deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/client-management/mdm/policy-csp-authentication.md
Nicholas Brower b104c0cf6f Merged PR 2969: fixing admx info 
automation update: GP path, and e->English name; re-orders a few policies as well, and adjusts white-space; one null SKU deleted
2017-08-30 22:50:41 +00:00

4.9 KiB
Raw Blame History

title, description, ms.author, ms.topic, ms.prod, ms.technology, author, ms.date
title description ms.author ms.topic ms.prod ms.technology author ms.date
Policy CSP - Authentication Policy CSP - Authentication maricia article w10 windows nickbrower 08/30/2017

Policy CSP - Authentication

Warning

Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Authentication policies

Authentication/AllowEAPCertSSO

Home Pro Business Enterprise Education Mobile Mobile Enterprise
cross mark check mark check mark check mark cross mark cross mark

Note

 This policy is only enforced in Windows 10 for desktop and not supported in Windows 10 Mobile.

Allows an EAP cert-based authentication for a single sign on (SSO) to access internal resources.

Important

This node must be accessed using the following paths:

  • ./User/Vendor/MSFT/Policy/Config/Authentication/AllowEAPCertSSO to set the policy.
  • ./User/Vendor/MSFT/Policy/Result/Authentication/AllowEAPCertSSO to get the result.

The following list shows the supported values:

  • 0 Not allowed.
  • 1 (default) Allowed.

Authentication/AllowFastReconnect

Home Pro Business Enterprise Education Mobile Mobile Enterprise
check mark check mark check mark check mark check mark check mark

Allows EAP Fast Reconnect from being attempted for EAP Method TLS.

The following list shows the supported values:

  • 0 Not allowed.
  • 1 (default) Allowed.

Most restricted value is 0.

Authentication/AllowSecondaryAuthenticationDevice

Home Pro Business Enterprise Education Mobile Mobile Enterprise
check mark1 check mark1 check mark1 check mark1 check mark1 check mark1

Added in Windows 10, version 1607. Allows secondary authentication devices to work with Windows.

The following list shows the supported values:

  • 0 Not allowed.
  • 1 Allowed.

The default for this policy must be on for consumer devices (defined as local or Microsoft account connected device) and off for enterprise devices (such as cloud domain-joined, cloud domain-joined in an on-premise only environment, cloud domain-joined in a hybrid environment, and BYOD).

Footnote:

  • 1 - Added in Windows 10, version 1607.
  • 2 - Added in Windows 10, version 1703.
  • 3 - Added in Windows 10, version 1709.

Authentication policies supported by Windows Holographic for Business

Authentication policies supported by IoT Core