Event details
This is more of a comment than a question - I just wanted to call out that the Intune Policy CSP documentation still has large gaps when compared to traditional Group Policy documentation, especially for newly updated settings. I recently had an issue where the DeviceLock CSP documentation at https://learn.microsoft.com/en-us/windows/client-management/mdm/policy-csp-devicelock did not have any documented formatting for AccountLockoutPolicy, and I had to go find it in a Microsoft GitHub repo at https://github.com/microsoft/osconfig/blob/main/security/SecurityBaseline_WindowsServer_2025-2409.csv . This has been the case for some other CSP settings also.
MicrosoftGreat question! Not all settings in GP were originally brought to MDM. We added around 70 or so including new DeviceLock policies in 24H2, and will be backporting in the first quarter of '25 to all in service Win11 releases. Most of the new batch are local security policies, system services, user rights, etc. We'll update the docs when the backport is done, as we don't want to confuse people until they are available and in Settings Catalog.