Browse

Operating System Drives

Explore Operating System Drives policies in the Microsoft Windows catalog.

3,380 policies · 415 categories

Policies

Allow devices compliant with InstantGo or HSTI to opt out of pre-boot PIN. Allow enhanced PINs for startup Allow network unlock at startup Allow Secure Boot for integrity validation Choose how BitLocker-protected operating system drives can be recovered Configure minimum PIN length for startup Configure pre-boot recovery message and URL Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2) Configure TPM platform validation profile for BIOS-based firmware configurations Configure TPM platform validation profile for native UEFI firmware configurations Configure use of hardware-based encryption for operating system drives Configure use of passwords for operating system drives Disallow standard users from changing the PIN or password Enable use of BitLocker authentication requiring preboot keyboard input on slates Enforce drive encryption type on operating system drives Require additional authentication at startup Require additional authentication at startup (Windows Server 2008 and Windows Vista) Reset platform validation data after BitLocker recovery Use enhanced Boot Configuration Data validation profile