deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/client-management/mdm/policy-csp-dataprotection.md
Vinay Pamnani 18087e39de Add IoT applicability
2023-08-11 10:31:52 -04:00

4.9 KiB
Raw Blame History

title, description, author, manager, ms.author, ms.date, ms.localizationpriority, ms.prod, ms.technology, ms.topic
title description author manager ms.author ms.date ms.localizationpriority ms.prod ms.technology ms.topic
DataProtection Policy CSP Learn more about the DataProtection Area in Policy CSP. vinaypamnani-msft aaroncz vinpa 08/10/2023 medium windows-client itpro-manage reference

Policy CSP - DataProtection

AllowDirectMemoryAccess

Scope Editions Applicable OS
Device
User		 Pro
Enterprise
Education
Windows SE
IoT Enterprise / IoT Enterprise LTSC		 Windows 10, version 1507 [10.0.10240] and later 
./Device/Vendor/MSFT/Policy/Config/DataProtection/AllowDirectMemoryAccess

This policy setting allows you to block direct memory access (DMA) for all hot pluggable PCI downstream ports until a user logs into Windows. Once a user logs in, Windows will enumerate the PCI devices connected to the host plug PCI ports. Every time the user locks the machine, DMA will be blocked on hot plug PCI ports with no children devices until the user logs in again. Devices which were already enumerated when the machine was unlocked will continue to function until unplugged. This policy setting is only enforced when BitLocker Device Encryption is enabled. Most restricted value is 0.

Description framework properties:

Property name Property value
Format int
Access Type Add, Delete, Get, Replace
Default Value 1

Allowed values:

Value Description
0 Not allowed.
1 (Default) Allowed.

LegacySelectiveWipeID

Scope Editions Applicable OS
Device
User		 Pro
Enterprise
Education
Windows SE
IoT Enterprise / IoT Enterprise LTSC		 Windows 10, version 1607 [10.0.14393] and later 
./Device/Vendor/MSFT/Policy/Config/DataProtection/LegacySelectiveWipeID

Important. This policy may change in a future release. It may be used for testing purposes, but shouldn't be used in a production environment at this time. Setting used by Windows 8. 1 Selective Wipe.

Note

This policy isn't recommended for use in Windows 10.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Add, Delete, Get, Replace

Related articles

Policy configuration service provider