Browse
Operating System Drives
Explore Operating System Drives policies in the Microsoft Windows catalog.
3,380 policies · 415 categories
Policies
Allow devices compliant with InstantGo or HSTI to opt out of pre-boot PIN.Allow enhanced PINs for startupAllow network unlock at startupAllow Secure Boot for integrity validationChoose how BitLocker-protected operating system drives can be recoveredConfigure minimum PIN length for startupConfigure pre-boot recovery message and URLConfigure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2)Configure TPM platform validation profile for BIOS-based firmware configurationsConfigure TPM platform validation profile for native UEFI firmware configurationsConfigure use of hardware-based encryption for operating system drivesConfigure use of passwords for operating system drivesDisallow standard users from changing the PIN or passwordEnable use of BitLocker authentication requiring preboot keyboard input on slatesEnforce drive encryption type on operating system drivesRequire additional authentication at startupRequire additional authentication at startup (Windows Server 2008 and Windows Vista)Reset platform validation data after BitLocker recoveryUse enhanced Boot Configuration Data validation profile