deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-21 01:37:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/client-management/mdm/policy-csp-mssecurityguide.md
Vinay Pamnani 18087e39de Add IoT applicability
2023-08-11 10:31:52 -04:00

334 lines
13 KiB
Markdown
Raw Blame History

---
title: MSSecurityGuide Policy CSP
description: Learn more about the MSSecurityGuide Area in Policy CSP.
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
ms.date: 08/10/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
ms.topic: reference
---
<!-- Auto-Generated CSP Document -->
<!-- MSSecurityGuide-Begin -->
# Policy CSP - MSSecurityGuide
[!INCLUDE [ADMX-backed CSP tip](includes/mdm-admx-csp-note.md)]
<!-- MSSecurityGuide-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- MSSecurityGuide-Editable-End -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-Begin -->
## ApplyUACRestrictionsToLocalAccountsOnNetworkLogon
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1803 [10.0.17134] and later |
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-Applicability-End -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/MSSecurityGuide/ApplyUACRestrictionsToLocalAccountsOnNetworkLogon
```
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-OmaUri-End -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-Description-Begin -->
<!-- Description-Source-Not-Found -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-Description-End -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-Editable-End -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | `chr` (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-DFProperties-End -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-AdmxBacked-Begin -->
<!-- ADMX-Not-Found -->
[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
**ADMX mapping**:
| Name | Value |
|:--|:--|
| Name | Pol_SecGuide_0201_LATFP |
| ADMX File Name | SecGuide.admx |
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-AdmxBacked-End -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-Examples-End -->
<!-- ApplyUACRestrictionsToLocalAccountsOnNetworkLogon-End -->
<!-- ConfigureSMBV1ClientDriver-Begin -->
## ConfigureSMBV1ClientDriver
<!-- ConfigureSMBV1ClientDriver-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1803 [10.0.17134] and later |
<!-- ConfigureSMBV1ClientDriver-Applicability-End -->
<!-- ConfigureSMBV1ClientDriver-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/MSSecurityGuide/ConfigureSMBV1ClientDriver
```
<!-- ConfigureSMBV1ClientDriver-OmaUri-End -->
<!-- ConfigureSMBV1ClientDriver-Description-Begin -->
<!-- Description-Source-Not-Found -->
<!-- ConfigureSMBV1ClientDriver-Description-End -->
<!-- ConfigureSMBV1ClientDriver-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- ConfigureSMBV1ClientDriver-Editable-End -->
<!-- ConfigureSMBV1ClientDriver-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | `chr` (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- ConfigureSMBV1ClientDriver-DFProperties-End -->
<!-- ConfigureSMBV1ClientDriver-AdmxBacked-Begin -->
<!-- ADMX-Not-Found -->
[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
**ADMX mapping**:
| Name | Value |
|:--|:--|
| Name | Pol_SecGuide_0002_SMBv1_ClientDriver |
| ADMX File Name | SecGuide.admx |
<!-- ConfigureSMBV1ClientDriver-AdmxBacked-End -->
<!-- ConfigureSMBV1ClientDriver-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- ConfigureSMBV1ClientDriver-Examples-End -->
<!-- ConfigureSMBV1ClientDriver-End -->
<!-- ConfigureSMBV1Server-Begin -->
## ConfigureSMBV1Server
<!-- ConfigureSMBV1Server-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1803 [10.0.17134] and later |
<!-- ConfigureSMBV1Server-Applicability-End -->
<!-- ConfigureSMBV1Server-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/MSSecurityGuide/ConfigureSMBV1Server
```
<!-- ConfigureSMBV1Server-OmaUri-End -->
<!-- ConfigureSMBV1Server-Description-Begin -->
<!-- Description-Source-Not-Found -->
<!-- ConfigureSMBV1Server-Description-End -->
<!-- ConfigureSMBV1Server-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- ConfigureSMBV1Server-Editable-End -->
<!-- ConfigureSMBV1Server-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | `chr` (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- ConfigureSMBV1Server-DFProperties-End -->
<!-- ConfigureSMBV1Server-AdmxBacked-Begin -->
<!-- ADMX-Not-Found -->
[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
**ADMX mapping**:
| Name | Value |
|:--|:--|
| Name | Pol_SecGuide_0001_SMBv1_Server |
| ADMX File Name | SecGuide.admx |
<!-- ConfigureSMBV1Server-AdmxBacked-End -->
<!-- ConfigureSMBV1Server-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- ConfigureSMBV1Server-Examples-End -->
