deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/client-management/mdm/policy-csp-mssecurityguide.md
Nicholas Brower 580647e1ce Merged PR 6284: "updated policies supported by GP" 
includes new ADMX-backed policies
2018-03-09 23:00:00 +00:00

8.5 KiB
Raw Blame History

title, description, ms.author, ms.topic, ms.prod, ms.technology, author, ms.date
title description ms.author ms.topic ms.prod ms.technology author ms.date
Policy CSP - MSSecurityGuide Policy CSP - MSSecurityGuide maricia article w10 windows nickbrower 03/09/2018

Policy CSP - MSSecurityGuide

Warning

Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

MSSecurityGuide policies

MSSecurityGuide/ApplyUACRestrictionsToLocalAccountsOnNetworkLogon
MSSecurityGuide/ConfigureSMBV1ClientDriver
MSSecurityGuide/ConfigureSMBV1Server
MSSecurityGuide/EnableStructuredExceptionHandlingOverwriteProtection
MSSecurityGuide/TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications
MSSecurityGuide/WDigestAuthentication

MSSecurityGuide/ApplyUACRestrictionsToLocalAccountsOnNetworkLogon

Scope:

[!div class = "checklist"]

  • Device

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP name: Pol_SecGuide_0201_LATFP
  • GP ADMX file name: SecGuide.admx

MSSecurityGuide/ConfigureSMBV1ClientDriver

Scope:

[!div class = "checklist"]

  • Device

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP name: Pol_SecGuide_0002_SMBv1_ClientDriver
  • GP ADMX file name: SecGuide.admx

MSSecurityGuide/ConfigureSMBV1Server

Scope:

[!div class = "checklist"]

  • Device

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP name: Pol_SecGuide_0001_SMBv1_Server
  • GP ADMX file name: SecGuide.admx

MSSecurityGuide/EnableStructuredExceptionHandlingOverwriteProtection

Scope:

[!div class = "checklist"]

  • Device

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP name: Pol_SecGuide_0102_SEHOP
  • GP ADMX file name: SecGuide.admx

MSSecurityGuide/TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications

Scope:

[!div class = "checklist"]

  • Device

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP name: Pol_SecGuide_0101_WDPUA
  • GP ADMX file name: SecGuide.admx

MSSecurityGuide/WDigestAuthentication

Scope:

[!div class = "checklist"]

  • Device

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP name: Pol_SecGuide_0202_WDigestAuthn
  • GP ADMX file name: SecGuide.admx

Footnote:

  • 1 - Added in Windows 10, version 1607.
  • 2 - Added in Windows 10, version 1703.
  • 3 - Added in Windows 10, version 1709.