diff --git a/education/windows/get-minecraft-device-promotion.md b/education/windows/get-minecraft-device-promotion.md
new file mode 100644
index 0000000000..7f9fedb193
--- /dev/null
+++ b/education/windows/get-minecraft-device-promotion.md
@@ -0,0 +1,72 @@
+---
+title: Get Minecraft Education Edition with your Windows 10 device promotion
+description: Windows 10 device promotion for Minecraft Education Edition licenses
+keywords: school, Minecraft, education edition
+ms.prod: W10
+ms.mktglfcycl: plan
+ms.sitesec: library
+localizationpriority: high
+author: trudyha
+ms.author: trudyha
+ms.date: 06/29/2017
+---
+
+# Get Minecraft: Education Edition with Windows 10 device promotion
+
+**Applies to:**
+
+- Windows 10
+
+For qualifying customers, receive a one-year, single-user subscription for Minecraft: Education Edition for each Windows 10 device you purchase for your K-12 school. You’ll need your invoice or receipt, so be sure to keep track of that. For more information including terms of use, see [Minecraft: Education Edition promotion](https://info.microsoft.com/Minecraft-Education-Edition-Signup.html).
+
+## Requirements
+- Qualified Educational Users in K-12 education institutions
+- Windows 10 devices purchased from May 2, 2017 - January 31, 2018
+- Redeem Minecraft: Education Edition licenses from July 1, 2017 - March 17, 2018
+- Microsoft Store for Education admin must submit request for Minecraft: Education Edition licenses
+- Proof of device purchase is required (invoice required)
+
+Full details available at [Minecraft: Education Edition promotion](https://info.microsoft.com/Minecraft-Education-Edition-Signup.html).
+
+## Redeem Minecraft: Education Edition licenses
+Redeeming your licenses takes just a few steps:
+- Visit the device promotion page
+- Submit a device purchase statement
+- Provide proof of your device purchase
+
+After that, we’ll add the appropriate number of Minecraft: Education Edition licenses to your product inventory in **Microsoft Store for Education** as **Minecraft: Education Edition [subscription]**.
+
+**To redeem Minecraft: Education Edition licenses**
+1. Visit [Minecraft: Education Edition and Windows 10 device promotion](https://educationstore.microsoft.com/store/mee-device-promo?setflight=wsfb_devicepromo) in **Microsoft Store for Education**.
+
+ 
+
+2. Sign in to **Microsoft Store for Education** using a school account. If you don’t have one, we’ll help you set one up.
+-or-
+
+ If you're already signed in to Microsoft Store for Education, the device special offer is available on **Benefits**.
+ Click **Manage**, **Benefits**, and then click **Minecraft: Education Edition Device Promotion**.
+
+3. **On Minecraft Windows 10 device special offer**, click **Submit a device purchase**.
+
+ 
+
+4. Provide info for **Proof of Purchase**. Be sure to include a .pdf or .jpg of your invoice, and then click **Next**.
+
+ > [!NOTE]
+ > Your one-year subscription starts when you submit your proof-of-purchase info. Be sure to submit your request when you'll be using licenses in the classroom.
+
+ 
+
+5. Accept the **Promotion Terms of use**, and then click **Submit**.
+
+ Success look like this!
+
+ 
+
+6. Click **Actions** and then click **Manage** to go to the management page for **Minecraft: Education Edition** and distribute licenses.
+
+## Distribute Minecraft: Education Edition licenses
+Teachers or admins can distribute the licenses:
+- [Learn how teachers can distribute **Minecraft: Education Edition**](teacher-get-minecraft.md#distribute-minecraft)
+- [Learn how IT administrators can distribute **Minecraft: Education Edition**](school-get-minecraft.md#distribute-minecraft)
\ No newline at end of file
diff --git a/education/windows/images/get-mcee-promo.png b/education/windows/images/get-mcee-promo.png
new file mode 100644
index 0000000000..823631367d
Binary files /dev/null and b/education/windows/images/get-mcee-promo.png differ
diff --git a/education/windows/images/mcee-benefits.png b/education/windows/images/mcee-benefits.png
new file mode 100644
index 0000000000..96d0287718
Binary files /dev/null and b/education/windows/images/mcee-benefits.png differ
diff --git a/education/windows/images/msfe-device-promo-success.png b/education/windows/images/msfe-device-promo-success.png
new file mode 100644
index 0000000000..590a488c11
Binary files /dev/null and b/education/windows/images/msfe-device-promo-success.png differ
diff --git a/education/windows/images/proof-of-purchase.png b/education/windows/images/proof-of-purchase.png
new file mode 100644
index 0000000000..dd78d6329d
Binary files /dev/null and b/education/windows/images/proof-of-purchase.png differ
diff --git a/windows/client-management/mdm/configuration-service-provider-reference.md b/windows/client-management/mdm/configuration-service-provider-reference.md
index 92227beb06..f5bba14384 100644
--- a/windows/client-management/mdm/configuration-service-provider-reference.md
+++ b/windows/client-management/mdm/configuration-service-provider-reference.md
@@ -2305,6 +2305,37 @@ Footnotes:
+
+
+[WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)
+
+
+
+
+ | Home |
+ Pro |
+ Business |
+ Enterprise |
+ Education |
+ Mobile |
+ Mobile Enterprise |
+
+
+  |
+  3 |
+ 3 |
+ 3 |
+ 3 |
+ |
+ |
+
+
+
+
+
+
+
+
[WindowsLicensing CSP](windowslicensing-csp.md)
diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md
index 1d12982cbe..ec16e08ca7 100644
--- a/windows/client-management/mdm/policy-ddf-file.md
+++ b/windows/client-management/mdm/policy-ddf-file.md
@@ -7,11 +7,14 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
-ms.date: 06/19/2017
+ms.date: 06/30/2017
---
# Policy DDF file
+> [!WARNING]
+> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
This topic shows the OMA DM device description framework (DDF) for the **Policy** configuration service provider. DDF files are used only with OMA DM provisioning XML.
You can download the DDF files from the links below:
@@ -20,7 +23,7 @@ You can download the DDF files from the links below:
- [Download the Policy DDF file for Windows 10, version 1607](http://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607.xml)
- [Download all the DDF files for Windows 10, version 1607](http://download.microsoft.com/download/2/3/E/23E27D6B-6E23-4833-B143-915EDA3BDD44/Windows10_1607_DDF.zip)
-The XML below is the DDF for Windows 10, version 1703.
+The XML below is the DDF for Windows 10, version 1709.
``` syntax
@@ -442,6 +445,100 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ Education
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ AllowUserPrinterInstallation
+
+
+
+
+
+
+
+ Boolean that specifies whether or not to allow user to install new printers
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DefaultPrinterName
+
+
+
+
+
+
+
+ This policy sets user's default printer
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PrinterNames
+
+
+
+
+
+
+
+ This policy provisions per-user network printers
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
EnterpriseCloudPrint
@@ -891,6 +988,78 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ AllowAutoComplete
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowCertificateAddressMismatchWarning
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowDeletingBrowsingHistoryOnExit
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
AllowEnhancedProtectedMode
@@ -1251,6 +1420,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ AllowSoftwareWhenSignatureIsInvalid
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
AllowsRestrictedSitesZoneTemplate
@@ -1323,6 +1516,78 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ CheckServerCertificateRevocation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ CheckSignaturesOnDownloadedPrograms
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ConsistentMimeHandlingInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableAdobeFlash
@@ -1347,6 +1612,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ DisableBlockingOfOutdatedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableBypassOfSmartScreenWarnings
@@ -1395,6 +1684,54 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ DisableConfiguringHistory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableCrashDetection
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableCustomerExperienceImprovementProgramParticipation
@@ -1419,6 +1756,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ DisableDeletingUserVisitedWebsites
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableEnclosureDownloading
@@ -1539,6 +1900,78 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ DisableIgnoringCertificateErrors
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableInPrivateBrowsing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableProcessesInEnhancedProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableProxyChange
@@ -1611,6 +2044,54 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ DisableSecuritySettingsCheck
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DoNotAllowActiveXControlsInProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DoNotBlockOutdatedActiveXControls
@@ -1779,6 +2260,54 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ InternetZoneAllowCopyPasteViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneAllowDragAndDropCopyAndPasteFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneAllowFontDownloads
@@ -1827,6 +2356,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ InternetZoneAllowLoadingOfXAMLFilesWRONG
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneAllowNETFrameworkReliantComponents
@@ -1851,6 +2404,102 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ InternetZoneAllowOnlyApprovedDomainsToUseActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneAllowScriptingOfInternetExplorerWebBrowserControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneAllowScriptInitiatedWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneAllowScriptlets
@@ -1899,6 +2548,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ InternetZoneAllowUpdatesToStatusBarViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneAllowUserDataPersistence
@@ -1923,6 +2596,246 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ InternetZoneDoNotRunAntimalwareAgainstActiveXControlsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneDoNotRunAntimalwareAgainstActiveXControlsWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneDownloadSignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneDownloadUnsignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableCrossSiteScriptingFilter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableMIMESniffing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneIncludeLocalPathWhenUploadingFilesToServer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneInitializeAndScriptActiveXControls
@@ -1947,6 +2860,126 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ InternetZoneInitializeAndScriptActiveXControlsNotMarkedSafe
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneJavaPermissionsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneJavaPermissionsWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneLaunchingApplicationsAndFilesInIFRAME
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneLogonOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneNavigateWindowsAndFrames
@@ -1971,6 +3004,126 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ InternetZoneRunNETFrameworkReliantComponentsNotSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneShowSecurityWarningForPotentiallyUnsafeFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneUsePopupBlocker
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneWebsitesInLessPrivilegedZonesCanNavigateIntoThisZone
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
IntranetZoneAllowAccessToDataSources
@@ -2451,6 +3604,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ LocalMachineZoneDoNotRunAntimalwareAgainstActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LocalMachineZoneInitializeAndScriptActiveXControls
@@ -2475,6 +3652,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ LocalMachineZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LocalMachineZoneNavigateWindowsAndFrames
@@ -2739,6 +3940,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ LockedDownInternetZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LockedDownInternetZoneNavigateWindowsAndFrames
@@ -3267,6 +4492,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ LockedDownLocalMachineZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LockedDownLocalMachineZoneNavigateWindowsAndFrames
@@ -3531,6 +4780,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ LockedDownRestrictedSitesZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LockedDownRestrictedSitesZoneNavigateWindowsAndFrames
@@ -3795,6 +5068,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ LockedDownTrustedSitesZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LockedDownTrustedSitesZoneNavigateWindowsAndFrames
@@ -3819,6 +5116,198 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ MimeSniffingSafetyFeatureInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ MKProtocolSecurityRestrictionInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ NotificationBarInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PreventManagingSmartScreenFilter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PreventPerUserInstallationOfActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ProtectionFromZoneElevationInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RemoveRunThisTimeButtonForOutdatedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictActiveXInstallInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowAccessToDataSources
@@ -3843,6 +5332,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ RestrictedSitesZoneAllowActiveScripting
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
@@ -3892,7 +5405,127 @@ The XML below is the DDF for Windows 10, version 1703.
- RestrictedSitesZoneAllowFontDownloads
+ RestrictedSitesZoneAllowBinaryAndScriptBehaviors
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowCopyPasteViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowDragAndDropCopyAndPasteFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowFileDownloads
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowFontDownloadsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowFontDownloadsWRONG2
@@ -3939,6 +5572,54 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ RestrictedSitesZoneAllowLoadingOfXAMLFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowMETAREFRESH
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowNETFrameworkReliantComponents
@@ -3963,6 +5644,102 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ RestrictedSitesZoneAllowOnlyApprovedDomainsToUseActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowScriptingOfInternetExplorerWebBrowserControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowScriptInitiatedWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowScriptlets
@@ -4011,6 +5788,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ RestrictedSitesZoneAllowUpdatesToStatusBarViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowUserDataPersistence
@@ -4035,6 +5836,174 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ RestrictedSitesZoneDoNotRunAntimalwareAgainstActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneDownloadSignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneDownloadUnsignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneEnableMIMESniffing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneIncludeLocalPathWhenUploadingFilesToServer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneInitializeAndScriptActiveXControls
@@ -4059,6 +6028,78 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ RestrictedSitesZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneLaunchingApplicationsAndFilesInIFRAME
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneLogonOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneNavigateWindowsAndFrames
@@ -4083,6 +6124,270 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ RestrictedSitesZoneNavigateWindowsAndFramesAcrossDomains
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneRunActiveXControlsAndPlugins
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneScriptActiveXControlsMarkedSafeForScripting
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG4
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG5
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictFileDownloadInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScriptedWindowSecurityRestrictionsInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
SearchProviderList
@@ -4107,6 +6412,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ SpecifyUseOfActiveXInstallerService
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
TrustedSitesZoneAllowAccessToDataSources
@@ -4347,6 +6676,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ TrustedSitesZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
TrustedSitesZoneNavigateWindowsAndFrames
@@ -4371,6 +6724,54 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ TrustedSitesZoneWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ TrustedSitesZoneWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
Notifications
@@ -4642,10 +7043,10 @@ The XML below is the DDF for Windows 10, version 1703.
- RequirePrivateStoreOnly
-
+ RequirePrivateStoreOnly
+
-
+
0
@@ -4653,15 +7054,15 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -4684,10 +7085,10 @@ The XML below is the DDF for Windows 10, version 1703.
- DoNotPreserveZoneInformation
-
+ DoNotPreserveZoneInformation
+
-
+
@@ -4695,25 +7096,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
AttachmentManager.admx
AttachmentManager~AT~WindowsComponents~AM_AM
AM_MarkZoneOnSavedAtttachments
-
+
- HideZoneInfoMechanism
-
+ HideZoneInfoMechanism
+
-
+
@@ -4721,25 +7122,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
AttachmentManager.admx
AttachmentManager~AT~WindowsComponents~AM_AM
AM_RemoveZoneInfo
-
+
- NotifyAntivirusPrograms
-
+ NotifyAntivirusPrograms
+
-
+
@@ -4747,19 +7148,19 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
AttachmentManager.admx
AttachmentManager~AT~WindowsComponents~AM_AM
AM_CallIOfficeAntiVirus
-
+
@@ -4782,10 +7183,10 @@ The XML below is the DDF for Windows 10, version 1703.
- AllowEAPCertSSO
-
+ AllowEAPCertSSO
+
-
+
0
@@ -4793,15 +7194,15 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -4824,10 +7225,10 @@ The XML below is the DDF for Windows 10, version 1703.
- DisallowAutoplayForNonVolumeDevices
-
+ DisallowAutoplayForNonVolumeDevices
+
-
+
@@ -4835,25 +7236,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
AutoPlay.admx
AutoPlay~AT~WindowsComponents~AutoPlay
NoAutoplayfornonVolume
-
+
- SetDefaultAutoRunBehavior
-
+ SetDefaultAutoRunBehavior
+
-
+
@@ -4861,25 +7262,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
AutoPlay.admx
AutoPlay~AT~WindowsComponents~AutoPlay
NoAutorun
-
+
- TurnOffAutoPlay
-
+ TurnOffAutoPlay
+
-
+
@@ -4887,19 +7288,19 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
AutoPlay.admx
AutoPlay~AT~WindowsComponents~AutoPlay
Autorun
-
+
@@ -4922,10 +7323,10 @@ The XML below is the DDF for Windows 10, version 1703.
- DisablePasswordReveal
-
+ DisablePasswordReveal
+
-
+
@@ -4933,19 +7334,19 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
credui.admx
CredUI~AT~WindowsComponents~CredUI
DisablePasswordReveal
-
+
@@ -4968,10 +7369,10 @@ The XML below is the DDF for Windows 10, version 1703.
- PreventUserRedirectionOfProfileFolders
-
+ PreventUserRedirectionOfProfileFolders
+
-
+
@@ -4979,19 +7380,105 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
desktop.admx
desktop~AT~Desktop
DisablePersonalDirChange
-
+
+
+
+
+ Education
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ AllowUserPrinterInstallation
+
+
+
+
+ Boolean that specifies whether or not to allow user to install new printers
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DefaultPrinterName
+
+
+
+
+ This policy sets user's default printer
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PrinterNames
+
+
+
+
+ This policy provisions per-user network printers
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
@@ -5014,10 +7501,10 @@ The XML below is the DDF for Windows 10, version 1703.
- CloudPrinterDiscoveryEndPoint
-
+ CloudPrinterDiscoveryEndPoint
+
-
+
This policy provisions per-user discovery end point to discover cloud printers
@@ -5025,21 +7512,21 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
- CloudPrintOAuthAuthority
-
+ CloudPrintOAuthAuthority
+
-
+
Authentication endpoint for acquiring OAuth tokens
@@ -5047,21 +7534,21 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
- CloudPrintOAuthClientId
-
+ CloudPrintOAuthClientId
+
-
+
A GUID identifying the client application authorized to retrieve OAuth tokens from the OAuthAuthority
E1CF1107-FF90-4228-93BF-26052DD2C714
@@ -5069,21 +7556,21 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
- CloudPrintResourceId
-
+ CloudPrintResourceId
+
-
+
Resource URI for which access is being requested by the Enterprise Cloud Print client during OAuth authentication
@@ -5091,21 +7578,21 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
- DiscoveryMaxPrinterLimit
-
+ DiscoveryMaxPrinterLimit
+
-
+
Defines the maximum number of printers that should be queried from discovery end point
20
@@ -5113,21 +7600,21 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
- MopriaDiscoveryResourceId
-
+ MopriaDiscoveryResourceId
+
-
+
Resource URI for which access is being requested by the Mopria discovery client during OAuth authentication
@@ -5135,15 +7622,15 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -5166,10 +7653,10 @@ The XML below is the DDF for Windows 10, version 1703.
- AllowTailoredExperiencesWithDiagnosticData
-
+ AllowTailoredExperiencesWithDiagnosticData
+
-
+
1
@@ -5177,21 +7664,21 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowThirdPartySuggestionsInWindowsSpotlight
-
+ AllowThirdPartySuggestionsInWindowsSpotlight
+
-
+
1
@@ -5199,22 +7686,22 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowWindowsConsumerFeatures
-
+ AllowWindowsConsumerFeatures
+
-
+
0
@@ -5222,22 +7709,22 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowWindowsSpotlight
-
+ AllowWindowsSpotlight
+
-
+
1
@@ -5245,22 +7732,22 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowWindowsSpotlightOnActionCenter
-
+ AllowWindowsSpotlightOnActionCenter
+
-
+
1
@@ -5268,21 +7755,21 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowWindowsSpotlightWindowsWelcomeExperience
-
+ AllowWindowsSpotlightWindowsWelcomeExperience
+
-
+
1
@@ -5290,21 +7777,21 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
- ConfigureWindowsSpotlightOnLockScreen
-
+ ConfigureWindowsSpotlightOnLockScreen
+
-
+
1
@@ -5312,16 +7799,16 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -5344,10 +7831,10 @@ The XML below is the DDF for Windows 10, version 1703.
- AddSearchProvider
-
+ AddSearchProvider
+
-
+
@@ -5355,25 +7842,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
AddSearchProvider
-
+
- AllowActiveXFiltering
-
+ AllowActiveXFiltering
+
-
+
@@ -5381,25 +7868,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
TurnOnActiveXFiltering
-
+
- AllowAddOnList
-
+ AllowAddOnList
+
-
+
@@ -5407,25 +7894,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
AddonManagement_AddOnList
-
+
- AllowEnhancedProtectedMode
-
+ AllowAutoComplete
+
-
+
@@ -5433,25 +7920,103 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ RestrictFormSuggestPW
+
+
+
+ AllowCertificateAddressMismatchWarning
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
+ IZ_PolicyWarnCertMismatch
+
+
+
+ AllowDeletingBrowsingHistoryOnExit
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~DeleteBrowsingHistory
+ DBHDisableDeleteOnExit
+
+
+
+ AllowEnhancedProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
Advanced_EnableEnhancedProtectedMode
-
+
- AllowEnterpriseModeFromToolsMenu
-
+ AllowEnterpriseModeFromToolsMenu
+
-
+
@@ -5459,25 +8024,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
EnterpriseModeEnable
-
+
- AllowEnterpriseModeSiteList
-
+ AllowEnterpriseModeSiteList
+
-
+
@@ -5485,25 +8050,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
EnterpriseModeSiteList
-
+
- AllowInternetExplorer7PolicyList
-
+ AllowInternetExplorer7PolicyList
+
-
+
@@ -5511,25 +8076,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~CategoryCompatView
CompatView_UsePolicyList
-
+
- AllowInternetExplorerStandardsMode
-
+ AllowInternetExplorerStandardsMode
+
-
+
@@ -5537,25 +8102,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~CategoryCompatView
CompatView_IntranetSites
-
+
- AllowInternetZoneTemplate
-
+ AllowInternetZoneTemplate
+
-
+
@@ -5563,25 +8128,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyInternetZoneTemplate
-
+
- AllowIntranetZoneTemplate
-
+ AllowIntranetZoneTemplate
+
-
+
@@ -5589,25 +8154,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyIntranetZoneTemplate
-
+
- AllowLocalMachineZoneTemplate
-
+ AllowLocalMachineZoneTemplate
+
-
+
@@ -5615,25 +8180,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyLocalMachineZoneTemplate
-
+
- AllowLockedDownInternetZoneTemplate
-
+ AllowLockedDownInternetZoneTemplate
+
-
+
@@ -5641,25 +8206,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyInternetZoneLockdownTemplate
-
+
- AllowLockedDownIntranetZoneTemplate
-
+ AllowLockedDownIntranetZoneTemplate
+
-
+
@@ -5667,25 +8232,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyIntranetZoneLockdownTemplate
-
+
- AllowLockedDownLocalMachineZoneTemplate
-
+ AllowLockedDownLocalMachineZoneTemplate
+
-
+
@@ -5693,25 +8258,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyLocalMachineZoneLockdownTemplate
-
+
- AllowLockedDownRestrictedSitesZoneTemplate
-
+ AllowLockedDownRestrictedSitesZoneTemplate
+
-
+
@@ -5719,25 +8284,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyRestrictedSitesZoneLockdownTemplate
-
+
- AllowOneWordEntry
-
+ AllowOneWordEntry
+
-
+
@@ -5745,25 +8310,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetSettings~Advanced~Browsing
UseIntranetSiteForOneWordEntry
-
+
- AllowSiteToZoneAssignmentList
-
+ AllowSiteToZoneAssignmentList
+
-
+
@@ -5771,25 +8336,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_Zonemaps
-
+
- AllowsLockedDownTrustedSitesZoneTemplate
-
+ AllowsLockedDownTrustedSitesZoneTemplate
+
-
+
@@ -5797,25 +8362,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyTrustedSitesZoneLockdownTemplate
-
+
- AllowsRestrictedSitesZoneTemplate
-
+ AllowSoftwareWhenSignatureIsInvalid
+
-
+
@@ -5823,25 +8388,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_InvalidSignatureBlock
+
+
+
+ AllowsRestrictedSitesZoneTemplate
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyRestrictedSitesZoneTemplate
-
+
- AllowSuggestedSites
-
+ AllowSuggestedSites
+
-
+
@@ -5849,25 +8440,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
EnableSuggestedSites
-
+
- AllowTrustedSitesZoneTemplate
-
+ AllowTrustedSitesZoneTemplate
+
-
+
@@ -5875,25 +8466,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyTrustedSitesZoneTemplate
-
+
- DisableAdobeFlash
-
+ CheckServerCertificateRevocation
+
-
+
@@ -5901,25 +8492,103 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_CertificateRevocation
+
+
+
+ CheckSignaturesOnDownloadedPrograms
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_DownloadSignatures
+
+
+
+ ConsistentMimeHandlingInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryBinaryBehaviorSecurityRestriction
+ IESF_PolicyExplorerProcesses_2
+
+
+
+ DisableAdobeFlash
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
DisableFlashInIE
-
+
- DisableBypassOfSmartScreenWarnings
-
+ DisableBlockingOfOutdatedActiveXControls
+
-
+
@@ -5927,311 +8596,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- DisableSafetyFilterOverride
-
-
-
- DisableBypassOfSmartScreenWarningsAboutUncommonFiles
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- DisableSafetyFilterOverrideForAppRepUnknown
-
-
-
- DisableCustomerExperienceImprovementProgramParticipation
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- SQM_DisableCEIP
-
-
-
- DisableEnclosureDownloading
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~RSS_Feeds
- Disable_Downloading_of_Enclosures
-
-
-
- DisableEncryptionSupport
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
- Advanced_SetWinInetProtocols
-
-
-
- DisableFirstRunWizard
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- NoFirstRunCustomise
-
-
-
- DisableFlipAheadFeature
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
- Advanced_DisableFlipAhead
-
-
-
- DisableHomePageChange
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- RestrictHomePage
-
-
-
- DisableProxyChange
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- RestrictProxy
-
-
-
- DisableSearchProviderChange
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- NoSearchProvider
-
-
-
- DisableSecondaryHomePageChange
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- SecondaryHomePages
-
-
-
- DoNotBlockOutdatedActiveXControls
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
VerMgmtDisable
-
+
- DoNotBlockOutdatedActiveXControlsOnSpecificDomains
-
+ DisableBypassOfSmartScreenWarnings
+
-
+
@@ -6239,25 +8622,545 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ DisableSafetyFilterOverride
+
+
+
+ DisableBypassOfSmartScreenWarningsAboutUncommonFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ DisableSafetyFilterOverrideForAppRepUnknown
+
+
+
+ DisableConfiguringHistory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~DeleteBrowsingHistory
+ RestrictHistory
+
+
+
+ DisableCrashDetection
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ AddonManagement_RestrictCrashDetection
+
+
+
+ DisableCustomerExperienceImprovementProgramParticipation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ SQM_DisableCEIP
+
+
+
+ DisableDeletingUserVisitedWebsites
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~DeleteBrowsingHistory
+ DBHDisableDeleteHistory
+
+
+
+ DisableEnclosureDownloading
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~RSS_Feeds
+ Disable_Downloading_of_Enclosures
+
+
+
+ DisableEncryptionSupport
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_SetWinInetProtocols
+
+
+
+ DisableFirstRunWizard
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ NoFirstRunCustomise
+
+
+
+ DisableFlipAheadFeature
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_DisableFlipAhead
+
+
+
+ DisableHomePageChange
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ RestrictHomePage
+
+
+
+ DisableIgnoringCertificateErrors
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL
+ NoCertError
+
+
+
+ DisableInPrivateBrowsing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~CategoryPrivacy
+ DisableInPrivateBrowsing
+
+
+
+ DisableProcessesInEnhancedProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_EnableEnhancedProtectedMode64Bit
+
+
+
+ DisableProxyChange
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ RestrictProxy
+
+
+
+ DisableSearchProviderChange
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ NoSearchProvider
+
+
+
+ DisableSecondaryHomePageChange
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ SecondaryHomePages
+
+
+
+ DisableSecuritySettingsCheck
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ Disable_Security_Settings_Check
+
+
+
+ DoNotAllowActiveXControlsInProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_DisableEPMCompat
+
+
+
+ DoNotBlockOutdatedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
+ VerMgmtDisable
+
+
+
+ DoNotBlockOutdatedActiveXControlsOnSpecificDomains
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
VerMgmtDomainAllowlist
-
+
- IncludeAllLocalSites
-
+ IncludeAllLocalSites
+
-
+
@@ -6265,25 +9168,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_IncludeUnspecifiedLocalSites
-
+
- IncludeAllNetworkPaths
-
+ IncludeAllNetworkPaths
+
-
+
@@ -6291,25 +9194,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_UNCAsIntranet
-
+
- InternetZoneAllowAccessToDataSources
-
+ InternetZoneAllowAccessToDataSources
+
-
+
@@ -6317,25 +9220,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyAccessDataSourcesAcrossDomains_1
-
+
- InternetZoneAllowAutomaticPromptingForActiveXControls
-
+ InternetZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -6343,25 +9246,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyNotificationBarActiveXURLaction_1
-
+
- InternetZoneAllowAutomaticPromptingForFileDownloads
-
+ InternetZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -6369,25 +9272,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyNotificationBarDownloadURLaction_1
-
+
- InternetZoneAllowFontDownloads
-
+ InternetZoneAllowCopyPasteViaScript
+
-
+
@@ -6395,25 +9298,77 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyAllowPasteViaScript_1
+
+
+
+ InternetZoneAllowDragAndDropCopyAndPasteFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDropOrPasteFiles_1
+
+
+
+ InternetZoneAllowFontDownloads
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyFontDownload_1
-
+
- InternetZoneAllowLessPrivilegedSites
-
+ InternetZoneAllowLessPrivilegedSites
+
-
+
@@ -6421,25 +9376,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyZoneElevationURLaction_1
-
+
- InternetZoneAllowNETFrameworkReliantComponents
-
+ InternetZoneAllowLoadingOfXAMLFilesWRONG
+
-
+
@@ -6447,25 +9402,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_XAML_1
+
+
+
+ InternetZoneAllowNETFrameworkReliantComponents
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_1
-
+
- InternetZoneAllowScriptlets
-
+ InternetZoneAllowOnlyApprovedDomainsToUseActiveXControls
+
