List of Intune Settings Catalog Policies

I’m trying to document Intune Settings Catalog Policies. Let’s see a list of cloud group policies. You can read Step by step guide to create & deploy Intune settings catalog. There are thousands of settings available in the settings catalog. This post covers some parts of settings catalog policies. The best way to find the latest list of policies is from Intune portal.

The ADMX policy templates are also included in settings catalog policies. I recommend using the settings catalog for setting up the configuration profiles for Windows 10/Windows 10 devices. This type of policy is supported for macOS devices as well.

Windows-based settings are based on Windows CSP policies. As the Windows team adds or exposes more CSP settings to MDM providers, these settings are added without much delay to Microsoft Intune for you to configure. More details list of Intune Administrative Template Settings| User | Device.

List of Local Security Policies

You can see the list of local security policies in the following table. You can find more details about the latest policies of the settings catalog.

List of Intune Settings Catalog Policies
List of Intune Settings Catalog Policies
  • Sign in to the Microsoft Endpoint Manager admin center
  • Select Devices > Configuration profiles > Create profile.
  • Select Windows 10 or later.
  • Select Settings catalog (preview).
  • Click on Create button.

NOTE! – All the Intune catalog settings policies are not covered in this post. The latest list of policies can be found by searching by clicking on + Add settings from the settings catalog.

Category of Policies Intune Settings Catalog Details
Local Policies SecurityAccounts Block Microsoft Accounts
Local Policies SecurityAccounts Enable Administrator Account Status
Local Policies SecurityAccounts Enable Guest Account Status
Local Policies SecurityAccounts Limit Local Account Use Of Blank Passwords To Console Logon Only
Local Policies SecurityAccounts Rename Administrator Account
Local Policies SecurityAccounts Rename Guest Account
Local Policies SecurityDevices Allow Undock Without Having To Logon
Local Policies SecurityDevices Prevent Users From Installing Printer Drivers When Connecting To Shared Printers
Local Policies SecurityInteractive Logon Display User Information When The Session Is Locked
Local Policies SecurityInteractive Logon Do Not Display Last Signed In
Local Policies SecurityInteractive Logon Do Not Display Username At Sign In
Local Policies SecurityInteractive Logon Do Not Require CTRLALTDEL
Local Policies SecurityInteractive Logon Machine Inactivity Limit
Local Policies SecurityInteractive Logon Message Text For Users Attempting To Log On
Local Policies SecurityInteractive Logon Message Title For Users Attempting To Log On
Local Policies SecurityInteractive Logon Smart Card Removal Behavior
Local Policies SecurityMicrosoft Network Client Digitally Sign Communications Always
Local Policies SecurityMicrosoft Network Client Digitally Sign Communications If Server Agrees
Local Policies SecurityMicrosoft Network Client Send Unencrypted Password To Third-Party SMB Servers
Local Policies SecurityMicrosoft Network Server Digitally Sign Communications Always
Local Policies SecurityMicrosoft Network Server Digitally Sign Communications If Client Agrees
Local Policies SecurityNetwork Access Do Not Allow Anonymous Enumeration Of SAM Accounts
Local Policies SecurityNetwork Access Do Not Allow Anonymous Enumeration Of Sam Accounts And Shares
Local Policies SecurityNetwork Access Restrict Anonymous Access To Named Pipes And Shares
Local Policies SecurityNetwork Access Restrict Clients Allowed To Make Remote Calls To SAM
Local Policies SecurityNetwork Security Allow PKU2U Authentication Requests
Local Policies SecurityNetwork Security Do Not Store LAN Manager Hash Value On Next Password Change
Local Policies SecurityNetwork Security LAN Manager Authentication Level
Local Policies SecurityNetwork Security Minimum Session Security For NTLMSSP Based Clients
Local Policies SecurityNetwork Security Minimum Session Security For NTLMSSP Based Servers
Local Policies SecurityShutdown Allow System To Be Shut Down Without Having To Log On
Local Policies SecurityShutdown Clear Virtual Memory Page File
Local Policies SecurityUser Account Control Allow UI Access Applications To Prompt For Elevation
Local Policies SecurityUser Account Control Behavior Of The Elevation Prompt For Administrators
Local Policies SecurityUser Account Control Behavior Of The Elevation Prompt For Standard Users
Local Policies SecurityUser Account Control Detect Application Installations And Prompt For Elevation
Local Policies SecurityUser Account Control Only Elevate Executable Files That Are Signed And Validated
Local Policies SecurityUser Account Control Only Elevate UI Access Applications That Are Installed In Secure Locations
Local Policies SecurityUser Account Control Run All Administrators In Admin Approval Mode
Local Policies SecurityUser Account Control Switch To The Secure Desktop When Prompting For Elevation
Local Policies SecurityUser Account Control Use Admin Approval Mode
Local Policies SecurityUser Account Control Virtualize File And Registry Write Failures To Per User Locations
Intune Settings Catalog Policies

Microsft Access 2016 security policies available in Intune Settings Catalog Policies are listed below the table.

