This document lists all known Group Policy differences between Windows 10 Pro and the Windows 10 Enterprise/Windows 10 Education. Microsoft might change the Group Policy behavior in feature upgrades. This wiki doc is about the latest release, which currently is Windows 10 1511.
- Author and member of the year 2019 – Why DevOps still doesn't rule the IT world - Wed, Jan 1 2020
- Results of the 4sysops member and author competition in 2018 - Tue, Jan 8 2019
- Why Microsoft is using Windows customers as guinea pigs - Reply to Tim Warner - Tue, Dec 18 2018
This Microsoft document gives a general overview of the differences between the Windows 10 editions.
If you know of another Group Policy difference between the Windows 10 editions, please update the document. Only registered 4sysops members can edit wiki docs.
The following Group Policies only work in Windows 10 Enterprise/Education and not in Windows 10 Pro. A number of the settings described below refer to a folder with several Group Policies that are related to the corresponding features. The descriptions are from Microsoft.
AppLocker ^
Description
Allows you to specify which users or groups can run particular applications in your organization based on unique identities of files.
Path
Computer Configuration > Windows Settings > Security Settings > Application Control Polices > AppLocker
Additional Information
BranchCache ^
Description
BranchCache copies content from your main office or hosted cloud content servers and caches the content at branch office locations, allowing client computers at branch offices to access the content locally rather than over the WAN.
Path
Computer Configuration > Network > BranchCache
Additional Information
BranchCache Client Configuration
Credential Guard ^
Description
Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them.
Path
Computer Configuration > Administrative Templates > System > Device Guard > Turn on Virtualization Based Security
Additional Information
Configure Credential Guard via Group Policy
DirectAccess ^
Description
DirectAccess allows connectivity to organizational network resources without the need for traditional virtual private network (VPN) connections.
Path
Computer Configuration > Administrative Templates > Network > DirectAccess Client Experience Settings
Additional Information
Configure the DirectAccess Infrastructure
Device Guard ^
Description
Device Guard is a combination of enterprise-related hardware and software security features that, when configured together, will lock a device down so that it can only run trusted applications that you define in your code integrity policies.
Path
Computer Configuration > Administrative Templates > System > Device Guard
Additional Information
Force a specific default lock screen image ^
Description
This setting allows you to force a specific default lock screen image by entering the path (location) of the image file.
Policy path
Computer Configuration > Administrative Templates > Control Panel > Personalization
Additional information
Windows spotlight on the lock screen
Start layout ^
Update: Readers reported that this feature works in Windows 10 Pro even though Microsoft advertises this functionality for Windows 10 Enterprise.
Description
This setting lets you specify the Start layout for users and prevents them from changing its configuration.
Path
Computer Configuration > Administrative Templates > Start Menu and Taskbar
User Configuration > Administrative Templates > Start Menu and Taskbar
Additional information
Manage Windows 10 Start layout options
Turn off access to the Store application ^
Description
Turn off the Store application
This policy setting specifies whether to use the Store service (for finding an application) to open a file with an unhandled file type or protocol association.
Policy path
Computer Configuration > Administrative Templates > Windows Components > Store
User Configuration > Administrative Templates > Windows Components > Store
Additional information
Can't disable Windows Store in Windows 10 Pro through Group Policy
Want to write for 4sysops? We are looking for new authors.
Read 4sysops without ads by becoming a member!
Discussion (0)
There are no comments for this doc yet.