-
+
@@ -6473,25 +9454,129 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
+ IZ_PolicyOnlyAllowApprovedDomainsToUseActiveXWithoutPrompt_Both_Intranet
+
+
+
+ InternetZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
+ IZ_PolicyAllowTDCControl_Both_LocalMachine
+
+
+
+ InternetZoneAllowScriptingOfInternetExplorerWebBrowserControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_WebBrowserControl_1
+
+
+
+ InternetZoneAllowScriptInitiatedWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
+ IZ_PolicyWindowsRestrictionsURLaction_6
+
+
+
+ InternetZoneAllowScriptlets
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_Policy_AllowScriptlets_1
-
+
- InternetZoneAllowSmartScreenIE
-
+ InternetZoneAllowSmartScreenIE
+
-
+
@@ -6499,25 +9584,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_Policy_Phishing_1
-
+
- InternetZoneAllowUserDataPersistence
-
+ InternetZoneAllowUpdatesToStatusBarViaScript
+
-
+
@@ -6525,25 +9610,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_ScriptStatusBar_1
+
+
+
+ InternetZoneAllowUserDataPersistence
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyUserdataPersistence_1
-
+
- InternetZoneInitializeAndScriptActiveXControls
-
+ InternetZoneDoNotRunAntimalwareAgainstActiveXControlsWRONG1
+
-
+
@@ -6551,25 +9662,285 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_1
+
+
+
+ InternetZoneDoNotRunAntimalwareAgainstActiveXControlsWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_3
+
+
+
+ InternetZoneDownloadSignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
+ IZ_PolicyDownloadSignedActiveX_3
+
+
+
+ InternetZoneDownloadUnsignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDownloadUnsignedActiveX_1
+
+
+
+ InternetZoneEnableCrossSiteScriptingFilter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
+ IZ_PolicyTurnOnXSSFilter_Both_LocalMachine
+
+
+
+ InternetZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDragDropAcrossDomainsAcrossWindows_Both_Internet
+
+
+
+ InternetZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDragDropAcrossDomainsWithinWindow_Both_Internet
+
+
+
+ InternetZoneEnableMIMESniffing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyMimeSniffingURLaction_1
+
+
+
+ InternetZoneEnableProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
+ IZ_Policy_TurnOnProtectedMode_2
+
+
+
+ InternetZoneIncludeLocalPathWhenUploadingFilesToServer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_LocalPathForUpload_1
+
+
+
+ InternetZoneInitializeAndScriptActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyScriptActiveXNotMarkedSafe_1
-
+
- InternetZoneNavigateWindowsAndFrames
-
+ InternetZoneInitializeAndScriptActiveXControlsNotMarkedSafe
+
-
+
@@ -6577,25 +9948,155 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyScriptActiveXNotMarkedSafe_1
+
+
+
+ InternetZoneJavaPermissionsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyJavaPermissions_1
+
+
+
+ InternetZoneJavaPermissionsWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
+ IZ_PolicyJavaPermissions_3
+
+
+
+ InternetZoneLaunchingApplicationsAndFilesInIFRAME
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyLaunchAppsAndFilesInIFRAME_1
+
+
+
+ InternetZoneLogonOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyLogon_1
+
+
+
+ InternetZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyNavigateSubframesAcrossDomains_1
-
+
- IntranetZoneAllowAccessToDataSources
-
+ InternetZoneRunNETFrameworkReliantComponentsNotSignedWithAuthenticode
+
-
+
@@ -6603,25 +10104,155 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyUnsignedFrameworkComponentsURLaction_1
+
+
+
+ InternetZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicySignedFrameworkComponentsURLaction_1
+
+
+
+ InternetZoneShowSecurityWarningForPotentiallyUnsafeFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_UnsafeFiles_1
+
+
+
+ InternetZoneUsePopupBlocker
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyBlockPopupWindows_1
+
+
+
+ InternetZoneWebsitesInLessPrivilegedZonesCanNavigateIntoThisZone
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyZoneElevationURLaction_1
+
+
+
+ IntranetZoneAllowAccessToDataSources
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyAccessDataSourcesAcrossDomains_3
-
+
- IntranetZoneAllowAutomaticPromptingForActiveXControls
-
+ IntranetZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -6629,25 +10260,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyNotificationBarActiveXURLaction_3
-
+
- IntranetZoneAllowAutomaticPromptingForFileDownloads
-
+ IntranetZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -6655,25 +10286,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyNotificationBarDownloadURLaction_3
-
+
- IntranetZoneAllowFontDownloads
-
+ IntranetZoneAllowFontDownloads
+
-
+
@@ -6681,25 +10312,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyFontDownload_3
-
+
- IntranetZoneAllowLessPrivilegedSites
-
+ IntranetZoneAllowLessPrivilegedSites
+
-
+
@@ -6707,25 +10338,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyZoneElevationURLaction_3
-
+
- IntranetZoneAllowNETFrameworkReliantComponents
-
+ IntranetZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -6733,25 +10364,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_3
-
+
- IntranetZoneAllowScriptlets
-
+ IntranetZoneAllowScriptlets
+
-
+
@@ -6759,25 +10390,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_Policy_AllowScriptlets_3
-
+
- IntranetZoneAllowSmartScreenIE
-
+ IntranetZoneAllowSmartScreenIE
+
-
+
@@ -6785,25 +10416,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_Policy_Phishing_3
-
+
- IntranetZoneAllowUserDataPersistence
-
+ IntranetZoneAllowUserDataPersistence
+
-
+
@@ -6811,25 +10442,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyUserdataPersistence_3
-
+
- IntranetZoneInitializeAndScriptActiveXControls
-
+ IntranetZoneInitializeAndScriptActiveXControls
+
-
+
@@ -6837,25 +10468,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyScriptActiveXNotMarkedSafe_3
-
+
- IntranetZoneNavigateWindowsAndFrames
-
+ IntranetZoneNavigateWindowsAndFrames
+
-
+
@@ -6863,25 +10494,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyNavigateSubframesAcrossDomains_3
-
+
- LocalMachineZoneAllowAccessToDataSources
-
+ LocalMachineZoneAllowAccessToDataSources
+
-
+
@@ -6889,25 +10520,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyAccessDataSourcesAcrossDomains_9
-
+
- LocalMachineZoneAllowAutomaticPromptingForActiveXControls
-
+ LocalMachineZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -6915,25 +10546,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyNotificationBarActiveXURLaction_9
-
+
- LocalMachineZoneAllowAutomaticPromptingForFileDownloads
-
+ LocalMachineZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -6941,25 +10572,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyNotificationBarDownloadURLaction_9
-
+
- LocalMachineZoneAllowFontDownloads
-
+ LocalMachineZoneAllowFontDownloads
+
-
+
@@ -6967,25 +10598,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyFontDownload_9
-
+
- LocalMachineZoneAllowLessPrivilegedSites
-
+ LocalMachineZoneAllowLessPrivilegedSites
+
-
+
@@ -6993,25 +10624,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyZoneElevationURLaction_9
-
+
- LocalMachineZoneAllowNETFrameworkReliantComponents
-
+ LocalMachineZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -7019,25 +10650,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_9
-
+
- LocalMachineZoneAllowScriptlets
-
+ LocalMachineZoneAllowScriptlets
+
-
+
@@ -7045,25 +10676,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_Policy_AllowScriptlets_9
-
+
- LocalMachineZoneAllowSmartScreenIE
-
+ LocalMachineZoneAllowSmartScreenIE
+
-
+
@@ -7071,25 +10702,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_Policy_Phishing_9
-
+
- LocalMachineZoneAllowUserDataPersistence
-
+ LocalMachineZoneAllowUserDataPersistence
+
-
+
@@ -7097,25 +10728,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyUserdataPersistence_9
-
+
- LocalMachineZoneInitializeAndScriptActiveXControls
-
+ LocalMachineZoneDoNotRunAntimalwareAgainstActiveXControls
+
-
+
@@ -7123,25 +10754,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone~IZ_LocalMachineZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_9
+
+
+
+ LocalMachineZoneInitializeAndScriptActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyScriptActiveXNotMarkedSafe_9
-
+
- LocalMachineZoneNavigateWindowsAndFrames
-
+ LocalMachineZoneJavaPermissions
+
-
+
@@ -7149,25 +10806,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
+ IZ_PolicyJavaPermissions_9
+
+
+
+ LocalMachineZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyNavigateSubframesAcrossDomains_9
-
+
- LockedDownInternetZoneAllowAccessToDataSources
-
+ LockedDownInternetZoneAllowAccessToDataSources
+
-
+
@@ -7175,25 +10858,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_2
-
+
- LockedDownInternetZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownInternetZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -7201,25 +10884,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_2
-
+
- LockedDownInternetZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownInternetZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -7227,25 +10910,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_2
-
+
- LockedDownInternetZoneAllowFontDownloads
-
+ LockedDownInternetZoneAllowFontDownloads
+
-
+
@@ -7253,25 +10936,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyFontDownload_2
-
+
- LockedDownInternetZoneAllowLessPrivilegedSites
-
+ LockedDownInternetZoneAllowLessPrivilegedSites
+
-
+
@@ -7279,25 +10962,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyZoneElevationURLaction_2
-
+
- LockedDownInternetZoneAllowNETFrameworkReliantComponents
-
+ LockedDownInternetZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -7305,25 +10988,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_2
-
+
- LockedDownInternetZoneAllowScriptlets
-
+ LockedDownInternetZoneAllowScriptlets
+
-
+
@@ -7331,25 +11014,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_Policy_AllowScriptlets_2
-
+
- LockedDownInternetZoneAllowSmartScreenIE
-
+ LockedDownInternetZoneAllowSmartScreenIE
+
-
+
@@ -7357,25 +11040,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_Policy_Phishing_2
-
+
- LockedDownInternetZoneAllowUserDataPersistence
-
+ LockedDownInternetZoneAllowUserDataPersistence
+
-
+
@@ -7383,25 +11066,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyUserdataPersistence_2
-
+
- LockedDownInternetZoneInitializeAndScriptActiveXControls
-
+ LockedDownInternetZoneInitializeAndScriptActiveXControls
+
-
+
@@ -7409,25 +11092,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_2
-
+
- LockedDownInternetZoneNavigateWindowsAndFrames
-
+ LockedDownInternetZoneJavaPermissions
+
-
+
@@ -7435,25 +11118,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
+ IZ_PolicyJavaPermissions_2
+
+
+
+ LockedDownInternetZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_2
-
+
- LockedDownIntranetZoneAllowAccessToDataSources
-
+ LockedDownIntranetZoneAllowAccessToDataSources
+
-
+
@@ -7461,25 +11170,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_4
-
+
- LockedDownIntranetZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownIntranetZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -7487,25 +11196,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_4
-
+
- LockedDownIntranetZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownIntranetZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -7513,25 +11222,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_4
-
+
- LockedDownIntranetZoneAllowFontDownloads
-
+ LockedDownIntranetZoneAllowFontDownloads
+
-
+
@@ -7539,25 +11248,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyFontDownload_4
-
+
- LockedDownIntranetZoneAllowLessPrivilegedSites
-
+ LockedDownIntranetZoneAllowLessPrivilegedSites
+
-
+
@@ -7565,25 +11274,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyZoneElevationURLaction_4
-
+
- LockedDownIntranetZoneAllowNETFrameworkReliantComponents
-
+ LockedDownIntranetZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -7591,25 +11300,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_4
-
+
- LockedDownIntranetZoneAllowScriptlets
-
+ LockedDownIntranetZoneAllowScriptlets
+
-
+
@@ -7617,25 +11326,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_Policy_AllowScriptlets_4
-
+
- LockedDownIntranetZoneAllowSmartScreenIE
-
+ LockedDownIntranetZoneAllowSmartScreenIE
+
-
+
@@ -7643,25 +11352,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_Policy_Phishing_4
-
+
- LockedDownIntranetZoneAllowUserDataPersistence
-
+ LockedDownIntranetZoneAllowUserDataPersistence
+
-
+
@@ -7669,25 +11378,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyUserdataPersistence_4
-
+
- LockedDownIntranetZoneInitializeAndScriptActiveXControls
-
+ LockedDownIntranetZoneInitializeAndScriptActiveXControls
+
-
+
@@ -7695,25 +11404,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_4
-
+
- LockedDownIntranetZoneNavigateWindowsAndFrames
-
+ LockedDownIntranetZoneNavigateWindowsAndFrames
+
-
+
@@ -7721,25 +11430,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_4
-
+
- LockedDownLocalMachineZoneAllowAccessToDataSources
-
+ LockedDownLocalMachineZoneAllowAccessToDataSources
+
-
+
@@ -7747,25 +11456,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_10
-
+
- LockedDownLocalMachineZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownLocalMachineZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -7773,25 +11482,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_10
-
+
- LockedDownLocalMachineZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownLocalMachineZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -7799,25 +11508,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_10
-
+
- LockedDownLocalMachineZoneAllowFontDownloads
-
+ LockedDownLocalMachineZoneAllowFontDownloads
+
-
+
@@ -7825,25 +11534,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyFontDownload_10
-
+
- LockedDownLocalMachineZoneAllowLessPrivilegedSites
-
+ LockedDownLocalMachineZoneAllowLessPrivilegedSites
+
-
+
@@ -7851,25 +11560,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyZoneElevationURLaction_10
-
+
- LockedDownLocalMachineZoneAllowNETFrameworkReliantComponents
-
+ LockedDownLocalMachineZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -7877,25 +11586,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_10
-
+
- LockedDownLocalMachineZoneAllowScriptlets
-
+ LockedDownLocalMachineZoneAllowScriptlets
+
-
+
@@ -7903,25 +11612,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_Policy_AllowScriptlets_10
-
+
- LockedDownLocalMachineZoneAllowSmartScreenIE
-
+ LockedDownLocalMachineZoneAllowSmartScreenIE
+
-
+
@@ -7929,25 +11638,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_Policy_Phishing_10
-
+
- LockedDownLocalMachineZoneAllowUserDataPersistence
-
+ LockedDownLocalMachineZoneAllowUserDataPersistence
+
-
+
@@ -7955,25 +11664,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyUserdataPersistence_10
-
+
- LockedDownLocalMachineZoneInitializeAndScriptActiveXControls
-
+ LockedDownLocalMachineZoneInitializeAndScriptActiveXControls
+
-
+
@@ -7981,25 +11690,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_10
-
+
- LockedDownLocalMachineZoneNavigateWindowsAndFrames
-
+ LockedDownLocalMachineZoneJavaPermissions
+
-
+
@@ -8007,25 +11716,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
+ IZ_PolicyJavaPermissions_10
+
+
+
+ LockedDownLocalMachineZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_10
-
+
- LockedDownRestrictedSitesZoneAllowAccessToDataSources
-
+ LockedDownRestrictedSitesZoneAllowAccessToDataSources
+
-
+
@@ -8033,25 +11768,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_8
-
+
- LockedDownRestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownRestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -8059,25 +11794,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_8
-
+
- LockedDownRestrictedSitesZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownRestrictedSitesZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -8085,25 +11820,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_8
-
+
- LockedDownRestrictedSitesZoneAllowFontDownloads
-
+ LockedDownRestrictedSitesZoneAllowFontDownloads
+
-
+
@@ -8111,25 +11846,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyFontDownload_8
-
+
- LockedDownRestrictedSitesZoneAllowLessPrivilegedSites
-
+ LockedDownRestrictedSitesZoneAllowLessPrivilegedSites
+
-
+
@@ -8137,25 +11872,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyZoneElevationURLaction_8
-
+
- LockedDownRestrictedSitesZoneAllowNETFrameworkReliantComponents
-
+ LockedDownRestrictedSitesZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -8163,25 +11898,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_8
-
+
- LockedDownRestrictedSitesZoneAllowScriptlets
-
+ LockedDownRestrictedSitesZoneAllowScriptlets
+
-
+
@@ -8189,25 +11924,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_Policy_AllowScriptlets_8
-
+
- LockedDownRestrictedSitesZoneAllowSmartScreenIE
-
+ LockedDownRestrictedSitesZoneAllowSmartScreenIE
+
-
+
@@ -8215,25 +11950,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_Policy_Phishing_8
-
+
- LockedDownRestrictedSitesZoneAllowUserDataPersistence
-
+ LockedDownRestrictedSitesZoneAllowUserDataPersistence
+
-
+
@@ -8241,25 +11976,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyUserdataPersistence_8
-
+
- LockedDownRestrictedSitesZoneInitializeAndScriptActiveXControls
-
+ LockedDownRestrictedSitesZoneInitializeAndScriptActiveXControls
+
-
+
@@ -8267,25 +12002,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_8
-
+
- LockedDownRestrictedSitesZoneNavigateWindowsAndFrames
-
+ LockedDownRestrictedSitesZoneJavaPermissions
+
-
+
@@ -8293,25 +12028,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
+ IZ_PolicyJavaPermissions_8
+
+
+
+ LockedDownRestrictedSitesZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_8
-
+
- LockedDownTrustedSitesZoneAllowAccessToDataSources
-
+ LockedDownTrustedSitesZoneAllowAccessToDataSources
+
-
+
@@ -8319,25 +12080,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_6
-
+
- LockedDownTrustedSitesZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownTrustedSitesZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -8345,25 +12106,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_6
-
+
- LockedDownTrustedSitesZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownTrustedSitesZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -8371,25 +12132,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_6
-
+
- LockedDownTrustedSitesZoneAllowFontDownloads
-
+ LockedDownTrustedSitesZoneAllowFontDownloads
+
-
+
@@ -8397,25 +12158,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyFontDownload_6
-
+
- LockedDownTrustedSitesZoneAllowLessPrivilegedSites
-
+ LockedDownTrustedSitesZoneAllowLessPrivilegedSites
+
-
+
@@ -8423,25 +12184,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyZoneElevationURLaction_6
-
+
- LockedDownTrustedSitesZoneAllowNETFrameworkReliantComponents
-
+ LockedDownTrustedSitesZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -8449,25 +12210,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_6
-
+
- LockedDownTrustedSitesZoneAllowScriptlets
-
+ LockedDownTrustedSitesZoneAllowScriptlets
+
-
+
@@ -8475,25 +12236,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_Policy_AllowScriptlets_6
-
+
- LockedDownTrustedSitesZoneAllowSmartScreenIE
-
+ LockedDownTrustedSitesZoneAllowSmartScreenIE
+
-
+
@@ -8501,25 +12262,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_Policy_Phishing_6
-
+
- LockedDownTrustedSitesZoneAllowUserDataPersistence
-
+ LockedDownTrustedSitesZoneAllowUserDataPersistence
+
-
+
@@ -8527,25 +12288,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyUserdataPersistence_6
-
+
- LockedDownTrustedSitesZoneInitializeAndScriptActiveXControls
-
+ LockedDownTrustedSitesZoneInitializeAndScriptActiveXControls
+
-
+
@@ -8553,25 +12314,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_6
-
+
- LockedDownTrustedSitesZoneNavigateWindowsAndFrames
-
+ LockedDownTrustedSitesZoneJavaPermissions
+
-
+
@@ -8579,25 +12340,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
+ IZ_PolicyJavaPermissions_6
+
+
+
+ LockedDownTrustedSitesZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_6
-
+
- RestrictedSitesZoneAllowAccessToDataSources
-
+ MimeSniffingSafetyFeatureInternetExplorerProcesses
+
-
+
@@ -8605,25 +12392,233 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryMimeSniffingSafetyFeature
+ IESF_PolicyExplorerProcesses_6
+
+
+
+ MKProtocolSecurityRestrictionInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryMKProtocolSecurityRestriction
+ IESF_PolicyExplorerProcesses_3
+
+
+
+ NotificationBarInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryInformationBar
+ IESF_PolicyExplorerProcesses_10
+
+
+
+ PreventManagingSmartScreenFilter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDownloadSignedActiveX_1
+
+
+
+ PreventPerUserInstallationOfActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ DisablePerUserActiveXInstall
+
+
+
+ ProtectionFromZoneElevationInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryProtectionFromZoneElevation
+ IESF_PolicyAllProcesses_9
+
+
+
+ RemoveRunThisTimeButtonForOutdatedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
+ VerMgmtDisableRunThisTime
+
+
+
+ RestrictActiveXInstallInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryRestrictActiveXInstall
+ IESF_PolicyAllProcesses_11
+
+
+
+ RestrictedSitesZoneAllowAccessToDataSources
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyAccessDataSourcesAcrossDomains_7
-
+
- RestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
-
+ RestrictedSitesZoneAllowActiveScripting
+
-
+
@@ -8631,25 +12626,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyActiveScripting_1
+
+
+
+ RestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyNotificationBarActiveXURLaction_7
-
+
- RestrictedSitesZoneAllowAutomaticPromptingForFileDownloads
-
+ RestrictedSitesZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -8657,25 +12678,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyNotificationBarDownloadURLaction_7
-
+
- RestrictedSitesZoneAllowFontDownloads
-
+ RestrictedSitesZoneAllowBinaryAndScriptBehaviors
+
-
+
@@ -8683,25 +12704,129 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyBinaryBehaviors_1
+
+
+
+ RestrictedSitesZoneAllowCopyPasteViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyAllowPasteViaScript_7
+
+
+
+ RestrictedSitesZoneAllowDragAndDropCopyAndPasteFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDropOrPasteFiles_7
+
+
+
+ RestrictedSitesZoneAllowFileDownloads
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyFileDownload_1
+
+
+
+ RestrictedSitesZoneAllowFontDownloadsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyFontDownload_7
-
+
- RestrictedSitesZoneAllowLessPrivilegedSites
-
+ RestrictedSitesZoneAllowFontDownloadsWRONG2
+
-
+
@@ -8709,25 +12834,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyFontDownload_1
+
+
+
+ RestrictedSitesZoneAllowLessPrivilegedSites
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyZoneElevationURLaction_7
-
+
- RestrictedSitesZoneAllowNETFrameworkReliantComponents
-
+ RestrictedSitesZoneAllowLoadingOfXAMLFiles
+
-
+
@@ -8735,25 +12886,77 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_XAML_7
+
+
+
+ RestrictedSitesZoneAllowMETAREFRESH
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyAllowMETAREFRESH_1
+
+
+
+ RestrictedSitesZoneAllowNETFrameworkReliantComponents
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_7
-
+
- RestrictedSitesZoneAllowScriptlets
-
+ RestrictedSitesZoneAllowOnlyApprovedDomainsToUseActiveXControls
+
-
+
@@ -8761,25 +12964,129 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyOnlyAllowApprovedDomainsToUseActiveXWithoutPrompt_Both_Restricted
+
+
+
+ RestrictedSitesZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyAllowTDCControl_Both_Restricted
+
+
+
+ RestrictedSitesZoneAllowScriptingOfInternetExplorerWebBrowserControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_WebBrowserControl_7
+
+
+
+ RestrictedSitesZoneAllowScriptInitiatedWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyWindowsRestrictionsURLaction_7
+
+
+
+ RestrictedSitesZoneAllowScriptlets
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_Policy_AllowScriptlets_7
-
+
- RestrictedSitesZoneAllowSmartScreenIE
-
+ RestrictedSitesZoneAllowSmartScreenIE
+
-
+
@@ -8787,25 +13094,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_Policy_Phishing_7
-
+
- RestrictedSitesZoneAllowUserDataPersistence
-
+ RestrictedSitesZoneAllowUpdatesToStatusBarViaScript
+
-
+
@@ -8813,25 +13120,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_ScriptStatusBar_7
+
+
+
+ RestrictedSitesZoneAllowUserDataPersistence
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyUserdataPersistence_7
-
+
- RestrictedSitesZoneInitializeAndScriptActiveXControls
-
+ RestrictedSitesZoneDoNotRunAntimalwareAgainstActiveXControls
+
-
+
@@ -8839,25 +13172,207 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_7
+
+
+
+ RestrictedSitesZoneDownloadSignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDownloadSignedActiveX_7
+
+
+
+ RestrictedSitesZoneDownloadUnsignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDownloadUnsignedActiveX_7
+
+
+
+ RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDragDropAcrossDomainsAcrossWindows_Both_Restricted
+
+
+
+ RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDragDropAcrossDomainsWithinWindow_Both_Restricted
+
+
+
+ RestrictedSitesZoneEnableMIMESniffing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyMimeSniffingURLaction_7
+
+
+
+ RestrictedSitesZoneIncludeLocalPathWhenUploadingFilesToServer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_LocalPathForUpload_7
+
+
+
+ RestrictedSitesZoneInitializeAndScriptActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyScriptActiveXNotMarkedSafe_7
-
+
- RestrictedSitesZoneNavigateWindowsAndFrames
-
+ RestrictedSitesZoneJavaPermissions
+
-
+
@@ -8865,25 +13380,103 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyJavaPermissions_7
+
+
+
+ RestrictedSitesZoneLaunchingApplicationsAndFilesInIFRAME
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyLaunchAppsAndFilesInIFRAME_7
+
+
+
+ RestrictedSitesZoneLogonOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyLogon_7
+
+
+
+ RestrictedSitesZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyNavigateSubframesAcrossDomains_7
-
+
- SearchProviderList
-
+ RestrictedSitesZoneNavigateWindowsAndFramesAcrossDomains
+
-
+
@@ -8891,25 +13484,311 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyNavigateSubframesAcrossDomains_1
+
+
+
+ RestrictedSitesZoneRunActiveXControlsAndPlugins
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyRunActiveXControls_1
+
+
+
+ RestrictedSitesZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicySignedFrameworkComponentsURLaction_7
+
+
+
+ RestrictedSitesZoneScriptActiveXControlsMarkedSafeForScripting
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyScriptActiveXMarkedSafe_1
+
+
+
+ RestrictedSitesZoneWRONG
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
+ IZ_PolicyScriptingOfJavaApplets_6
+
+
+
+ RestrictedSitesZoneWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_UnsafeFiles_7
+
+
+
+ RestrictedSitesZoneWRONG3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyTurnOnXSSFilter_Both_Restricted
+
+
+
+ RestrictedSitesZoneWRONG4
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_TurnOnProtectedMode_7
+
+
+
+ RestrictedSitesZoneWRONG5
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyBlockPopupWindows_7
+
+
+
+ RestrictFileDownloadInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryRestrictFileDownload
+ IESF_PolicyAllProcesses_12
+
+
+
+ ScriptedWindowSecurityRestrictionsInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryScriptedWindowSecurityRestrictions
+ IESF_PolicyAllProcesses_8
+
+
+
+ SearchProviderList
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
SpecificSearchProvider
-
+
- TrustedSitesZoneAllowAccessToDataSources
-
+ SpecifyUseOfActiveXInstallerService
+
-
+
@@ -8917,25 +13796,51 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ OnlyUseAXISForActiveXInstall
+
+
+
+ TrustedSitesZoneAllowAccessToDataSources
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyAccessDataSourcesAcrossDomains_5
-
+
- TrustedSitesZoneAllowAutomaticPromptingForActiveXControls
-
+ TrustedSitesZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -8943,25 +13848,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyNotificationBarActiveXURLaction_5
-
+
- TrustedSitesZoneAllowAutomaticPromptingForFileDownloads
-
+ TrustedSitesZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -8969,25 +13874,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyNotificationBarDownloadURLaction_5
-
+
- TrustedSitesZoneAllowFontDownloads
-
+ TrustedSitesZoneAllowFontDownloads
+
-
+
@@ -8995,25 +13900,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyFontDownload_5
-
+
- TrustedSitesZoneAllowLessPrivilegedSites
-
+ TrustedSitesZoneAllowLessPrivilegedSites
+
-
+
@@ -9021,25 +13926,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyZoneElevationURLaction_5
-
+
- TrustedSitesZoneAllowNETFrameworkReliantComponents
-
+ TrustedSitesZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -9047,25 +13952,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_5
-
+
- TrustedSitesZoneAllowScriptlets
-
+ TrustedSitesZoneAllowScriptlets
+
-
+
@@ -9073,25 +13978,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_Policy_AllowScriptlets_5
-
+
- TrustedSitesZoneAllowSmartScreenIE
-
+ TrustedSitesZoneAllowSmartScreenIE
+
-
+
@@ -9099,25 +14004,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_Policy_Phishing_5
-
+
- TrustedSitesZoneAllowUserDataPersistence
-
+ TrustedSitesZoneAllowUserDataPersistence
+
-
+
@@ -9125,25 +14030,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyUserdataPersistence_5
-
+
- TrustedSitesZoneInitializeAndScriptActiveXControls
-
+ TrustedSitesZoneInitializeAndScriptActiveXControls
+
-
+
@@ -9151,25 +14056,25 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyScriptActiveXNotMarkedSafe_5
-
+
- TrustedSitesZoneNavigateWindowsAndFrames
-
+ TrustedSitesZoneJavaPermissions
+
-
+
@@ -9177,19 +14082,97 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
+ IZ_PolicyJavaPermissions_5
+
+
+
+ TrustedSitesZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyNavigateSubframesAcrossDomains_5
-
+
+
+
+ TrustedSitesZoneWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_5
+
+
+
+ TrustedSitesZoneWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
+ IZ_PolicyScriptActiveXNotMarkedSafe_5
+
@@ -9212,10 +14195,10 @@ The XML below is the DDF for Windows 10, version 1703.
- DisallowNotificationMirroring
-
+ DisallowNotificationMirroring
+
-
+
0
@@ -9223,15 +14206,15 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -9254,10 +14237,10 @@ The XML below is the DDF for Windows 10, version 1703.
- PointAndPrintRestrictions_User
-
+ PointAndPrintRestrictions_User
+
-
+
@@ -9265,19 +14248,19 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
Printing.admx
Printing~AT~ControlPanel~CplPrinters
PointAndPrint_Restrictions
-
+
@@ -9300,10 +14283,10 @@ The XML below is the DDF for Windows 10, version 1703.
- ConfigureTaskbarCalendar
-
+ ConfigureTaskbarCalendar
+
-
+
0
@@ -9311,15 +14294,15 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -9342,10 +14325,10 @@ The XML below is the DDF for Windows 10, version 1703.
- StartLayout
-
+ StartLayout
+
-
+
@@ -9353,16 +14336,16 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -9385,10 +14368,10 @@ The XML below is the DDF for Windows 10, version 1703.
- AllowTelemetry
-
+ AllowTelemetry
+
-
+
3
@@ -9396,15 +14379,15 @@ The XML below is the DDF for Windows 10, version 1703.
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -9659,6 +14642,87 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ AccountPolicies
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ MinDevicePasswordLength
+
+
+
+
+
+
+
+ This security setting determines the least number of characters that a password for a user account may contain. You can set a value of between 1 and 14 characters, or you can establish that no password is required by setting the number of characters to 0.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PasswordMustMeetComplexityRequirement
+
+
+
+
+
+
+
+ This security setting determines whether passwords must meet complexity requirements.
+
+If this policy is enabled, passwords must meet the following minimum requirements:
+
+Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
+Be at least six characters in length
+Contain characters from three of the following four categories:
+English uppercase characters (A through Z)
+English lowercase characters (a through z)
+Base 10 digits (0 through 9)
+Non-alphabetic characters (for example, !, $, #, %)
+Complexity requirements are enforced when passwords are changed or created.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
Accounts
@@ -10870,6 +15934,30 @@ The XML below is the DDF for Windows 10, version 1703.
+
+ AllowFidoDeviceSignon
+
+
+
+
+
+
+
+ Specifies whether FIDO device can be used to sign on.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
AllowSecondaryAuthenticationDevice
@@ -11449,7 +16537,7 @@ The XML below is the DDF for Windows 10, version 1703.
This policy setting lets you decide whether the Microsoft Compatibility List is enabled or disabled in Microsoft Edge. This feature uses a Microsoft-provided list to ensure that any sites with known compatibility issues are displayed correctly when a user navigates to them. By default, the Microsoft Compatibility List is enabled and can be viewed by navigating to about:compat.