Microsoft Access 2016 Intune Settings Catalog Details
Application Settings – GeneralFollowed hyperlink color (User)
Application Settings – GeneralHyperlink color (User)
Application Settings – GeneralUnderline hyperlinks (User)
Application Settings – InternationalCursor movement (User)
Application Settings – InternationalDefault direction (User)
Application Settings – InternationalGeneral Alignment (User)
Security – CryptographyConfigure CNG cipher chaining mode (User)
Security – CryptographySet CNG cipher algorithm (User)
Security – CryptographySet CNG cipher key length (User)
Security – CryptographySet CNG password spin count (User)
Security – CryptographySet parameters for CNG context (User)
Security – CryptographySpecify CNG hash algorithm (User)
Security – CryptographySpecify CNG random number generator algorithm (User)
Security – CryptographySpecify CNG salt length (User)
Security – CryptographySpecify encryption compatibility (User)
Trust Center – Trusted LocationsAllow Trusted Locations on the network (User)
Trust Center – Trusted LocationsDisable all trusted locations (User)
Trust Center – Trusted LocationsTrusted Location #1 (User)
PredefinedDisable commands (User)
PredefinedDisable shortcut keys (User)
Workgroup AdministratorPath to shared Workgroup information file for secured MDB files (User)
Intune Settings Catalog Policies

Firewall Policies

The list of firewall policies available as part of Intune Settings Catalog Policies is listed down.

List of Intune Settings Catalog Policies
List of Intune Settings Catalog Policies
Category of Policy Intune Settings Catalog Details
FirewallFirewall Rule Name
FirewallCertificate revocation list verification
FirewallDisable Stateful Ftp
FirewallEnable Domain Network Firewall
FirewallEnable Packet Queue
FirewallEnable Private Network Firewall
FirewallEnable Public Network Firewall
FirewallIPsec Exceptions
FirewallOpportunistically Match Auth Set Per KM
FirewallPreshared Key Encoding
FirewallSecurity association idle time
GamesAllow Advanced Gaming Services
HandwritingPanel Default Mode Docked
KerberosUPN Name Hints
Kios BrowserBlocked Url Exceptions
Kios BrowserBlocked Url Exceptions (User)
Kios BrowserBlocked Urls
Kios BrowserBlocked Urls (User)
Kios BrowserDefault URL
Kios BrowserDefault URL (User)
Kios BrowserEnable End Session Button
Kios BrowserEnable End Session Button (User)
Kios BrowserEnable Home Button
Kios BrowserEnable Home Button (User)
Kios BrowserEnable Navigation Buttons
Kios BrowserEnable Navigation Buttons (User)
Kios BrowserRestart On Idle Time
Kios BrowserRestart On Idle Time (User)
Lanman WorkstationEnable Insecure Guest Logons
LicensingAllow Windows Entitlement Reactivation
LicensingDisallow KMS Client Online AVS Validation
Loader Override SettingsConfigure the location of the browser executable folder
Loader Override SettingsConfigure the location of the browser executable folder (User)
Loader Override SettingsSet the release channel search order preference
Loader Override SettingsSet the release channel search order preference (User)
Intune Settings Catalog Policies

Lock Down, Maps, Memory Dump related policies

Let’s find more details of LockDown, Maps, Memory Dump-related policies.

Lock Down, Maps, Memory Dump related policies Intune Settings Catalog Details
Lock DownAllow Edge Swipe
MapsAllow Offline Maps Download Over Metered Connection
MapsEnable Offline Maps Auto Update
Memory DumpAllow Crash Dump (Windows Insiders only)
Memory DumpAllow Live Dump (Windows Insiders only)
List of Intune Settings Catalog Policies

Microsoft App Store Security Policies

Let’s find more details about the Microsoft app store security policies.

Microsoft App Store Related PoliciesIntune Settings Catalog Details
Microsoft App StoreAllow All Trusted Apps
Microsoft App StoreAllow apps from the Microsoft app store to auto-update
Microsoft App StoreAllow Developer Unlock
Microsoft App StoreAllow Game DVR
Microsoft App StoreAllow Shared User App Data
Microsoft App StoreBlock Non-Admin User Install
Microsoft App StoreDisable Store Originated Apps
Microsoft App StoreLaunch App After Log On
Microsoft App StoreMSI Allow User Control Over Install
Microsoft App StoreMSI Always Install With Elevated Privileges
Microsoft App StoreMSI Always Install With Elevated Privileges (User)
Microsoft App StoreRequire Private Store Only
Microsoft App StoreRequire Private Store Only (User)
Microsoft App StoreRestrict App Data To System Volume
Microsoft App StoreRestrict App To System Volume
List of Intune Settings Catalog Policies

Microsoft Edge Related Policies

Let’s find out Microsoft Edge Related Policies Intune Settings Catalog Policies.

