mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-23 10:47:22 +00:00
943 B
943 B
author, ms.author, ms.date, ms.topic
| author | ms.author | ms.date | ms.topic |
|---|---|---|---|
| paolomatarazzo | paoloma | 09/24/2023 | include |
Disable new DMA devices when this computer is locked
When enabled, this policy setting blocks direct memory access (DMA) for all hot pluggable PCI ports until a user signs into Windows.
Once a user signs in, Windows enumerates the PCI devices connected to the host Thunderbolt PCI ports. Every time the user locks the device, DMA is blocked on hot plug Thunderbolt PCI ports with no children devices, until the user signs in again.
Devices that were already enumerated when the device was unlocked will continue to function until unplugged, or the system is rebooted or hibernated.
This policy setting is only enforced when BitLocker or device encryption is enabled.
| Path | |
|---|---|
| CSP | Not available |
| GPO | Computer Configuration > Administrative Templates > Windows Components > BitLocker Drive Encryption |