-If you enable or don’t configure this setting, Microsoft Edge will periodically download the latest version of the list from Microsoft and will apply the configurations specified there during browser navigation. If a user visits a site on the Microsoft Compatibility List, he or she will be prompted to open the site in Internet Explorer 11. Once in Internet Explorer, the site will automatically be rendered as if the user is viewing it in the previous version of Internet Explorer it requires to display correctly.
+If you enable or don’t configure this setting, Microsoft Edge will periodically download the latest version of the list from Microsoft and will apply the configurations specified there during browser navigation. If a user visits a site on the Microsoft Compatibility List, he or she will be prompted to open the site in Internet Explorer 11. Once in Internet Explorer, the site will automatically be rendered as if the user is viewing it in the previous version of Internet Explorer it requires to display correctly.
If you disable this setting, the Microsoft Compatibility List will not be used during browser navigation.
@@ -11760,7 +16848,7 @@ Example:
If you wanted to allow contoso.com and fabrikam.com then you would append /support to the site strings like contoso.com/support and fabrikam.com/support.
Encapsulate each string with greater than and less than characters like any other XML tag.
-Version 1703 or later: If you don't want to send traffic to Microsoft, you can use the about:blank value (encapsulate with greater than and less than characters like any other XML tag), which is honored for both domain- and non-domain-joined machines, when it's the only configured URL.
+Version 1703 or later:  If you don't want to send traffic to Microsoft, you can use the about:blank value (encapsulate with greater than and less than characters like any other XML tag), which is honored for both domain- and non-domain-joined machines, when it's the only configured URL.
@@ -12072,6 +17160,52 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ Cellular
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ ShowAppCellularAccessUI
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
Connectivity
@@ -12285,6 +17419,78 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ DiablePrintingOverHTTP
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableDownloadingOfPrintDriversOverHTTP
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableInternetDownloadForWebPublishingAndOnlineOrderingWizards
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisallowNetworkConnectivityActiveTests
@@ -12333,6 +17539,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ ProhibitInstallationAndConfigurationOfNetworkBridge
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
CredentialProviders
@@ -13017,6 +18247,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ AttackSurfaceReductionOnlyExclusions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AttackSurfaceReductionRules
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
AvgCPULoadFactor
@@ -13041,6 +18319,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ CloudBlockLevel
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ CloudExtendedTimeout
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DaysToRetainCleanedMalware
@@ -13065,6 +18391,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ EnableGuardMyFolders
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ EnableNetworkProtection
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
ExcludedExtensions
@@ -13137,6 +18511,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ GuardedFoldersAllowedApplications
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ GuardedFoldersList
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
PUAProtection
@@ -13760,6 +19182,100 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ DeviceGuard
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ EnableVirtualizationBasedSecurity
+
+
+
+
+
+
+
+ Turns On Virtualization Based Security(VBS)
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LsaCfgFlags
+
+
+
+
+
+
+
+ Credential Guard Configuration: 0 - Turns off CredentialGuard remotely if configured previously without UEFI Lock, 1 - Turns on CredentialGuard with UEFI lock. 2 - Turns on CredentialGuard without UEFI lock.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RequirePlatformSecurityFeatures
+
+
+
+
+
+
+
+ Select Platform Security Level: 1 - Turns on VBS with Secure Boot, 3 - Turns on VBS with Secure Boot and DMA. DMA requires hardware support.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
DeviceInstallation
@@ -14004,7 +19520,7 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- Specifies how many passwords can be stored in the history that can’t be used.
+ Specifies how many passwords can be stored in the history that can’t be used.
@@ -14187,6 +19703,34 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ MinimumPasswordAge
+
+
+
+
+
+
+
+ This security setting determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow changes immediately by setting the number of days to 0.
+
+The minimum password age must be less than the Maximum password age, unless the maximum password age is set to 0, indicating that passwords will never expire. If the maximum password age is set to 0, the minimum password age can be set to any value between 0 and 998.
+
+Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cycle through passwords repeatedly until they get to an old favorite. The default setting does not follow this recommendation, so that an administrator can specify a password for a user and then require the user to change the administrator-defined password when the user logs on. If the password history is set to 0, the user does not have to choose a new password. For this reason, Enforce password history is set to 1 by default.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
PreventLockScreenSlideShow
@@ -15063,6 +20607,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ AllowCertificateAddressMismatchWarning
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowDeletingBrowsingHistoryOnExit
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
AllowEnhancedProtectedMode
@@ -15135,6 +20727,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ AllowFallbackToSSL3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
AllowInternetExplorer7PolicyList
@@ -15423,6 +21039,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ AllowSoftwareWhenSignatureIsInvalid
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
AllowsRestrictedSitesZoneTemplate
@@ -15495,6 +21135,78 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ CheckServerCertificateRevocation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ CheckSignaturesOnDownloadedPrograms
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ConsistentMimeHandlingInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableAdobeFlash
@@ -15519,6 +21231,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ DisableBlockingOfOutdatedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableBypassOfSmartScreenWarnings
@@ -15567,6 +21303,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ DisableConfiguringHistory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableCrashDetection
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableCustomerExperienceImprovementProgramParticipation
@@ -15591,6 +21375,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ DisableDeletingUserVisitedWebsites
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableEnclosureDownloading
@@ -15687,6 +21495,78 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ DisableIgnoringCertificateErrors
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableInPrivateBrowsing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableProcessesInEnhancedProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableProxyChange
@@ -15759,6 +21639,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ DisableSecuritySettingsCheck
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DisableUpdateCheck
@@ -15783,6 +21687,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ DoNotAllowActiveXControlsInProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
DoNotAllowUsersToAddSites
@@ -15999,6 +21927,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ InternetZoneAllowCopyPasteViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneAllowDragAndDropCopyAndPasteFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneAllowFontDownloads
@@ -16047,6 +22023,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ InternetZoneAllowLoadingOfXAMLFilesWRONG
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneAllowNETFrameworkReliantComponents
@@ -16071,6 +22071,102 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ InternetZoneAllowOnlyApprovedDomainsToUseActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneAllowScriptingOfInternetExplorerWebBrowserControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneAllowScriptInitiatedWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneAllowScriptlets
@@ -16119,6 +22215,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ InternetZoneAllowUpdatesToStatusBarViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneAllowUserDataPersistence
@@ -16143,6 +22263,246 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ InternetZoneDoNotRunAntimalwareAgainstActiveXControlsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneDoNotRunAntimalwareAgainstActiveXControlsWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneDownloadSignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneDownloadUnsignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableCrossSiteScriptingFilter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableMIMESniffing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneEnableProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneIncludeLocalPathWhenUploadingFilesToServer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneInitializeAndScriptActiveXControls
@@ -16167,6 +22527,126 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ InternetZoneInitializeAndScriptActiveXControlsNotMarkedSafe
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneJavaPermissionsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneJavaPermissionsWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneLaunchingApplicationsAndFilesInIFRAME
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneLogonOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
InternetZoneNavigateWindowsAndFrames
@@ -16191,6 +22671,126 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ InternetZoneRunNETFrameworkReliantComponentsNotSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneShowSecurityWarningForPotentiallyUnsafeFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneUsePopupBlocker
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InternetZoneWebsitesInLessPrivilegedZonesCanNavigateIntoThisZone
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
IntranetZoneAllowAccessToDataSources
@@ -16671,6 +23271,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ LocalMachineZoneDoNotRunAntimalwareAgainstActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LocalMachineZoneInitializeAndScriptActiveXControls
@@ -16695,6 +23319,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ LocalMachineZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LocalMachineZoneNavigateWindowsAndFrames
@@ -16959,6 +23607,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ LockedDownInternetZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LockedDownInternetZoneNavigateWindowsAndFrames
@@ -17487,6 +24159,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ LockedDownLocalMachineZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LockedDownLocalMachineZoneNavigateWindowsAndFrames
@@ -17751,6 +24447,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ LockedDownRestrictedSitesZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LockedDownRestrictedSitesZoneNavigateWindowsAndFrames
@@ -18015,6 +24735,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ LockedDownTrustedSitesZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LockedDownTrustedSitesZoneNavigateWindowsAndFrames
@@ -18039,6 +24783,198 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ MimeSniffingSafetyFeatureInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ MKProtocolSecurityRestrictionInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ NotificationBarInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PreventManagingSmartScreenFilter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PreventPerUserInstallationOfActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ProtectionFromZoneElevationInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RemoveRunThisTimeButtonForOutdatedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictActiveXInstallInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowAccessToDataSources
@@ -18063,6 +24999,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ RestrictedSitesZoneAllowActiveScripting
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
@@ -18112,7 +25072,127 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- RestrictedSitesZoneAllowFontDownloads
+ RestrictedSitesZoneAllowBinaryAndScriptBehaviors
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowCopyPasteViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowDragAndDropCopyAndPasteFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowFileDownloads
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowFontDownloadsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowFontDownloadsWRONG2
@@ -18159,6 +25239,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ RestrictedSitesZoneAllowLoadingOfXAMLFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowMETAREFRESH
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowNETFrameworkReliantComponents
@@ -18183,6 +25311,102 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ RestrictedSitesZoneAllowOnlyApprovedDomainsToUseActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowScriptingOfInternetExplorerWebBrowserControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneAllowScriptInitiatedWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowScriptlets
@@ -18231,6 +25455,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ RestrictedSitesZoneAllowUpdatesToStatusBarViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneAllowUserDataPersistence
@@ -18255,6 +25503,174 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ RestrictedSitesZoneDoNotRunAntimalwareAgainstActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneDownloadSignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneDownloadUnsignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneEnableMIMESniffing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneIncludeLocalPathWhenUploadingFilesToServer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneInitializeAndScriptActiveXControls
@@ -18279,6 +25695,78 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ RestrictedSitesZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneLaunchingApplicationsAndFilesInIFRAME
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneLogonOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RestrictedSitesZoneNavigateWindowsAndFrames
@@ -18303,6 +25791,270 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ RestrictedSitesZoneNavigateWindowsAndFramesAcrossDomains
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneRunActiveXControlsAndPlugins
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneScriptActiveXControlsMarkedSafeForScripting
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG4
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictedSitesZoneWRONG5
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RestrictFileDownloadInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScriptedWindowSecurityRestrictionsInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
SearchProviderList
@@ -18327,6 +26079,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ SecurityZonesUseOnlyMachineSettings
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ SpecifyUseOfActiveXInstallerService
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
TrustedSitesZoneAllowAccessToDataSources
@@ -18567,6 +26367,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ TrustedSitesZoneJavaPermissions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
TrustedSitesZoneNavigateWindowsAndFrames
@@ -18591,6 +26415,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ TrustedSitesZoneWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ TrustedSitesZoneWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
Kerberos
@@ -18804,6 +26676,897 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ LocalPoliciesSecurityOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Accounts_BlockMicrosoftAccounts
+
+
+
+
+
+
+
+ This policy setting prevents users from adding new Microsoft accounts on this computer.
+
+If you select the "Users can’t add Microsoft accounts" option, users will not be able to create new Microsoft accounts on this computer, switch a local account to a Microsoft account, or connect a domain account to a Microsoft account. This is the preferred option if you need to limit the use of Microsoft accounts in your enterprise.
+
+If you select the "Users can’t add or log on with Microsoft accounts" option, existing Microsoft account users will not be able to log on to Windows. Selecting this option might make it impossible for an existing administrator on this computer to log on and manage the system.
+
+If you disable or do not configure this policy (recommended), users will be able to use Microsoft accounts with Windows.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Accounts_EnableAdministratorAccountStatus
+
+
+
+
+
+
+
+ This security setting determines whether the local Administrator account is enabled or disabled.
+
+Notes
+
+If you try to reenable the Administrator account after it has been disabled, and if the current Administrator password does not meet the password requirements, you cannot reenable the account. In this case, an alternative member of the Administrators group must reset the password on the Administrator account. For information about how to reset a password, see To reset a password.
+Disabling the Administrator account can become a maintenance issue under certain circumstances.
+
+Under Safe Mode boot, the disabled Administrator account will only be enabled if the machine is non-domain joined and there are no other local active administrator accounts. If the computer is domain joined the disabled administrator will not be enabled.
+
+Default: Disabled.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Accounts_EnableGuestAccountStatus
+
+
+
+
+
+
+
+ This security setting determines if the Guest account is enabled or disabled.
+
+Default: Disabled.
+
+Note: If the Guest account is disabled and the security option Network Access: Sharing and Security Model for local accounts is set to Guest Only, network logons, such as those performed by the Microsoft Network Server (SMB Service), will fail.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly
+
+
+
+
+
+
+
+ Accounts: Limit local account use of blank passwords to console logon only
+
+This security setting determines whether local accounts that are not password protected can be used to log on from locations other than the physical computer console. If enabled, local accounts that are not password protected will only be able to log on at the computer's keyboard.
+
+Default: Enabled.
+
+
+Warning:
+
+Computers that are not in physically secure locations should always enforce strong password policies for all local user accounts. Otherwise, anyone with physical access to the computer can log on by using a user account that does not have a password. This is especially important for portable computers.
+If you apply this security policy to the Everyone group, no one will be able to log on through Remote Desktop Services.
+
+Notes
+
+This setting does not affect logons that use domain accounts.
+It is possible for applications that use remote interactive logons to bypass this setting.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Accounts_RenameAdministratorAccount
+
+
+
+
+
+
+
+ Accounts: Rename administrator account
+
+This security setting determines whether a different account name is associated with the security identifier (SID) for the account Administrator. Renaming the well-known Administrator account makes it slightly more difficult for unauthorized persons to guess this privileged user name and password combination.
+
+Default: Administrator.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Accounts_RenameGuestAccount
+
+
+
+
+
+
+
+ Accounts: Rename guest account
+
+This security setting determines whether a different account name is associated with the security identifier (SID) for the account "Guest." Renaming the well-known Guest account makes it slightly more difficult for unauthorized persons to guess this user name and password combination.
+
+Default: Guest.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked
+
+
+
+
+
+
+
+ Interactive Logon:Display user information when the session is locked
+User display name, domain and user names (1)
+User display name only (2)
+Do not display user information (3)
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Interactivelogon_DoNotDisplayLastSignedIn
+
+
+
+
+
+
+
+ Interactive logon: Don't display last signed-in
+This security setting determines whether the Windows sign-in screen will show the username of the last person who signed in on this PC.
+If this policy is enabled, the username will not be shown.
+
+If this policy is disabled, the username will be shown.
+
+Default: Disabled.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Interactivelogon_DoNotDisplayUsernameAtSignIn
+
+
+
+
+
+
+
+ Interactive logon: Don't display username at sign-in
+This security setting determines whether the username of the person signing in to this PC appears at Windows sign-in, after credentials are entered, and before the PC desktop is shown.
+If this policy is enabled, the username will not be shown.
+
+If this policy is disabled, the username will be shown.
+
+Default: Disabled.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Interactivelogon_DoNotRequireCTRLALTDEL
+
+
+
+
+
+
+
+ Interactive logon: Do not require CTRL+ALT+DEL
+
+This security setting determines whether pressing CTRL+ALT+DEL is required before a user can log on.
+
+If this policy is enabled on a computer, a user is not required to press CTRL+ALT+DEL to log on. Not having to press CTRL+ALT+DEL leaves users susceptible to attacks that attempt to intercept the users' passwords. Requiring CTRL+ALT+DEL before users log on ensures that users are communicating by means of a trusted path when entering their passwords.
+
+If this policy is disabled, any user is required to press CTRL+ALT+DEL before logging on to Windows.
+
+Default on domain-computers: Enabled: At least Windows 8/Disabled: Windows 7 or earlier.
+Default on stand-alone computers: Enabled.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InteractiveLogon_MachineInactivityLimit
+
+
+
+
+
+
+
+ Interactive logon: Machine inactivity limit.
+
+Windows notices inactivity of a logon session, and if the amount of inactive time exceeds the inactivity limit, then the screen saver will run, locking the session.
+
+Default: not enforced.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InteractiveLogon_MessageTextForUsersAttemptingToLogOn
+
+
+
+
+
+
+
+ Interactive logon: Message text for users attempting to log on
+
+This security setting specifies a text message that is displayed to users when they log on.
+
+This text is often used for legal reasons, for example, to warn users about the ramifications of misusing company information or to warn them that their actions may be audited.
+
+Default: No message.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InteractiveLogon_MessageTitleForUsersAttemptingToLogOn
+
+
+
+
+
+
+
+ Interactive logon: Message title for users attempting to log on
+
+This security setting allows the specification of a title to appear in the title bar of the window that contains the Interactive logon: Message text for users attempting to log on.
+
+Default: No message.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccountsAndShares
+
+
+
+
+
+
+
+ Network access: Do not allow anonymous enumeration of SAM accounts and shares
+
+This security setting determines whether anonymous enumeration of SAM accounts and shares is allowed.
+
+Windows allows anonymous users to perform certain activities, such as enumerating the names of domain accounts and network shares. This is convenient, for example, when an administrator wants to grant access to users in a trusted domain that does not maintain a reciprocal trust. If you do not want to allow anonymous enumeration of SAM accounts and shares, then enable this policy.
+
+Default: Disabled.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares
+
+
+
+
+
+
+
+ Network access: Restrict anonymous access to Named Pipes and Shares
+
+When enabled, this security setting restricts anonymous access to shares and pipes to the settings for:
+
+Network access: Named pipes that can be accessed anonymously
+Network access: Shares that can be accessed anonymously
+Default: Enabled.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM
+
+
+
+
+
+
+
+ Network access: Restrict clients allowed to make remote calls to SAM
+
+This policy setting allows you to restrict remote rpc connections to SAM.
+
+If not selected, the default security descriptor will be used.
+
+This policy is supported on at least Windows Server 2016.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ NetworkSecurity_AllowPKU2UAuthenticationRequests
+
+
+
+
+
+
+
+ Network security: Allow PKU2U authentication requests to this computer to use online identities.
+
+This policy will be turned off by default on domain joined machines. This would prevent online identities from authenticating to the domain joined machine.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RecoveryConsole_AllowAutomaticAdministrativeLogon
+
+
+
+
+
+
+
+ Recovery console: Allow automatic administrative logon
+
+This security setting determines if the password for the Administrator account must be given before access to the system is granted. If this option is enabled, the Recovery Console does not require you to provide a password, and it automatically logs on to the system.
+
+Default: This policy is not defined and automatic administrative logon is not allowed.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Shutdown_ClearVirtualMemoryPageFile
+
+
+
+
+
+
+
+ Shutdown: Clear virtual memory pagefile
+
+This security setting determines whether the virtual memory pagefile is cleared when the system is shut down.
+
+Virtual memory support uses a system pagefile to swap pages of memory to disk when they are not used. On a running system, this pagefile is opened exclusively by the operating system, and it is well protected. However, systems that are configured to allow booting to other operating systems might have to make sure that the system pagefile is wiped clean when this system shuts down. This ensures that sensitive information from process memory that might go into the pagefile is not available to an unauthorized user who manages to directly access the pagefile.
+
+When this policy is enabled, it causes the system pagefile to be cleared upon clean shutdown. If you enable this security option, the hibernation file (hiberfil.sys) is also zeroed out when hibernation is disabled.
+
+Default: Disabled.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UserAccountControl_AllowUIAccessApplicationsToPromptForElevation
+
+
+
+
+
+
+
+ User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop.
+
+This policy setting controls whether User Interface Accessibility (UIAccess or UIA) programs can automatically disable the secure desktop for elevation prompts used by a standard user.
+
+• Enabled: UIA programs, including Windows Remote Assistance, automatically disable the secure desktop for elevation prompts. If you do not disable the "User Account Control: Switch to the secure desktop when prompting for elevation" policy setting, the prompts appear on the interactive user's desktop instead of the secure desktop.
+
+• Disabled: (Default) The secure desktop can be disabled only by the user of the interactive desktop or by disabling the "User Account Control: Switch to the secure desktop when prompting for elevation" policy setting.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UserAccountControl_BehaviorOfTheElevationPromptForAdministrators
+
+
+
+
+
+
+
+ User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
+
+This policy setting controls the behavior of the elevation prompt for administrators.
+
+The options are:
+
+• Elevate without prompting: Allows privileged accounts to perform an operation that requires elevation without requiring consent or credentials. Note: Use this option only in the most constrained environments.
+
+• Prompt for credentials on the secure desktop: When an operation requires elevation of privilege, the user is prompted on the secure desktop to enter a privileged user name and password. If the user enters valid credentials, the operation continues with the user's highest available privilege.
+
+• Prompt for consent on the secure desktop: When an operation requires elevation of privilege, the user is prompted on the secure desktop to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege.
+
+• Prompt for credentials: When an operation requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
+
+• Prompt for consent: When an operation requires elevation of privilege, the user is prompted to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege.
+
+• Prompt for consent for non-Windows binaries: (Default) When an operation for a non-Microsoft application requires elevation of privilege, the user is prompted on the secure desktop to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers
+
+
+
+
+
+
+
+ User Account Control: Behavior of the elevation prompt for standard users
+This policy setting controls the behavior of the elevation prompt for standard users.
+
+The options are:
+
+• Prompt for credentials: (Default) When an operation requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
+
+• Automatically deny elevation requests: When an operation requires elevation of privilege, a configurable access denied error message is displayed. An enterprise that is running desktops as standard user may choose this setting to reduce help desk calls.
+
+• Prompt for credentials on the secure desktop: When an operation requires elevation of privilege, the user is prompted on the secure desktop to enter a different user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated
+
+
+
+
+
+
+
+ User Account Control: Only elevate executable files that are signed and validated
+
+This policy setting enforces public key infrastructure (PKI) signature checks for any interactive applications that request elevation of privilege. Enterprise administrators can control which applications are allowed to run by adding certificates to the Trusted Publishers certificate store on local computers.
+
+The options are:
+
+• Enabled: Enforces the PKI certification path validation for a given executable file before it is permitted to run.
+
+• Disabled: (Default) Does not enforce PKI certification path validation before a given executable file is permitted to run.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations
+
+
+
+
+
+
+
+ User Account Control: Only elevate UIAccess applications that are installed in secure locations
+
+This policy setting controls whether applications that request to run with a User Interface Accessibility (UIAccess) integrity level must reside in a secure location in the file system. Secure locations are limited to the following:
+
+- …\Program Files\, including subfolders
+- …\Windows\system32\
+- …\Program Files (x86)\, including subfolders for 64-bit versions of Windows
+
+Note: Windows enforces a public key infrastructure (PKI) signature check on any interactive application that requests to run with a UIAccess integrity level regardless of the state of this security setting.
+
+The options are:
+
+• Enabled: (Default) If an application resides in a secure location in the file system, it runs only with UIAccess integrity.
+
+• Disabled: An application runs with UIAccess integrity even if it does not reside in a secure location in the file system.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UserAccountControl_RunAllAdministratorsInAdminApprovalMode
+
+
+
+
+
+
+
+ User Account Control: Turn on Admin Approval Mode
+
+This policy setting controls the behavior of all User Account Control (UAC) policy settings for the computer. If you change this policy setting, you must restart your computer.
+
+The options are:
+
+• Enabled: (Default) Admin Approval Mode is enabled. This policy must be enabled and related UAC policy settings must also be set appropriately to allow the built-in Administrator account and all other users who are members of the Administrators group to run in Admin Approval Mode.
+
+• Disabled: Admin Approval Mode and all related UAC policy settings are disabled. Note: If this policy setting is disabled, the Security Center notifies you that the overall security of the operating system has been reduced.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation
+
+
+
+
+
+
+
+ User Account Control: Switch to the secure desktop when prompting for elevation
+
+This policy setting controls whether the elevation request prompt is displayed on the interactive user's desktop or the secure desktop.
+
+The options are:
+
+• Enabled: (Default) All elevation requests go to the secure desktop regardless of prompt behavior policy settings for administrators and standard users.
+
+• Disabled: All elevation requests go to the interactive user's desktop. Prompt behavior policy settings for administrators and standard users are used.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UserAccountControl_UseAdminApprovalMode
+
+
+
+
+
+
+
+ User Account Control: Use Admin Approval Mode for the built-in Administrator account
+
+This policy setting controls the behavior of Admin Approval Mode for the built-in Administrator account.
+
+The options are:
+
+• Enabled: The built-in Administrator account uses Admin Approval Mode. By default, any operation that requires elevation of privilege will prompt the user to approve the operation.
+
+• Disabled: (Default) The built-in Administrator account runs all applications with full administrative privilege.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations
+
+
+
+
+
+
+
+ User Account Control: Virtualize file and registry write failures to per-user locations
+
+This policy setting controls whether application write failures are redirected to defined registry and file system locations. This policy setting mitigates applications that run as administrator and write run-time application data to %ProgramFiles%, %Windir%, %Windir%\system32, or HKLM\Software.
+
+The options are:
+
+• Enabled: (Default) Application write failures are redirected at run time to defined user locations for both the file system and registry.
+
+• Disabled: Applications that write data to protected locations fail.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
Location
@@ -19319,6 +28082,102 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ DisplayOffTimeoutOnBattery
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisplayOffTimeoutPluggedIn
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ HibernateTimeoutOnBattery
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ HibernateTimeoutPluggedIn
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RequirePasswordWhenComputerWakesOnBattery
@@ -19367,6 +28226,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ StandbyTimeoutOnBattery
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ StandbyTimeoutPluggedIn
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
Printers
@@ -19531,6 +28438,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ EnableActivityFeed
+
+
+
+
+
+
+
+ Enables ActivityFeed, which is responsible for mirroring different activity types (as applicable) across device graph of the user.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LetAppsAccessAccountInfo
@@ -19915,6 +28846,102 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ LetAppsAccessCellularData
+
+
+
+
+
+
+
+ This policy setting specifies whether Windows apps can access cellular data.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LetAppsAccessCellularData_ForceAllowTheseApps
+
+
+
+
+
+
+
+ List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to cellular data. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LetAppsAccessCellularData_ForceDenyTheseApps
+
+
+
+
+
+
+
+ List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to cellular data. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LetAppsAccessCellularData_UserInControlOfTheseApps
+
+
+
+
+
+
+
+ List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the cellular data privacy setting for the listed apps. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
LetAppsAccessContacts
@@ -21259,6 +30286,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ PublishUserActivities
+
+
+
+
+
+
+
+ Allows apps/system to publish 'User Activities' into ActivityFeed.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
RemoteAssistance
@@ -21544,6 +30595,388 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ RemoteManagement
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ AllowBasicAuthentication_Client
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowBasicAuthentication_Service
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowCredSSPAuthenticationClient
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowCredSSPAuthenticationService
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowRemoteServerManagement
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowUnencryptedTraffic_Client
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowUnencryptedTraffic_Service
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisallowDigestAuthentication
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisallowNegotiateAuthenticationClient
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisallowNegotiateAuthenticationService
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisallowStoringOfRunAsCredentials
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ SpecifyChannelBindingTokenHardeningLevel
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ TrustedHosts
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ TurnOnCompatibilityHTTPListener
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ TurnOnCompatibilityHTTPSListener
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
RemoteProcedureCall
@@ -21614,6 +31047,196 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ RemoteShell
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ AllowRemoteShellAccess
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ MaxConcurrentUsers
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ SpecifyIdleTimeout
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ SpecifyMaxMemory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ SpecifyMaxProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ SpecifyMaxRemoteShells
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ SpecifyShellTimeout
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
Search
@@ -22017,6 +31640,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ ClearTPMIfNotReady
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
PreventAutomaticDeviceEncryptionForAzureADJoinedDevices
@@ -22969,6 +32616,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ HidePeopleBar
+
+
+
+
+
+
+
+ Enabling this policy removes the people icon from the taskbar as well as the corresponding settings toggle. It also prevents users from pinning people to the taskbar.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
HidePowerButton
@@ -23550,7 +33221,7 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- This policy setting lets you prevent apps and features from working with files on OneDrive. If you enable this policy setting: users can’t access OneDrive from the OneDrive app and file picker; Windows Store apps can’t access OneDrive using the WinRT API; OneDrive doesn’t appear in the navigation pane in File Explorer; OneDrive files aren’t kept in sync with the cloud; Users can’t automatically upload photos and videos from the camera roll folder. If you disable or do not configure this policy setting, apps and features can work with OneDrive file storage.
+ This policy setting lets you prevent apps and features from working with files on OneDrive. If you enable this policy setting: users can’t access OneDrive from the OneDrive app and file picker; Windows Store apps can’t access OneDrive using the WinRT API; OneDrive doesn’t appear in the navigation pane in File Explorer; OneDrive files aren’t kept in sync with the cloud; Users can’t automatically upload photos and videos from the camera roll folder. If you disable or do not configure this policy setting, apps and features can work with OneDrive file storage.
@@ -24087,6 +33758,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ AllowAutoWindowsUpdateDownloadOverMeteredNetwork
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
AllowMUUpdateService
@@ -24543,6 +34238,30 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ ManageBuildPreview
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
PauseDeferrals
@@ -24759,6 +34478,126 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ ScheduledInstallEveryWeek
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallFirstWeek
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallFourthWeek
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallSecondWeek
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallThirdWeek
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
ScheduledInstallTime
@@ -25094,6 +34933,364 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ WindowsDefenderSecurityCenter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ CompanyName
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableAppBrowserUI
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableEnhancedNotifications
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableFamilyUI
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableHealthUI
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableNetworkUI
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableNotifications
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisableVirusUI
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ DisallowExploitProtectionOverride
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Email
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ EnableCustomizedToasts
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ EnableInAppCustomization
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ Phone
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ URL
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
WindowsInkWorkspace
@@ -25279,6 +35476,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
+
+ AllowMdnsAdvertisement
+
+
+
+
+
+
+
+ This policy setting allows you to turn off the Wireless Display multicast DNS service advertisement from a Wireless Display receiver.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowMdnsDiscovery
+
+
+
+
+
+
+
+ This policy setting allows you to turn off discovering the display service advertised over multicast DNS by a Wireless Display receiver.
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
AllowProjectionFromPC
@@ -25474,10 +35719,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowActionCenterNotifications
-
+ AllowActionCenterNotifications
+
-
+
1
@@ -25485,22 +35730,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowCortanaAboveLock
-
+ AllowCortanaAboveLock
+
-
+
1
@@ -25508,21 +35753,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowToasts
-
+ AllowToasts
+
-
+
1
@@ -25530,15 +35775,92 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
+
+
+
+ AccountPolicies
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ MinDevicePasswordLength
+
+
+
+
+ This security setting determines the least number of characters that a password for a user account may contain. You can set a value of between 1 and 14 characters, or you can establish that no password is required by setting the number of characters to 0.
