Forum Discussion
Solved
Custom Policy CSP for NCSC Guidance for Windows 10
The NCSC Guidance for Deploying Intune managed Windows 10 clients (https://www.ncsc.gov.uk/guidance/eud-guidance-windows-10-1803-mobile-device-management) lists two custom OMA-URI settings that block...
Hi Andrew,
you need to specify the list elements slightly different. Every list element must be specified as a tuple with the official separator and then it is working. e.g. instead of PCI\CC_0C0A you must specify PCI\CC_0C0APCI\CC_0C0A. In addition the retroactive values must be true or false.
./Vendor/MSFT/Policy/Config/DeviceInstallation/PreventInstallationOfMatchingDeviceIDs
<enabled/>
<data id="DeviceInstall_IDs_Deny_List" value="PCI\CC_0C0APCI\CC_0C0A"/>
<data id="DeviceInstall_IDs_Deny_Retroactive" value="true"/>
./Vendor/MSFT/Policy/Config/DeviceInstallation/PreventInstallationOfMatchingDeviceSetupClasses
<enabled/>
<data id="DeviceInstall_Classes_Deny_List" value="
{d48179be-ec20-11d1-b6b8-00c04fa372a7}{d48179be-ec20-11d1-b6b8-00c04fa372a7}{7ebefbc0-3200-11d2-b4c2-00a0C9697d07}{7ebefbc0-3200-11d2-b4c2-00a0C9697d07}{c06ff265-ae09-48f0-812c-16753d7cba83}{c06ff265-ae09-48f0-812c-16753d7cba83}{6bdd1fc1-810f-11d0-bec7-08002be2092f}{6bdd1fc1-810f-11d0-bec7-08002be2092f}"/><data id="DeviceInstall_Classes_Deny_Retroactive" value="true"/>this applies successfully on my devices.best,
Oliver
Hi,
You have to use type String. Not the type String (XML). That‘s how it is supposed to be configured.
Best,
Oliver
You have to use type String. Not the type String (XML). That‘s how it is supposed to be configured.
Best,
Oliver
Thanks Oliver