Hello. Long time no see. Finally I’m back with a new post. This time I created a nice little list with Windows 10 1803 New MDM Policy CSP Settings for the next Windows 10 release. If you’re not familiar with Policy CSP Settings - that are GPO Settings configureable over an Intune OMA-Uri Policy. Here’s a great introducation to Policy CSP Settings.
My favorite policy CPS’s available with Windows 10 1803
The following CSP’s are available on Windows 10 1803 and later:
- ControlPolicyConflict: MDMWinsOverGP
This policy allows the IT admin to control which policy will be used whenever both the MDM policy and its equivalent Group Policy are set on the device.
- LanmanWorkstation: EnableInsecureGuestLogons
This policy setting determines if the SMB client will allow insecure guest logons to an SMB server
- RestrictedGroups: ConfigureGroupMembership
This security setting allows an administrator to define the members of a security-sensitive (restricted) group.
You can find the entire list (CSV) on Github.
The scripts to retrieve and compare the available Policy CSP’s for a Windows version are available on GitHub. Feel free to leave feedback or improvement changes.