+ 7
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ PasswordMustMeetComplexityRequirement
+
+
+
+
+ This security setting determines whether passwords must meet complexity requirements.
+
+If this policy is enabled, passwords must meet the following minimum requirements:
+
+Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
+Be at least six characters in length
+Contain characters from three of the following four categories:
+English uppercase characters (A through Z)
+English lowercase characters (a through z)
+Base 10 digits (0 through 9)
+Non-alphabetic characters (for example, !, $, #, %)
+Complexity requirements are enforced when passwords are changed or created.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
@@ -25561,10 +35883,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAddingNonMicrosoftAccountsManually
-
+ AllowAddingNonMicrosoftAccountsManually
+
-
+
1
@@ -25572,21 +35894,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowMicrosoftAccountConnection
-
+ AllowMicrosoftAccountConnection
+
-
+
1
@@ -25594,21 +35916,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowMicrosoftAccountSignInAssistant
-
+ AllowMicrosoftAccountSignInAssistant
+
-
+
1
@@ -25616,21 +35938,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DomainNamesForEmailSync
-
+ DomainNamesForEmailSync
+
-
+
@@ -25638,15 +35960,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -25669,10 +35991,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- ApprovedInstallationSites
-
+ ApprovedInstallationSites
+
-
+
@@ -25680,19 +36002,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
ActiveXInstallService.admx
ActiveXInstallService~AT~WindowsComponents~AxInstSv
ApprovedActiveXInstallSites
-
+
@@ -25715,10 +36037,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- DefaultAssociationsConfiguration
-
+ DefaultAssociationsConfiguration
+
-
+
@@ -25726,16 +36048,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -25758,10 +36080,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAllTrustedApps
-
+ AllowAllTrustedApps
+
-
+
65535
@@ -25769,21 +36091,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowAppStoreAutoUpdate
-
+ AllowAppStoreAutoUpdate
+
-
+
2
@@ -25791,21 +36113,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowDeveloperUnlock
-
+ AllowDeveloperUnlock
+
-
+
65535
@@ -25813,21 +36135,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowGameDVR
-
+ AllowGameDVR
+
-
+
1
@@ -25835,22 +36157,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowSharedUserAppData
-
+ AllowSharedUserAppData
+
-
+
0
@@ -25858,21 +36180,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowStore
-
+ AllowStore
+
-
+
1
@@ -25880,22 +36202,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- ApplicationRestrictions
-
+ ApplicationRestrictions
+
-
+
@@ -25903,22 +36225,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- DisableStoreOriginatedApps
-
+ DisableStoreOriginatedApps
+
-
+
0
@@ -25926,21 +36248,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- RestrictAppDataToSystemVolume
-
+ RestrictAppDataToSystemVolume
+
-
+
0
@@ -25948,21 +36270,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- RestrictAppToSystemVolume
-
+ RestrictAppToSystemVolume
+
-
+
0
@@ -25970,15 +36292,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -26001,10 +36323,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAppVClient
-
+ AllowAppVClient
+
-
+
@@ -26012,25 +36334,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV
EnableAppV
-
+
- AllowDynamicVirtualization
-
+ AllowDynamicVirtualization
+
-
+
@@ -26038,25 +36360,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Virtualization
Virtualization_JITVEnable
-
+
- AllowPackageCleanup
-
+ AllowPackageCleanup
+
-
+
@@ -26064,25 +36386,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_PackageManagement
PackageManagement_AutoCleanupEnable
-
+
- AllowPackageScripts
-
+ AllowPackageScripts
+
-
+
@@ -26090,25 +36412,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Scripting
Scripting_Enable_Package_Scripts
-
+
- AllowPublishingRefreshUX
-
+ AllowPublishingRefreshUX
+
-
+
@@ -26116,25 +36438,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Publishing
Enable_Publishing_Refresh_UX
-
+
- AllowReportingServer
-
+ AllowReportingServer
+
-
+
@@ -26142,25 +36464,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Reporting
Reporting_Server_Policy
-
+
- AllowRoamingFileExclusions
-
+ AllowRoamingFileExclusions
+
-
+
@@ -26168,25 +36490,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Integration
Integration_Roaming_File_Exclusions
-
+
- AllowRoamingRegistryExclusions
-
+ AllowRoamingRegistryExclusions
+
-
+
@@ -26194,25 +36516,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Integration
Integration_Roaming_Registry_Exclusions
-
+
- AllowStreamingAutoload
-
+ AllowStreamingAutoload
+
-
+
@@ -26220,25 +36542,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Steaming_Autoload
-
+
- ClientCoexistenceAllowMigrationmode
-
+ ClientCoexistenceAllowMigrationmode
+
-
+
@@ -26246,25 +36568,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Client_Coexistence
Client_Coexistence_Enable_Migration_mode
-
+
- IntegrationAllowRootGlobal
-
+ IntegrationAllowRootGlobal
+
-
+
@@ -26272,25 +36594,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Integration
Integration_Root_User
-
+
- IntegrationAllowRootUser
-
+ IntegrationAllowRootUser
+
-
+
@@ -26298,25 +36620,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Integration
Integration_Root_Global
-
+
- PublishingAllowServer1
-
+ PublishingAllowServer1
+
-
+
@@ -26324,25 +36646,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Publishing
Publishing_Server1_Policy
-
+
- PublishingAllowServer2
-
+ PublishingAllowServer2
+
-
+
@@ -26350,25 +36672,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Publishing
Publishing_Server2_Policy
-
+
- PublishingAllowServer3
-
+ PublishingAllowServer3
+
-
+
@@ -26376,25 +36698,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Publishing
Publishing_Server3_Policy
-
+
- PublishingAllowServer4
-
+ PublishingAllowServer4
+
-
+
@@ -26402,25 +36724,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Publishing
Publishing_Server4_Policy
-
+
- PublishingAllowServer5
-
+ PublishingAllowServer5
+
-
+
@@ -26428,25 +36750,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Publishing
Publishing_Server5_Policy
-
+
- StreamingAllowCertificateFilterForClient_SSL
-
+ StreamingAllowCertificateFilterForClient_SSL
+
-
+
@@ -26454,25 +36776,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Certificate_Filter_For_Client_SSL
-
+
- StreamingAllowHighCostLaunch
-
+ StreamingAllowHighCostLaunch
+
-
+
@@ -26480,25 +36802,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Allow_High_Cost_Launch
-
+
- StreamingAllowLocationProvider
-
+ StreamingAllowLocationProvider
+
-
+
@@ -26506,25 +36828,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Location_Provider
-
+
- StreamingAllowPackageInstallationRoot
-
+ StreamingAllowPackageInstallationRoot
+
-
+
@@ -26532,25 +36854,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Package_Installation_Root
-
+
- StreamingAllowPackageSourceRoot
-
+ StreamingAllowPackageSourceRoot
+
-
+
@@ -26558,25 +36880,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Package_Source_Root
-
+
- StreamingAllowReestablishmentInterval
-
+ StreamingAllowReestablishmentInterval
+
-
+
@@ -26584,25 +36906,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Reestablishment_Interval
-
+
- StreamingAllowReestablishmentRetries
-
+ StreamingAllowReestablishmentRetries
+
-
+
@@ -26610,25 +36932,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Reestablishment_Retries
-
+
- StreamingSharedContentStoreMode
-
+ StreamingSharedContentStoreMode
+
-
+
@@ -26636,25 +36958,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Shared_Content_Store_Mode
-
+
- StreamingSupportBranchCache
-
+ StreamingSupportBranchCache
+
-
+
@@ -26662,25 +36984,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Support_Branch_Cache
-
+
- StreamingVerifyCertificateRevocationList
-
+ StreamingVerifyCertificateRevocationList
+
-
+
@@ -26688,25 +37010,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Streaming
Streaming_Verify_Certificate_Revocation_List
-
+
- VirtualComponentsAllowList
-
+ VirtualComponentsAllowList
+
-
+
@@ -26714,19 +37036,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
appv.admx
appv~AT~System~CAT_AppV~CAT_Virtualization
Virtualization_JITVAllowList
-
+
@@ -26749,10 +37071,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowFastReconnect
-
+ AllowFastReconnect
+
-
+
1
@@ -26760,21 +37082,44 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowSecondaryAuthenticationDevice
-
+ AllowFidoDeviceSignon
+
-
+
+
+ Specifies whether FIDO device can be used to sign on.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ AllowSecondaryAuthenticationDevice
+
+
+
0
@@ -26782,15 +37127,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -26813,10 +37158,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- DisallowAutoplayForNonVolumeDevices
-
+ DisallowAutoplayForNonVolumeDevices
+
-
+
@@ -26824,25 +37169,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
AutoPlay.admx
AutoPlay~AT~WindowsComponents~AutoPlay
NoAutoplayfornonVolume
-
+
- SetDefaultAutoRunBehavior
-
+ SetDefaultAutoRunBehavior
+
-
+
@@ -26850,25 +37195,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
AutoPlay.admx
AutoPlay~AT~WindowsComponents~AutoPlay
NoAutorun
-
+
- TurnOffAutoPlay
-
+ TurnOffAutoPlay
+
-
+
@@ -26876,19 +37221,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
AutoPlay.admx
AutoPlay~AT~WindowsComponents~AutoPlay
Autorun
-
+
@@ -26911,10 +37256,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- EncryptionMethod
-
+ EncryptionMethod
+
-
+
6
@@ -26922,15 +37267,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -26953,10 +37298,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAdvertising
-
+ AllowAdvertising
+
-
+
1
@@ -26964,21 +37309,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowDiscoverableMode
-
+ AllowDiscoverableMode
+
-
+
1
@@ -26986,21 +37331,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowPrepairing
-
+ AllowPrepairing
+
-
+
1
@@ -27008,21 +37353,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LocalDeviceName
-
+ LocalDeviceName
+
-
+
@@ -27030,21 +37375,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- ServicesAllowedList
-
+ ServicesAllowedList
+
-
+
@@ -27052,15 +37397,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -27083,10 +37428,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAddressBarDropdown
-
+ AllowAddressBarDropdown
+
-
+
This policy setting lets you decide whether the Address bar drop-down functionality is available in Microsoft Edge. We recommend disabling this setting if you want to minimize network connections from Microsoft Edge to Microsoft services.
1
@@ -27094,22 +37439,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowAutofill
-
+ AllowAutofill
+
-
+
This setting lets you decide whether employees can use Autofill to automatically fill in form fields while using Microsoft Edge.
0
@@ -27117,21 +37462,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowBrowser
-
+ AllowBrowser
+
-
+
1
@@ -27139,22 +37484,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowCookies
-
+ AllowCookies
+
-
+
This setting lets you configure how your company deals with cookies.
2
@@ -27162,21 +37507,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowDeveloperTools
-
+ AllowDeveloperTools
+
-
+
This setting lets you decide whether employees can use F12 Developer Tools on Microsoft Edge.
1
@@ -27184,22 +37529,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowDoNotTrack
-
+ AllowDoNotTrack
+
-
+
This setting lets you decide whether employees can send Do Not Track headers to websites that request tracking info.
0
@@ -27207,21 +37552,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowExtensions
-
+ AllowExtensions
+
-
+
This setting lets you decide whether employees can load extensions in Microsoft Edge.
1
@@ -27229,22 +37574,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowFlash
-
+ AllowFlash
+
-
+
This setting lets you decide whether employees can run Adobe Flash in Microsoft Edge.
1
@@ -27252,22 +37597,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowFlashClickToRun
-
+ AllowFlashClickToRun
+
-
+
Configure the Adobe Flash Click-to-Run setting.
1
@@ -27275,22 +37620,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowInPrivate
-
+ AllowInPrivate
+
-
+
This setting lets you decide whether employees can browse using InPrivate website browsing.
1
@@ -27298,25 +37643,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowMicrosoftCompatibilityList
-
+ AllowMicrosoftCompatibilityList
+
-
+
This policy setting lets you decide whether the Microsoft Compatibility List is enabled or disabled in Microsoft Edge. This feature uses a Microsoft-provided list to ensure that any sites with known compatibility issues are displayed correctly when a user navigates to them. By default, the Microsoft Compatibility List is enabled and can be viewed by navigating to about:compat.
-If you enable or don’t configure this setting, Microsoft Edge will periodically download the latest version of the list from Microsoft and will apply the configurations specified there during browser navigation. If a user visits a site on the Microsoft Compatibility List, he or she will be prompted to open the site in Internet Explorer 11. Once in Internet Explorer, the site will automatically be rendered as if the user is viewing it in the previous version of Internet Explorer it requires to display correctly.
+If you enable or don’t configure this setting, Microsoft Edge will periodically download the latest version of the list from Microsoft and will apply the configurations specified there during browser navigation. If a user visits a site on the Microsoft Compatibility List, he or she will be prompted to open the site in Internet Explorer 11. Once in Internet Explorer, the site will automatically be rendered as if the user is viewing it in the previous version of Internet Explorer it requires to display correctly.
If you disable this setting, the Microsoft Compatibility List will not be used during browser navigation.
1
@@ -27324,21 +37669,21 @@ If you disable this setting, the Microsoft Compatibility List will not be used d
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowPasswordManager
-
+ AllowPasswordManager
+
-
+
This setting lets you decide whether employees can save their passwords locally, using Password Manager.
1
@@ -27346,21 +37691,21 @@ If you disable this setting, the Microsoft Compatibility List will not be used d
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowPopups
-
+ AllowPopups
+
-
+
This setting lets you decide whether to turn on Pop-up Blocker and whether to allow pop-ups to appear in secondary windows.
0
@@ -27368,22 +37713,22 @@ If you disable this setting, the Microsoft Compatibility List will not be used d
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowSearchEngineCustomization
-
+ AllowSearchEngineCustomization
+
-
+
Allow search engine customization for MDM enrolled devices. Users can change their default search engine.
@@ -27396,21 +37741,21 @@ This policy will only apply on domain joined machines or when the device is MDM
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowSearchSuggestionsinAddressBar
-
+ AllowSearchSuggestionsinAddressBar
+
-
+
This setting lets you decide whether search suggestions should appear in the Address bar of Microsoft Edge.
1
@@ -27418,21 +37763,21 @@ This policy will only apply on domain joined machines or when the device is MDM
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowSmartScreen
-
+ AllowSmartScreen
+
-
+
This setting lets you decide whether to turn on Windows Defender SmartScreen.
1
@@ -27440,21 +37785,21 @@ This policy will only apply on domain joined machines or when the device is MDM
-
+
-
+
- text/plain
+ text/plain
-
+
- ClearBrowsingDataOnExit
-
+ ClearBrowsingDataOnExit
+
-
+
Specifies whether to always clear browsing history on exiting Microsoft Edge.
0
@@ -27462,22 +37807,22 @@ This policy will only apply on domain joined machines or when the device is MDM
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ConfigureAdditionalSearchEngines
-
+ ConfigureAdditionalSearchEngines
+
-
+
Allows you to add up to 5 additional search engines for MDM-enrolled devices.
@@ -27491,21 +37836,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DisableLockdownOfStartPages
-
+ DisableLockdownOfStartPages
+
-
+
Boolean policy that specifies whether the lockdown on the Start pages is disabled. This policy works with the Browser/HomePages policy, which locks down the Start pages that the users cannot modify. You can use the DisableLockdownOfStartPages policy to allow users to modify the Start pages when Browser/HomePages policy is in effect.
@@ -27518,22 +37863,22 @@ This setting can only be used with domain-joined or MDM-enrolled devices. For mo
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- EnterpriseModeSiteList
-
+ EnterpriseModeSiteList
+
-
+
This setting lets you configure whether your company uses Enterprise Mode and the Enterprise Mode Site List to address common compatibility problems with legacy websites.
@@ -27541,22 +37886,22 @@ This setting can only be used with domain-joined or MDM-enrolled devices. For mo
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- EnterpriseSiteListServiceUrl
-
+ EnterpriseSiteListServiceUrl
+
-
+
@@ -27564,22 +37909,22 @@ This setting can only be used with domain-joined or MDM-enrolled devices. For mo
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- FirstRunURL
-
+ FirstRunURL
+
-
+
Configure first run URL.
@@ -27587,50 +37932,50 @@ This setting can only be used with domain-joined or MDM-enrolled devices. For mo
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- HomePages
-
+ HomePages
+
-
+
Configure the Start page URLs for your employees.
Example:
If you wanted to allow contoso.com and fabrikam.com then you would append /support to the site strings like contoso.com/support and fabrikam.com/support.
Encapsulate each string with greater than and less than characters like any other XML tag.
-Version 1703 or later: If you don't want to send traffic to Microsoft, you can use the about:blank value (encapsulate with greater than and less than characters like any other XML tag), which is honored for both domain- and non-domain-joined machines, when it's the only configured URL.
+Version 1703 or later:  If you don't want to send traffic to Microsoft, you can use the about:blank value (encapsulate with greater than and less than characters like any other XML tag), which is honored for both domain- and non-domain-joined machines, when it's the only configured URL.
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- PreventAccessToAboutFlagsInMicrosoftEdge
-
+ PreventAccessToAboutFlagsInMicrosoftEdge
+
-
+
Prevent access to the about:flags page in Microsoft Edge.
0
@@ -27638,21 +37983,21 @@ Version 1703 or later: If you don't want to send traffic to Microsoft, you ca
-
+
-
+
- text/plain
+ text/plain
-
+
- PreventFirstRunPage
-
+ PreventFirstRunPage
+
-
+
Specifies whether the First Run webpage is prevented from automatically opening on the first launch of Microsoft Edge. This policy is only available for Windows 10 version 1703 or later for desktop.
@@ -27662,22 +38007,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- PreventLiveTileDataCollection
-
+ PreventLiveTileDataCollection
+
-
+
This policy lets you decide whether Microsoft Edge can gather Live Tile metadata from the ieonline.microsoft.com service to provide a better experience while pinning a Live Tile to the Start menu.
@@ -27687,34 +38032,32 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
PreventSmartScreenPromptOverride
-
-
-
Don't allow Windows Defender SmartScreen warning overrides
+ 0
-
+
-
+
text/plain
@@ -27725,20 +38068,18 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
PreventSmartScreenPromptOverrideForFiles
-
-
-
Don't allow Windows Defender SmartScreen warning overrides for unverified files.
+ 0
-
+
-
+
text/plain
@@ -27746,10 +38087,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- PreventUsingLocalHostIPAddressForWebRTC
-
+ PreventUsingLocalHostIPAddressForWebRTC
+
-
+
Prevent using localhost IP address for WebRTC
0
@@ -27757,21 +38098,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- SendIntranetTraffictoInternetExplorer
-
+ SendIntranetTraffictoInternetExplorer
+
-
+
Sends all intranet traffic over to Internet Explorer.
0
@@ -27779,22 +38120,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- SetDefaultSearchEngine
-
+ SetDefaultSearchEngine
+
-
+
Sets the default search engine for MDM-enrolled devices. Users can still change their default search engine.
@@ -27808,21 +38149,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- ShowMessageWhenOpeningSitesInInternetExplorer
-
+ ShowMessageWhenOpeningSitesInInternetExplorer
+
-
+
Show message when opening sites in Internet Explorer
0
@@ -27830,22 +38171,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- SyncFavoritesBetweenIEAndMicrosoftEdge
-
+ SyncFavoritesBetweenIEAndMicrosoftEdge
+
-
+
Specifies whether favorites are kept in sync between Internet Explorer and Microsoft Edge. Changes to favorites in one browser are reflected in the other, including: additions, deletions, modifications, and ordering.
0
@@ -27853,16 +38194,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -27885,10 +38226,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowCamera
-
+ AllowCamera
+
-
+
1
@@ -27896,15 +38237,60 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
+
+
+
+ Cellular
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ ShowAppCellularAccessUI
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ wwansvc.admx
+ wwansvc~AT~Network~WwanSvc_Category~UISettings_Category
+ ShowAppCellularAccessUI
+
@@ -27927,10 +38313,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowBluetooth
-
+ AllowBluetooth
+
-
+
2
@@ -27938,21 +38324,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowCellularData
-
+ AllowCellularData
+
-
+
1
@@ -27960,21 +38346,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowCellularDataRoaming
-
+ AllowCellularDataRoaming
+
-
+
1
@@ -27982,21 +38368,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowConnectedDevices
-
+ AllowConnectedDevices
+
-
+
1
@@ -28004,21 +38390,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowNFC
-
+ AllowNFC
+
-
+
1
@@ -28026,22 +38412,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowUSBConnection
-
+ AllowUSBConnection
+
-
+
1
@@ -28049,22 +38435,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowVPNOverCellular
-
+ AllowVPNOverCellular
+
-
+
1
@@ -28072,21 +38458,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowVPNRoamingOverCellular
-
+ AllowVPNRoamingOverCellular
+
-
+
1
@@ -28094,43 +38480,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DisallowNetworkConnectivityActiveTests
-
+ DiablePrintingOverHTTP
+
-
-
-
- 0
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- HardenedUNCPaths
-
-
-
+
@@ -28138,19 +38502,145 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ ICM.admx
+ ICM~AT~System~InternetManagement~InternetManagement_Settings
+ DisableHTTPPrinting_2
+
+
+
+ DisableDownloadingOfPrintDriversOverHTTP
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ ICM.admx
+ ICM~AT~System~InternetManagement~InternetManagement_Settings
+ DisableWebPnPDownload_2
+
+
+
+ DisableInternetDownloadForWebPublishingAndOnlineOrderingWizards
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ ICM.admx
+ ICM~AT~System~InternetManagement~InternetManagement_Settings
+ ShellPreventWPWDownload_2
+
+
+
+ DisallowNetworkConnectivityActiveTests
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ HardenedUNCPaths
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
networkprovider.admx
NetworkProvider~AT~Network~Cat_NetworkProvider
Pol_HardenedPaths
-
+
+
+
+ ProhibitInstallationAndConfigurationOfNetworkBridge
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ NetworkConnections.admx
+ NetworkConnections~AT~Network~NetworkConnections
+ NC_AllowNetBridge_NLA
+
@@ -28173,10 +38663,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowPINLogon
-
+ AllowPINLogon
+
-
+
@@ -28184,25 +38674,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
credentialproviders.admx
CredentialProviders~AT~System~Logon
AllowDomainPINLogon
-
+
- BlockPicturePassword
-
+ BlockPicturePassword
+
-
+
@@ -28210,19 +38700,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
credentialproviders.admx
CredentialProviders~AT~System~Logon
BlockDomainPicturePassword
-
+
@@ -28245,10 +38735,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- DisablePasswordReveal
-
+ DisablePasswordReveal
+
-
+
@@ -28256,25 +38746,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
credui.admx
CredUI~AT~WindowsComponents~CredUI
DisablePasswordReveal
-
+
- EnumerateAdministrators
-
+ EnumerateAdministrators
+
-
+
@@ -28282,19 +38772,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
credui.admx
CredUI~AT~WindowsComponents~CredUI
EnumerateAdministrators
-
+
@@ -28317,10 +38807,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowFipsAlgorithmPolicy
-
+ AllowFipsAlgorithmPolicy
+
-
+
0
@@ -28328,21 +38818,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- TLSCipherSuites
-
+ TLSCipherSuites
+
-
+
@@ -28350,15 +38840,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -28381,10 +38871,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowDirectMemoryAccess
-
+ AllowDirectMemoryAccess
+
-
+
1
@@ -28392,21 +38882,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LegacySelectiveWipeID
-
+ LegacySelectiveWipeID
+
-
+
@@ -28414,15 +38904,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -28445,10 +38935,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- SetCost3G
-
+ SetCost3G
+
-
+
@@ -28456,24 +38946,24 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
wwansvc.admx
wwansvc~AT~Network~WwanSvc_Category~NetworkCost_Category
SetCost3G
-
+
- SetCost4G
-
+ SetCost4G
+
-
+
@@ -28481,18 +38971,18 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
wwansvc.admx
wwansvc~AT~Network~WwanSvc_Category~NetworkCost_Category
SetCost4G
-
+
@@ -28515,10 +39005,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowArchiveScanning
-
+ AllowArchiveScanning
+
-
+
1
@@ -28526,22 +39016,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowBehaviorMonitoring
-
+ AllowBehaviorMonitoring
+
-
+
1
@@ -28549,22 +39039,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowCloudProtection
-
+ AllowCloudProtection
+
-
+
1
@@ -28572,22 +39062,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowEmailScanning
-
+ AllowEmailScanning
+
-
+
0
@@ -28595,22 +39085,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowFullScanOnMappedNetworkDrives
-
+ AllowFullScanOnMappedNetworkDrives
+
-
+
0
@@ -28618,22 +39108,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowFullScanRemovableDriveScanning
-
+ AllowFullScanRemovableDriveScanning
+
-
+
1
@@ -28641,22 +39131,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowIntrusionPreventionSystem
-
+ AllowIntrusionPreventionSystem
+
-
+
1
@@ -28664,22 +39154,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowIOAVProtection
-
+ AllowIOAVProtection
+
-
+
1
@@ -28687,22 +39177,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowOnAccessProtection
-
+ AllowOnAccessProtection
+
-
+
1
@@ -28710,22 +39200,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowRealtimeMonitoring
-
+ AllowRealtimeMonitoring
+
-
+
1
@@ -28733,22 +39223,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowScanningNetworkFiles
-
+ AllowScanningNetworkFiles
+
-
+
0
@@ -28756,22 +39246,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowScriptScanning
-
+ AllowScriptScanning
+
-
+
1
@@ -28779,22 +39269,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowUserUIAccess
-
+ AllowUserUIAccess
+
-
+
1
@@ -28802,22 +39292,68 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AvgCPULoadFactor
-
+ AttackSurfaceReductionOnlyExclusions
+
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ AttackSurfaceReductionRules
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ AvgCPULoadFactor
+
+
+
50
@@ -28825,22 +39361,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DaysToRetainCleanedMalware
-
+ CloudBlockLevel
+
-
+
0
@@ -28848,91 +39384,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ExcludedExtensions
-
+ CloudExtendedTimeout
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
-
-
-
- ExcludedPaths
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
-
-
-
- ExcludedProcesses
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
-
-
-
- PUAProtection
-
-
-
+
0
@@ -28940,22 +39407,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- RealTimeScanDirection
-
+ DaysToRetainCleanedMalware
+
-
+
0
@@ -28963,22 +39430,229 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ScanParameter
-
+ EnableGuardMyFolders
+
-
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ EnableNetworkProtection
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ ExcludedExtensions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ ExcludedPaths
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ ExcludedProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ GuardedFoldersAllowedApplications
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ GuardedFoldersList
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ PUAProtection
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ RealTimeScanDirection
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ ScanParameter
+
+
+
1
@@ -28986,22 +39660,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ScheduleQuickScanTime
-
+ ScheduleQuickScanTime
+
-
+
120
@@ -29009,22 +39683,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ScheduleScanDay
-
+ ScheduleScanDay
+
-
+
0
@@ -29032,22 +39706,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ScheduleScanTime
-
+ ScheduleScanTime
+
-
+
120
@@ -29055,22 +39729,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- SignatureUpdateInterval
-
+ SignatureUpdateInterval
+
-
+
8
@@ -29078,22 +39752,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- SubmitSamplesConsent
-
+ SubmitSamplesConsent
+
-
+
1
@@ -29101,22 +39775,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ThreatSeverityDefaultAction
-
+ ThreatSeverityDefaultAction
+
-
+
@@ -29124,16 +39798,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -29156,10 +39830,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- DOAbsoluteMaxCacheSize
-
+ DOAbsoluteMaxCacheSize
+
-
+
10
@@ -29167,22 +39841,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOAllowVPNPeerCaching
-
+ DOAllowVPNPeerCaching
+
-
+
0
@@ -29190,22 +39864,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DODownloadMode
-
+ DODownloadMode
+
-
+
1
@@ -29213,22 +39887,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOGroupId
-
+ DOGroupId
+
-
+
@@ -29236,22 +39910,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMaxCacheAge
-
+ DOMaxCacheAge
+
-
+
259200
@@ -29259,22 +39933,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMaxCacheSize
-
+ DOMaxCacheSize
+
-
+
20
@@ -29282,22 +39956,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMaxDownloadBandwidth
-
+ DOMaxDownloadBandwidth
+
-
+
0
@@ -29305,22 +39979,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMaxUploadBandwidth
-
+ DOMaxUploadBandwidth
+
-
+
0
@@ -29328,22 +40002,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMinBackgroundQos
-
+ DOMinBackgroundQos
+
-
+
500
@@ -29351,22 +40025,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMinBatteryPercentageAllowedToUpload
-
+ DOMinBatteryPercentageAllowedToUpload
+
-
+
0
@@ -29374,22 +40048,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMinDiskSizeAllowedToPeer
-
+ DOMinDiskSizeAllowedToPeer
+
-
+
32
@@ -29397,22 +40071,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMinFileSizeToCache
-
+ DOMinFileSizeToCache
+
-
+
100
@@ -29420,22 +40094,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMinRAMAllowedToPeer
-
+ DOMinRAMAllowedToPeer
+
-
+
4
@@ -29443,22 +40117,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOModifyCacheDrive
-
+ DOModifyCacheDrive
+
-
+
%SystemDrive%
@@ -29466,22 +40140,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOMonthlyUploadDataCap
-
+ DOMonthlyUploadDataCap
+
-
+
20
@@ -29489,22 +40163,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DOPercentageMaxDownloadBandwidth
-
+ DOPercentageMaxDownloadBandwidth
+
-
+
0
@@ -29512,16 +40186,105 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
+
+
+
+ DeviceGuard
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ EnableVirtualizationBasedSecurity
+
+
+
+
+ Turns On Virtualization Based Security(VBS)
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ LsaCfgFlags
+
+
+
+
+ Credential Guard Configuration: 0 - Turns off CredentialGuard remotely if configured previously without UEFI Lock, 1 - Turns on CredentialGuard with UEFI lock. 2 - Turns on CredentialGuard without UEFI lock.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ RequirePlatformSecurityFeatures
+
+
+
+
+ Select Platform Security Level: 1 - Turns on VBS with Secure Boot, 3 - Turns on VBS with Secure Boot and DMA. DMA requires hardware support.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
@@ -29544,10 +40307,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- PreventInstallationOfMatchingDeviceIDs
-
+ PreventInstallationOfMatchingDeviceIDs
+
-
+
@@ -29555,25 +40318,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
deviceinstallation.admx
DeviceInstallation~AT~System~DeviceInstall_Category~DeviceInstall_Restrictions_Category
DeviceInstall_IDs_Deny
-
+
- PreventInstallationOfMatchingDeviceSetupClasses
-
+ PreventInstallationOfMatchingDeviceSetupClasses
+
-
+
@@ -29581,19 +40344,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
deviceinstallation.admx
DeviceInstallation~AT~System~DeviceInstall_Category~DeviceInstall_Restrictions_Category
DeviceInstall_Classes_Deny
-
+
@@ -29616,10 +40379,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowIdleReturnWithoutPassword
-
+ AllowIdleReturnWithoutPassword
+
-
+
Specifies whether the user must input a PIN or password when the device resumes from an idle state.
