deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-18 00:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/client-management/mdm/policy-csp-admx-filesys.md
ManikaDhiman de10c523a1 Updated the availability verbiage
2020-12-29 12:09:25 -08:00

19 KiB
Raw Blame History

title, description, ms.author, ms.localizationpriority, ms.topic, ms.prod, ms.technology, author, ms.date, ms.reviewer, manager
title description ms.author ms.localizationpriority ms.topic ms.prod ms.technology author ms.date ms.reviewer manager
Policy CSP - ADMX_FileSys Policy CSP - ADMX_FileSys dansimp medium article w10 windows manikadhiman 09/02/2020 dansimp

Policy CSP - ADMX_FileSys

Warning

Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.

ADMX_FileSys policies

ADMX_FileSys/DisableCompression
ADMX_FileSys/DisableDeleteNotification
ADMX_FileSys/DisableEncryption
ADMX_FileSys/EnablePagefileEncryption
ADMX_FileSys/LongPathsEnabled
ADMX_FileSys/ShortNameCreationSettings
ADMX_FileSys/SymlinkEvaluation
ADMX_FileSys/TxfDeprecatedFunctionality

ADMX_FileSys/DisableCompression

Windows Edition Supported?
Home cross mark
Pro cross mark
Business cross mark
Enterprise check mark
Education cross mark

Scope:

[!div class = "checklist"]

  • Device

Available in the latest Windows 10 Insider Preview Build. Compression can add to the processing overhead of filesystem operations. Enabling this setting will prevent access to and creation of compressed files.

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP English name: Do not allow compression on all NTFS volumes
  • GP name: DisableCompression
  • GP path: System/Filesystem/NTFS
  • GP ADMX file name: FileSys.admx

ADMX_FileSys/DisableDeleteNotification

Windows Edition Supported?
Home cross mark
Pro cross mark
Business cross mark
Enterprise check mark
Education cross mark

Scope:

[!div class = "checklist"]

  • Device

Available in the latest Windows 10 Insider Preview Build. Delete notification is a feature that notifies the underlying storage device of clusters that are freed due to a file delete operation.

A value of 0, the default, will enable delete notifications for all volumes.

A value of 1 will disable delete notifications for all volumes.

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP English name: Disable delete notifications on all volumes
  • GP name: DisableDeleteNotification
  • GP path: System/Filesystem
  • GP ADMX file name: FileSys.admx

ADMX_FileSys/DisableEncryption

Windows Edition Supported?
Home cross mark
Pro cross mark
Business cross mark
Enterprise check mark
Education cross mark

Scope:

[!div class = "checklist"]

  • Device

Available in the latest Windows 10 Insider Preview Build. Encryption can add to the processing overhead of filesystem operations. Enabling this setting will prevent access to and creation of encrypted files.

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP English name: Do not allow encryption on all NTFS volumes
  • GP name: DisableEncryption
  • GP path: System/Filesystem/NTFS
  • GP ADMX file name: FileSys.admx

ADMX_FileSys/EnablePagefileEncryption

Windows Edition Supported?
Home cross mark
Pro cross mark
Business cross mark
Enterprise check mark
Education cross mark

Scope:

[!div class = "checklist"]

  • Device

Available in the latest Windows 10 Insider Preview Build. Encrypting the page file prevents malicious users from reading data that has been paged to disk, but also adds processing overhead for filesystem operations. Enabling this setting will cause the page files to be encrypted.

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP English name: Enable NTFS pagefile encryption
  • GP name: EnablePagefileEncryption
  • GP path: System/Filesystem/NTFS
  • GP ADMX file name: FileSys.admx

ADMX_FileSys/LongPathsEnabled

Windows Edition Supported?
Home cross mark
Pro cross mark
Business cross mark
Enterprise check mark
Education cross mark

Scope:

[!div class = "checklist"]

  • Device

Available in the latest Windows 10 Insider Preview Build. Enabling Win32 long paths will allow manifested win32 applications and Windows Store applications to access paths beyond the normal 260 character limit per node on file systems that support it. Enabling this setting will cause the long paths to be accessible within the process.

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP English name: Enable Win32 long paths
  • GP name: LongPathsEnabled
  • GP path: System/Filesystem
  • GP ADMX file name: FileSys.admx

ADMX_FileSys/ShortNameCreationSettings

Windows Edition Supported?
Home cross mark
Pro cross mark
Business cross mark
Enterprise check mark
Education cross mark

Scope:

[!div class = "checklist"]

  • Device

Available in the latest Windows 10 Insider Preview Build. This policy setting provides control over whether or not short names are generated during file creation. Some applications require short names for compatibility, but short names have a negative performance impact on the system.

If you enable short names on all volumes then short names will always be generated. If you disable them on all volumes then they will never be generated. If you set short name creation to be configurable on a per volume basis then an on-disk flag will determine whether or not short names are created on a given volume. If you disable short name creation on all data volumes then short names will only be generated for files created on the system volume.

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP English name: Short name creation options
  • GP name: ShortNameCreationSettings
  • GP path: System/Filesystem/NTFS
  • GP ADMX file name: FileSys.admx

ADMX_FileSys/SymlinkEvaluation

Windows Edition Supported?
Home cross mark
Pro cross mark
Business cross mark
Enterprise check mark
Education cross mark

Scope:

[!div class = "checklist"]

  • Device

Available in the latest Windows 10 Insider Preview Build. Symbolic links can introduce vulnerabilities in certain applications. To mitigate this issue, you can selectively enable or disable the evaluation of these types of symbolic links:

  • Local Link to a Local Target
  • Local Link to a Remote Target
  • Remote Link to Remote Target
  • Remote Link to Local Target

For more information, refer to the Windows Help section.

Note

If this policy is disabled or not configured, local administrators may select the types of symbolic links to be evaluated.

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP English name: Selectively allow the evaluation of a symbolic link
  • GP name: SymlinkEvaluation
  • GP path: System/Filesystem
  • GP ADMX file name: FileSys.admx

ADMX_FileSys/TxfDeprecatedFunctionality

Windows Edition Supported?
Home cross mark
Pro cross mark
Business cross mark
Enterprise check mark
Education cross mark

Scope:

[!div class = "checklist"]

  • Device

Available in the latest Windows 10 Insider Preview Build. TXF deprecated features included savepoints, secondary RM, miniversion and roll forward. Enable it if you want to use the APIs.

Tip

This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see Understanding ADMX-backed policies.

You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to Enabling a policy.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

ADMX Info:

  • GP English name: Enable / disable TXF deprecated features
  • GP name: TxfDeprecatedFunctionality
  • GP path: System/Filesystem/NTFS
  • GP ADMX file name: FileSys.admx

Footnotes:

  • 1 - Available in Windows 10, version 1607.
  • 2 - Available in Windows 10, version 1703.
  • 3 - Available in Windows 10, version 1709.
  • 4 - Available in Windows 10, version 1803.
  • 5 - Available in Windows 10, version 1809.
  • 6 - Available in Windows 10, version 1903.
  • 7 - Available in Windows 10, version 1909.
  • 8 - Available in Windows 10, version 2004.