Microsoft Edge Related Policies Intune Settings Catalog Details
Application Guard SettingsApplication Guard Container Proxy
Application Guard SettingsApplication Guard Container Proxy (User)
CastEnable Google Cast
CastEnable Google Cast (User)
CastShow the cast icon in the toolbar
CastShow the cast icon in the toolbar (User)
Content SettingsAllow cookies on specific sites
Content SettingsAllow cookies on specific sites (User)
Content SettingsAllow images on these sites
Content SettingsAllow images on these sites (User)
Content SettingsAllow insecure content on specified sites
Content SettingsAllow insecure content on specified sites (User)
Content SettingsAllow JavaScript on specific sites
Content SettingsAllow JavaScript on specific sites (User)
Content SettingsAllow notifications on specific sites
Content SettingsAllow notifications on specific sites (User)
Content SettingsAllow pop-up windows on specific sites
Content SettingsAllow pop-up windows on specific sites (User)
Content SettingsAllow read access via the File System API on these sites
Content SettingsAllow read access via the File System API on these sites (User)
Content SettingsAllow the Adobe Flash plug-in on specific sites
Content SettingsAllow the Adobe Flash plug-in on specific sites (User)
Content SettingsAllow WebUSB on specific sites
Content SettingsAllow WebUSB on specific sites (User)
Content SettingsAllow write access to files and directories on these sites
Content SettingsAllow write access to files and directories on these sites (User)
Content SettingsAutomatically select client certificates for these sites
Content SettingsAutomatically select client certificates for these sites (User)
Content SettingsBlock cookies on specific sites
Content SettingsBlock cookies on specific sites (User)
Content SettingsBlock images on specific sites
Content SettingsBlock images on specific sites (User)
Content SettingsBlock insecure content on specified sites
Content SettingsBlock insecure content on specified sites (User)
Content SettingsBlock JavaScript on specific sites
Content SettingsBlock JavaScript on specific sites (User)
Content SettingsBlock notifications on specific sites
Content SettingsBlock notifications on specific sites (User)
Content SettingsBlock pop-up windows on specific sites
Content SettingsBlock pop-up windows on specific sites (User)
Content SettingsBlock read access via the File System API on these sites
Content SettingsBlock the Adobe Flash plug-in on specific sites
Content SettingsBlock the Adobe Flash plug-in on specific sites (User)
Content SettingsBlock WebUSB on specific sites
Content SettingsBlock WebUSB on specific sites (User)
Content SettingsBlock write access to files and directories on these sites
Content SettingsBlock write access to files and directories on these sites (User)
Content SettingsChoose whether users can receive customized background images and text, suggestions, notifications, and tips for Microsoft
Content SettingsConfigure cookies
Content SettingsConfigure cookies (User)
Content SettingsControl use of insecure content exceptions
Content SettingsControl use of insecure content exceptions (User)
Content SettingsControl use of the File System API for reading
Content SettingsControl use of the File System API for reading (User)
Content SettingsControl use of the File System API for writing
Content SettingsControl use of the File System API for writing (User)
Content SettingsControl use of the Web Bluetooth API
Content SettingsControl use of the Web Bluetooth API (User)
Content SettingsDefault Adobe Flash setting
Content SettingsDefault Adobe Flash setting (User)
Content SettingsDefault geolocation setting
Content SettingsDefault geolocation setting (User)
Content SettingsDefault images setting
Content SettingsDefault images setting (User)
Content SettingsDefault JavaScript setting
Content SettingsDefault JavaScript setting (User)
Content SettingsDefault notification setting
Content SettingsDefault notification setting (User)
Content SettingsDefault pop-up window setting
Content SettingsDefault pop-up window setting (User)
Content SettingsEnable default legacy SameSite cookie behavior setting
Content SettingsEnable default legacy SameSite cookie behavior setting (User)
Content SettingsGrant access to specific sites to connect to specific USB devices
Content SettingsGrant access to specific sites to connect to specific USB devices (User)
Content SettingsLimit cookies from specific websites to the current session
Content SettingsLimit cookies from specific websites to the current session (User)
Content SettingsRevert to legacy SameSite behavior for cookies on specified sites
Content SettingsRevert to legacy SameSite behavior for cookies on specified sites (User)
Default Search ProviderConfigure the new tab page search box experience
Default Search ProviderConfigure the new tab page search box experience (User)
Default Search ProviderDefault search provider encodings
Default Search ProviderDefault search provider encodings (User)
Default Search ProviderDefault search provider keyword
Default Search ProviderDefault search provider keyword (User)
Default Search ProviderDefault search provider name
Default Search ProviderDefault search provider name (User)
Default Search ProviderDefault search provider search URL
Default Search ProviderDefault search provider search URL (User)
Default Search ProviderDefault search provider URL for suggestions
Default Search ProviderDefault search provider URL for suggestions (User)
Default Search ProviderEnable the default search provider
Default Search ProviderEnable the default search provider (User)
Default Search ProviderParameters for an image URL that uses POST
Default Search ProviderParameters for an image URL that uses POST (User)
Default Search ProviderSpecifies the search-by-image feature for the default search provider
Default Search ProviderSpecifies the search-by-image feature for the default search provider (User)
ExtensionsAllow specific extensions to be installed
ExtensionsAllow specific extensions to be installed (User)
ExtensionsBlocks external extensions from being installed
ExtensionsBlocks external extensions from being installed (User)
ExtensionsConfigure allowed extension types
ExtensionsConfigure allowed extension types (User)
ExtensionsConfigure extension and user script install sources
ExtensionsConfigure extension and user script install sources (User)
ExtensionsConfigure extension management settings
ExtensionsConfigure extension management settings (User)
ExtensionsControl which extensions are installed silently
ExtensionsControl which extensions are installed silently (User)
ExtensionsControl which extensions cannot be installed
ExtensionsControl which extensions cannot be installed (User)
HTTP AuthenticationAllow Basic authentication for HTTP (User)
HTTP AuthenticationAllow cross-origin HTTP Basic Auth prompts
HTTP AuthenticationAllow cross-origin HTTP Basic Auth prompts (User)
HTTP AuthenticationConfigure list of allowed authentication servers
HTTP AuthenticationConfigure list of allowed authentication servers (User)
HTTP AuthenticationDisable CNAME lookup when negotiating Kerberos authentication