1
@@ -29627,22 +40390,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowScreenTimeoutWhileLockedUserConfig
-
+ AllowScreenTimeoutWhileLockedUserConfig
+
-
+
Specifies whether to show a user-configurable setting to control the screen timeout while on the lock screen of Windows 10 Mobile devices.
0
@@ -29650,21 +40413,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowSimpleDevicePassword
-
+ AllowSimpleDevicePassword
+
-
+
Specifies whether PINs or passwords such as 1111 or 1234 are allowed. For the desktop, it also controls the use of picture passwords.
1
@@ -29672,21 +40435,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AlphanumericDevicePasswordRequired
-
+ AlphanumericDevicePasswordRequired
+
-
+
Determines the type of PIN or password required. This policy only applies if the DeviceLock/DevicePasswordEnabled policy is set to 0
2
@@ -29694,21 +40457,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DevicePasswordEnabled
-
+ DevicePasswordEnabled
+
-
+
Specifies whether device lock is enabled.
1
@@ -29716,21 +40479,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DevicePasswordExpiration
-
+ DevicePasswordExpiration
+
-
+
Specifies when the password expires (in days).
0
@@ -29738,43 +40501,43 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DevicePasswordHistory
-
+ DevicePasswordHistory
+
-
+
- Specifies how many passwords can be stored in the history that can’t be used.
+ Specifies how many passwords can be stored in the history that can’t be used.
0
-
+
-
+
- text/plain
+ text/plain
-
+
- EnforceLockScreenAndLogonImage
-
+ EnforceLockScreenAndLogonImage
+
-
+
@@ -29782,22 +40545,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- EnforceLockScreenProvider
-
+ EnforceLockScreenProvider
+
-
+
@@ -29805,21 +40568,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- MaxDevicePasswordFailedAttempts
-
+ MaxDevicePasswordFailedAttempts
+
-
+
0
@@ -29827,21 +40590,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- MaxInactivityTimeDeviceLock
-
+ MaxInactivityTimeDeviceLock
+
-
+
The number of authentication failures allowed before the device will be wiped. A value of 0 disables device wipe functionality.
0
@@ -29849,21 +40612,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- MaxInactivityTimeDeviceLockWithExternalDisplay
-
+ MaxInactivityTimeDeviceLockWithExternalDisplay
+
-
+
Sets the maximum timeout value for the external display.
0
@@ -29871,22 +40634,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- MinDevicePasswordComplexCharacters
-
+ MinDevicePasswordComplexCharacters
+
-
+
The number of complex element types (uppercase and lowercase letters, numbers, and punctuation) required for a strong PIN or password.
1
@@ -29894,21 +40657,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- MinDevicePasswordLength
-
+ MinDevicePasswordLength
+
-
+
Specifies the minimum number or characters required in the PIN or password.
4
@@ -29916,21 +40679,48 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- PreventLockScreenSlideShow
-
+ MinimumPasswordAge
+
-
+
+
+ This security setting determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow changes immediately by setting the number of days to 0.
+
+The minimum password age must be less than the Maximum password age, unless the maximum password age is set to 0, indicating that passwords will never expire. If the maximum password age is set to 0, the minimum password age can be set to any value between 0 and 998.
+
+Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cycle through passwords repeatedly until they get to an old favorite. The default setting does not follow this recommendation, so that an administrator can specify a password for a user and then require the user to change the administrator-defined password when the user logs on. If the password history is set to 0, the user does not have to choose a new password. For this reason, Enforce password history is set to 1 by default.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ PreventLockScreenSlideShow
+
+
+
@@ -29938,25 +40728,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
ControlPanelDisplay.admx
ControlPanelDisplay~AT~ControlPanel~Personalization
CPL_Personalization_NoLockScreenSlideshow
-
+
- ScreenTimeoutWhileLocked
-
+ ScreenTimeoutWhileLocked
+
-
+
Specifies whether to show a user-configurable setting to control the screen timeout while on the lock screen of Windows 10 Mobile devices.
10
@@ -29964,15 +40754,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -29995,10 +40785,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- TurnOffGdiDPIScalingForApps
-
+ TurnOffGdiDPIScalingForApps
+
-
+
This policy allows to force turn off GDI DPI Scaling for a semicolon separated list of applications. Applications can be specified either by using full path or just filename and extension.
@@ -30006,22 +40796,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- TurnOnGdiDPIScalingForApps
-
+ TurnOnGdiDPIScalingForApps
+
-
+
This policy allows to turn on GDI DPI Scaling for a semicolon separated list of applications. Applications can be specified either by using full path or just filename and extension.
@@ -30029,16 +40819,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -30061,10 +40851,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- CustomizeConsentSettings
-
+ CustomizeConsentSettings
+
-
+
@@ -30072,25 +40862,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
ErrorReporting.admx
ErrorReporting~AT~WindowsComponents~CAT_WindowsErrorReporting
WerConsentCustomize_2
-
+
- DisableWindowsErrorReporting
-
+ DisableWindowsErrorReporting
+
-
+
@@ -30098,25 +40888,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
ErrorReporting.admx
ErrorReporting~AT~WindowsComponents~CAT_WindowsErrorReporting
WerDisable_2
-
+
- DisplayErrorNotification
-
+ DisplayErrorNotification
+
-
+
@@ -30124,25 +40914,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
ErrorReporting.admx
ErrorReporting~AT~WindowsComponents~CAT_WindowsErrorReporting
PCH_ShowUI
-
+
- DoNotSendAdditionalData
-
+ DoNotSendAdditionalData
+
-
+
@@ -30150,25 +40940,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
ErrorReporting.admx
ErrorReporting~AT~WindowsComponents~CAT_WindowsErrorReporting
WerNoSecondLevelData_2
-
+
- PreventCriticalErrorDisplay
-
+ PreventCriticalErrorDisplay
+
-
+
@@ -30176,19 +40966,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
ErrorReporting.admx
ErrorReporting~AT~WindowsComponents~CAT_WindowsErrorReporting
WerDoNotShowUI
-
+
@@ -30211,10 +41001,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- ControlEventLogBehavior
-
+ ControlEventLogBehavior
+
-
+
@@ -30222,25 +41012,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
eventlog.admx
EventLog~AT~WindowsComponents~EventLogCategory~EventLog_Application
Channel_Log_Retention_1
-
+
- SpecifyMaximumFileSizeApplicationLog
-
+ SpecifyMaximumFileSizeApplicationLog
+
-
+
@@ -30248,25 +41038,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
eventlog.admx
EventLog~AT~WindowsComponents~EventLogCategory~EventLog_Application
Channel_LogMaxSize_1
-
+
- SpecifyMaximumFileSizeSecurityLog
-
+ SpecifyMaximumFileSizeSecurityLog
+
-
+
@@ -30274,25 +41064,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
eventlog.admx
EventLog~AT~WindowsComponents~EventLogCategory~EventLog_Security
Channel_LogMaxSize_2
-
+
- SpecifyMaximumFileSizeSystemLog
-
+ SpecifyMaximumFileSizeSystemLog
+
-
+
@@ -30300,19 +41090,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
eventlog.admx
EventLog~AT~WindowsComponents~EventLogCategory~EventLog_System
Channel_LogMaxSize_4
-
+
@@ -30335,10 +41125,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowCopyPaste
-
+ AllowCopyPaste
+
-
+
1
@@ -30346,22 +41136,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowCortana
-
+ AllowCortana
+
-
+
1
@@ -30369,21 +41159,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowDeviceDiscovery
-
+ AllowDeviceDiscovery
+
-
+
1
@@ -30391,21 +41181,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowFindMyDevice
-
+ AllowFindMyDevice
+
-
+
1
@@ -30413,21 +41203,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowManualMDMUnenrollment
-
+ AllowManualMDMUnenrollment
+
-
+
1
@@ -30435,21 +41225,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowSaveAsOfOfficeFiles
-
+ AllowSaveAsOfOfficeFiles
+
-
+
1
@@ -30457,21 +41247,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowScreenCapture
-
+ AllowScreenCapture
+
-
+
1
@@ -30479,21 +41269,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowSharingOfOfficeFiles
-
+ AllowSharingOfOfficeFiles
+
-
+
1
@@ -30501,21 +41291,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowSIMErrorDialogPromptWhenNoSIM
-
+ AllowSIMErrorDialogPromptWhenNoSIM
+
-
+
1
@@ -30523,21 +41313,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowSyncMySettings
-
+ AllowSyncMySettings
+
-
+
1
@@ -30545,21 +41335,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowTaskSwitcher
-
+ AllowTaskSwitcher
+
-
+
1
@@ -30567,22 +41357,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowVoiceRecording
-
+ AllowVoiceRecording
+
-
+
1
@@ -30590,22 +41380,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowWindowsTips
-
+ AllowWindowsTips
+
-
+
1
@@ -30613,22 +41403,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DoNotShowFeedbackNotifications
-
+ DoNotShowFeedbackNotifications
+
-
+
0
@@ -30636,15 +41426,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -30667,10 +41457,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAdvancedGamingServices
-
+ AllowAdvancedGamingServices
+
-
+
Specifies whether advanced gaming services can be used. These services may send data to Microsoft or publishers of games that use these services.
1
@@ -30678,15 +41468,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -30709,10 +41499,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AddSearchProvider
-
+ AddSearchProvider
+
-
+
@@ -30720,25 +41510,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
AddSearchProvider
-
+
- AllowActiveXFiltering
-
+ AllowActiveXFiltering
+
-
+
@@ -30746,25 +41536,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
TurnOnActiveXFiltering
-
+
- AllowAddOnList
-
+ AllowAddOnList
+
-
+
@@ -30772,25 +41562,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
AddonManagement_AddOnList
-
+
- AllowEnhancedProtectedMode
-
+ AllowCertificateAddressMismatchWarning
+
-
+
@@ -30798,25 +41588,77 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
+ IZ_PolicyWarnCertMismatch
+
+
+
+ AllowDeletingBrowsingHistoryOnExit
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~DeleteBrowsingHistory
+ DBHDisableDeleteOnExit
+
+
+
+ AllowEnhancedProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
Advanced_EnableEnhancedProtectedMode
-
+
- AllowEnterpriseModeFromToolsMenu
-
+ AllowEnterpriseModeFromToolsMenu
+
-
+
@@ -30824,25 +41666,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
EnterpriseModeEnable
-
+
- AllowEnterpriseModeSiteList
-
+ AllowEnterpriseModeSiteList
+
-
+
@@ -30850,25 +41692,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
EnterpriseModeSiteList
-
+
- AllowInternetExplorer7PolicyList
-
+ AllowFallbackToSSL3
+
-
+
@@ -30876,25 +41718,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures
+ Advanced_EnableSSL3Fallback
+
+
+
+ AllowInternetExplorer7PolicyList
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~CategoryCompatView
CompatView_UsePolicyList
-
+
- AllowInternetExplorerStandardsMode
-
+ AllowInternetExplorerStandardsMode
+
-
+
@@ -30902,25 +41770,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~CategoryCompatView
CompatView_IntranetSites
-
+
- AllowInternetZoneTemplate
-
+ AllowInternetZoneTemplate
+
-
+
@@ -30928,25 +41796,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyInternetZoneTemplate
-
+
- AllowIntranetZoneTemplate
-
+ AllowIntranetZoneTemplate
+
-
+
@@ -30954,25 +41822,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyIntranetZoneTemplate
-
+
- AllowLocalMachineZoneTemplate
-
+ AllowLocalMachineZoneTemplate
+
-
+
@@ -30980,25 +41848,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyLocalMachineZoneTemplate
-
+
- AllowLockedDownInternetZoneTemplate
-
+ AllowLockedDownInternetZoneTemplate
+
-
+
@@ -31006,25 +41874,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyInternetZoneLockdownTemplate
-
+
- AllowLockedDownIntranetZoneTemplate
-
+ AllowLockedDownIntranetZoneTemplate
+
-
+
@@ -31032,25 +41900,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyIntranetZoneLockdownTemplate
-
+
- AllowLockedDownLocalMachineZoneTemplate
-
+ AllowLockedDownLocalMachineZoneTemplate
+
-
+
@@ -31058,25 +41926,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyLocalMachineZoneLockdownTemplate
-
+
- AllowLockedDownRestrictedSitesZoneTemplate
-
+ AllowLockedDownRestrictedSitesZoneTemplate
+
-
+
@@ -31084,25 +41952,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyRestrictedSitesZoneLockdownTemplate
-
+
- AllowOneWordEntry
-
+ AllowOneWordEntry
+
-
+
@@ -31110,25 +41978,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetSettings~Advanced~Browsing
UseIntranetSiteForOneWordEntry
-
+
- AllowSiteToZoneAssignmentList
-
+ AllowSiteToZoneAssignmentList
+
-
+
@@ -31136,25 +42004,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_Zonemaps
-
+
- AllowsLockedDownTrustedSitesZoneTemplate
-
+ AllowsLockedDownTrustedSitesZoneTemplate
+
-
+
@@ -31162,25 +42030,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyTrustedSitesZoneLockdownTemplate
-
+
- AllowsRestrictedSitesZoneTemplate
-
+ AllowSoftwareWhenSignatureIsInvalid
+
-
+
@@ -31188,25 +42056,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_InvalidSignatureBlock
+
+
+
+ AllowsRestrictedSitesZoneTemplate
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyRestrictedSitesZoneTemplate
-
+
- AllowSuggestedSites
-
+ AllowSuggestedSites
+
-
+
@@ -31214,25 +42108,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
EnableSuggestedSites
-
+
- AllowTrustedSitesZoneTemplate
-
+ AllowTrustedSitesZoneTemplate
+
-
+
@@ -31240,25 +42134,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_PolicyTrustedSitesZoneTemplate
-
+
- DisableAdobeFlash
-
+ CheckServerCertificateRevocation
+
-
+
@@ -31266,25 +42160,103 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_CertificateRevocation
+
+
+
+ CheckSignaturesOnDownloadedPrograms
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_DownloadSignatures
+
+
+
+ ConsistentMimeHandlingInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryBinaryBehaviorSecurityRestriction
+ IESF_PolicyExplorerProcesses_2
+
+
+
+ DisableAdobeFlash
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
DisableFlashInIE
-
+
- DisableBypassOfSmartScreenWarnings
-
+ DisableBlockingOfOutdatedActiveXControls
+
-
+
@@ -31292,357 +42264,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
-
- phone
- inetres.admx
-
-
-
- DisableBypassOfSmartScreenWarningsAboutUncommonFiles
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
-
-
-
- DisableCustomerExperienceImprovementProgramParticipation
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- SQM_DisableCEIP
-
-
-
- DisableEnclosureDownloading
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~RSS_Feeds
- Disable_Downloading_of_Enclosures
-
-
-
- DisableEncryptionSupport
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
- Advanced_SetWinInetProtocols
-
-
-
- DisableFirstRunWizard
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- NoFirstRunCustomise
-
-
-
- DisableFlipAheadFeature
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
- Advanced_DisableFlipAhead
-
-
-
- DisableProxyChange
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
-
-
-
- DisableSearchProviderChange
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- NoSearchProvider
-
-
-
- DisableSecondaryHomePageChange
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- SecondaryHomePages
-
-
-
- DisableUpdateCheck
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- NoUpdateCheck
-
-
-
- DoNotAllowUsersToAddSites
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- Security_zones_map_edit
-
-
-
- DoNotAllowUsersToChangePolicies
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
- phone
- inetres.admx
- inetres~AT~WindowsComponents~InternetExplorer
- Security_options_edit
-
-
-
- DoNotBlockOutdatedActiveXControls
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
VerMgmtDisable
-
+
- DoNotBlockOutdatedActiveXControlsOnSpecificDomains
-
+ DisableBypassOfSmartScreenWarnings
+
-
+
@@ -31650,25 +42290,589 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+
+
+
+ DisableBypassOfSmartScreenWarningsAboutUncommonFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+
+
+
+ DisableConfiguringHistory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~DeleteBrowsingHistory
+ RestrictHistory
+
+
+
+ DisableCrashDetection
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+
+
+
+ DisableCustomerExperienceImprovementProgramParticipation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ SQM_DisableCEIP
+
+
+
+ DisableDeletingUserVisitedWebsites
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~DeleteBrowsingHistory
+ DBHDisableDeleteHistory
+
+
+
+ DisableEnclosureDownloading
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~RSS_Feeds
+ Disable_Downloading_of_Enclosures
+
+
+
+ DisableEncryptionSupport
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_SetWinInetProtocols
+
+
+
+ DisableFirstRunWizard
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ NoFirstRunCustomise
+
+
+
+ DisableFlipAheadFeature
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_DisableFlipAhead
+
+
+
+ DisableIgnoringCertificateErrors
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL
+ NoCertError
+
+
+
+ DisableInPrivateBrowsing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~CategoryPrivacy
+ DisableInPrivateBrowsing
+
+
+
+ DisableProcessesInEnhancedProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_EnableEnhancedProtectedMode64Bit
+
+
+
+ DisableProxyChange
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+
+
+
+ DisableSearchProviderChange
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ NoSearchProvider
+
+
+
+ DisableSecondaryHomePageChange
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ SecondaryHomePages
+
+
+
+ DisableSecuritySettingsCheck
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ Disable_Security_Settings_Check
+
+
+
+ DisableUpdateCheck
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ NoUpdateCheck
+
+
+
+ DoNotAllowActiveXControlsInProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~AdvancedPage
+ Advanced_DisableEPMCompat
+
+
+
+ DoNotAllowUsersToAddSites
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ Security_zones_map_edit
+
+
+
+ DoNotAllowUsersToChangePolicies
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ Security_options_edit
+
+
+
+ DoNotBlockOutdatedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
+ VerMgmtDisable
+
+
+
+ DoNotBlockOutdatedActiveXControlsOnSpecificDomains
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
VerMgmtDomainAllowlist
-
+
- IncludeAllLocalSites
-
+ IncludeAllLocalSites
+
-
+
@@ -31676,25 +42880,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_IncludeUnspecifiedLocalSites
-
+
- IncludeAllNetworkPaths
-
+ IncludeAllNetworkPaths
+
-
+
@@ -31702,25 +42906,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage
IZ_UNCAsIntranet
-
+
- InternetZoneAllowAccessToDataSources
-
+ InternetZoneAllowAccessToDataSources
+
-
+
@@ -31728,25 +42932,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyAccessDataSourcesAcrossDomains_1
-
+
- InternetZoneAllowAutomaticPromptingForActiveXControls
-
+ InternetZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -31754,25 +42958,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyNotificationBarActiveXURLaction_1
-
+
- InternetZoneAllowAutomaticPromptingForFileDownloads
-
+ InternetZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -31780,25 +42984,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyNotificationBarDownloadURLaction_1
-
+
- InternetZoneAllowFontDownloads
-
+ InternetZoneAllowCopyPasteViaScript
+
-
+
@@ -31806,25 +43010,77 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyAllowPasteViaScript_1
+
+
+
+ InternetZoneAllowDragAndDropCopyAndPasteFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDropOrPasteFiles_1
+
+
+
+ InternetZoneAllowFontDownloads
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyFontDownload_1
-
+
- InternetZoneAllowLessPrivilegedSites
-
+ InternetZoneAllowLessPrivilegedSites
+
-
+
@@ -31832,25 +43088,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyZoneElevationURLaction_1
-
+
- InternetZoneAllowNETFrameworkReliantComponents
-
+ InternetZoneAllowLoadingOfXAMLFilesWRONG
+
-
+
@@ -31858,25 +43114,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_XAML_1
+
+
+
+ InternetZoneAllowNETFrameworkReliantComponents
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_1
-
+
- InternetZoneAllowScriptlets
-
+ InternetZoneAllowOnlyApprovedDomainsToUseActiveXControls
+
-
+
@@ -31884,25 +43166,129 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
+ IZ_PolicyOnlyAllowApprovedDomainsToUseActiveXWithoutPrompt_Both_Intranet
+
+
+
+ InternetZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
+ IZ_PolicyAllowTDCControl_Both_LocalMachine
+
+
+
+ InternetZoneAllowScriptingOfInternetExplorerWebBrowserControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_WebBrowserControl_1
+
+
+
+ InternetZoneAllowScriptInitiatedWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
+ IZ_PolicyWindowsRestrictionsURLaction_6
+
+
+
+ InternetZoneAllowScriptlets
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_Policy_AllowScriptlets_1
-
+
- InternetZoneAllowSmartScreenIE
-
+ InternetZoneAllowSmartScreenIE
+
-
+
@@ -31910,25 +43296,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_Policy_Phishing_1
-
+
- InternetZoneAllowUserDataPersistence
-
+ InternetZoneAllowUpdatesToStatusBarViaScript
+
-
+
@@ -31936,25 +43322,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_ScriptStatusBar_1
+
+
+
+ InternetZoneAllowUserDataPersistence
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyUserdataPersistence_1
-
+
- InternetZoneInitializeAndScriptActiveXControls
-
+ InternetZoneDoNotRunAntimalwareAgainstActiveXControlsWRONG1
+
-
+
@@ -31962,25 +43374,285 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_1
+
+
+
+ InternetZoneDoNotRunAntimalwareAgainstActiveXControlsWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_3
+
+
+
+ InternetZoneDownloadSignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
+ IZ_PolicyDownloadSignedActiveX_3
+
+
+
+ InternetZoneDownloadUnsignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDownloadUnsignedActiveX_1
+
+
+
+ InternetZoneEnableCrossSiteScriptingFilter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
+ IZ_PolicyTurnOnXSSFilter_Both_LocalMachine
+
+
+
+ InternetZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDragDropAcrossDomainsAcrossWindows_Both_Internet
+
+
+
+ InternetZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDragDropAcrossDomainsWithinWindow_Both_Internet
+
+
+
+ InternetZoneEnableMIMESniffing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyMimeSniffingURLaction_1
+
+
+
+ InternetZoneEnableProtectedMode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
+ IZ_Policy_TurnOnProtectedMode_2
+
+
+
+ InternetZoneIncludeLocalPathWhenUploadingFilesToServer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_LocalPathForUpload_1
+
+
+
+ InternetZoneInitializeAndScriptActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyScriptActiveXNotMarkedSafe_1
-
+
- InternetZoneNavigateWindowsAndFrames
-
+ InternetZoneInitializeAndScriptActiveXControlsNotMarkedSafe
+
-
+
@@ -31988,25 +43660,155 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyScriptActiveXNotMarkedSafe_1
+
+
+
+ InternetZoneJavaPermissionsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyJavaPermissions_1
+
+
+
+ InternetZoneJavaPermissionsWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
+ IZ_PolicyJavaPermissions_3
+
+
+
+ InternetZoneLaunchingApplicationsAndFilesInIFRAME
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyLaunchAppsAndFilesInIFRAME_1
+
+
+
+ InternetZoneLogonOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyLogon_1
+
+
+
+ InternetZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
IZ_PolicyNavigateSubframesAcrossDomains_1
-
+
- IntranetZoneAllowAccessToDataSources
-
+ InternetZoneRunNETFrameworkReliantComponentsNotSignedWithAuthenticode
+
-
+
@@ -32014,25 +43816,155 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyUnsignedFrameworkComponentsURLaction_1
+
+
+
+ InternetZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicySignedFrameworkComponentsURLaction_1
+
+
+
+ InternetZoneShowSecurityWarningForPotentiallyUnsafeFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_Policy_UnsafeFiles_1
+
+
+
+ InternetZoneUsePopupBlocker
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyBlockPopupWindows_1
+
+
+
+ InternetZoneWebsitesInLessPrivilegedZonesCanNavigateIntoThisZone
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyZoneElevationURLaction_1
+
+
+
+ IntranetZoneAllowAccessToDataSources
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyAccessDataSourcesAcrossDomains_3
-
+
- IntranetZoneAllowAutomaticPromptingForActiveXControls
-
+ IntranetZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -32040,25 +43972,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyNotificationBarActiveXURLaction_3
-
+
- IntranetZoneAllowAutomaticPromptingForFileDownloads
-
+ IntranetZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -32066,25 +43998,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyNotificationBarDownloadURLaction_3
-
+
- IntranetZoneAllowFontDownloads
-
+ IntranetZoneAllowFontDownloads
+
-
+
@@ -32092,25 +44024,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyFontDownload_3
-
+
- IntranetZoneAllowLessPrivilegedSites
-
+ IntranetZoneAllowLessPrivilegedSites
+
-
+
@@ -32118,25 +44050,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyZoneElevationURLaction_3
-
+
- IntranetZoneAllowNETFrameworkReliantComponents
-
+ IntranetZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -32144,25 +44076,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_3
-
+
- IntranetZoneAllowScriptlets
-
+ IntranetZoneAllowScriptlets
+
-
+
@@ -32170,25 +44102,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_Policy_AllowScriptlets_3
-
+
- IntranetZoneAllowSmartScreenIE
-
+ IntranetZoneAllowSmartScreenIE
+
-
+
@@ -32196,25 +44128,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_Policy_Phishing_3
-
+
- IntranetZoneAllowUserDataPersistence
-
+ IntranetZoneAllowUserDataPersistence
+
-
+
@@ -32222,25 +44154,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyUserdataPersistence_3
-
+
- IntranetZoneInitializeAndScriptActiveXControls
-
+ IntranetZoneInitializeAndScriptActiveXControls
+
-
+
@@ -32248,25 +44180,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyScriptActiveXNotMarkedSafe_3
-
+
- IntranetZoneNavigateWindowsAndFrames
-
+ IntranetZoneNavigateWindowsAndFrames
+
-
+
@@ -32274,25 +44206,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone
IZ_PolicyNavigateSubframesAcrossDomains_3
-
+
- LocalMachineZoneAllowAccessToDataSources
-
+ LocalMachineZoneAllowAccessToDataSources
+
-
+
@@ -32300,25 +44232,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyAccessDataSourcesAcrossDomains_9
-
+
- LocalMachineZoneAllowAutomaticPromptingForActiveXControls
-
+ LocalMachineZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -32326,25 +44258,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyNotificationBarActiveXURLaction_9
-
+
- LocalMachineZoneAllowAutomaticPromptingForFileDownloads
-
+ LocalMachineZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -32352,25 +44284,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyNotificationBarDownloadURLaction_9
-
+
- LocalMachineZoneAllowFontDownloads
-
+ LocalMachineZoneAllowFontDownloads
+
-
+
@@ -32378,25 +44310,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyFontDownload_9
-
+
- LocalMachineZoneAllowLessPrivilegedSites
-
+ LocalMachineZoneAllowLessPrivilegedSites
+
-
+
@@ -32404,25 +44336,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyZoneElevationURLaction_9
-
+
- LocalMachineZoneAllowNETFrameworkReliantComponents
-
+ LocalMachineZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -32430,25 +44362,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_9
-
+
- LocalMachineZoneAllowScriptlets
-
+ LocalMachineZoneAllowScriptlets
+
-
+
@@ -32456,25 +44388,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_Policy_AllowScriptlets_9
-
+
- LocalMachineZoneAllowSmartScreenIE
-
+ LocalMachineZoneAllowSmartScreenIE
+
-
+
@@ -32482,25 +44414,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_Policy_Phishing_9
-
+
- LocalMachineZoneAllowUserDataPersistence
-
+ LocalMachineZoneAllowUserDataPersistence
+
-
+
@@ -32508,25 +44440,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyUserdataPersistence_9
-
+
- LocalMachineZoneInitializeAndScriptActiveXControls
-
+ LocalMachineZoneDoNotRunAntimalwareAgainstActiveXControls
+
-
+
@@ -32534,25 +44466,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZone~IZ_LocalMachineZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_9
+
+
+
+ LocalMachineZoneInitializeAndScriptActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyScriptActiveXNotMarkedSafe_9
-
+
- LocalMachineZoneNavigateWindowsAndFrames
-
+ LocalMachineZoneJavaPermissions
+
-
+
@@ -32560,25 +44518,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
+ IZ_PolicyJavaPermissions_9
+
+
+
+ LocalMachineZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZone
IZ_PolicyNavigateSubframesAcrossDomains_9
-
+
- LockedDownInternetZoneAllowAccessToDataSources
-
+ LockedDownInternetZoneAllowAccessToDataSources
+
-
+
@@ -32586,25 +44570,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_2
-
+
- LockedDownInternetZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownInternetZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -32612,25 +44596,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_2
-
+
- LockedDownInternetZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownInternetZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -32638,25 +44622,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_2
-
+
- LockedDownInternetZoneAllowFontDownloads
-
+ LockedDownInternetZoneAllowFontDownloads
+
-
+
@@ -32664,25 +44648,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyFontDownload_2
-
+
- LockedDownInternetZoneAllowLessPrivilegedSites
-
+ LockedDownInternetZoneAllowLessPrivilegedSites
+
-
+
@@ -32690,25 +44674,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyZoneElevationURLaction_2
-
+
- LockedDownInternetZoneAllowNETFrameworkReliantComponents
-
+ LockedDownInternetZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -32716,25 +44700,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_2
-
+
- LockedDownInternetZoneAllowScriptlets
-
+ LockedDownInternetZoneAllowScriptlets
+
-
+
@@ -32742,25 +44726,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_Policy_AllowScriptlets_2
-
+
- LockedDownInternetZoneAllowSmartScreenIE
-
+ LockedDownInternetZoneAllowSmartScreenIE
+
-
+
@@ -32768,25 +44752,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_Policy_Phishing_2
-
+
- LockedDownInternetZoneAllowUserDataPersistence
-
+ LockedDownInternetZoneAllowUserDataPersistence
+
-
+
@@ -32794,25 +44778,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyUserdataPersistence_2
-
+
- LockedDownInternetZoneInitializeAndScriptActiveXControls
-
+ LockedDownInternetZoneInitializeAndScriptActiveXControls
+
-
+
@@ -32820,25 +44804,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_2
-
+
- LockedDownInternetZoneNavigateWindowsAndFrames
-
+ LockedDownInternetZoneJavaPermissions
+
-
+
@@ -32846,25 +44830,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
+ IZ_PolicyJavaPermissions_2
+
+
+
+ LockedDownInternetZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_2
-
+
- LockedDownIntranetZoneAllowAccessToDataSources
-
+ LockedDownIntranetZoneAllowAccessToDataSources
+
-
+
@@ -32872,25 +44882,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_4
-
+
- LockedDownIntranetZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownIntranetZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -32898,25 +44908,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_4
-
+
- LockedDownIntranetZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownIntranetZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -32924,25 +44934,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_4
-
+
- LockedDownIntranetZoneAllowFontDownloads
-
+ LockedDownIntranetZoneAllowFontDownloads
+
-
+
