This policy setting allows an organization to prevent its devices from showing feedback questions from Microsoft.
If you enable this policy setting, users will no longer see feedback notifications through the Windows Feedback app.
If you disable or do not configure this policy setting, users may see notifications through the Windows Feedback app asking users for feedback.
Note: If y ...
This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. These controls are located under "Get Insider builds," and enable users to make their devices available for downloading and installing Windows preview software.
If you enable or do not configure this policy setting, users can download and install Win ...
This policy setting allows you to audit attempts to access a shared folder.
If you configure this policy setting, an audit event is generated when an attempt is made to access a shared folder. If this policy setting is defined, the administrator can specify whether to audit only successes, only failures, or both successes and failures.
Note: There are no system access control lists (SACLs) for s ...
Specifies whether to require the use of a specific security layer to secure communications between clients and RD Session Host servers during Remote Desktop Protocol (RDP) connections.
If you enable this setting, all communications between clients and RD Session Host servers during remote connections must use the security method specified in this setting. The following security methods are av ...
This policy setting determines the amount of diagnostic and usage data reported to Microsoft. A value of 0 will send minimal data to Microsoft. This data includes Malicious Software Removal Tool (MSRT) & Windows Defender data, if enabled, and telemetry client settings. Setting a value of 0 applies to enterprise, EDU, IoT and server devices only.
A value of 0 for other devices is equivalent to ...
This policy setting allows you to audit events generated by other security policy changes that are not audited in the policy change category, such as the following:
Trusted Platform Module (TPM) configuration changes.
Kernel-mode cryptographic self tests.
Cryptographic provider operations.
Cryptographic context operations or modifications.
Applied Central Access Policies (CAPs) ...
This policy setting determines if the SMB client will allow insecure guest logons to an SMB server. If you enable this policy setting or if you do not configure this policy setting, the SMB client will allow insecure guest logons. If you disable this policy setting, the SMB client will reject insecure guest logons. Insecure guest logons are used by file servers to allow unauthenticated ac ...
This policy setting determines whether enhanced anti-spoofing is configured for devices which support it.
If you do not configure this policy setting, users will be able to choose whether or not to use enhanced anti-spoofing on supported devices.
If you enable this policy setting, Windows will require all users on the device to use anti-spoofing for facial features, on devices which supp ...
This policy setting allows you to restrict remote RPC connections to SAM.
The recommended state for this setting is: Administrators: Remote Access: Allow .
Note: A Windows 10 R1607, Server 2016 or newer OS is required to access and set this value in Group Policy.
Note 2: If your organization is using Azure Advanced Threat Protection (APT), the service account, AATP Service will need to ...
Determines whether administrators can enable and configure the Internet Connection Sharing (ICS) feature of an Internet connection and if the ICS service can run on the computer.
ICS lets administrators configure their system as an Internet gateway for a small network and provides network services, such as name resolution and addressing through DHCP, to the local private network.
If you enable t ...