List of Windows 11 Group Policy Settings

Let’s quickly check the details of the New Windows 11 Group Policy Settings. Microsoft released the new Windows 11 operating system officially on October 4th, with every new release of the Windows version, group policy settings are updating to enhance the work experience. You can see the lists of the Windows 11 Group Policy settings in this post.

How to get Windows 11? Microsoft released different editions of Windows 11 ISOs (Consumer and Business). You can download the Windows 11 ISO directly from the Microsoft Software Download website. You don’t have to log in to download the ISO. To get the details about the latest version of the Windows 11 ISO download (production version), Latest Windows 11 ISO Ready to Download Production Version.

The devices should meet the Windows 11 minimum requirements for Windows 11 upgrade. You can check for compatibility using the PC Health Check app to see if your current PC meets the minimum system requirements to run Windows 11. You have to download the Windows 11 PC Health Check App from the Microsoft site.

Patch My PC

Here let’s explore the lists of Windows 11 Group Policy, If you are looking to get Group Policy settings added in Windows 10, version 21H1, and earlier. The best way to find the list of policies from the blog post below – 

List of Windows 11 Group Policy Settings
List of Windows 11 Group Policy Settings

List of Windows 11 Group Policy Settings

The following Windows 11 Group Policy Settings lists for computer and user configurations are included in the Administrative template files (.admx and .adml) delivered with Windows 11. We will try to keep the list up to date with the latest Windows 11 Group Policy.

Location Policy Path Policy Setting Name
Machine Control Panel\PersonalizationPrevent lock screen background motion
Machine Control Panel\Regional and Language OptionsRestrict Language Pack and Language Feature Installation
Machine MS Security GuideLimits print driver installation to Administrators
Machine Network\DNS ClientConfigure DNS over HTTPS (DoH) name resolution
Machine PrintersEnable Device Control Printing Restrictions
Machine PrintersList of Approved USB-connected print devices
Machine Start Menu and TaskbarShow or hide “Most used” list from Start menu
Machine Start Menu and Taskbar\NotificationsEnables group policy for the WNS FQDN
Machine System\Device Installation\Device Installation RestrictionsApply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria
Machine System\Filesystem\NTFSEnable NTFS non-paged pool usage
Machine System\Filesystem\NTFSNTFS default tier
Machine System\Filesystem\NTFSNTFS parallel flush threshold
Machine System\Filesystem\NTFSNTFS parallel flush worker threads
Machine System\KerberosAllow retrieving the cloud kerberos ticket during the logon
Machine System\Net Logon\DC Locator DNS RecordsUse lowercase DNS host names when registering domain controller SRV records
Machine System\Security Account ManagerConfigure validation of ROCA-vulnerable WHfB keys during authentication
MachineWindows Components\App Package DeploymentArchive infrequently used apps
MachineWindows Components\App Package DeploymentNot allow sideloaded apps to auto-update in the background
MachineWindows Components\App Package DeploymentNot allow sideloaded apps to auto-update in the background on a metered network
MachineWindows Components\App PrivacyLet Windows apps take screenshots of various windows or displays
MachineWindows Components\App PrivacyLet Windows apps turn off the screenshot border
MachineWindows Components\ChatConfigures the Chat icon on the taskbar
MachineWindows Components\Cloud ContentTurn off cloud consumer account state content
MachineWindows Components\Data Collection and Preview BuildsDisable OneSettings Downloads
MachineWindows Components\Data Collection and Preview BuildsEnable OneSettings Auditing
MachineWindows Components\Data Collection and Preview BuildsLimit Diagnostic Log Collection
MachineWindows Components\Data Collection and Preview BuildsLimit Dump Collection
MachineWindows Components\Human PresenceForce Instant Lock
MachineWindows Components\Human PresenceForce Instant Wake
MachineWindows Components\Human PresenceLock Timeout
MachineWindows Components\Internet ExplorerReplace JScript by loading JScript9Legacy in place of JScript via MSHTML/WebOC.
MachineWindows Components\Microsoft Defender AntivirusConfigure scheduled task times randomization window
MachineWindows Components\Microsoft Defender AntivirusDefine the directory path to copy support log files
MachineWindows Components\Microsoft Defender Antivirus\Device ControlDefine device control policy groups
MachineWindows Components\Microsoft Defender Antivirus\Device ControlDefine device control policy rules
MachineWindows Components\Microsoft Defender Antivirus\ExclusionsIp Address Exclusions
MachineWindows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network ProtectionThis settings controls whether Network Protection is allowed to be configured into block or audit mode on Windows Server.
MachineWindows Components\Microsoft Defender Antivirus\Network Inspection SystemThis setting controls datagram processing for network protection.
MachineWindows Components\Microsoft Defender Antivirus\Real-time ProtectionTurn on script scanning
MachineWindows Components\Microsoft Defender Antivirus\Security Intelligence UpdatesAllows Microsoft Defender Antivirus to update and communicate over a metered connection.
MachineWindows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource RedirectionAllow UI Automation redirection
MachineWindows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource RedirectionDo not allow location redirection
MachineWindows Components\Tenant RestrictionsCloud Policy Details
MachineWindows Components\WidgetsAllow widgets
MachineWindows Components\Windows Hello for BusinessUse cloud trust for on-premises authentication
MachineWindows Components\Windows SandboxAllow audio input in Windows Sandbox
MachineWindows Components\Windows SandboxAllow clipboard sharing with Windows Sandbox
MachineWindows Components\Windows SandboxAllow networking in Windows Sandbox
MachineWindows Components\Windows SandboxAllow printer sharing with Windows Sandbox
MachineWindows Components\Windows SandboxAllow vGPU sharing for Windows Sandbox
MachineWindows Components\Windows SandboxAllow video input in Windows Sandbox
MachineWindows Components\Windows Update\Manage updates offered from Windows Server Update ServiceSpecify source service for specific classes of Windows Updates
UserAutoSubscriptionEnable auto-subscription
UserControl Panel\PrintersEnable Device Control Printing Restrictions
UserControl Panel\PrintersList of Approved USB-connected print devices
UserControl Panel\Regional and Language OptionsRestrict Language Pack and Language Feature Installation
UserStart Menu and TaskbarShow or hide “Most used” list from Start menu
UserWindows Components\Cloud ContentTurn off Spotlight collection on Desktop
UserWindows Components\IMEConfigure Korean IME version
UserWindows Components\Internet ExplorerReplace JScript by loading JScript9Legacy in place of JScript via MSHTML/WebOC.
Windows 11 Group Policy Settings

List of Windows 11 Group Policy Settings

1E Nomad

We will try to keep the list up to date with the latest Windows 11 Group Policy. If you want to share your experience while using Windows 11 Group Policy, you can let us update in the comment section below.

Author

About Author -> Jitesh has over 5 years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus area is Windows 10 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.