- Allow non-admins to access Remote Desktop - Thu, Sep 28 2023
- Which WSUS products to select for Windows 11? - Tue, Sep 26 2023
- Activate BitLocker with manage-bde, PowerShell, or WMI - Wed, Sep 20 2023
One of the main innovations of Windows 10 20H2 is that Edge Chromium no longer needs to be downloaded separately, because it is now included in the installation media of the OS. However, the integration of the group policies to manage the browser has not progressed very far, since the administrative templates do not yet contain its settings. You will still have to download them separately.
The GPO settings for Edge Chromium are not yet included in Windows 10 20H2 but are still a separate download
The ADMX for Windows 10 20H2 still contain the settings for the original Edge. They are only for backward compatibility if you still have older versions of Windows 10 in your network and didn't upgrade the browser yet.
New Group Policy settings
One of the new settings still relates to the new Edge browser, where you can move between the tabs with Alt-Tab. This can be customized or disabled via a GPO.
With Alt Tab you can navigate between the Edge tabs the feature can be customized via GPO
Another new option is called Disable content optimized for the cloud, which is used to fetch data from the cloud for features such as lock screen or Windows tips.
According to the documentation in the preliminary security baseline, a third setting should be called Disable safeguards for feature updates, and it relates to Windows Update for Business. In reality, however, it is not found in the current ADMX for Windows 10 20H2.
Three further options regulate how Microsoft is allowed to evaluate the transferred telemetry data. They let the administrator determine in detail whether Desktop Analytics, Windows Update for Business, and Update Compliance Processing should process this information.
Windows 10 20H2 brings three new settings for data collection
Finally, Domain controller: Allow vulnerable Netlogon secure channel connections adds a new security setting. This allows the logon behavior changed by the August update to be reset to enable unencrypted logon on certain devices.
Although they are new in Windows 10 and Server 20H2, the GPO editor lists older OS versions, in some cases even Server 2016, as a minimum requirement for these settings. They should therefore also be applicable for such older Windows versions.
Excel spreadsheet as a reference for GPO settings
For several versions now of Windows 10, Microsoft has stopped documenting the GPO settings by updating the well-known Excel spreadsheet. The Group Policy Settings Reference Spreadsheet for Windows 10 October 2020 Update (20H2) can now be found again on the download site. It only contains English documentation and is not very user-friendly.
Subscribe to 4sysops newsletter!
As with the previous releases, I have created a multilingual spreadsheet with all current GPO settings as an alternative (new settings are framed in red). For example, if you read an instruction in English on the web and work on a workstation using a localized version of Windows, you can easily translate the name because the settings for all the languages are on the same line.