HTTP AuthenticationDisable CNAME lookup when negotiating Kerberos authentication (User)
HTTP AuthenticationInclude non-standard port in Kerberos SPN
HTTP AuthenticationInclude non-standard port in Kerberos SPN (User)
HTTP AuthenticationSpecifies a list of servers that Microsoft Edge can delegate user credentials to
HTTP AuthenticationSpecifies a list of servers that Microsoft Edge can delegate user credentials to (User)
HTTP AuthenticationSupported authentication schemes
HTTP AuthenticationSupported authentication schemes (User)
Kios Mode SettingsConfigure address bar editing for kiosk mode public browsing experience
Kios Mode SettingsConfigure address bar editing for kiosk mode public browsing experience (User)
Kios Mode SettingsDelete files downloaded as part of kiosk session when Microsoft Edge closes
Kios Mode SettingsDelete files downloaded as part of kiosk session when Microsoft Edge closes (User)
ManageabilityMobile App Management Enabled
ManageabilityMobile App Management Enabled (User)
Native MessagingAllow user-level native messaging hosts (installed without admin permissions)
Native MessagingAllow user-level native messaging hosts (installed without admin permissions) (User)
Native MessagingConfigure native messaging block list
Native MessagingConfigure native messaging block list (User)
Native MessagingControl which native messaging hosts users can use
Native MessagingControl which native messaging hosts users can use (User)
Password Manager and ProtectionAllow users to be alerted if their passwords are found to be unsafe
Password Manager and ProtectionAllow users to be alerted if their passwords are found to be unsafe (User)
Password Manager and ProtectionConfigure password protection warning trigger
Password Manager and ProtectionConfigure password protection warning trigger (User)
Password Manager and ProtectionConfigure the change password URL
Password Manager and ProtectionConfigure the change password URL (User)
Password Manager and ProtectionConfigure the list of enterprise login URLs where password protection service should capture the fingerprint of the password
Password Manager and ProtectionConfigure the list of enterprise login URLs where password protection service should capture a fingerprint or password (User)
Password Manager and ProtectionEnable saving passwords to the password manager
Password Manager and ProtectionEnable saving passwords to the password manager (User)
PerformanceEnable startup boost
PerformanceEnable startup boost (User)
PrintingDefault background graphics printing mode
PrintingDefault background graphics printing mode (User)
PrintingDefault printer selection rules
PrintingDefault printer selection rules (User)
PrintingDefault printing page size
PrintingDefault printing page size (User)
PrintingDisable printer types on the deny list
PrintingDisable printer types on the deny list (User)
PrintingEnable printing
PrintingEnable printing (User)
PrintingPrint headers and footers
PrintingPrint headers and footers (User)
PrintingPrint using system print dialog
PrintingPrint using system print dialog (User)
PrintingRestrict background graphics printing mode
PrintingRestrict background graphics printing mode (User)
PrintingSet the system default printer as the default printer
PrintingSet the system default printer as the default printer (User)
Proxy ServerDefault background graphics printing mode
Proxy ServerDefault background graphics printing mode (User)
Proxy ServerDefault printer selection rules
Proxy ServerDefault printer selection rules (User)
Proxy ServerDefault printing page size
Proxy ServerDefault printing page size (User)
Proxy ServerDisable printer types on the deny list
Proxy ServerDisable printer types on the deny list (User)
Proxy ServerEnable printing
Proxy ServerEnable printing (User)
Proxy ServerPrint headers and footers
Proxy ServerPrint headers and footers (User)
Proxy ServerPrint using system print dialog
Proxy ServerPrint using system print dialog (User)
Proxy ServerRestrict background graphics printing mode
Proxy ServerRestrict background graphics printing mode (User)
Proxy ServerSet the system default printer as the default printer
Proxy ServerSet the system default printer as the default printer (User)
Sleeping Tabs SettingsBlock Sleeping Tabs on specific sites
Sleeping Tabs SettingsBlock Sleeping Tabs on specific sites (User)
Sleeping Tabs SettingsConfigure Sleeping Tabs
Sleeping Tabs SettingsConfigure Sleeping Tabs (User)
Sleeping Tabs SettingsSet the background tab inactivity timeout for Sleeping Tabs
Sleeping Tabs SettingsSet the background tab inactivity timeout for Sleeping Tabs (User)
SmartScreen SettingsConfigure Microsoft Defender SmartScreen
SmartScreen SettingsConfigure Microsoft Defender SmartScreen (User)
SmartScreen SettingsConfigure Microsoft Defender SmartScreen to block potentially unwanted apps
SmartScreen SettingsConfigure Microsoft Defender SmartScreen to block potentially unwanted apps (User)
SmartScreen SettingsConfigure the list of domains for which Microsoft Defender SmartScreen won’t trigger warnings
SmartScreen SettingsConfigure the list of domains for which Microsoft Defender SmartScreen won’t trigger warnings (User)
SmartScreen SettingsForce Microsoft Defender SmartScreen checks on downloads from trusted sources
SmartScreen SettingsForce Microsoft Defender SmartScreen checks on downloads from trusted sources (User)
SmartScreen SettingsPrevent bypassing Microsoft Defender SmartScreen prompts for sites
SmartScreen SettingsPrevent bypassing Microsoft Defender SmartScreen prompts for sites (User)
SmartScreen SettingsPrevent bypassing of Microsoft Defender SmartScreen warnings about downloads
SmartScreen SettingsPrevent bypassing of Microsoft Defender SmartScreen warnings about downloads (User)
Startup, Home page, and new tab pageConfigure Microsoft Defender SmartScreen
Startup, Home page, and new tab pageConfigure Microsoft Defender SmartScreen (User)
Startup, Home page, and new tab pageConfigure Microsoft Defender SmartScreen to block potentially unwanted apps
Startup, Home page, and new tab pageConfigure Microsoft Defender SmartScreen to block potentially unwanted apps (User)
Startup, Home page, and new tab pageConfigure the list of domains for which Microsoft Defender SmartScreen won’t trigger warnings
Startup, Home page, and new tab pageConfigure the list of domains for which Microsoft Defender SmartScreen won’t trigger warnings (User)
Startup, Home page, and new tab pageForce Microsoft Defender SmartScreen checks on downloads from trusted sources
Startup, Home page, and new tab pageForce Microsoft Defender SmartScreen checks on downloads from trusted sources (User)
Startup, Home page, and new tab pagePrevent bypassing Microsoft Defender SmartScreen prompts for sites
Startup, Home page, and new tab pagePrevent bypassing Microsoft Defender SmartScreen prompts for sites (User)
Startup, Home page, and new tab pagePrevent bypassing of Microsoft Defender SmartScreen warnings about downloads
Startup, Home page, and new tab pagePrevent bypassing of Microsoft Defender SmartScreen warnings about downloads (User)
List of Intune Settings Catalog Policies

