Muokkaa

Jaa


Policy CSP - ADMX_srmfci

Tip

This CSP contains ADMX-backed policies which require a special SyncML format to enable or disable. You must specify the data type in the SyncML as <Format>chr</Format>. For details, see Understanding ADMX-backed policies.

The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see CDATA Sections.

AccessDeniedConfiguration

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 2004 with KB5005101 [10.0.19041.1202] and later
✅ Windows 10, version 20H2 with KB5005101 [10.0.19042.1202] and later
✅ Windows 10, version 21H1 with KB5005101 [10.0.19043.1202] and later
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/Policy/Config/ADMX_srmfci/AccessDeniedConfiguration

This policy setting specifies the message that users see when they're denied access to a file or folder. You can customize the Access Denied message to include additional text and links. You can also provide users with the ability to send an email to request access to the file or folder to which they were denied access.

  • If you enable this policy setting, users receive a customized Access Denied message from the file servers on which this policy setting is applied.

  • If you disable this policy setting, users see a standard Access Denied message that doesn't provide any of the functionality controlled by this policy setting, regardless of the file server configuration.

  • If you don't configure this policy setting, users see a standard Access Denied message unless the file server is configured to display the customized Access Denied message. By default, users see the standard Access Denied message.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Add, Delete, Get, Replace

Tip

This is an ADMX-backed policy and requires SyncML format for configuration. For an example of SyncML format, refer to Enabling a policy.

ADMX mapping:

Name Value
Name AccessDeniedConfiguration
Friendly Name Customize message for Access Denied errors
Location Computer Configuration
Path System > Access-Denied Assistance
Registry Key Name SOFTWARE\Policies\Microsoft\Windows\ADR\AccessDenied
Registry Value Name Enabled
ADMX File Name srm-fci.admx

CentralClassificationList

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 2004 with KB5005101 [10.0.19041.1202] and later
✅ Windows 10, version 20H2 with KB5005101 [10.0.19042.1202] and later
✅ Windows 10, version 21H1 with KB5005101 [10.0.19043.1202] and later
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/Policy/Config/ADMX_srmfci/CentralClassificationList

This policy setting controls which set of properties is available for classifying files on affected computers.

Administrators can define the properties for the organization by using Active Directory Domain Services (AD DS), and then group these properties into lists. Administrators can supplement these properties on individual file servers by using File Classification Infrastructure, which is part of the File Server Resource Manager role service.

  • If you enable this policy setting, you can select which list of properties is available for classification on the affected computers.

  • If you disable or don't configure this policy setting, the Global Resource Property List in AD DS provides the default set of properties.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Add, Delete, Get, Replace

Tip

This is an ADMX-backed policy and requires SyncML format for configuration. For an example of SyncML format, refer to Enabling a policy.

ADMX mapping:

Name Value
Name CentralClassificationList
Friendly Name File Classification Infrastructure: Specify classification properties list
Location Computer Configuration
Path System > File Classification Infrastructure
Registry Key Name SOFTWARE\Policies\Microsoft\Windows\FCI
ADMX File Name srm-fci.admx

EnableManualUX

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 2004 with KB5005101 [10.0.19041.1202] and later
✅ Windows 10, version 20H2 with KB5005101 [10.0.19042.1202] and later
✅ Windows 10, version 21H1 with KB5005101 [10.0.19043.1202] and later
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/Policy/Config/ADMX_srmfci/EnableManualUX

This policy setting controls whether the Classification tab is displayed in the Properties dialog box in File Explorer.

The Classification tab enables users to manually classify files by selecting properties from a list. Administrators can define the properties for the organization by using Group Policy, and supplement these with properties defined on individual file servers by using File Classification Infrastructure, which is part of the File Server Resource Manager role service.

  • If you enable this policy setting, the Classification tab is displayed.

  • If you disable or don't configure this policy setting, the Classification tab is hidden.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Add, Delete, Get, Replace

Tip

This is an ADMX-backed policy and requires SyncML format for configuration. For an example of SyncML format, refer to Enabling a policy.

ADMX mapping:

Name Value
Name EnableManualUX
Friendly Name File Classification Infrastructure: Display Classification tab in File Explorer
Location Computer Configuration
Path System > File Classification Infrastructure
Registry Key Name SOFTWARE\Policies\Microsoft\Windows\FCI
Registry Value Name EnableManualUX
ADMX File Name srm-fci.admx

EnableShellAccessCheck

Scope Editions Applicable OS
✅ Device
❌ User
✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC
✅ Windows 10, version 2004 with KB5005101 [10.0.19041.1202] and later
✅ Windows 10, version 20H2 with KB5005101 [10.0.19042.1202] and later
✅ Windows 10, version 21H1 with KB5005101 [10.0.19043.1202] and later
✅ Windows 11, version 21H2 [10.0.22000] and later
./Device/Vendor/MSFT/Policy/Config/ADMX_srmfci/EnableShellAccessCheck

This Group Policy Setting should be set on Windows clients to enable access-denied assistance for all file types.

Description framework properties:

Property name Property value
Format chr (string)
Access Type Add, Delete, Get, Replace

Tip

This is an ADMX-backed policy and requires SyncML format for configuration. For an example of SyncML format, refer to Enabling a policy.

ADMX mapping:

Name Value
Name EnableShellAccessCheck
Friendly Name Enable access-denied assistance on client for all file types
Location Computer Configuration
Path System > Access-Denied Assistance
Registry Key Name SOFTWARE\Policies\Microsoft\Windows\Explorer
Registry Value Name EnableShellExecuteFileStreamCheck
ADMX File Name srm-fci.admx

Policy configuration service provider