less than 1 minute read

Hello. Long time no see. Finally I’m back with a new post. This time I created a nice little list with Windows 10 1803 New MDM Policy CSP Settings for the next Windows 10 release. If you’re not familiar with Policy CSP Settings - that are GPO Settings configureable over an Intune OMA-Uri Policy. Here’s a great introducation to Policy CSP Settings.

My favorite policy CPS’s available with Windows 10 1803

The following CSP’s are available on Windows 10 1803 and later:

  • ControlPolicyConflict: MDMWinsOverGP
    This policy allows the IT admin to control which policy will be used whenever both the MDM policy and its equivalent Group Policy are set on the device.
    Microsoft docs
  • LanmanWorkstation: EnableInsecureGuestLogons
    This policy setting determines if the SMB client will allow insecure guest logons to an SMB server
    Microsoft docs
  • RestrictedGroups: ConfigureGroupMembership
    This security setting allows an administrator to define the members of a security-sensitive (restricted) group.
    Microsoft docs

You can find the entire list (CSV) on Github.

The scripts to retrieve and compare the available Policy CSP’s for a Windows version are available on GitHub. Feel free to leave feedback or improvement changes.