Microsoft Edge Update – Intune Settings Catalog Policies

Intune Settings Catalog Policies related to Microsoft Edge Update are given below.

Microsoft Edge UpdateIntune Settings Catalog Details
ApplicationsAllow installation default
ApplicationsAllow Microsoft Edge Side by Side browser experience
ApplicationsPrevent Desktop Shortcut creation upon install default
ApplicationsUpdate policy override the default
Microsoft EdgeAllow installation
Microsoft EdgePrevent Desktop Shortcut creation upon install
Microsoft EdgeRollback to Target version
Microsoft EdgeTarget version override
Microsoft EdgeUpdate policy override
Microsoft Edge BetaAllow installation
Microsoft Edge BetaPrevent Desktop Shortcut creation upon install
Microsoft Edge BetaRollback to Target version
Microsoft Edge BetaTarget version override
Microsoft Edge BetaUpdate policy override
Microsoft Edge CanaryAllow installation
Microsoft Edge CanaryPrevent Desktop Shortcut creation upon install
Microsoft Edge CanaryRollback to Target version
Microsoft Edge CanaryTarget version override
Microsoft Edge CanaryUpdate policy override
Microsoft Edge DevAllow installation
Microsoft Edge DevPrevent Desktop Shortcut creation upon install
Microsoft Edge DevRollback to Target version
Microsoft Edge DevTarget version override
Microsoft Edge DevUpdate policy override
Microsoft Edge WebViewAllow installation
Microsoft Edge WebViewUpdate policy override
PreferencesAuto-update check period override
PreferencesTime period in each day to suppress auto-update check
Proxy ServerAddress or URL of proxy server
Proxy ServerChoose how to specify proxy server settings
Proxy ServerURL to a proxy .pac file
List of Intune Settings Catalog Policies

More Microsoft edge related to Intune Settings Catalog Policies.