<!-- ConfigureSMBV1Server-End -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-Begin -->
## EnableStructuredExceptionHandlingOverwriteProtection
<!-- EnableStructuredExceptionHandlingOverwriteProtection-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1803 [10.0.17134] and later |
<!-- EnableStructuredExceptionHandlingOverwriteProtection-Applicability-End -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/MSSecurityGuide/EnableStructuredExceptionHandlingOverwriteProtection
```
<!-- EnableStructuredExceptionHandlingOverwriteProtection-OmaUri-End -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-Description-Begin -->
<!-- Description-Source-Not-Found -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-Description-End -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-Editable-End -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | `chr` (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- EnableStructuredExceptionHandlingOverwriteProtection-DFProperties-End -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-AdmxBacked-Begin -->
<!-- ADMX-Not-Found -->
[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
**ADMX mapping**:
| Name | Value |
|:--|:--|
| Name | Pol_SecGuide_0102_SEHOP |
| ADMX File Name | SecGuide.admx |
<!-- EnableStructuredExceptionHandlingOverwriteProtection-AdmxBacked-End -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-Examples-End -->
<!-- EnableStructuredExceptionHandlingOverwriteProtection-End -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-Begin -->
## TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1803 [10.0.17134] and later |
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-Applicability-End -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/MSSecurityGuide/TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications
```
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-OmaUri-End -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-Description-Begin -->
<!-- Description-Source-Not-Found -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-Description-End -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-Editable-End -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | `chr` (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-DFProperties-End -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-AdmxBacked-Begin -->
<!-- ADMX-Not-Found -->
[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
**ADMX mapping**:
| Name | Value |
|:--|:--|
| Name | Pol_SecGuide_0101_WDPUA |
| ADMX File Name | SecGuide.admx |
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-AdmxBacked-End -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-Examples-End -->
<!-- TurnOnWindowsDefenderProtectionAgainstPotentiallyUnwantedApplications-End -->
<!-- WDigestAuthentication-Begin -->
## WDigestAuthentication
<!-- WDigestAuthentication-Applicability-Begin -->
| Scope | Editions | Applicable OS |
|:--|:--|:--|
| ✅ Device <br> ❌ User | ✅ Pro <br> ✅ Enterprise <br> ✅ Education <br> ✅ Windows SE <br> ✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1803 [10.0.17134] and later |
<!-- WDigestAuthentication-Applicability-End -->
<!-- WDigestAuthentication-OmaUri-Begin -->
```Device
./Device/Vendor/MSFT/Policy/Config/MSSecurityGuide/WDigestAuthentication
```
<!-- WDigestAuthentication-OmaUri-End -->
<!-- WDigestAuthentication-Description-Begin -->
<!-- Description-Source-Not-Found -->
<!-- WDigestAuthentication-Description-End -->
<!-- WDigestAuthentication-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
<!-- WDigestAuthentication-Editable-End -->
<!-- WDigestAuthentication-DFProperties-Begin -->
**Description framework properties**:
| Property name | Property value |
|:--|:--|
| Format | `chr` (string) |
| Access Type | Add, Delete, Get, Replace |
<!-- WDigestAuthentication-DFProperties-End -->
<!-- WDigestAuthentication-AdmxBacked-Begin -->
<!-- ADMX-Not-Found -->
[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)]
**ADMX mapping**:
| Name | Value |
|:--|:--|
| Name | Pol_SecGuide_0202_WDigestAuthn |
| ADMX File Name | SecGuide.admx |
<!-- WDigestAuthentication-AdmxBacked-End -->
<!-- WDigestAuthentication-Examples-Begin -->
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
<!-- WDigestAuthentication-Examples-End -->
<!-- WDigestAuthentication-End -->
<!-- MSSecurityGuide-CspMoreInfo-Begin -->
<!-- Add any additional information about this CSP here. Anything outside this section will get overwritten. -->
<!-- MSSecurityGuide-CspMoreInfo-End -->
<!-- MSSecurityGuide-End -->
## Related articles
[Policy configuration service provider](policy-configuration-service-provider.md)
Reference in New Issue View Git Blame Copy Permalink