@@ -32950,25 +44960,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyFontDownload_4
-
+
- LockedDownIntranetZoneAllowLessPrivilegedSites
-
+ LockedDownIntranetZoneAllowLessPrivilegedSites
+
-
+
@@ -32976,25 +44986,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyZoneElevationURLaction_4
-
+
- LockedDownIntranetZoneAllowNETFrameworkReliantComponents
-
+ LockedDownIntranetZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -33002,25 +45012,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_4
-
+
- LockedDownIntranetZoneAllowScriptlets
-
+ LockedDownIntranetZoneAllowScriptlets
+
-
+
@@ -33028,25 +45038,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_Policy_AllowScriptlets_4
-
+
- LockedDownIntranetZoneAllowSmartScreenIE
-
+ LockedDownIntranetZoneAllowSmartScreenIE
+
-
+
@@ -33054,25 +45064,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_Policy_Phishing_4
-
+
- LockedDownIntranetZoneAllowUserDataPersistence
-
+ LockedDownIntranetZoneAllowUserDataPersistence
+
-
+
@@ -33080,25 +45090,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyUserdataPersistence_4
-
+
- LockedDownIntranetZoneInitializeAndScriptActiveXControls
-
+ LockedDownIntranetZoneInitializeAndScriptActiveXControls
+
-
+
@@ -33106,25 +45116,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_4
-
+
- LockedDownIntranetZoneNavigateWindowsAndFrames
-
+ LockedDownIntranetZoneNavigateWindowsAndFrames
+
-
+
@@ -33132,25 +45142,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_IntranetZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_4
-
+
- LockedDownLocalMachineZoneAllowAccessToDataSources
-
+ LockedDownLocalMachineZoneAllowAccessToDataSources
+
-
+
@@ -33158,25 +45168,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_10
-
+
- LockedDownLocalMachineZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownLocalMachineZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -33184,25 +45194,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_10
-
+
- LockedDownLocalMachineZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownLocalMachineZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -33210,25 +45220,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_10
-
+
- LockedDownLocalMachineZoneAllowFontDownloads
-
+ LockedDownLocalMachineZoneAllowFontDownloads
+
-
+
@@ -33236,25 +45246,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyFontDownload_10
-
+
- LockedDownLocalMachineZoneAllowLessPrivilegedSites
-
+ LockedDownLocalMachineZoneAllowLessPrivilegedSites
+
-
+
@@ -33262,25 +45272,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyZoneElevationURLaction_10
-
+
- LockedDownLocalMachineZoneAllowNETFrameworkReliantComponents
-
+ LockedDownLocalMachineZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -33288,25 +45298,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_10
-
+
- LockedDownLocalMachineZoneAllowScriptlets
-
+ LockedDownLocalMachineZoneAllowScriptlets
+
-
+
@@ -33314,25 +45324,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_Policy_AllowScriptlets_10
-
+
- LockedDownLocalMachineZoneAllowSmartScreenIE
-
+ LockedDownLocalMachineZoneAllowSmartScreenIE
+
-
+
@@ -33340,25 +45350,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_Policy_Phishing_10
-
+
- LockedDownLocalMachineZoneAllowUserDataPersistence
-
+ LockedDownLocalMachineZoneAllowUserDataPersistence
+
-
+
@@ -33366,25 +45376,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyUserdataPersistence_10
-
+
- LockedDownLocalMachineZoneInitializeAndScriptActiveXControls
-
+ LockedDownLocalMachineZoneInitializeAndScriptActiveXControls
+
-
+
@@ -33392,25 +45402,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_10
-
+
- LockedDownLocalMachineZoneNavigateWindowsAndFrames
-
+ LockedDownLocalMachineZoneJavaPermissions
+
-
+
@@ -33418,25 +45428,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
+ IZ_PolicyJavaPermissions_10
+
+
+
+ LockedDownLocalMachineZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_LocalMachineZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_10
-
+
- LockedDownRestrictedSitesZoneAllowAccessToDataSources
-
+ LockedDownRestrictedSitesZoneAllowAccessToDataSources
+
-
+
@@ -33444,25 +45480,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_8
-
+
- LockedDownRestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownRestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -33470,25 +45506,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_8
-
+
- LockedDownRestrictedSitesZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownRestrictedSitesZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -33496,25 +45532,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_8
-
+
- LockedDownRestrictedSitesZoneAllowFontDownloads
-
+ LockedDownRestrictedSitesZoneAllowFontDownloads
+
-
+
@@ -33522,25 +45558,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyFontDownload_8
-
+
- LockedDownRestrictedSitesZoneAllowLessPrivilegedSites
-
+ LockedDownRestrictedSitesZoneAllowLessPrivilegedSites
+
-
+
@@ -33548,25 +45584,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyZoneElevationURLaction_8
-
+
- LockedDownRestrictedSitesZoneAllowNETFrameworkReliantComponents
-
+ LockedDownRestrictedSitesZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -33574,25 +45610,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_8
-
+
- LockedDownRestrictedSitesZoneAllowScriptlets
-
+ LockedDownRestrictedSitesZoneAllowScriptlets
+
-
+
@@ -33600,25 +45636,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_Policy_AllowScriptlets_8
-
+
- LockedDownRestrictedSitesZoneAllowSmartScreenIE
-
+ LockedDownRestrictedSitesZoneAllowSmartScreenIE
+
-
+
@@ -33626,25 +45662,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_Policy_Phishing_8
-
+
- LockedDownRestrictedSitesZoneAllowUserDataPersistence
-
+ LockedDownRestrictedSitesZoneAllowUserDataPersistence
+
-
+
@@ -33652,25 +45688,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyUserdataPersistence_8
-
+
- LockedDownRestrictedSitesZoneInitializeAndScriptActiveXControls
-
+ LockedDownRestrictedSitesZoneInitializeAndScriptActiveXControls
+
-
+
@@ -33678,25 +45714,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_8
-
+
- LockedDownRestrictedSitesZoneNavigateWindowsAndFrames
-
+ LockedDownRestrictedSitesZoneJavaPermissions
+
-
+
@@ -33704,25 +45740,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
+ IZ_PolicyJavaPermissions_8
+
+
+
+ LockedDownRestrictedSitesZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_8
-
+
- LockedDownTrustedSitesZoneAllowAccessToDataSources
-
+ LockedDownTrustedSitesZoneAllowAccessToDataSources
+
-
+
@@ -33730,25 +45792,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyAccessDataSourcesAcrossDomains_6
-
+
- LockedDownTrustedSitesZoneAllowAutomaticPromptingForActiveXControls
-
+ LockedDownTrustedSitesZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -33756,25 +45818,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyNotificationBarActiveXURLaction_6
-
+
- LockedDownTrustedSitesZoneAllowAutomaticPromptingForFileDownloads
-
+ LockedDownTrustedSitesZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -33782,25 +45844,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyNotificationBarDownloadURLaction_6
-
+
- LockedDownTrustedSitesZoneAllowFontDownloads
-
+ LockedDownTrustedSitesZoneAllowFontDownloads
+
-
+
@@ -33808,25 +45870,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyFontDownload_6
-
+
- LockedDownTrustedSitesZoneAllowLessPrivilegedSites
-
+ LockedDownTrustedSitesZoneAllowLessPrivilegedSites
+
-
+
@@ -33834,25 +45896,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyZoneElevationURLaction_6
-
+
- LockedDownTrustedSitesZoneAllowNETFrameworkReliantComponents
-
+ LockedDownTrustedSitesZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -33860,25 +45922,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyUnsignedFrameworkComponentsURLaction_6
-
+
- LockedDownTrustedSitesZoneAllowScriptlets
-
+ LockedDownTrustedSitesZoneAllowScriptlets
+
-
+
@@ -33886,25 +45948,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_Policy_AllowScriptlets_6
-
+
- LockedDownTrustedSitesZoneAllowSmartScreenIE
-
+ LockedDownTrustedSitesZoneAllowSmartScreenIE
+
-
+
@@ -33912,25 +45974,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_Policy_Phishing_6
-
+
- LockedDownTrustedSitesZoneAllowUserDataPersistence
-
+ LockedDownTrustedSitesZoneAllowUserDataPersistence
+
-
+
@@ -33938,25 +46000,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyUserdataPersistence_6
-
+
- LockedDownTrustedSitesZoneInitializeAndScriptActiveXControls
-
+ LockedDownTrustedSitesZoneInitializeAndScriptActiveXControls
+
-
+
@@ -33964,25 +46026,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyScriptActiveXNotMarkedSafe_6
-
+
- LockedDownTrustedSitesZoneNavigateWindowsAndFrames
-
+ LockedDownTrustedSitesZoneJavaPermissions
+
-
+
@@ -33990,25 +46052,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
+ IZ_PolicyJavaPermissions_6
+
+
+
+ LockedDownTrustedSitesZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
IZ_PolicyNavigateSubframesAcrossDomains_6
-
+
- RestrictedSitesZoneAllowAccessToDataSources
-
+ MimeSniffingSafetyFeatureInternetExplorerProcesses
+
-
+
@@ -34016,25 +46104,233 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryMimeSniffingSafetyFeature
+ IESF_PolicyExplorerProcesses_6
+
+
+
+ MKProtocolSecurityRestrictionInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryMKProtocolSecurityRestriction
+ IESF_PolicyExplorerProcesses_3
+
+
+
+ NotificationBarInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryInformationBar
+ IESF_PolicyExplorerProcesses_10
+
+
+
+ PreventManagingSmartScreenFilter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyDownloadSignedActiveX_1
+
+
+
+ PreventPerUserInstallationOfActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ DisablePerUserActiveXInstall
+
+
+
+ ProtectionFromZoneElevationInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryProtectionFromZoneElevation
+ IESF_PolicyAllProcesses_9
+
+
+
+ RemoveRunThisTimeButtonForOutdatedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement
+ VerMgmtDisableRunThisTime
+
+
+
+ RestrictActiveXInstallInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryRestrictActiveXInstall
+ IESF_PolicyAllProcesses_11
+
+
+
+ RestrictedSitesZoneAllowAccessToDataSources
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyAccessDataSourcesAcrossDomains_7
-
+
- RestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
-
+ RestrictedSitesZoneAllowActiveScripting
+
-
+
@@ -34042,25 +46338,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyActiveScripting_1
+
+
+
+ RestrictedSitesZoneAllowAutomaticPromptingForActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyNotificationBarActiveXURLaction_7
-
+
- RestrictedSitesZoneAllowAutomaticPromptingForFileDownloads
-
+ RestrictedSitesZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -34068,25 +46390,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyNotificationBarDownloadURLaction_7
-
+
- RestrictedSitesZoneAllowFontDownloads
-
+ RestrictedSitesZoneAllowBinaryAndScriptBehaviors
+
-
+
@@ -34094,25 +46416,129 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyBinaryBehaviors_1
+
+
+
+ RestrictedSitesZoneAllowCopyPasteViaScript
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyAllowPasteViaScript_7
+
+
+
+ RestrictedSitesZoneAllowDragAndDropCopyAndPasteFiles
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDropOrPasteFiles_7
+
+
+
+ RestrictedSitesZoneAllowFileDownloads
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyFileDownload_1
+
+
+
+ RestrictedSitesZoneAllowFontDownloadsWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyFontDownload_7
-
+
- RestrictedSitesZoneAllowLessPrivilegedSites
-
+ RestrictedSitesZoneAllowFontDownloadsWRONG2
+
-
+
@@ -34120,25 +46546,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyFontDownload_1
+
+
+
+ RestrictedSitesZoneAllowLessPrivilegedSites
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyZoneElevationURLaction_7
-
+
- RestrictedSitesZoneAllowNETFrameworkReliantComponents
-
+ RestrictedSitesZoneAllowLoadingOfXAMLFiles
+
-
+
@@ -34146,25 +46598,77 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_XAML_7
+
+
+
+ RestrictedSitesZoneAllowMETAREFRESH
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyAllowMETAREFRESH_1
+
+
+
+ RestrictedSitesZoneAllowNETFrameworkReliantComponents
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_7
-
+
- RestrictedSitesZoneAllowScriptlets
-
+ RestrictedSitesZoneAllowOnlyApprovedDomainsToUseActiveXControls
+
-
+
@@ -34172,25 +46676,129 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyOnlyAllowApprovedDomainsToUseActiveXWithoutPrompt_Both_Restricted
+
+
+
+ RestrictedSitesZoneAllowOnlyApprovedDomainsToUseTDCActiveXControl
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyAllowTDCControl_Both_Restricted
+
+
+
+ RestrictedSitesZoneAllowScriptingOfInternetExplorerWebBrowserControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_WebBrowserControl_7
+
+
+
+ RestrictedSitesZoneAllowScriptInitiatedWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyWindowsRestrictionsURLaction_7
+
+
+
+ RestrictedSitesZoneAllowScriptlets
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_Policy_AllowScriptlets_7
-
+
- RestrictedSitesZoneAllowSmartScreenIE
-
+ RestrictedSitesZoneAllowSmartScreenIE
+
-
+
@@ -34198,25 +46806,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_Policy_Phishing_7
-
+
- RestrictedSitesZoneAllowUserDataPersistence
-
+ RestrictedSitesZoneAllowUpdatesToStatusBarViaScript
+
-
+
@@ -34224,25 +46832,51 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_ScriptStatusBar_7
+
+
+
+ RestrictedSitesZoneAllowUserDataPersistence
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyUserdataPersistence_7
-
+
- RestrictedSitesZoneInitializeAndScriptActiveXControls
-
+ RestrictedSitesZoneDoNotRunAntimalwareAgainstActiveXControls
+
-
+
@@ -34250,25 +46884,207 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_7
+
+
+
+ RestrictedSitesZoneDownloadSignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDownloadSignedActiveX_7
+
+
+
+ RestrictedSitesZoneDownloadUnsignedActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDownloadUnsignedActiveX_7
+
+
+
+ RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsAcrossWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDragDropAcrossDomainsAcrossWindows_Both_Restricted
+
+
+
+ RestrictedSitesZoneEnableDraggingOfContentFromDifferentDomainsWithinWindows
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyDragDropAcrossDomainsWithinWindow_Both_Restricted
+
+
+
+ RestrictedSitesZoneEnableMIMESniffing
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyMimeSniffingURLaction_7
+
+
+
+ RestrictedSitesZoneIncludeLocalPathWhenUploadingFilesToServer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_LocalPathForUpload_7
+
+
+
+ RestrictedSitesZoneInitializeAndScriptActiveXControls
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyScriptActiveXNotMarkedSafe_7
-
+
- RestrictedSitesZoneNavigateWindowsAndFrames
-
+ RestrictedSitesZoneJavaPermissions
+
-
+
@@ -34276,25 +47092,103 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyJavaPermissions_7
+
+
+
+ RestrictedSitesZoneLaunchingApplicationsAndFilesInIFRAME
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyLaunchAppsAndFilesInIFRAME_7
+
+
+
+ RestrictedSitesZoneLogonOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyLogon_7
+
+
+
+ RestrictedSitesZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
IZ_PolicyNavigateSubframesAcrossDomains_7
-
+
- SearchProviderList
-
+ RestrictedSitesZoneNavigateWindowsAndFramesAcrossDomains
+
-
+
@@ -34302,25 +47196,311 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyNavigateSubframesAcrossDomains_1
+
+
+
+ RestrictedSitesZoneRunActiveXControlsAndPlugins
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyRunActiveXControls_1
+
+
+
+ RestrictedSitesZoneRunNETFrameworkReliantComponentsSignedWithAuthenticode
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicySignedFrameworkComponentsURLaction_7
+
+
+
+ RestrictedSitesZoneScriptActiveXControlsMarkedSafeForScripting
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_InternetZone
+ IZ_PolicyScriptActiveXMarkedSafe_1
+
+
+
+ RestrictedSitesZoneWRONG
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZoneLockdown
+ IZ_PolicyScriptingOfJavaApplets_6
+
+
+
+ RestrictedSitesZoneWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_UnsafeFiles_7
+
+
+
+ RestrictedSitesZoneWRONG3
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyTurnOnXSSFilter_Both_Restricted
+
+
+
+ RestrictedSitesZoneWRONG4
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_Policy_TurnOnProtectedMode_7
+
+
+
+ RestrictedSitesZoneWRONG5
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_RestrictedSitesZone
+ IZ_PolicyBlockPopupWindows_7
+
+
+
+ RestrictFileDownloadInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryRestrictFileDownload
+ IESF_PolicyAllProcesses_12
+
+
+
+ ScriptedWindowSecurityRestrictionsInternetExplorerProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_CategoryScriptedWindowSecurityRestrictions
+ IESF_PolicyAllProcesses_8
+
+
+
+ SearchProviderList
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer
SpecificSearchProvider
-
+
- TrustedSitesZoneAllowAccessToDataSources
-
+ SecurityZonesUseOnlyMachineSettings
+
-
+
@@ -34328,25 +47508,77 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ Security_HKLM_only
+
+
+
+ SpecifyUseOfActiveXInstallerService
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer
+ OnlyUseAXISForActiveXInstall
+
+
+
+ TrustedSitesZoneAllowAccessToDataSources
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyAccessDataSourcesAcrossDomains_5
-
+
- TrustedSitesZoneAllowAutomaticPromptingForActiveXControls
-
+ TrustedSitesZoneAllowAutomaticPromptingForActiveXControls
+
-
+
@@ -34354,25 +47586,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyNotificationBarActiveXURLaction_5
-
+
- TrustedSitesZoneAllowAutomaticPromptingForFileDownloads
-
+ TrustedSitesZoneAllowAutomaticPromptingForFileDownloads
+
-
+
@@ -34380,25 +47612,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyNotificationBarDownloadURLaction_5
-
+
- TrustedSitesZoneAllowFontDownloads
-
+ TrustedSitesZoneAllowFontDownloads
+
-
+
@@ -34406,25 +47638,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyFontDownload_5
-
+
- TrustedSitesZoneAllowLessPrivilegedSites
-
+ TrustedSitesZoneAllowLessPrivilegedSites
+
-
+
@@ -34432,25 +47664,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyZoneElevationURLaction_5
-
+
- TrustedSitesZoneAllowNETFrameworkReliantComponents
-
+ TrustedSitesZoneAllowNETFrameworkReliantComponents
+
-
+
@@ -34458,25 +47690,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyUnsignedFrameworkComponentsURLaction_5
-
+
- TrustedSitesZoneAllowScriptlets
-
+ TrustedSitesZoneAllowScriptlets
+
-
+
@@ -34484,25 +47716,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_Policy_AllowScriptlets_5
-
+
- TrustedSitesZoneAllowSmartScreenIE
-
+ TrustedSitesZoneAllowSmartScreenIE
+
-
+
@@ -34510,25 +47742,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_Policy_Phishing_5
-
+
- TrustedSitesZoneAllowUserDataPersistence
-
+ TrustedSitesZoneAllowUserDataPersistence
+
-
+
@@ -34536,25 +47768,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyUserdataPersistence_5
-
+
- TrustedSitesZoneInitializeAndScriptActiveXControls
-
+ TrustedSitesZoneInitializeAndScriptActiveXControls
+
-
+
@@ -34562,25 +47794,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyScriptActiveXNotMarkedSafe_5
-
+
- TrustedSitesZoneNavigateWindowsAndFrames
-
+ TrustedSitesZoneJavaPermissions
+
-
+
@@ -34588,19 +47820,97 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
+ IZ_PolicyJavaPermissions_5
+
+
+
+ TrustedSitesZoneNavigateWindowsAndFrames
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
inetres.admx
inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
IZ_PolicyNavigateSubframesAcrossDomains_5
-
+
+
+
+ TrustedSitesZoneWRONG1
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
+ IZ_PolicyAntiMalwareCheckingOfActiveXControls_5
+
+
+
+ TrustedSitesZoneWRONG2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ inetres.admx
+ inetres~AT~WindowsComponents~InternetExplorer~InternetCPL~IZ_SecurityPage~IZ_TrustedSitesZone
+ IZ_PolicyScriptActiveXNotMarkedSafe_5
+
@@ -34623,10 +47933,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowForestSearchOrder
-
+ AllowForestSearchOrder
+
-
+
@@ -34634,25 +47944,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
Kerberos.admx
Kerberos~AT~System~kerberos
ForestSearch
-
+
- KerberosClientSupportsClaimsCompoundArmor
-
+ KerberosClientSupportsClaimsCompoundArmor
+
-
+
@@ -34660,25 +47970,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
Kerberos.admx
Kerberos~AT~System~kerberos
EnableCbacAndArmor
-
+
- RequireKerberosArmoring
-
+ RequireKerberosArmoring
+
-
+
@@ -34686,25 +47996,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
Kerberos.admx
Kerberos~AT~System~kerberos
ClientRequireFast
-
+
- RequireStrictKDCValidation
-
+ RequireStrictKDCValidation
+
-
+
@@ -34712,25 +48022,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
Kerberos.admx
Kerberos~AT~System~kerberos
ValidateKDC
-
+
- SetMaximumContextTokenSize
-
+ SetMaximumContextTokenSize
+
-
+
@@ -34738,19 +48048,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
Kerberos.admx
Kerberos~AT~System~kerberos
MaxTokenSize
-
+
@@ -34773,10 +48083,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowWindowsEntitlementReactivation
-
+ AllowWindowsEntitlementReactivation
+
-
+
1
@@ -34784,22 +48094,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- DisallowKMSClientOnlineAVSValidation
-
+ DisallowKMSClientOnlineAVSValidation
+
-
+
0
@@ -34807,16 +48117,876 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
+
+
+
+ LocalPoliciesSecurityOptions
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Accounts_BlockMicrosoftAccounts
+
+
+
+
+ This policy setting prevents users from adding new Microsoft accounts on this computer.
+
+If you select the "Users can’t add Microsoft accounts" option, users will not be able to create new Microsoft accounts on this computer, switch a local account to a Microsoft account, or connect a domain account to a Microsoft account. This is the preferred option if you need to limit the use of Microsoft accounts in your enterprise.
+
+If you select the "Users can’t add or log on with Microsoft accounts" option, existing Microsoft account users will not be able to log on to Windows. Selecting this option might make it impossible for an existing administrator on this computer to log on and manage the system.
+
+If you disable or do not configure this policy (recommended), users will be able to use Microsoft accounts with Windows.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ Accounts_EnableAdministratorAccountStatus
+
+
+
+
+ This security setting determines whether the local Administrator account is enabled or disabled.
+
+Notes
+
+If you try to reenable the Administrator account after it has been disabled, and if the current Administrator password does not meet the password requirements, you cannot reenable the account. In this case, an alternative member of the Administrators group must reset the password on the Administrator account. For information about how to reset a password, see To reset a password.
+Disabling the Administrator account can become a maintenance issue under certain circumstances.
+
+Under Safe Mode boot, the disabled Administrator account will only be enabled if the machine is non-domain joined and there are no other local active administrator accounts. If the computer is domain joined the disabled administrator will not be enabled.
+
+Default: Disabled.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ desktop
+
+
+
+ Accounts_EnableGuestAccountStatus
+
+
+
+
+ This security setting determines if the Guest account is enabled or disabled.
+
+Default: Disabled.
+
+Note: If the Guest account is disabled and the security option Network Access: Sharing and Security Model for local accounts is set to Guest Only, network logons, such as those performed by the Microsoft Network Server (SMB Service), will fail.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ desktop
+
+
+
+ Accounts_LimitLocalAccountUseOfBlankPasswordsToConsoleLogonOnly
+
+
+
+
+ Accounts: Limit local account use of blank passwords to console logon only
+
+This security setting determines whether local accounts that are not password protected can be used to log on from locations other than the physical computer console. If enabled, local accounts that are not password protected will only be able to log on at the computer's keyboard.
+
+Default: Enabled.
+
+
+Warning:
+
+Computers that are not in physically secure locations should always enforce strong password policies for all local user accounts. Otherwise, anyone with physical access to the computer can log on by using a user account that does not have a password. This is especially important for portable computers.
+If you apply this security policy to the Everyone group, no one will be able to log on through Remote Desktop Services.
+
+Notes
+
+This setting does not affect logons that use domain accounts.
+It is possible for applications that use remote interactive logons to bypass this setting.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ Accounts_RenameAdministratorAccount
+
+
+
+
+ Accounts: Rename administrator account
+
+This security setting determines whether a different account name is associated with the security identifier (SID) for the account Administrator. Renaming the well-known Administrator account makes it slightly more difficult for unauthorized persons to guess this privileged user name and password combination.
+
+Default: Administrator.
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ Accounts_RenameGuestAccount
+
+
+
+
+ Accounts: Rename guest account
+
+This security setting determines whether a different account name is associated with the security identifier (SID) for the account "Guest." Renaming the well-known Guest account makes it slightly more difficult for unauthorized persons to guess this user name and password combination.
+
+Default: Guest.
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ InteractiveLogon_DisplayUserInformationWhenTheSessionIsLocked
+
+
+
+
+ Interactive Logon:Display user information when the session is locked
+User display name, domain and user names (1)
+User display name only (2)
+Do not display user information (3)
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ Interactivelogon_DoNotDisplayLastSignedIn
+
+
+
+
+ Interactive logon: Don't display last signed-in
+This security setting determines whether the Windows sign-in screen will show the username of the last person who signed in on this PC.
+If this policy is enabled, the username will not be shown.
+
+If this policy is disabled, the username will be shown.
+
+Default: Disabled.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ Interactivelogon_DoNotDisplayUsernameAtSignIn
+
+
+
+
+ Interactive logon: Don't display username at sign-in
+This security setting determines whether the username of the person signing in to this PC appears at Windows sign-in, after credentials are entered, and before the PC desktop is shown.
+If this policy is enabled, the username will not be shown.
+
+If this policy is disabled, the username will be shown.
+
+Default: Disabled.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ Interactivelogon_DoNotRequireCTRLALTDEL
+
+
+
+
+ Interactive logon: Do not require CTRL+ALT+DEL
+
+This security setting determines whether pressing CTRL+ALT+DEL is required before a user can log on.
+
+If this policy is enabled on a computer, a user is not required to press CTRL+ALT+DEL to log on. Not having to press CTRL+ALT+DEL leaves users susceptible to attacks that attempt to intercept the users' passwords. Requiring CTRL+ALT+DEL before users log on ensures that users are communicating by means of a trusted path when entering their passwords.
+
+If this policy is disabled, any user is required to press CTRL+ALT+DEL before logging on to Windows.
+
+Default on domain-computers: Enabled: At least Windows 8/Disabled: Windows 7 or earlier.
+Default on stand-alone computers: Enabled.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ InteractiveLogon_MachineInactivityLimit
+
+
+
+
+ Interactive logon: Machine inactivity limit.
+
+Windows notices inactivity of a logon session, and if the amount of inactive time exceeds the inactivity limit, then the screen saver will run, locking the session.
+
+Default: not enforced.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ InteractiveLogon_MessageTextForUsersAttemptingToLogOn
+
+
+
+
+ Interactive logon: Message text for users attempting to log on
+
+This security setting specifies a text message that is displayed to users when they log on.
+
+This text is often used for legal reasons, for example, to warn users about the ramifications of misusing company information or to warn them that their actions may be audited.
+
+Default: No message.
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ InteractiveLogon_MessageTitleForUsersAttemptingToLogOn
+
+
+
+
+ Interactive logon: Message title for users attempting to log on
+
+This security setting allows the specification of a title to appear in the title bar of the window that contains the Interactive logon: Message text for users attempting to log on.
+
+Default: No message.
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ NetworkAccess_DoNotAllowAnonymousEnumerationOfSAMAccountsAndShares
+
+
+
+
+ Network access: Do not allow anonymous enumeration of SAM accounts and shares
+
+This security setting determines whether anonymous enumeration of SAM accounts and shares is allowed.
+
+Windows allows anonymous users to perform certain activities, such as enumerating the names of domain accounts and network shares. This is convenient, for example, when an administrator wants to grant access to users in a trusted domain that does not maintain a reciprocal trust. If you do not want to allow anonymous enumeration of SAM accounts and shares, then enable this policy.
+
+Default: Disabled.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ NetworkAccess_RestrictAnonymousAccessToNamedPipesAndShares
+
+
+
+
+ Network access: Restrict anonymous access to Named Pipes and Shares
+
+When enabled, this security setting restricts anonymous access to shares and pipes to the settings for:
+
+Network access: Named pipes that can be accessed anonymously
+Network access: Shares that can be accessed anonymously
+Default: Enabled.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM
+
+
+
+
+ Network access: Restrict clients allowed to make remote calls to SAM
+
+This policy setting allows you to restrict remote rpc connections to SAM.
+
+If not selected, the default security descriptor will be used.
+
+This policy is supported on at least Windows Server 2016.
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ NetworkSecurity_AllowPKU2UAuthenticationRequests
+
+
+
+
+ Network security: Allow PKU2U authentication requests to this computer to use online identities.
+
+This policy will be turned off by default on domain joined machines. This would prevent online identities from authenticating to the domain joined machine.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ RecoveryConsole_AllowAutomaticAdministrativeLogon
+
+
+
+
+ Recovery console: Allow automatic administrative logon
+
+This security setting determines if the password for the Administrator account must be given before access to the system is granted. If this option is enabled, the Recovery Console does not require you to provide a password, and it automatically logs on to the system.
+
+Default: This policy is not defined and automatic administrative logon is not allowed.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ Shutdown_ClearVirtualMemoryPageFile
+
+
+
+
+ Shutdown: Clear virtual memory pagefile
+
+This security setting determines whether the virtual memory pagefile is cleared when the system is shut down.
+
+Virtual memory support uses a system pagefile to swap pages of memory to disk when they are not used. On a running system, this pagefile is opened exclusively by the operating system, and it is well protected. However, systems that are configured to allow booting to other operating systems might have to make sure that the system pagefile is wiped clean when this system shuts down. This ensures that sensitive information from process memory that might go into the pagefile is not available to an unauthorized user who manages to directly access the pagefile.
