3.9 KiB
title, description, ms.author, ms.localizationpriority, ms.topic, ms.prod, ms.technology, author, ms.date, ms.reviewer, manager
| title | description | ms.author | ms.localizationpriority | ms.topic | ms.prod | ms.technology | author | ms.date | ms.reviewer | manager |
|---|---|---|---|---|---|---|---|---|---|---|
| Policy CSP - ADMX_srmfci | Learn about Policy CSP - ADMX_srmfci. | vinpa | medium | article | w10 | windows | vinaypamnani-msft | 09/18/2020 | aaroncz |
Policy CSP - ADMX_srmfci
Tip
This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.
You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.
The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.
ADMX_srmfci policies
ADMX_srmfci/EnableShellAccessCheck
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | No | No |
| Pro | Yes | Yes |
| Windows SE | No | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
This group policy setting should be set on Windows clients to enable access-denied assistance for all file types.
ADMX Info:
- GP Friendly name: Enable access-denied assistance on client for all file types
- GP name: EnableShellAccessCheck
- GP path: System\Access-Denied Assistance
- GP ADMX file name: srmfci.admx
ADMX_srmfci/AccessDeniedConfiguration
| Edition | Windows 10 | Windows 11 |
|---|---|---|
| Home | No | No |
| Pro | Yes | Yes |
| Windows SE | No | Yes |
| Business | Yes | Yes |
| Enterprise | Yes | Yes |
| Education | Yes | Yes |
[!div class = "checklist"]
- Device
This policy setting specifies the message that users see when they're denied access to a file or folder. You can customize the Access Denied message to include more text and links. You can also provide users with the ability to send an email to request access to the file or folder to which they were denied access.
If you enable this policy setting, users receive a customized Access Denied message from the file servers on which this policy setting is applied.
If you disable this policy setting, users see a standard Access Denied message that doesn't provide any of the functionalities controlled by this policy setting, regardless of the file server configuration.
If you don't configure this policy setting, users see a standard Access Denied message unless the file server is configured to display the customized Access Denied message. By default, users see the standard Access Denied message.
ADMX Info:
- GP Friendly name: Customize message for Access Denied errors
- GP name: AccessDeniedConfiguration
- GP path: System\Access-Denied Assistance
- GP ADMX file name: srmfci.admx