Due to the modest innovations of Windows 10 20H2, this version only introduces a few additional GPO settings. The preliminary security baseline documents four new settings, but in fact there are more. The focus is on options for data protection. After a long absence, the reference is again available as an Excel spreadsheet.

One of the main innovations of Windows 10 20H2 is that Edge Chromium no longer needs to be downloaded separately, because it is now included in the installation media of the OS. However, the integration of the group policies to manage the browser has not progressed very far, since the administrative templates do not yet contain its settings. You will still have to download them separately.

The GPO settings for Edge Chromium are not yet included in Windows 10 20H2 but are still a separate download

The GPO settings for Edge Chromium are not yet included in Windows 10 20H2 but are still a separate download

The ADMX for Windows 10 20H2 still contain the settings for the original Edge. They are only for backward compatibility if you still have older versions of Windows 10 in your network and didn't upgrade the browser yet.

New Group Policy settings

One of the new settings still relates to the new Edge browser, where you can move between the tabs with Alt-Tab. This can be customized or disabled via a GPO.

With Alt Tab you can navigate between the Edge tabs the feature can be customized via GPO

With Alt Tab you can navigate between the Edge tabs the feature can be customized via GPO

Another new option is called Disable content optimized for the cloud, which is used to fetch data from the cloud for features such as lock screen or Windows tips.

According to the documentation in the preliminary security baseline, a third setting should be called Disable safeguards for feature updates, and it relates to Windows Update for Business. In reality, however, it is not found in the current ADMX for Windows 10 20H2.

Three further options regulate how Microsoft is allowed to evaluate the transferred telemetry data. They let the administrator determine in detail whether Desktop Analytics, Windows Update for Business, and Update Compliance Processing should process this information.

Windows 10 20H2 brings three new settings for data collection

Windows 10 20H2 brings three new settings for data collection

Finally, Domain controller: Allow vulnerable Netlogon secure channel connections adds a new security setting. This allows the logon behavior changed by the August update to be reset to enable unencrypted logon on certain devices.

Although they are new in Windows 10 and Server 20H2, the GPO editor lists older OS versions, in some cases even Server 2016, as a minimum requirement for these settings. They should therefore also be applicable for such older Windows versions.

Excel spreadsheet as a reference for GPO settings

For several versions now of Windows 10, Microsoft has stopped documenting the GPO settings by updating the well-known Excel spreadsheet. The Group Policy Settings Reference Spreadsheet for Windows 10 October 2020 Update (20H2) can now be found again on the download site. It only contains English documentation and is not very user-friendly.

Subscribe to 4sysops newsletter!

As with the previous releases, I have created a multilingual spreadsheet with all current GPO settings as an alternative (new settings are framed in red). For example, if you read an instruction in English on the web and work on a workstation using a localized version of Windows, you can easily translate the name because the settings for all the languages are on the same line.

avatar
0 Comments

Leave a reply

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2023

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account