+
+When this policy is enabled, it causes the system pagefile to be cleared upon clean shutdown. If you enable this security option, the hibernation file (hiberfil.sys) is also zeroed out when hibernation is disabled.
+
+Default: Disabled.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ UserAccountControl_AllowUIAccessApplicationsToPromptForElevation
+
+
+
+
+ User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop.
+
+This policy setting controls whether User Interface Accessibility (UIAccess or UIA) programs can automatically disable the secure desktop for elevation prompts used by a standard user.
+
+• Enabled: UIA programs, including Windows Remote Assistance, automatically disable the secure desktop for elevation prompts. If you do not disable the "User Account Control: Switch to the secure desktop when prompting for elevation" policy setting, the prompts appear on the interactive user's desktop instead of the secure desktop.
+
+• Disabled: (Default) The secure desktop can be disabled only by the user of the interactive desktop or by disabling the "User Account Control: Switch to the secure desktop when prompting for elevation" policy setting.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ UserAccountControl_BehaviorOfTheElevationPromptForAdministrators
+
+
+
+
+ User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
+
+This policy setting controls the behavior of the elevation prompt for administrators.
+
+The options are:
+
+• Elevate without prompting: Allows privileged accounts to perform an operation that requires elevation without requiring consent or credentials. Note: Use this option only in the most constrained environments.
+
+• Prompt for credentials on the secure desktop: When an operation requires elevation of privilege, the user is prompted on the secure desktop to enter a privileged user name and password. If the user enters valid credentials, the operation continues with the user's highest available privilege.
+
+• Prompt for consent on the secure desktop: When an operation requires elevation of privilege, the user is prompted on the secure desktop to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege.
+
+• Prompt for credentials: When an operation requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
+
+• Prompt for consent: When an operation requires elevation of privilege, the user is prompted to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege.
+
+• Prompt for consent for non-Windows binaries: (Default) When an operation for a non-Microsoft application requires elevation of privilege, the user is prompted on the secure desktop to select either Permit or Deny. If the user selects Permit, the operation continues with the user's highest available privilege.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ UserAccountControl_BehaviorOfTheElevationPromptForStandardUsers
+
+
+
+
+ User Account Control: Behavior of the elevation prompt for standard users
+This policy setting controls the behavior of the elevation prompt for standard users.
+
+The options are:
+
+• Prompt for credentials: (Default) When an operation requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
+
+• Automatically deny elevation requests: When an operation requires elevation of privilege, a configurable access denied error message is displayed. An enterprise that is running desktops as standard user may choose this setting to reduce help desk calls.
+
+• Prompt for credentials on the secure desktop: When an operation requires elevation of privilege, the user is prompted on the secure desktop to enter a different user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ UserAccountControl_OnlyElevateExecutableFilesThatAreSignedAndValidated
+
+
+
+
+ User Account Control: Only elevate executable files that are signed and validated
+
+This policy setting enforces public key infrastructure (PKI) signature checks for any interactive applications that request elevation of privilege. Enterprise administrators can control which applications are allowed to run by adding certificates to the Trusted Publishers certificate store on local computers.
+
+The options are:
+
+• Enabled: Enforces the PKI certification path validation for a given executable file before it is permitted to run.
+
+• Disabled: (Default) Does not enforce PKI certification path validation before a given executable file is permitted to run.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ UserAccountControl_OnlyElevateUIAccessApplicationsThatAreInstalledInSecureLocations
+
+
+
+
+ User Account Control: Only elevate UIAccess applications that are installed in secure locations
+
+This policy setting controls whether applications that request to run with a User Interface Accessibility (UIAccess) integrity level must reside in a secure location in the file system. Secure locations are limited to the following:
+
+- …\Program Files\, including subfolders
+- …\Windows\system32\
+- …\Program Files (x86)\, including subfolders for 64-bit versions of Windows
+
+Note: Windows enforces a public key infrastructure (PKI) signature check on any interactive application that requests to run with a UIAccess integrity level regardless of the state of this security setting.
+
+The options are:
+
+• Enabled: (Default) If an application resides in a secure location in the file system, it runs only with UIAccess integrity.
+
+• Disabled: An application runs with UIAccess integrity even if it does not reside in a secure location in the file system.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ UserAccountControl_RunAllAdministratorsInAdminApprovalMode
+
+
+
+
+ User Account Control: Turn on Admin Approval Mode
+
+This policy setting controls the behavior of all User Account Control (UAC) policy settings for the computer. If you change this policy setting, you must restart your computer.
+
+The options are:
+
+• Enabled: (Default) Admin Approval Mode is enabled. This policy must be enabled and related UAC policy settings must also be set appropriately to allow the built-in Administrator account and all other users who are members of the Administrators group to run in Admin Approval Mode.
+
+• Disabled: Admin Approval Mode and all related UAC policy settings are disabled. Note: If this policy setting is disabled, the Security Center notifies you that the overall security of the operating system has been reduced.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation
+
+
+
+
+ User Account Control: Switch to the secure desktop when prompting for elevation
+
+This policy setting controls whether the elevation request prompt is displayed on the interactive user's desktop or the secure desktop.
+
+The options are:
+
+• Enabled: (Default) All elevation requests go to the secure desktop regardless of prompt behavior policy settings for administrators and standard users.
+
+• Disabled: All elevation requests go to the interactive user's desktop. Prompt behavior policy settings for administrators and standard users are used.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ UserAccountControl_UseAdminApprovalMode
+
+
+
+
+ User Account Control: Use Admin Approval Mode for the built-in Administrator account
+
+This policy setting controls the behavior of Admin Approval Mode for the built-in Administrator account.
+
+The options are:
+
+• Enabled: The built-in Administrator account uses Admin Approval Mode. By default, any operation that requires elevation of privilege will prompt the user to approve the operation.
+
+• Disabled: (Default) The built-in Administrator account runs all applications with full administrative privilege.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations
+
+
+
+
+ User Account Control: Virtualize file and registry write failures to per-user locations
+
+This policy setting controls whether application write failures are redirected to defined registry and file system locations. This policy setting mitigates applications that run as administrator and write run-time application data to %ProgramFiles%, %Windir%, %Windir%\system32, or HKLM\Software.
+
+The options are:
+
+• Enabled: (Default) Application write failures are redirected at run time to defined user locations for both the file system and registry.
+
+• Disabled: Applications that write data to protected locations fail.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
@@ -34839,10 +49009,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- EnableLocation
-
+ EnableLocation
+
-
+
0
@@ -34850,15 +49020,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -34881,10 +49051,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowEdgeSwipe
-
+ AllowEdgeSwipe
+
-
+
1
@@ -34892,16 +49062,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -34924,10 +49094,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowOfflineMapsDownloadOverMeteredConnection
-
+ AllowOfflineMapsDownloadOverMeteredConnection
+
-
+
65535
@@ -34935,21 +49105,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EnableOfflineMapsAutoUpdate
-
+ EnableOfflineMapsAutoUpdate
+
-
+
65535
@@ -34957,15 +49127,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -34988,10 +49158,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowMessageSync
-
+ AllowMessageSync
+
-
+
1
@@ -34999,22 +49169,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowMMS
-
+ AllowMMS
+
-
+
1
@@ -35022,22 +49192,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowRCS
-
+ AllowRCS
+
-
+
1
@@ -35045,16 +49215,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
@@ -35077,10 +49247,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- EnterpriseCloudResources
-
+ EnterpriseCloudResources
+
-
+
@@ -35088,21 +49258,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EnterpriseInternalProxyServers
-
+ EnterpriseInternalProxyServers
+
-
+
@@ -35110,21 +49280,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EnterpriseIPRange
-
+ EnterpriseIPRange
+
-
+
@@ -35132,21 +49302,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EnterpriseIPRangesAreAuthoritative
-
+ EnterpriseIPRangesAreAuthoritative
+
-
+
0
@@ -35154,21 +49324,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EnterpriseNetworkDomainNames
-
+ EnterpriseNetworkDomainNames
+
-
+
@@ -35176,21 +49346,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EnterpriseProxyServers
-
+ EnterpriseProxyServers
+
-
+
@@ -35198,21 +49368,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EnterpriseProxyServersAreAuthoritative
-
+ EnterpriseProxyServersAreAuthoritative
+
-
+
0
@@ -35220,21 +49390,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- NeutralResources
-
+ NeutralResources
+
-
+
@@ -35242,15 +49412,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -35273,10 +49443,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowStandbyWhenSleepingPluggedIn
-
+ AllowStandbyWhenSleepingPluggedIn
+
-
+
@@ -35284,25 +49454,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
power.admx
Power~AT~System~PowerManagementCat~PowerSleepSettingsCat
AllowStandbyStatesAC_2
-
+
- RequirePasswordWhenComputerWakesOnBattery
-
+ DisplayOffTimeoutOnBattery
+
-
+
@@ -35310,25 +49480,129 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+ phone
+ power.admx
+ Power~AT~System~PowerManagementCat~PowerVideoSettingsCat
+ VideoPowerDownTimeOutDC_2
+
+
+
+ DisplayOffTimeoutPluggedIn
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ power.admx
+ Power~AT~System~PowerManagementCat~PowerVideoSettingsCat
+ VideoPowerDownTimeOutAC_2
+
+
+
+ HibernateTimeoutOnBattery
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ power.admx
+ Power~AT~System~PowerManagementCat~PowerSleepSettingsCat
+ DCHibernateTimeOut_2
+
+
+
+ HibernateTimeoutPluggedIn
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ power.admx
+ Power~AT~System~PowerManagementCat~PowerSleepSettingsCat
+ ACHibernateTimeOut_2
+
+
+
+ RequirePasswordWhenComputerWakesOnBattery
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
power.admx
Power~AT~System~PowerManagementCat~PowerSleepSettingsCat
DCPromptForPasswordOnResume_2
-
+
- RequirePasswordWhenComputerWakesPluggedIn
-
+ RequirePasswordWhenComputerWakesPluggedIn
+
-
+
@@ -35336,19 +49610,71 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
power.admx
Power~AT~System~PowerManagementCat~PowerSleepSettingsCat
ACPromptForPasswordOnResume_2
-
+
+
+
+ StandbyTimeoutOnBattery
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ power.admx
+ Power~AT~System~PowerManagementCat~PowerSleepSettingsCat
+ DCStandbyTimeOut_2
+
+
+
+ StandbyTimeoutPluggedIn
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ power.admx
+ Power~AT~System~PowerManagementCat~PowerSleepSettingsCat
+ ACStandbyTimeOut_2
+
@@ -35371,10 +49697,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- PointAndPrintRestrictions
-
+ PointAndPrintRestrictions
+
-
+
@@ -35382,25 +49708,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
Printing.admx
Printing~AT~ControlPanel~CplPrinters
PointAndPrint_Restrictions_Win7
-
+
- PublishPrinters
-
+ PublishPrinters
+
-
+
@@ -35408,19 +49734,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
Printing2.admx
Printing2~AT~Printers
PublishPrinters
-
+
@@ -35443,10 +49769,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAutoAcceptPairingAndPrivacyConsentPrompts
-
+ AllowAutoAcceptPairingAndPrivacyConsentPrompts
+
-
+
0
@@ -35454,22 +49780,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowInputPersonalization
-
+ AllowInputPersonalization
+
-
+
1
@@ -35477,22 +49803,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
10.0.10240
-
+
- DisableAdvertisingId
-
+ DisableAdvertisingId
+
-
+
65535
@@ -35500,21 +49826,43 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessAccountInfo
-
+ EnableActivityFeed
+
-
+
+
+ Enables ActivityFeed, which is responsible for mirroring different activity types (as applicable) across device graph of the user.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LetAppsAccessAccountInfo
+
+
+
This policy setting specifies whether Windows apps can access account information.
0
@@ -35522,21 +49870,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessAccountInfo_ForceAllowTheseApps
-
+ LetAppsAccessAccountInfo_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed access to account information. This setting overrides the default LetAppsAccessAccountInfo policy setting for the specified Windows apps.
@@ -35544,21 +49892,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessAccountInfo_ForceDenyTheseApps
-
+ LetAppsAccessAccountInfo_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are denied access to account information. This setting overrides the default LetAppsAccessAccountInfo policy setting for the specified Windows apps.
@@ -35566,21 +49914,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessAccountInfo_UserInControlOfTheseApps
-
+ LetAppsAccessAccountInfo_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the account information privacy setting for the listed Windows apps. This setting overrides the default LetAppsAccessAccountInfo policy setting for the specified Windows apps.
@@ -35588,21 +49936,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCalendar
-
+ LetAppsAccessCalendar
+
-
+
This policy setting specifies whether Windows apps can access the calendar.
0
@@ -35610,21 +49958,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCalendar_ForceAllowTheseApps
-
+ LetAppsAccessCalendar_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed access to the calendar. This setting overrides the default LetAppsAccessCalendar policy setting for the specified Windows apps.
@@ -35632,21 +49980,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCalendar_ForceDenyTheseApps
-
+ LetAppsAccessCalendar_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are denied access to the calendar. This setting overrides the default LetAppsAccessCalendar policy setting for the specified Windows apps.
@@ -35654,21 +50002,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCalendar_UserInControlOfTheseApps
-
+ LetAppsAccessCalendar_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the calendar privacy setting for the listed Windows apps. This setting overrides the default LetAppsAccessCalendar policy setting for the specified Windows apps.
@@ -35676,21 +50024,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCallHistory
-
+ LetAppsAccessCallHistory
+
-
+
This policy setting specifies whether Windows apps can access call history.
0
@@ -35698,21 +50046,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCallHistory_ForceAllowTheseApps
-
+ LetAppsAccessCallHistory_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed access to call history. This setting overrides the default LetAppsAccessCallHistory policy setting for the specified Windows apps.
@@ -35720,21 +50068,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCallHistory_ForceDenyTheseApps
-
+ LetAppsAccessCallHistory_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are denied access to call history. This setting overrides the default LetAppsAccessCallHistory policy setting for the specified Windows apps.
@@ -35742,21 +50090,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCallHistory_UserInControlOfTheseApps
-
+ LetAppsAccessCallHistory_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the call history privacy setting for the listed Windows apps. This setting overrides the default LetAppsAccessCallHistory policy setting for the specified Windows apps.
@@ -35764,21 +50112,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCamera
-
+ LetAppsAccessCamera
+
-
+
This policy setting specifies whether Windows apps can access the camera.
0
@@ -35786,21 +50134,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCamera_ForceAllowTheseApps
-
+ LetAppsAccessCamera_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to the camera. This setting overrides the default LetAppsAccessCamera policy setting for the specified apps.
@@ -35808,21 +50156,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCamera_ForceDenyTheseApps
-
+ LetAppsAccessCamera_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to the camera. This setting overrides the default LetAppsAccessCamera policy setting for the specified apps.
@@ -35830,21 +50178,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessCamera_UserInControlOfTheseApps
-
+ LetAppsAccessCamera_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the camera privacy setting for the listed apps. This setting overrides the default LetAppsAccessCamera policy setting for the specified apps.
@@ -35852,21 +50200,109 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessContacts
-
+ LetAppsAccessCellularData
+
-
+
+
+ This policy setting specifies whether Windows apps can access cellular data.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LetAppsAccessCellularData_ForceAllowTheseApps
+
+
+
+
+ List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to cellular data. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps.
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LetAppsAccessCellularData_ForceDenyTheseApps
+
+
+
+
+ List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to cellular data. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps.
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LetAppsAccessCellularData_UserInControlOfTheseApps
+
+
+
+
+ List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the cellular data privacy setting for the listed apps. This setting overrides the default LetAppsAccessCellularData policy setting for the specified apps.
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ LetAppsAccessContacts
+
+
+
This policy setting specifies whether Windows apps can access contacts.
0
@@ -35874,21 +50310,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessContacts_ForceAllowTheseApps
-
+ LetAppsAccessContacts_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to contacts. This setting overrides the default LetAppsAccessContacts policy setting for the specified apps.
@@ -35896,21 +50332,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessContacts_ForceDenyTheseApps
-
+ LetAppsAccessContacts_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to contacts. This setting overrides the default LetAppsAccessContacts policy setting for the specified apps.
@@ -35918,21 +50354,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessContacts_UserInControlOfTheseApps
-
+ LetAppsAccessContacts_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the contacts privacy setting for the listed apps. This setting overrides the default LetAppsAccessContacts policy setting for the specified apps.
@@ -35940,21 +50376,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessEmail
-
+ LetAppsAccessEmail
+
-
+
This policy setting specifies whether Windows apps can access email.
0
@@ -35962,21 +50398,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessEmail_ForceAllowTheseApps
-
+ LetAppsAccessEmail_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to email. This setting overrides the default LetAppsAccessEmail policy setting for the specified apps.
@@ -35984,21 +50420,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessEmail_ForceDenyTheseApps
-
+ LetAppsAccessEmail_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to email. This setting overrides the default LetAppsAccessEmail policy setting for the specified apps.
@@ -36006,21 +50442,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessEmail_UserInControlOfTheseApps
-
+ LetAppsAccessEmail_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the email privacy setting for the listed apps. This setting overrides the default LetAppsAccessEmail policy setting for the specified apps.
@@ -36028,21 +50464,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessLocation
-
+ LetAppsAccessLocation
+
-
+
This policy setting specifies whether Windows apps can access location.
0
@@ -36050,21 +50486,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessLocation_ForceAllowTheseApps
-
+ LetAppsAccessLocation_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to location. This setting overrides the default LetAppsAccessLocation policy setting for the specified apps.
@@ -36072,21 +50508,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessLocation_ForceDenyTheseApps
-
+ LetAppsAccessLocation_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to location. This setting overrides the default LetAppsAccessLocation policy setting for the specified apps.
@@ -36094,21 +50530,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessLocation_UserInControlOfTheseApps
-
+ LetAppsAccessLocation_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the location privacy setting for the listed apps. This setting overrides the default LetAppsAccessLocation policy setting for the specified apps.
@@ -36116,21 +50552,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMessaging
-
+ LetAppsAccessMessaging
+
-
+
This policy setting specifies whether Windows apps can read or send messages (text or MMS).
0
@@ -36138,21 +50574,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMessaging_ForceAllowTheseApps
-
+ LetAppsAccessMessaging_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed to read or send messages (text or MMS). This setting overrides the default LetAppsAccessMessaging policy setting for the specified apps.
@@ -36160,21 +50596,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMessaging_ForceDenyTheseApps
-
+ LetAppsAccessMessaging_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are not allowed to read or send messages (text or MMS). This setting overrides the default LetAppsAccessMessaging policy setting for the specified apps.
@@ -36182,21 +50618,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMessaging_UserInControlOfTheseApps
-
+ LetAppsAccessMessaging_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the messaging privacy setting for the listed apps. This setting overrides the default LetAppsAccessMessaging policy setting for the specified apps.
@@ -36204,21 +50640,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMicrophone
-
+ LetAppsAccessMicrophone
+
-
+
This policy setting specifies whether Windows apps can access the microphone.
0
@@ -36226,21 +50662,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMicrophone_ForceAllowTheseApps
-
+ LetAppsAccessMicrophone_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to the microphone. This setting overrides the default LetAppsAccessMicrophone policy setting for the specified apps.
@@ -36248,21 +50684,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMicrophone_ForceDenyTheseApps
-
+ LetAppsAccessMicrophone_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to the microphone. This setting overrides the default LetAppsAccessMicrophone policy setting for the specified apps.
@@ -36270,21 +50706,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMicrophone_UserInControlOfTheseApps
-
+ LetAppsAccessMicrophone_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the microphone privacy setting for the listed apps. This setting overrides the default LetAppsAccessMicrophone policy setting for the specified apps.
@@ -36292,21 +50728,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMotion
-
+ LetAppsAccessMotion
+
-
+
This policy setting specifies whether Windows apps can access motion data.
0
@@ -36314,21 +50750,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMotion_ForceAllowTheseApps
-
+ LetAppsAccessMotion_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to motion data. This setting overrides the default LetAppsAccessMotion policy setting for the specified apps.
@@ -36336,21 +50772,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMotion_ForceDenyTheseApps
-
+ LetAppsAccessMotion_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to motion data. This setting overrides the default LetAppsAccessMotion policy setting for the specified apps.
@@ -36358,21 +50794,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessMotion_UserInControlOfTheseApps
-
+ LetAppsAccessMotion_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the motion privacy setting for the listed apps. This setting overrides the default LetAppsAccessMotion policy setting for the specified apps.
@@ -36380,21 +50816,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessNotifications
-
+ LetAppsAccessNotifications
+
-
+
This policy setting specifies whether Windows apps can access notifications.
0
@@ -36402,21 +50838,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessNotifications_ForceAllowTheseApps
-
+ LetAppsAccessNotifications_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to notifications. This setting overrides the default LetAppsAccessNotifications policy setting for the specified apps.
@@ -36424,21 +50860,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessNotifications_ForceDenyTheseApps
-
+ LetAppsAccessNotifications_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to notifications. This setting overrides the default LetAppsAccessNotifications policy setting for the specified apps.
@@ -36446,21 +50882,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessNotifications_UserInControlOfTheseApps
-
+ LetAppsAccessNotifications_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the notifications privacy setting for the listed apps. This setting overrides the default LetAppsAccessNotifications policy setting for the specified apps.
@@ -36468,21 +50904,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessPhone
-
+ LetAppsAccessPhone
+
-
+
This policy setting specifies whether Windows apps can make phone calls
0
@@ -36490,21 +50926,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessPhone_ForceAllowTheseApps
-
+ LetAppsAccessPhone_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed to make phone calls. This setting overrides the default LetAppsAccessPhone policy setting for the specified apps.
@@ -36512,21 +50948,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessPhone_ForceDenyTheseApps
-
+ LetAppsAccessPhone_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are not allowed to make phone calls. This setting overrides the default LetAppsAccessPhone policy setting for the specified apps.
@@ -36534,21 +50970,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessPhone_UserInControlOfTheseApps
-
+ LetAppsAccessPhone_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the phone call privacy setting for the listed apps. This setting overrides the default LetAppsAccessPhone policy setting for the specified apps.
@@ -36556,21 +50992,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessRadios
-
+ LetAppsAccessRadios
+
-
+
This policy setting specifies whether Windows apps have access to control radios.
0
@@ -36578,21 +51014,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessRadios_ForceAllowTheseApps
-
+ LetAppsAccessRadios_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will have access to control radios. This setting overrides the default LetAppsAccessRadios policy setting for the specified apps.
@@ -36600,21 +51036,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessRadios_ForceDenyTheseApps
-
+ LetAppsAccessRadios_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will not have access to control radios. This setting overrides the default LetAppsAccessRadios policy setting for the specified apps.
@@ -36622,21 +51058,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessRadios_UserInControlOfTheseApps
-
+ LetAppsAccessRadios_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the radios privacy setting for the listed apps. This setting overrides the default LetAppsAccessRadios policy setting for the specified apps.
@@ -36644,21 +51080,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessTasks
-
+ LetAppsAccessTasks
+
-
+
This policy setting specifies whether Windows apps can access tasks.
0
@@ -36666,21 +51102,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessTasks_ForceAllowTheseApps
-
+ LetAppsAccessTasks_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are allowed access to tasks. This setting overrides the default LetAppsAccessTasks policy setting for the specified apps.
@@ -36688,21 +51124,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessTasks_ForceDenyTheseApps
-
+ LetAppsAccessTasks_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps are denied access to tasks. This setting overrides the default LetAppsAccessTasks policy setting for the specified apps.
@@ -36710,21 +51146,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessTasks_UserInControlOfTheseApps
-
+ LetAppsAccessTasks_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the tasks privacy setting for the listed apps. This setting overrides the default LetAppsAccessTasks policy setting for the specified apps.
@@ -36732,21 +51168,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessTrustedDevices
-
+ LetAppsAccessTrustedDevices
+
-
+
This policy setting specifies whether Windows apps can access trusted devices.
0
@@ -36754,21 +51190,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessTrustedDevices_ForceAllowTheseApps
-
+ LetAppsAccessTrustedDevices_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will have access to trusted devices. This setting overrides the default LetAppsAccessTrustedDevices policy setting for the specified apps.
@@ -36776,21 +51212,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessTrustedDevices_ForceDenyTheseApps
-
+ LetAppsAccessTrustedDevices_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will not have access to trusted devices. This setting overrides the default LetAppsAccessTrustedDevices policy setting for the specified apps.
@@ -36798,21 +51234,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsAccessTrustedDevices_UserInControlOfTheseApps
-
+ LetAppsAccessTrustedDevices_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the 'trusted devices' privacy setting for the listed apps. This setting overrides the default LetAppsAccessTrustedDevices policy setting for the specified apps.
@@ -36820,21 +51256,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsGetDiagnosticInfo
-
+ LetAppsGetDiagnosticInfo
+
-
+
This policy setting specifies whether Windows apps can get diagnostic information about other apps, including user names.
0
@@ -36842,21 +51278,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsGetDiagnosticInfo_ForceAllowTheseApps
-
+ LetAppsGetDiagnosticInfo_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed to get diagnostic information about other apps, including user names. This setting overrides the default LetAppsGetDiagnosticInfo policy setting for the specified Windows apps.
@@ -36864,21 +51300,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsGetDiagnosticInfo_ForceDenyTheseApps
-
+ LetAppsGetDiagnosticInfo_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are not allowed to get diagnostic information about other apps, including user names. This setting overrides the default LetAppsGetDiagnosticInfo policy setting for the specified Windows apps.
@@ -36886,21 +51322,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsGetDiagnosticInfo_UserInControlOfTheseApps
-
+ LetAppsGetDiagnosticInfo_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the app diagnostics privacy setting for the listed Windows apps. This setting overrides the default LetAppsGetDiagnosticInfo policy setting for the specified Windows apps.
@@ -36908,21 +51344,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsRunInBackground
-
+ LetAppsRunInBackground
+
-
+
This policy setting specifies whether Windows apps can run in the background.
0
@@ -36930,21 +51366,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsRunInBackground_ForceAllowTheseApps
-
+ LetAppsRunInBackground_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are allowed to run in the background. This setting overrides the default LetAppsRunInBackground policy setting for the specified Windows apps.
@@ -36952,21 +51388,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsRunInBackground_ForceDenyTheseApps
-
+ LetAppsRunInBackground_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are not allowed to run in the background. This setting overrides the default LetAppsRunInBackground policy setting for the specified Windows apps.
@@ -36974,21 +51410,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsRunInBackground_UserInControlOfTheseApps
-
+ LetAppsRunInBackground_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows apps. The user is able to control the background apps privacy setting for the listed Windows apps. This setting overrides the default LetAppsRunInBackground policy setting for the specified Windows apps.
@@ -36996,21 +51432,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsSyncWithDevices
-
+ LetAppsSyncWithDevices
+
-
+
This policy setting specifies whether Windows apps can sync with devices.
0
@@ -37018,21 +51454,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsSyncWithDevices_ForceAllowTheseApps
-
+ LetAppsSyncWithDevices_ForceAllowTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will have access to sync with devices. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps.
@@ -37040,21 +51476,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsSyncWithDevices_ForceDenyTheseApps
-
+ LetAppsSyncWithDevices_ForceDenyTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. Listed apps will not have access to sync with devices. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps.
@@ -37062,21 +51498,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- LetAppsSyncWithDevices_UserInControlOfTheseApps
-
+ LetAppsSyncWithDevices_UserInControlOfTheseApps
+
-
+
List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the 'sync with devices' privacy setting for the listed apps. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps.