Microsoft Edge – Default Settings
Microsoft Edge – Default Settings (users can override)Allow download restrictions
Microsoft Edge – Default Settings (users can override)Allow download restrictions (User)
Microsoft Edge – Default Settings (users can override)Allow importing of autofill form data
Microsoft Edge – Default Settings (users can override)Allow importing of autofill form data (User)
Microsoft Edge – Default Settings (users can override)Allow importing of browser settings
Microsoft Edge – Default Settings (users can override)Allow importing of browser settings (User)
Microsoft Edge – Default Settings (users can override)Allow importing of browsing history
Microsoft Edge – Default Settings (users can override)Allow importing of browsing history (User)
Microsoft Edge – Default Settings (users can override)Allow importing of Cookies
Microsoft Edge – Default Settings (users can override)Allow importing of Cookies (User)
Microsoft Edge – Default Settings (users can override)Allow importing of extensions
Microsoft Edge – Default Settings (users can override)Allow importing of extensions (User)
Microsoft Edge – Default Settings (users can override)Allow importing of favorites
Microsoft Edge – Default Settings (users can override)Allow importing of favorites (User)
Microsoft Edge – Default Settings (users can override)Allow importing of open tabs
Microsoft Edge – Default Settings (users can override)Allow importing of open tabs (User)
Microsoft Edge – Default Settings (users can override)Allow importing of payment info
Microsoft Edge – Default Settings (users can override)Allow importing of payment info (User)
Microsoft Edge – Default Settings (users can override)Allow importing of saved passwords
Microsoft Edge – Default Settings (users can override)Allow importing of saved passwords (User)
Microsoft Edge – Default Settings (users can override)Allow importing of search engine settings
Microsoft Edge – Default Settings (users can override)Allow importing of search engine settings (User)
Microsoft Edge – Default Settings (users can override)Allow importing of shortcuts
Microsoft Edge – Default Settings (users can override)Allow importing of shortcuts (User)
Microsoft Edge – Default Settings (users can override)Allow suggestions from local providers
Microsoft Edge – Default Settings (users can override)Allow suggestions from local providers (User)
Microsoft Edge – Default Settings (users can override)Block smart actions for a list of services
Microsoft Edge – Default Settings (users can override)Block smart actions for a list of services (User)
Microsoft Edge – Default Settings (users can override)Block third party cookies
Microsoft Edge – Default Settings (users can override)Block third party cookies (User)
Microsoft Edge – Default Settings (users can override)Clear browsing data when Microsoft Edge closes
Microsoft Edge – Default Settings (users can override)Clear browsing data when Microsoft Edge closes (User)
Microsoft Edge – Default Settings (users can override)Clear cached images and files when Microsoft Edge closes
Microsoft Edge – Default Settings (users can override)Clear cached images and files when Microsoft Edge closes (User)
Microsoft Edge – Default Settings (users can override)Continue running background apps after Microsoft Edge closes
Microsoft Edge – Default Settings (users can override)Continue running background apps after Microsoft Edge closes (User)
Microsoft Edge – Default Settings (users can override)Disable synchronization of data using Microsoft sync services
Microsoft Edge – Default Settings (users can override)Disable synchronization of data using Microsoft sync services (User)
Microsoft Edge – Default Settings (users can override)Enable AutoFill for addresses
Microsoft Edge – Default Settings (users can override)Enable AutoFill for addresses (User)
Microsoft Edge – Default Settings (users can override)Enable AutoFill for credit cards
Microsoft Edge – Default Settings (users can override)Enable AutoFill for credit cards (User)
Microsoft Edge – Default Settings (users can override)Enable favorites bar
Microsoft Edge – Default Settings (users can override)Enable favorites bar (User)
Microsoft Edge – Default Settings (users can override)Enable network prediction
Microsoft Edge – Default Settings (users can override)Enable network prediction (User)
Microsoft Edge – Default Settings (users can override)Enable resolution of navigation errors using a web service
Microsoft Edge – Default Settings (users can override)Enable resolution of navigation errors using a web service (User)
Microsoft Edge – Default Settings (users can override)Enable search suggestions
Microsoft Edge – Default Settings (users can override)Enable search suggestions (User)
Microsoft Edge – Default Settings (users can override)Enable Translate
Microsoft Edge – Default Settings (users can override)Enable Translate (User)
Microsoft Edge – Default Settings (users can override)Manage Search Engines
Microsoft Edge – Default Settings (users can override)Manage Search Engines (User)
Microsoft Edge – Default Settings (users can override)Redirect incompatible sites from Internet Explorer to Microsoft Edge
Microsoft Edge – Default Settings (users can override)Redirect incompatible sites from Internet Explorer to Microsoft Edge (User)
Microsoft Edge – Default Settings (users can override)Set application locale
Microsoft Edge – Default Settings (users can override)Set application locale (User)
Microsoft Edge – Default Settings (users can override)Set download directory
Microsoft Edge – Default Settings (users can override)Set download directory (User)
Microsoft Edge – Default Settings (users can override)Shopping in Microsoft Edge Enabled
Microsoft Edge – Default Settings (users can override)Shopping in Microsoft Edge Enabled (User)
Microsoft Edge – Default Settings (users can override)Show Microsoft Rewards experiences
Microsoft Edge – Default Settings (users can override)Show Microsoft Rewards experiences (User)
Microsoft Edge – Default Settings (users can override)Suggest similar pages when a webpage can’t be found
Microsoft Edge – Default Settings (users can override)Suggest similar pages when a webpage can’t be found (User)
Content SettingsRegister protocol handlers
Content SettingsRegister protocol handlers (User)
Default Search ProviderDefault search provider keyword
Default Search ProviderEnable the default search provider
Default Search ProviderSpecifies the search-by-image feature for the default search provider
Password manager and protectionAllow users to be alerted if their passwords are found to be unsafe
Password manager and protectionAllow users to be alerted if their passwords are found to be unsafe (User)
Password manager and protectionEnable Password reveal button
Password manager and protectionEnable Password reveal button (User)
Password manager and protectionEnable saving passwords to the password manager
Password manager and protectionEnable saving passwords to the password manager (User)
PerformanceEnable startup boost
PerformanceEnable startup boost (User)
PrintingPrint headers and footers
PrintingPrint headers and footers (User)
PrintingSet the system default printer as the default printer
PrintingSet the system default printer as the default printer (User)
Sleeping Tabs settingsBlock Sleeping Tabs on specific sites
Sleeping Tabs settingsBlock Sleeping Tabs on specific sites (User)
Sleeping Tabs settingsConfigure Sleeping Tabs
Sleeping Tabs settingsConfigure Sleeping Tabs (User)
Sleeping Tabs settingsSet the background tab inactivity timeout for Sleeping Tabs
Sleeping Tabs settingsSet the background tab inactivity timeout for Sleeping Tabs (User)
SmartScreen settingsConfigure Microsoft Defender SmartScreen
SmartScreen settingsConfigure Microsoft Defender SmartScreen (User)
SmartScreen settingsConfigure Microsoft Defender SmartScreen to block potentially unwanted apps
SmartScreen settingsConfigure Microsoft Defender SmartScreen to block potentially unwanted apps (User)
SmartScreen settingsForce Microsoft Defender SmartScreen checks on downloads from trusted sources
SmartScreen settingsForce Microsoft Defender SmartScreen checks on downloads from trusted sources (User)
Startup, Home page and new tab pageAction to take on startup
Startup, Home page and new tab pageAction to take on startup (User)
Startup, Home page and new tab pageConfigure the home page URL
Startup, Home page and new tab pageConfigure the home page URL (User)
Startup, Home page and new tab pageConfigure the Microsoft Edge new tab page experience
Startup, Home page and new tab pageConfigure the Microsoft Edge new tab page experience (User)
Startup, Home page and new tab pageConfigure the new tab page URL
Startup, Home page and new tab pageConfigure the new tab page URL (User)
Startup, Home page and new tab pageEnable preload of the new tab page for faster rendering
Startup, Home page and new tab pageEnable preload of the new tab page for faster rendering (User)
Startup, Home page and new tab pageSet new tab page quick links
Startup, Home page and new tab pageSet new tab page quick links (User)
Startup, Home page and new tab pageSet the new tab page as the home page
Startup, Home page and new tab pageSet the new tab page as the home page (User)
Startup, Home page and new tab pageShow Home button on toolbar
Startup, Home page and new tab pageShow Home button on toolbar (User)
Startup, Home page and new tab pageSites to open when the browser starts
Startup, Home page and new tab pageSites to open when the browser starts (User)
List of Intune Settings Catalog Policies

General – Intune Settings Catalog Policies

The following table gives the list of general Intune Settings Catalog Policies.

