||||
| - | - |
|
||||
| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10, Windows Server 2008 R2, and later operating systems don't support DES by default. |
|
||||
| DES_CBC_MD5| Data Encryption Standard with Cipher Block Chaining using the Message-Digest algorithm 5 checksum function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10, Windows Server 2008 R2, and later operating systems don't support DES by default. |
|
||||
| RC4_HMAC_MD5| Rivest Cipher 4 with Hashed Message Authentication Code using the Message-Digest algorithm 5 checksum function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 10, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2.|
|
||||
| AES128_HMAC_SHA1| Advanced Encryption Standard in 128-bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).<br/>Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003.<br>Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. |
|
||||
| AES256_HMAC_SHA1| Advanced Encryption Standard in 256-bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).<br/>Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003.<br>Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. |
|
||||
| DES_CBC_CRC | Data Encryption Standard with Cipher Block Chaining using the Cyclic Redundancy Check function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10, Windows 11, Windows Server 2008 R2, and later operating systems don't support DES by default. |
|
||||
| DES_CBC_MD5| Data Encryption Standard with Cipher Block Chaining using the Message-Digest algorithm 5 checksum function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. The Windows 7, Windows 10, Windows 11, Windows Server 2008 R2, and later operating systems don't support DES by default. |
|
||||
| RC4_HMAC_MD5| Rivest Cipher 4 with Hashed Message Authentication Code using the Message-Digest algorithm 5 checksum function<br/>Supported in Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 10, Windows 11, Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2.|
|
||||
| AES128_HMAC_SHA1| Advanced Encryption Standard in 128-bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).<br/>Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003.<br>Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10, Windows 11, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. |
|
||||
| AES256_HMAC_SHA1| Advanced Encryption Standard in 256-bit cipher block with Hashed Message Authentication Code using the Secure Hash Algorithm (1).<br/>Not supported in Windows 2000 Server, Windows XP, or Windows Server 2003.<br>Supported in Windows Vista, Windows Server 2008, Windows 7, Windows 10, Windows 11, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. |
|
||||
| Future encryption types| Reserved by Microsoft for other encryption types that might be implemented.|
|
||||
|
||||
### Possible values
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Do not store LAN Manager hash value on next password change
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network security: Do not store LAN Manager hash value on next password change** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Force logoff when logon hours expire
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Network security: Force logoff when logon hours expire** security policy setting.
|
||||
|
||||
@ -22,6 +22,7 @@ ms.technology: itpro-security
|
||||
# Network security: LAN Manager authentication level
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network security: LAN Manager authentication level** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: LDAP client signing requirements
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This security policy reference topic for the IT professional describes the best practices, location, values, policy management and security considerations for this policy setting. This information applies to computers running at least the Windows Server 2008 operating system.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network security: Minimum session security for NTLM SSP based (including secure RPC) clients** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Minimum session security for NTLM SSP based (including secure RPC) servers
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network security: Minimum session security for NTLM SSP based (including secure RPC) servers** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, management aspects, and security considerations for the **Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Restrict NTLM: Add server exceptions in this domain
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, management aspects, and security considerations for the **Network security: Restrict NTLM: Add server exceptions in this domain** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Restrict NTLM: Audit incoming NTLM traffic
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, management aspects, and security considerations for the **Network Security: Restrict NTLM: Audit incoming NTLM traffic** security policy setting.
|
||||
|
||||
@ -1,17 +1,12 @@
|
||||
---
|
||||
title: Network security Restrict NTLM Audit NTLM authentication in this domain (Windows 10)
|
||||
title: Network security Restrict NTLM Audit NTLM authentication in this domain
|
||||
description: Best practices, security considerations, and more for the security policy setting, Network Security Restrict NTLM Audit NTLM authentication in this domain.
|
||||
ms.assetid: 33183ef9-53b5-4258-8605-73dc46335e6e
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
manager: aaroncz
|
||||
audience: ITPro
|
||||
ms.topic: conceptual
|
||||
ms.date: 04/19/2017
|
||||
ms.technology: itpro-security
|
||||
@ -20,7 +15,7 @@ ms.technology: itpro-security
|
||||
# Network security: Restrict NTLM: Audit NTLM authentication in this domain
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server
|
||||
|
||||
Describes the best practices, location, values, management aspects, and security considerations for the **Network Security: Restrict NTLM: Audit NTLM authentication in this domain** security policy setting.
|
||||
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Restrict NTLM: Incoming NTLM traffic
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, management aspects, and security considerations for the **Network Security: Restrict NTLM: Incoming NTLM traffic** security policy setting.
|
||||
|
||||
@ -1,17 +1,12 @@
|
||||
---
|
||||
title: Network security Restrict NTLM in this domain (Windows 10)
|
||||
title: Network security Restrict NTLM in this domain
|
||||
description: Learn about best practices, security considerations and more for the security policy setting, Network Security Restrict NTLM NTLM authentication in this domain.
