Hello. Long time no see. Finally I’m back with a new post. This time I created a nice little list with Windows 10 1803 New MDM Policy CSP Settings for the next Windows 10 release. If you’re not familiar with Policy CSP Settings - that are GPO Settings configureable over an Intune OMA-Uri Policy. Here’s a great introducation to Policy CSP Settings.
My favorite policy CPS’s available with Windows 10 1803
The following CSP’s are available on Windows 10 1803 and later:
- ControlPolicyConflict: MDMWinsOverGP
This policy allows the IT admin to control which policy will be used whenever both the MDM policy and its equivalent Group Policy are set on the device.
Microsoft docs - LanmanWorkstation: EnableInsecureGuestLogons
This policy setting determines if the SMB client will allow insecure guest logons to an SMB server
Microsoft docs - RestrictedGroups: ConfigureGroupMembership
This security setting allows an administrator to define the members of a security-sensitive (restricted) group.
Microsoft docs
You can find the entire list (CSV) on Github.
The scripts to retrieve and compare the available Policy CSP’s for a Windows version are available on GitHub. Feel free to leave feedback or improvement changes.