@@ -37084,15 +51520,37 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
+
+
+ PublishUserActivities
+
+
+
+
+ Allows apps/system to publish 'User Activities' into ActivityFeed.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
@@ -37115,10 +51573,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- CustomizeWarningMessages
-
+ CustomizeWarningMessages
+
-
+
@@ -37126,25 +51584,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
remoteassistance.admx
RemoteAssistance~AT~System~RemoteAssist
RA_Options
-
+
- SessionLogging
-
+ SessionLogging
+
-
+
@@ -37152,25 +51610,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
remoteassistance.admx
RemoteAssistance~AT~System~RemoteAssist
RA_Logging
-
+
- SolicitedRemoteAssistance
-
+ SolicitedRemoteAssistance
+
-
+
@@ -37178,25 +51636,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
remoteassistance.admx
RemoteAssistance~AT~System~RemoteAssist
RA_Solicit
-
+
- UnsolicitedRemoteAssistance
-
+ UnsolicitedRemoteAssistance
+
-
+
@@ -37204,19 +51662,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
remoteassistance.admx
RemoteAssistance~AT~System~RemoteAssist
RA_Unsolicit
-
+
@@ -37239,10 +51697,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowUsersToConnectRemotely
-
+ AllowUsersToConnectRemotely
+
-
+
@@ -37250,25 +51708,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
terminalserver.admx
TerminalServer~AT~WindowsComponents~TS_GP_NODE~TS_TERMINAL_SERVER~TS_CONNECTIONS
TS_DISABLE_CONNECTIONS
-
+
- ClientConnectionEncryptionLevel
-
+ ClientConnectionEncryptionLevel
+
-
+
@@ -37276,25 +51734,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
terminalserver.admx
TerminalServer~AT~WindowsComponents~TS_GP_NODE~TS_TERMINAL_SERVER~TS_SECURITY
TS_ENCRYPTION_POLICY
-
+
- DoNotAllowDriveRedirection
-
+ DoNotAllowDriveRedirection
+
-
+
@@ -37302,25 +51760,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
terminalserver.admx
TerminalServer~AT~WindowsComponents~TS_GP_NODE~TS_TERMINAL_SERVER~TS_REDIRECTION
TS_CLIENT_DRIVE_M
-
+
- DoNotAllowPasswordSaving
-
+ DoNotAllowPasswordSaving
+
-
+
@@ -37328,25 +51786,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
terminalserver.admx
TerminalServer~AT~WindowsComponents~TS_GP_NODE~TS_CLIENT
TS_CLIENT_DISABLE_PASSWORD_SAVING_2
-
+
- PromptForPasswordUponConnection
-
+ PromptForPasswordUponConnection
+
-
+
@@ -37354,25 +51812,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
terminalserver.admx
TerminalServer~AT~WindowsComponents~TS_GP_NODE~TS_TERMINAL_SERVER~TS_SECURITY
TS_PASSWORD
-
+
- RequireSecureRPCCommunication
-
+ RequireSecureRPCCommunication
+
-
+
@@ -37380,19 +51838,429 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
terminalserver.admx
TerminalServer~AT~WindowsComponents~TS_GP_NODE~TS_TERMINAL_SERVER~TS_SECURITY
TS_RPC_ENCRYPTION
-
+
+
+
+
+ RemoteManagement
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ AllowBasicAuthentication_Client
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMClient
+ AllowBasic_2
+
+
+
+ AllowBasicAuthentication_Service
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ AllowBasic_1
+
+
+
+ AllowCredSSPAuthenticationClient
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ AllowCredSSP_1
+
+
+
+ AllowCredSSPAuthenticationService
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ AllowCredSSP_2
+
+
+
+ AllowRemoteServerManagement
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ AllowAutoConfig
+
+
+
+ AllowUnencryptedTraffic_Client
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMClient
+ AllowUnencrypted_2
+
+
+
+ AllowUnencryptedTraffic_Service
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ AllowUnencrypted_1
+
+
+
+ DisallowDigestAuthentication
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMClient
+ DisallowDigest
+
+
+
+ DisallowNegotiateAuthenticationClient
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ DisallowNegotiate_1
+
+
+
+ DisallowNegotiateAuthenticationService
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMClient
+ DisallowNegotiate_2
+
+
+
+ DisallowStoringOfRunAsCredentials
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ DisableRunAs
+
+
+
+ SpecifyChannelBindingTokenHardeningLevel
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ CBTHardeningLevel_1
+
+
+
+ TrustedHosts
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMClient
+ TrustedHosts
+
+
+
+ TurnOnCompatibilityHTTPListener
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ HttpCompatibilityListener
+
+
+
+ TurnOnCompatibilityHTTPSListener
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteManagement.admx
+ WindowsRemoteManagement~AT~WindowsComponents~WinRM~WinRMService
+ HttpsCompatibilityListener
+
@@ -37415,10 +52283,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- RestrictUnauthenticatedRPCClients
-
+ RestrictUnauthenticatedRPCClients
+
-
+
@@ -37426,25 +52294,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
rpc.admx
RPC~AT~System~Rpc
RpcRestrictRemoteClients
-
+
- RPCEndpointMapperClientAuthentication
-
+ RPCEndpointMapperClientAuthentication
+
-
+
@@ -37452,19 +52320,221 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
rpc.admx
RPC~AT~System~Rpc
RpcEnableAuthEpResolution
-
+
+
+
+
+ RemoteShell
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ AllowRemoteShellAccess
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteShell.admx
+ WindowsRemoteShell~AT~WindowsComponents~WinRS
+ AllowRemoteShellAccess
+
+
+
+ MaxConcurrentUsers
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteShell.admx
+ WindowsRemoteShell~AT~WindowsComponents~WinRS
+ MaxConcurrentUsers
+
+
+
+ SpecifyIdleTimeout
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteShell.admx
+ WindowsRemoteShell~AT~WindowsComponents~WinRS
+ IdleTimeout
+
+
+
+ SpecifyMaxMemory
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteShell.admx
+ WindowsRemoteShell~AT~WindowsComponents~WinRS
+ MaxMemoryPerShellMB
+
+
+
+ SpecifyMaxProcesses
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteShell.admx
+ WindowsRemoteShell~AT~WindowsComponents~WinRS
+ MaxProcessesPerShell
+
+
+
+ SpecifyMaxRemoteShells
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteShell.admx
+ WindowsRemoteShell~AT~WindowsComponents~WinRS
+ MaxShellsPerUser
+
+
+
+ SpecifyShellTimeout
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+ WindowsRemoteShell.admx
+ WindowsRemoteShell~AT~WindowsComponents~WinRS
+ ShellTimeOut
+
@@ -37487,10 +52557,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowIndexingEncryptedStoresOrItems
-
+ AllowIndexingEncryptedStoresOrItems
+
-
+
0
@@ -37498,21 +52568,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowSearchToUseLocation
-
+ AllowSearchToUseLocation
+
-
+
1
@@ -37520,21 +52590,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowStoringImagesFromVisionSearch
-
+ AllowStoringImagesFromVisionSearch
+
-
+
1
@@ -37542,21 +52612,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowUsingDiacritics
-
+ AllowUsingDiacritics
+
-
+
0
@@ -37564,21 +52634,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowWindowsIndexer
-
+ AllowWindowsIndexer
+
-
+
3
@@ -37586,21 +52656,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AlwaysUseAutoLangDetection
-
+ AlwaysUseAutoLangDetection
+
-
+
0
@@ -37608,21 +52678,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DisableBackoff
-
+ DisableBackoff
+
-
+
0
@@ -37630,21 +52700,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DisableRemovableDriveIndexing
-
+ DisableRemovableDriveIndexing
+
-
+
0
@@ -37652,21 +52722,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- PreventIndexingLowDiskSpaceMB
-
+ PreventIndexingLowDiskSpaceMB
+
-
+
1
@@ -37674,21 +52744,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- PreventRemoteQueries
-
+ PreventRemoteQueries
+
-
+
1
@@ -37696,21 +52766,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- SafeSearchPermissions
-
+ SafeSearchPermissions
+
-
+
1
@@ -37718,16 +52788,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
@@ -37750,10 +52820,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAddProvisioningPackage
-
+ AllowAddProvisioningPackage
+
-
+
1
@@ -37761,21 +52831,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowManualRootCertificateInstallation
-
+ AllowManualRootCertificateInstallation
+
-
+
1
@@ -37783,22 +52853,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- AllowRemoveProvisioningPackage
-
+ AllowRemoveProvisioningPackage
+
-
+
1
@@ -37806,21 +52876,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AntiTheftMode
-
+ AntiTheftMode
+
-
+
1
@@ -37828,22 +52898,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
- PreventAutomaticDeviceEncryptionForAzureADJoinedDevices
-
+ ClearTPMIfNotReady
+
-
+
0
@@ -37851,21 +52921,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+ phone
+
- RequireDeviceEncryption
-
+ PreventAutomaticDeviceEncryptionForAzureADJoinedDevices
+
-
+
0
@@ -37873,21 +52944,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- RequireProvisioningPackageSignature
-
+ RequireDeviceEncryption
+
-
+
0
@@ -37895,21 +52966,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- RequireRetrieveHealthCertificateOnBoot
-
+ RequireProvisioningPackageSignature
+
-
+
0
@@ -37917,15 +52988,37 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
+
+
+ RequireRetrieveHealthCertificateOnBoot
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
@@ -37948,10 +53041,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAutoPlay
-
+ AllowAutoPlay
+
-
+
1
@@ -37959,22 +53052,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowDataSense
-
+ AllowDataSense
+
-
+
1
@@ -37982,21 +53075,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowDateTime
-
+ AllowDateTime
+
-
+
1
@@ -38004,21 +53097,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowEditDeviceName
-
+ AllowEditDeviceName
+
-
+
1
@@ -38026,21 +53119,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowLanguage
-
+ AllowLanguage
+
-
+
1
@@ -38048,22 +53141,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPowerSleep
-
+ AllowPowerSleep
+
-
+
1
@@ -38071,22 +53164,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowRegion
-
+ AllowRegion
+
-
+
1
@@ -38094,22 +53187,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowSignInOptions
-
+ AllowSignInOptions
+
-
+
1
@@ -38117,22 +53210,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowVPN
-
+ AllowVPN
+
-
+
1
@@ -38140,21 +53233,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowWorkplace
-
+ AllowWorkplace
+
-
+
1
@@ -38162,22 +53255,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowYourAccount
-
+ AllowYourAccount
+
-
+
1
@@ -38185,21 +53278,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- PageVisibilityList
-
+ PageVisibilityList
+
-
+
@@ -38207,15 +53300,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -38238,10 +53331,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- EnableAppInstallControl
-
+ EnableAppInstallControl
+
-
+
0
@@ -38249,22 +53342,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- EnableSmartScreenInShell
-
+ EnableSmartScreenInShell
+
-
+
1
@@ -38272,22 +53365,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- PreventOverrideForFilesInShell
-
+ PreventOverrideForFilesInShell
+
-
+
0
@@ -38295,16 +53388,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -38327,10 +53420,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowSpeechModelUpdate
-
+ AllowSpeechModelUpdate
+
-
+
1
@@ -38338,15 +53431,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -38369,10 +53462,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowPinnedFolderDocuments
-
+ AllowPinnedFolderDocuments
+
-
+
This policy controls the visibility of the Documents shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38380,22 +53473,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPinnedFolderDownloads
-
+ AllowPinnedFolderDownloads
+
-
+
This policy controls the visibility of the Downloads shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38403,22 +53496,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPinnedFolderFileExplorer
-
+ AllowPinnedFolderFileExplorer
+
-
+
This policy controls the visibility of the File Explorer shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38426,22 +53519,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPinnedFolderHomeGroup
-
+ AllowPinnedFolderHomeGroup
+
-
+
This policy controls the visibility of the HomeGroup shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38449,22 +53542,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPinnedFolderMusic
-
+ AllowPinnedFolderMusic
+
-
+
This policy controls the visibility of the Music shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38472,22 +53565,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPinnedFolderNetwork
-
+ AllowPinnedFolderNetwork
+
-
+
This policy controls the visibility of the Network shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38495,22 +53588,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPinnedFolderPersonalFolder
-
+ AllowPinnedFolderPersonalFolder
+
-
+
This policy controls the visibility of the PersonalFolder shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38518,22 +53611,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPinnedFolderPictures
-
+ AllowPinnedFolderPictures
+
-
+
This policy controls the visibility of the Pictures shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38541,22 +53634,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPinnedFolderSettings
-
+ AllowPinnedFolderSettings
+
-
+
This policy controls the visibility of the Settings shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38564,22 +53657,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowPinnedFolderVideos
-
+ AllowPinnedFolderVideos
+
-
+
This policy controls the visibility of the Videos shortcut on the Start menu. The possible values are 0 - means that the shortcut should be hidden and grays out the corresponding toggle in the Settings app, 1 - means that the shortcut should be visible and grays out the corresponding toggle in the Settings app, 65535 - means that there is no enforced configuration and the setting can be changed by the user.
65535
@@ -38587,22 +53680,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ForceStartSize
-
+ ForceStartSize
+
-
+
0
@@ -38610,22 +53703,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- HideAppList
-
+ HideAppList
+
-
+
Setting the value of this policy to 1 or 2 collapses the app list. Setting the value of this policy to 3 removes the app list entirely. Setting the value of this policy to 2 or 3 disables the corresponding toggle in the Settings app.
0
@@ -38633,22 +53726,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- HideChangeAccountSettings
-
+ HideChangeAccountSettings
+
-
+
Enabling this policy hides "Change account settings" from appearing in the user tile in the start menu.
0
@@ -38656,21 +53749,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- HideFrequentlyUsedApps
-
+ HideFrequentlyUsedApps
+
-
+
Enabling this policy hides the most used apps from appearing on the start menu and disables the corresponding toggle in the Settings app.
0
@@ -38678,22 +53771,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- HideHibernate
-
+ HideHibernate
+
-
+
Enabling this policy hides "Hibernate" from appearing in the power button in the start menu.
0
@@ -38701,21 +53794,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- HideLock
-
+ HideLock
+
-
+
Enabling this policy hides "Lock" from appearing in the user tile in the start menu.
0
@@ -38723,21 +53816,44 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- HidePowerButton
-
+ HidePeopleBar
+
-
+
+
+ Enabling this policy removes the people icon from the taskbar as well as the corresponding settings toggle. It also prevents users from pinning people to the taskbar.
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ HidePowerButton
+
+
+
Enabling this policy hides the power button from appearing in the start menu.
0
@@ -38745,21 +53861,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- HideRecentJumplists
-
+ HideRecentJumplists
+
-
+
Enabling this policy hides recent jumplists from appearing on the start menu/taskbar and disables the corresponding toggle in the Settings app.
0
@@ -38767,22 +53883,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- HideRecentlyAddedApps
-
+ HideRecentlyAddedApps
+
-
+
Enabling this policy hides recently added apps from appearing on the start menu and disables the corresponding toggle in the Settings app.
0
@@ -38790,22 +53906,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- HideRestart
-
+ HideRestart
+
-
+
Enabling this policy hides "Restart/Update and restart" from appearing in the power button in the start menu.
0
@@ -38813,21 +53929,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- HideShutDown
-
+ HideShutDown
+
-
+
Enabling this policy hides "Shut down/Update and shut down" from appearing in the power button in the start menu.
0
@@ -38835,21 +53951,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- HideSignOut
-
+ HideSignOut
+
-
+
Enabling this policy hides "Sign out" from appearing in the user tile in the start menu.
0
@@ -38857,21 +53973,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- HideSleep
-
+ HideSleep
+
-
+
Enabling this policy hides "Sleep" from appearing in the power button in the start menu.
0
@@ -38879,21 +53995,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- HideSwitchAccount
-
+ HideSwitchAccount
+
-
+
Enabling this policy hides "Switch account" from appearing in the user tile in the start menu.
0
@@ -38901,21 +54017,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- HideUserTile
-
+ HideUserTile
+
-
+
Enabling this policy hides the user tile from appearing in the start menu.
0
@@ -38923,21 +54039,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- ImportEdgeAssets
-
+ ImportEdgeAssets
+
-
+
This policy setting allows you to import Edge assets to be used with StartLayout policy. Start layout can contain secondary tile from Edge app which looks for Edge local asset file. Edge local asset would not exist and cause Edge secondary tile to appear empty in this case. This policy only gets applied when StartLayout policy is modified.
@@ -38945,22 +54061,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- NoPinningToTaskbar
-
+ NoPinningToTaskbar
+
-
+
This policy setting allows you to control pinning programs to the Taskbar. If you enable this policy setting, users cannot change the programs currently pinned to the Taskbar. If any programs are already pinned to the Taskbar, these programs continue to show in the Taskbar. However, users cannot unpin these programs already pinned to the Taskbar, and they cannot pin new programs to the Taskbar. If you disable or do not configure this policy setting, users can change the programs currently pinned to the Taskbar.
0
@@ -38968,22 +54084,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- StartLayout
-
+ StartLayout
+
-
+
@@ -38991,16 +54107,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -39023,10 +54139,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- EnhancedStorageDevices
-
+ EnhancedStorageDevices
+
-
+
@@ -39034,19 +54150,19 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
enhancedstorage.admx
EnhancedStorage~AT~System~EnStorDeviceAccess
TCGSecurityActivationDisabled
-
+
@@ -39069,10 +54185,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowBuildPreview
-
+ AllowBuildPreview
+
-
+
2
@@ -39080,21 +54196,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowEmbeddedMode
-
+ AllowEmbeddedMode
+
-
+
0
@@ -39102,21 +54218,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowExperimentation
-
+ AllowExperimentation
+
-
+
1
@@ -39124,21 +54240,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowFontProviders
-
+ AllowFontProviders
+
-
+
1
@@ -39146,21 +54262,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowLocation
-
+ AllowLocation
+
-
+
1
@@ -39168,21 +54284,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowStorageCard
-
+ AllowStorageCard
+
-
+
1
@@ -39190,21 +54306,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowTelemetry
-
+ AllowTelemetry
+
-
+
3
@@ -39212,21 +54328,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowUserToResetPhone
-
+ AllowUserToResetPhone
+
-
+
1
@@ -39234,21 +54350,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- BootStartDriverInitialization
-
+ BootStartDriverInitialization
+
-
+
@@ -39256,47 +54372,47 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
earlylauncham.admx
EarlyLaunchAM~AT~System~ELAMCategory
POL_DriverLoadPolicy_Name
-
+
- DisableOneDriveFileSync
-
+ DisableOneDriveFileSync
+
-
+
- This policy setting lets you prevent apps and features from working with files on OneDrive. If you enable this policy setting: users can’t access OneDrive from the OneDrive app and file picker; Windows Store apps can’t access OneDrive using the WinRT API; OneDrive doesn’t appear in the navigation pane in File Explorer; OneDrive files aren’t kept in sync with the cloud; Users can’t automatically upload photos and videos from the camera roll folder. If you disable or do not configure this policy setting, apps and features can work with OneDrive file storage.
+ This policy setting lets you prevent apps and features from working with files on OneDrive. If you enable this policy setting: users can’t access OneDrive from the OneDrive app and file picker; Windows Store apps can’t access OneDrive using the WinRT API; OneDrive doesn’t appear in the navigation pane in File Explorer; OneDrive files aren’t kept in sync with the cloud; Users can’t automatically upload photos and videos from the camera roll folder. If you disable or do not configure this policy setting, apps and features can work with OneDrive file storage.
0
-
+
-
+
- text/plain
+ text/plain
-
+
- DisableSystemRestore
-
+ DisableSystemRestore
+
-
+
@@ -39304,25 +54420,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
systemrestore.admx
SystemRestore~AT~System~SR
SR_DisableSR
-
+
- TelemetryProxy
-
+ TelemetryProxy
+
-
+
@@ -39330,15 +54446,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -39361,10 +54477,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowIMELogging
-
+ AllowIMELogging
+
-
+
1
@@ -39372,22 +54488,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowIMENetworkAccess
-
+ AllowIMENetworkAccess
+
-
+
1
@@ -39395,22 +54511,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowInputPanel
-
+ AllowInputPanel
+
-
+
1
@@ -39418,22 +54534,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowJapaneseIMESurrogatePairCharacters
-
+ AllowJapaneseIMESurrogatePairCharacters
+
-
+
1
@@ -39441,22 +54557,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowJapaneseIVSCharacters
-
+ AllowJapaneseIVSCharacters
+
-
+
1
@@ -39464,22 +54580,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowJapaneseNonPublishingStandardGlyph
-
+ AllowJapaneseNonPublishingStandardGlyph
+
-
+
1
@@ -39487,22 +54603,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowJapaneseUserDictionary
-
+ AllowJapaneseUserDictionary
+
-
+
1
@@ -39510,22 +54626,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowKeyboardTextSuggestions
-
+ AllowKeyboardTextSuggestions
+
-
+
1
@@ -39533,21 +54649,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowLanguageFeaturesUninstall
-
+ AllowLanguageFeaturesUninstall
+
-
+
1
@@ -39555,22 +54671,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ExcludeJapaneseIMEExceptJIS0208
-
+ ExcludeJapaneseIMEExceptJIS0208
+
-
+
0
@@ -39578,21 +54694,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- ExcludeJapaneseIMEExceptJIS0208andEUDC
-
+ ExcludeJapaneseIMEExceptJIS0208andEUDC
+
-
+
0
@@ -39600,22 +54716,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- ExcludeJapaneseIMEExceptShiftJIS
-
+ ExcludeJapaneseIMEExceptShiftJIS
+
-
+
0
@@ -39623,16 +54739,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -39655,10 +54771,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowSet24HourClock
-
+ AllowSet24HourClock
+
-
+
0
@@ -39666,16 +54782,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
desktop
-
+
@@ -39698,10 +54814,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- ActiveHoursEnd
-
+ ActiveHoursEnd
+
-
+
17
@@ -39709,21 +54825,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- ActiveHoursMaxRange
-
+ ActiveHoursMaxRange
+
-
+
18
@@ -39731,21 +54847,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- ActiveHoursStart
-
+ ActiveHoursStart
+
-
+
8
@@ -39753,21 +54869,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowAutoUpdate
-
+ AllowAutoUpdate
+
-
+
2
@@ -39775,21 +54891,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowMUUpdateService
-
+ AllowAutoWindowsUpdateDownloadOverMeteredNetwork
+
-
+
0
@@ -39797,22 +54913,44 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+
+
+
+ AllowMUUpdateService
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
-
+
- AllowNonMicrosoftSignedUpdate
-
+ AllowNonMicrosoftSignedUpdate
+
-
+
1
@@ -39820,21 +54958,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowUpdateService
-
+ AllowUpdateService
+
-
+
1
@@ -39842,21 +54980,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AutoRestartDeadlinePeriodInDays
-
+ AutoRestartDeadlinePeriodInDays
+
-
+
7
@@ -39864,21 +55002,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AutoRestartNotificationSchedule
-
+ AutoRestartNotificationSchedule
+
-
+
15
@@ -39886,21 +55024,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AutoRestartRequiredNotificationDismissal
-
+ AutoRestartRequiredNotificationDismissal
+
-
+
1
@@ -39908,21 +55046,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- BranchReadinessLevel
-
+ BranchReadinessLevel
+
-
+
16
@@ -39930,21 +55068,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DeferFeatureUpdatesPeriodInDays
-
+ DeferFeatureUpdatesPeriodInDays
+
-
+
0
@@ -39952,21 +55090,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DeferQualityUpdatesPeriodInDays
-
+ DeferQualityUpdatesPeriodInDays
+
-
+
0
@@ -39974,21 +55112,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DeferUpdatePeriod
-
+ DeferUpdatePeriod
+
-
+
0
@@ -39996,21 +55134,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DeferUpgradePeriod
-
+ DeferUpgradePeriod
+
-
+
0
@@ -40018,21 +55156,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- DetectionFrequency
-
+ DetectionFrequency
+
-
+
22
@@ -40040,21 +55178,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EngagedRestartDeadline
-
+ EngagedRestartDeadline
+
-
+
14
@@ -40062,21 +55200,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EngagedRestartSnoozeSchedule
-
+ EngagedRestartSnoozeSchedule
+
-
+
3
@@ -40084,21 +55222,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- EngagedRestartTransitionSchedule
-
+ EngagedRestartTransitionSchedule
+
-
+
7
@@ -40106,21 +55244,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- ExcludeWUDriversInQualityUpdate
-
+ ExcludeWUDriversInQualityUpdate
+
-
+
0
@@ -40128,21 +55266,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- FillEmptyContentUrls
-
+ FillEmptyContentUrls
+
-
+
0
@@ -40150,21 +55288,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- IgnoreMOAppDownloadLimit
-
+ IgnoreMOAppDownloadLimit
+
-
+
0
@@ -40172,21 +55310,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- IgnoreMOUpdateDownloadLimit
-
+ IgnoreMOUpdateDownloadLimit
+
-
+
0
@@ -40194,219 +55332,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- PauseDeferrals
-
+ ManageBuildPreview
+
-
-
-
- 0
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- PauseFeatureUpdates
-
-
-
-
-
- 0
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- PauseFeatureUpdatesStartTime
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- PauseQualityUpdates
-
-
-
-
-
- 0
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- PauseQualityUpdatesStartTime
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- PhoneUpdateRestrictions
-
-
-
-
-
- 4
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- RequireDeferUpgrade
-
-
-
-
-
- 0
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- RequireUpdateApproval
-
-
-
-
-
- 0
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- ScheduledInstallDay
-
-
-
-
-
- 0
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- ScheduledInstallTime
-
-
-
+
3
@@ -40414,65 +55354,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- ScheduleImminentRestartWarning
-
+ PauseDeferrals
+
-
-
-
- 15
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- ScheduleRestartWarning
-
-
-
-
-
- 4
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- SetAutoRestartNotificationDisable
-
-
-
+
0
@@ -40480,21 +55376,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- SetEDURestart
-
+ PauseFeatureUpdates
+
-
+
0
@@ -40502,43 +55398,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- UpdateServiceUrl
-
+ PauseFeatureUpdatesStartTime
+
-
-
-
- CorpWSUS
-
-
-
-
-
-
-
-
-
-
- text/plain
-
-
-
-
- UpdateServiceUrlAlternate
-
-
-
+
@@ -40546,16 +55420,412 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
+
+
+
+
+ PauseQualityUpdates
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PauseQualityUpdatesStartTime
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ PhoneUpdateRestrictions
+
+
+
+
+
+ 4
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RequireDeferUpgrade
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ RequireUpdateApproval
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallDay
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallEveryWeek
+
+
+
+
+
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallFirstWeek
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallFourthWeek
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallSecondWeek
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallThirdWeek
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduledInstallTime
+
+
+
+
+
+ 3
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduleImminentRestartWarning
+
+
+
+
+
+ 15
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ ScheduleRestartWarning
+
+
+
+
+
+ 4
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ SetAutoRestartNotificationDisable
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ SetEDURestart
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UpdateServiceUrl
+
+
+
+
+
+ CorpWSUS
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ UpdateServiceUrlAlternate
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
phone
-
+
@@ -40578,10 +55848,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowAutoConnectToWiFiSenseHotspots
-
+ AllowAutoConnectToWiFiSenseHotspots
+
-
+
1
@@ -40589,21 +55859,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowInternetSharing
-
+ AllowInternetSharing
+
-
+
1
@@ -40611,21 +55881,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowManualWiFiConfiguration
-
+ AllowManualWiFiConfiguration
+
-
+
1
@@ -40633,21 +55903,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowWiFi
-
+ AllowWiFi
+
-
+
1
@@ -40655,21 +55925,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowWiFiDirect
-
+ AllowWiFiDirect
+
-
+
1
@@ -40677,21 +55947,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- WLANScanMode
-
+ WLANScanMode
+
-
+
0
@@ -40699,15 +55969,357 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
+
+
+
+ WindowsDefenderSecurityCenter
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ CompanyName
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ DisableAppBrowserUI
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ DisableEnhancedNotifications
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ DisableFamilyUI
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ DisableHealthUI
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ DisableNetworkUI
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ DisableNotifications
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ DisableVirusUI
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ DisallowExploitProtectionOverride
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ Email
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ EnableCustomizedToasts
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ EnableInAppCustomization
+
+
+
+
+
+ 0
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ Phone
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
+
+
+ URL
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+ phone
+
@@ -40730,10 +56342,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowSuggestedAppsInWindowsInkWorkspace
-
+ AllowSuggestedAppsInWindowsInkWorkspace
+
-
+
1
@@ -40741,22 +56353,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowWindowsInkWorkspace
-
+ AllowWindowsInkWorkspace
+
-
+
2
@@ -40764,16 +56376,16 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
@@ -40796,10 +56408,10 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- DisableLockScreenAppNotifications
-
+ DisableLockScreenAppNotifications
+
-
+
@@ -40807,25 +56419,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
logon.admx
Logon~AT~System~Logon
DisableLockScreenAppNotifications
-
+
- DontDisplayNetworkSelectionUI
-
+ DontDisplayNetworkSelectionUI
+
-
+
@@ -40833,25 +56445,25 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
logon.admx
Logon~AT~System~Logon
DontDisplayNetworkSelectionUI
-
+
- HideFastUserSwitching
-
+ HideFastUserSwitching
+
-
+
This policy setting allows you to hide the Switch User interface in the Logon UI, the Start menu and the Task Manager. If you enable this policy setting, the Switch User interface is hidden from the user who is attempting to log on or is logged on to the computer that has this policy applied. The locations that Switch User interface appear are in the Logon UI, the Start menu and the Task Manager. If you disable or do not configure this policy setting, the Switch User interface is accessible to the user in the three locations.
0
@@ -40859,15 +56471,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
@@ -40890,10 +56502,54 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
- AllowProjectionFromPC
-
+ AllowMdnsAdvertisement
+
-
+
+
+ This policy setting allows you to turn off the Wireless Display multicast DNS service advertisement from a Wireless Display receiver.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowMdnsDiscovery
+
+
+
+
+ This policy setting allows you to turn off discovering the display service advertised over multicast DNS by a Wireless Display receiver.
+ 1
+
+
+
+
+
+
+
+
+
+
+ text/plain
+
+
+
+
+ AllowProjectionFromPC
+
+
+
This policy allows you to turn off projection from a PC.
If you set it to 0, your PC cannot discover or project to other devices.
@@ -40903,21 +56559,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowProjectionFromPCOverInfrastructure
-
+ AllowProjectionFromPCOverInfrastructure
+
-
+
This policy allows you to turn off projection from a PC over infrastructure.
If you set it to 0, your PC cannot discover or project to other infrastructure devices, though it may still be possible to discover and project over WiFi Direct.
@@ -40927,21 +56583,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowProjectionToPC
-
+ AllowProjectionToPC
+
-
+
This policy setting allows you to turn off projection to a PC
If you set it to 0, your PC isn't discoverable and can't be projected to
@@ -40951,22 +56607,22 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
phone
-
+
- AllowProjectionToPCOverInfrastructure
-
+ AllowProjectionToPCOverInfrastructure
+
-
+
This policy setting allows you to turn off projection to a PC over infrastructure.
If you set it to 0, your PC cannot be discoverable and can't be projected to over infrastructure, though it may still be possible to project over WiFi Direct.
@@ -40976,21 +56632,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- AllowUserInputFromWirelessDisplayReceiver
-
+ AllowUserInputFromWirelessDisplayReceiver
+
-
+
1
@@ -40998,21 +56654,21 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
- RequirePinForPairing
-
+ RequirePinForPairing
+
-
+
This policy setting allows you to require a pin for pairing.
If you turn this on, the pairing ceremony for new devices will always require a PIN
@@ -41022,15 +56678,15 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
-
+
-
+
- text/plain
+ text/plain
-
+
diff --git a/windows/client-management/mdm/vpnv2-csp.md b/windows/client-management/mdm/vpnv2-csp.md
index 9e26467563..c982bb06b0 100644
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@@ -1215,7 +1215,7 @@ Servers
./Vendor/MSFT/VPNv2/VPNProfileName/NativeProfile/Authentication/CryptographySuite/EncryptionMethod
- PFS2048
+ AES128
@@ -1224,7 +1224,7 @@ Servers
./Vendor/MSFT/VPNv2/VPNProfileName/NativeProfile/Authentication/CryptographySuite/IntegrityCheckMethod
- Eap
+ SHA256
@@ -1233,7 +1233,7 @@ Servers
./Vendor/MSFT/VPNv2/VPNProfileName/NativeProfile/Authentication/CryptographySuite/DHGroup
- SHA256
+ Group2
@@ -1242,7 +1242,7 @@ Servers
./Vendor/MSFT/VPNv2/VPNProfileName/NativeProfile/Authentication/CryptographySuite/PfsGroup
- AES128
+ PFS2048
diff --git a/windows/deployment/windows-10-auto-pilot.md b/windows/deployment/windows-10-auto-pilot.md
index 9d8881dce7..7413ecc71c 100644
--- a/windows/deployment/windows-10-auto-pilot.md
+++ b/windows/deployment/windows-10-auto-pilot.md
@@ -9,7 +9,7 @@ ms.sitesec: library
ms.pagetype: deploy
author: DaniHalfin
ms.author: daniha
-ms.date: 06/28/2017
+ms.date: 06/30/2017
---
# Overview of Windows AutoPilot
@@ -86,10 +86,7 @@ Options available for Windows 10, Version 1703:
* Skipping privacy settings
* Preventing the account used to set-up the device from getting local administrator permissions
-Additional options we are working on for the next Windows 10 release:
-* Skipping EULA
-* Personalizing the setup experience
-* MDM Support
+We are working to add additional options to further personalize and streamline the setup experience in future releases.
To see additional details on how to customize the OOBE experience and how to follow this process, see guidance for Microsoft Store for Business or [Partner Center](https://msdn.microsoft.com/partner-center/autopilot).