Category of PoliciesIntune Settings Catalog Details
Above LockAllow Cortana Above Lock
Above LockAllow Toasts
AccountAllow Adding Non-Microsoft Accounts Manually
AccountAllow Microsoft Account Connection
AccountAllow Microsoft Account Sign-In Assistant
AccountDomain Names For Email Sync
Application ControlConfiguration settings format
AuditingAccount Logon Audit Other Account Logon Events
AuditingAudit Authentication Policy Change
AuditingAudit Authorization Policy Change
AuditingAudit Changes to Audit Policy
AuditingAudit Directory Service Changes
AuditingAudit File Share Access
AuditingAudit Other Logon Logoff Events
AuditingAudit Security Group Management
AuditingAudit Security System Extension
AuditingAudit Special Logon
AuditingAudit User Account Management
AuditingObject Access Audit Detailed File Share
AuthenticationAllow Aad Password Reset
AuthenticationAllow EAP Cert SSO (User)
AuthenticationAllow Fast Reconnect
AuthenticationAllow Secondary Authentication Device
AuthenticationEnable Fast First Sign In
AuthenticationEnable Web Sign In
AuthenticationPreferred Aad Tenant Domain Name
BitLockerAllow Warning For Other Disk Encryption
BitLockerRequire Device Encryption
BITSBandwidth Throttling End Time
BITSBandwidth Throttling Start Time
BITSBandwidth Throttling Transfer Rate
BITSCosted Network Behavior Background Priority
BITSCosted Network Behavior Foreground Priority
BITSJob Inactivity Timeout
BluetoothAllow Advertising
BluetoothAllow Discoverable Mode
BluetoothAllow Preparing
BluetoothAllow Prompted Proximal Connections
BluetoothLocal Device Name
BluetoothServices Allowed List
BluetoothSet Minimum Encryption Key Size
BrowserAllow Address Bar Dropdown
BrowserAllow Address Bar Dropdown (User)
BrowserAllow Autofill
BrowserAllow Autofill (User)
BrowserAllow Browser (User)
BrowserAllow Configuration Update For Books Library
BrowserAllow Configuration Update For Books Library (User)
BrowserAllow Cookies
BrowserAllow Cookies (User)
BrowserAllow Developer Tools
BrowserAllow Developer Tools (User)
BrowserAllow Do Not Track
BrowserAllow Do Not Track (User)
BrowserAllow Extensions
BrowserAllow Extensions (User)
BrowserAllow Flash
BrowserAllow Flash (User)
BrowserAllow Flash Click To Run
BrowserAllow Flash Click To Run (User)
BrowserAllow Full-Screen Mode
BrowserAllow Full-Screen Mode (User)
BrowserAllow InPrivate
BrowserAllow InPrivate (User)
BrowserAllow Microsoft Compatibility List
BrowserAllow Microsoft Compatibility List (User)
CameraAllow Camera
CellularLet Apps Access Cellular Data
CellularLet Apps Access Cellular Data Force Allow These Apps
CellularLet Apps Access Cellular Data Force Deny These Apps
CellularLet Apps Access Cellular Data User In Control Of These Apps
ConnectivityAllow Bluetooth
ConnectivityAllow Cellular Data
ConnectivityAllow Cellular Data Roaming
ConnectivityAllow Connected Devices
ConnectivityAllow Phone PC Linking
ConnectivityAllow VPN Over Cellular
ConnectivityAllow VPN Roaming Over Cellular
ConnectivityDisallow Network Connectivity Active Tests
Control Policy ConflictMDM Wins Over GP
Credential ProvidersDisable Automatic Re Deployment Credentials
CryptographyAllow Fips Algorithm Policy
CryptographyTLS Cipher Suites
Data ProtectionAllow Direct Memory Access
Data ProtectionLegacy Selective Wipe ID
DefenderAllow Archive Scanning
DefenderAllow Behavior Monitoring
DefenderAllow Cloud Protection
DefenderAllow Email Scanning
DefenderAllow Full Scan On Mapped Network Drives
DefenderAllow Full Scan Removable Drive Scanning
DefenderAllow Intrusion Prevention System
DefenderAllow IOAV Protection
DefenderAllow On-Access Protection
DefenderAllow Real-time Monitoring
DefenderAllow Scanning Network Files
DefenderAllow Script Scanning
DefenderAllow User UI Access
DefenderAttack Surface Reduction Only Exclusions
DefenderBlock Adobe Reader from creating child processes
DefenderBlock all Office applications from creating child processes
DefenderBlock credential stealing from the Windows local security authority subsystem
DefenderBlock executable content from email client and webmail
DefenderBlock executable files from running unless they meet a prevalence, age, or trusted list criterion
DefenderBlock execution of potentially obfuscated scripts
DefenderBlock JavaScript or VBScript from launching downloaded executable content
DefenderBlock Office applications from creating executable content
DefenderBlock Office applications from injecting code into other processes
DefenderBlock Office communication application from creating child processes
DefenderExcluded Extensions
DefenderExcluded Paths
DefenderExcluded Processes
DefenderPUA Protection
DefenderReal-Time Scan Direction
DefenderScan Parameter
DefenderSchedule Quick Scan Time
DefenderSchedule Scan Day
DefenderSchedule Scan Time
DefenderSecurity Intelligence Location
DefenderSignature Update Fallback Order
DefenderSignature Update File Shares Sources
DefenderSignature Update Interval
DefenderSubmit Samples Consent