|
||||
ms.assetid: 4c7884e9-cc11-4402-96b6-89c77dc908f8
|
||||
ms.reviewer:
|
||||
ms.author: vinpa
|
||||
ms.prod: windows-client
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: vinaypamnani-msft
|
||||
manager: aaroncz
|
||||
audience: ITPro
|
||||
ms.topic: conceptual
|
||||
ms.technology: itpro-security
|
||||
ms.date: 12/31/2017
|
||||
@ -20,7 +15,7 @@ ms.date: 12/31/2017
|
||||
# Network security: Restrict NTLM: NTLM authentication in this domain
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows Server
|
||||
|
||||
Describes the best practices, location, values, management aspects, and security considerations for the **Network Security: Restrict NTLM: NTLM authentication in this domain** security policy setting.
|
||||
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, management aspects, and security considerations for the **Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Perform volume maintenance tasks
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Perform volume maintenance tasks** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Profile single process
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Profile single process** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Profile system performance
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This security policy reference topic for the IT professional describes the best practices, location, values, policy management, and security considerations for the **Profile system performance** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Recovery console: Allow automatic administrative logon
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Recovery console: Allow automatic administrative logon** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Recovery console: Allow floppy copy and access to all drives and folders
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Recovery console: Allow floppy copy and access to all drives and folders** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Remove computer from docking station - security policy setting
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Remove computer from docking station** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Replace a process level token
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Replace a process level token** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Restore files and directories - security policy setting
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Restore files and directories** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Shut down the system - security policy setting
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Shut down the system** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Shutdown: Allow system to be shut down without having to log on
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Shutdown: Allow system to be shut down without having to log on** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Shutdown: Clear virtual memory pagefile
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Shutdown: Clear virtual memory pagefile** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Synchronize directory service data
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Synchronize directory service data** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# System cryptography: Force strong key protection for user keys stored on the computer
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **System cryptography: Force strong key protection for user keys stored on the computer** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This security policy reference topic for the IT professional describes the best practices, location, values, policy management and security considerations for this policy setting.
|
||||
@ -121,4 +122,4 @@ uses the RDP protocol to communicate with servers that run Terminal Services and
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Security Options](security-options.md)
|
||||
- [Security Options](security-options.md)
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# System objects: Require case insensitivity for non-Windows subsystems
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **System objects: Require case insensitivity for non-Windows subsystems** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# System objects: Strengthen default permissions of internal system objects (for example, Symbolic Links)
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# System settings: Optional subsystems
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **System settings: Optional subsystems** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# System settings: Use certificate rules on Windows executables for Software Restriction Policies
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **System settings: Use certificate rules on Windows executables for Software Restriction Policies** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# Take ownership of files or other objects
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **Take ownership of files or other objects** security policy setting.
|
||||
|
||||
@ -19,9 +19,10 @@ ms.technology: itpro-security
|
||||
|
||||
# User Account Control: Admin Approval Mode for the Built-in Administrator account
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **User Account Control: Admin Approval Mode for the Built-in Administrator account** security policy setting.
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **User Account Control: Admin Approval Mode for the Built-in Administrator account** security policy setting.
|
||||
|
||||
## Reference
|
||||
|
||||
@ -92,4 +93,4 @@ Enable the **User Account Control: Admin Approval Mode for the Built-in Administ
|
||||
Users who sign in by using the local administrator account are prompted for consent whenever a program requests an elevation in privilege.
|
||||
## Related topics
|
||||
|
||||
- [Security Options](/windows/device-security/security-policy-settings/security-options)
|
||||
- [Security Options](/windows/device-security/security-policy-settings/security-options)
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, and security considerations for the **User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode** security policy setting.
|
||||
@ -113,4 +114,4 @@ Administrators should be made aware that they'll be prompted for consent when al
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Security Options](/windows/device-security/security-policy-settings/security-options)
|
||||
- [Security Options](/windows/device-security/security-policy-settings/security-options)
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# User Account Control: Behavior of the elevation prompt for standard users
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **User Account Control: Behavior of the elevation prompt for standard users** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# User Account Control: Detect application installations and prompt for elevation
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **User Account Control: Detect application installations and prompt for elevation** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# User Account Control: Only elevate executables that are signed and validated
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **User Account Control: Only elevate executables that are signed and validated** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# User Account Control: Only elevate UIAccess applications that are installed in secure locations
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management, and security considerations for the **User Account Control: Only elevate UIAccess applications that are installed in secure locations** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# User Account Control: Run all administrators in Admin Approval Mode
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This article describes the best practices, location, values, policy management and security considerations for the **User Account Control: Run all administrators in Admin Approval Mode** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# User Account Control: Switch to the secure desktop when prompting for elevation
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **User Account Control: Switch to the secure desktop when prompting for elevation** security policy setting.
|
||||
|
||||
@ -20,6 +20,7 @@ ms.technology: itpro-security
|
||||
# User Account Control: Virtualize file and registry write failures to per-user locations
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **User Account Control: Virtualize file and registry write failures to per-user locations** security policy setting.
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user