Policy
Certificate Deployment via Controlled Feature Rollout
For enterprises that desire assistance in deploying the new Secure Boot certificates to their devices, this setting can be enabled. Note: The device must be sending required diagnostic data to Microsoft to use this feature. For more information, see: https://aka.ms/GetSecureBoot
PackMicrosoft Windows
CategoryWindows Components / Secure Boot
Policy ID
34b0b01ee3fcInternal name
SecureBoot_MicrosoftUpdateManagedOptInRegistry
Copy registry mappings
HKLM\SYSTEM\CurrentControlSet\Control\SecureBoot\MicrosoftUpdateManagedOptIn (enabled) = 22852
HKLM\SYSTEM\CurrentControlSet\Control\SecureBoot\MicrosoftUpdateManagedOptIn (disabled) = 0Policy notes
For enterprises that desire assistance in deploying the new Secure Boot certificates to their devices, this setting can be enabled. Note: The device must be sending required diagnostic data to Microsoft to use this feature. For more information, see: https://aka.ms/GetSecureBoot