DefenderRemediation action for High severity threats
DefenderRemediation action for Low severity threats
DefenderRemediation action for Moderate severity threats
DefenderRemediation action for Severe threats
DefenderBlock persistence through WMI event subscription
DefenderBlock process creations originating from PSExec and WMI commands
DefenderBlock untrusted and unsigned processes that run from USB
DefenderBlock Win32 API calls from Office macros
DefenderUse advanced protection against ransomware
DefenderAvg CPU Load Factor
DefenderCheck For Signatures Before Running Scan
DefenderCloud Block Level
DefenderCloud Extended Timeout
DefenderControlled Folder Access Allowed Applications
DefenderControlled Folder Access Protected Folders
DefenderDays To Retain Cleaned Malware
DefenderDisable Catchup Full Scan
DefenderDisable Catchup Quick Scan
DefenderEnable Controlled Folder Access
DefenderEnable Low CPU Priority
DefenderEnable Network Protection
Delivery OptimizationDO Absolute Max Cache Size
Delivery OptimizationDO Allow VPN Peer Caching
Delivery OptimizationDO Cache Host
Delivery OptimizationDO Cache Host Source
Delivery OptimizationDO Delay Background Download From Http
Delivery OptimizationDO Delay Cache Server Fallback Background
Delivery OptimizationDO Delay Cache Server Fallback Foreground
Delivery OptimizationDO Delay Foreground Download From Http
Delivery OptimizationDO Download Mode
Delivery OptimizationDO Group Id
Delivery OptimizationDO Group Id Source
Delivery OptimizationDO Max Background Download Bandwidth
Delivery OptimizationDO Max Cache Age
Delivery OptimizationDO Max Cache Size
Delivery OptimizationDO Max Download Bandwidth
Delivery OptimizationDO Max Foreground Download Bandwidth
Delivery OptimizationDO Max Upload Bandwidth
Delivery OptimizationDO Min Background Qos
Delivery OptimizationDO Min Battery Percentage Allowed To Upload
Delivery OptimizationDO Min Disk Size Allowed To Peer
Delivery OptimizationDO Min File Size To Cache
Delivery OptimizationDO Min RAM Allowed To Peer
Delivery OptimizationDO Modify Cache Drive
Delivery OptimizationDO Monthly Upload Data Cap
Delivery OptimizationDO Percentage Max Background Bandwidth
Delivery OptimizationDO Percentage Max Foreground Bandwidth
Delivery OptimizationDO Restrict Peer Selection By
Device GuardConfigure System Guard Launch
Device GuardEnable Virtualization Based Security
Device GuardLSA Cfg Flags
Device GuardRequire Platform Security Features
Device Health MonitoringAllow Device Health Monitoring
Device Health MonitoringConfig Device Health Monitoring Scope
Device Health MonitoringConfig Device Health Monitoring Service Instance
Device Health MonitoringConfig Device Health Monitoring Upload Destination
Device LockDevice Password Enabled
Device LockAllow Simple Device Password
Device LockAlphanumeric Device Password Required
Device LockDevice Password Expiration
Device LockDevice Password History
Device LockMax Device Password Failed Attempts
Device LockMax Inactivity Time Device Lock
Device LockMin Device Password Complex Characters
Device LockMin Device Password Length
Device LockEnforce Lock Screen And Logon Image
Device LockEnforce Lock Screen Provider
Device LockMinimum Password Age
DisplayDisable Per Process Dpi For Apps
DisplayEnable Per Process Dpi
DisplayEnable Per Process Dpi (User)
DisplayEnable Per Process Dpi For Apps
DisplayTurn Off Gdi DPI Scaling For Apps
DisplayTurn On Gdi DPI Scaling For Apps
DMA GuardDevice Enumeration Policy
EducationAllow Graphing Calculator (User)
EducationDefault Printer Name (User)
EducationPrevent Adding New Printers (User)
EducationPrinter Names (User)
Enterprise Cloud PrintCloud Print OAuth Authority (User)
Enterprise Cloud PrintCloud Print OAuth Client Id (User)
Enterprise Cloud PrintCloud Print Resource Id (User)
Enterprise Cloud PrintCloud Printer Discovery End Point (User)
Enterprise Cloud PrintMopria Discovery Resource Id (User)
ExperienceAllow Clipboard History
ExperienceAllow Cortana
ExperienceAllow Device Discovery
ExperienceAllow Find My Device
ExperienceAllow Manual MDM Unenrollment
ExperienceAllow Save As Of Office Files
ExperienceAllow Sync My Settings
ExperienceAllow Windows Spotlight (User)
ExperienceAllow Tailored Experiences With Diagnostic Data (User)
ExperienceAllow Third-Party Suggestions In Windows Spotlight (User)
ExperienceAllow Windows Consumer Features
ExperienceAllow Windows Spotlight On Action Center (User)
ExperienceAllow Windows Spotlight Windows Welcome Experience (User)
ExperienceAllow Windows Tips
ExperienceConfigure Windows Spotlight On Lock Screen (User)
ExperienceAllow Windows Spotlight On Settings (User)
ExperienceDo Not Show Feedback Notifications
ExperienceDo Not Sync Browser Settings
ExperiencePrevent Users From Turning On Browser Syncing
ExperienceShow Lock-On User Tile
Exploit GuardExploit Protection Settings
List of Intune Settings Catalog Policies

Resources

Leave a Comment

Your email address will not be published. Required fields are marked *