Windows Modern Desktop Profile Configurations
Add configurations to profiles to push settings to devices. The tables below show the configurations available for this platform.
Important: Azure AD devices that support many user accounts
update user information whenever the device checks in. If you push a profile
configuration for a user rather than a device, the profile is only pushed when
it detects that the user is active on the device.
Security
| Configuration | Description |
|---|---|
| Authentication | Enforces administrator and user password policies. |
| BitLocker | Configures BitLocker encryption of Windows Modern devices. |
| Certificates: Client PFX | Distributes Client PFX certificates to your devices. |
| Certificates: Root | Distributes Root certificates to your devices. |
| SCEP | Configures devices to obtain certificates from a Simple Certificate Enrollment Protocol (SCEP) server. |
| Security Baseline: CIS Benchmarks | Configures Center for Internet Security (CIS) settings to enhance the security of Windows Modern devices. |
| Security Baseline: Microsoft | Configures Microsoft-recommended settings to enhance the security of Windows Modern devices. |
| Windows Defender | Configures antivirus settings for your Windows Modern device. |
Restrictions
| Configuration | Description |
|---|---|
| Application Run Control | Restricts applications that can operate on your devices. |
| Edge Browser | Configure Edge browser properties on Windows Modern devices |
| Feature Control | Disables specific device features such as camera, Bluetooth, and others. |
| Firewall | Configures advanced firewall policies to filter or reroute network traffic. Note: This functionality is not supported
for AMAPI-enrolled devices.
|
| Multi-App Kiosk Mode | Configures custom multi-app kiosk display settings for your devices. |
| Single-App Kiosk Mode | Configures custom single-app kiosk display settings for your devices. |
| Lockdown | Using the Configuration | Configures custom kiosk display settings for your devices. |
| Unified Write Filter | Configures Unified Write Filter on Windows Modern devices to protect system drives. |
| Web Content Filter | Specifies a content filtering service to restrict and manage user website access. |
| Windows Information Protection | Use the Windows Information Protection (WIP) profile configuration to manage access to corporate data on your devices. |
Connectivity
| Configuration | Description |
|---|---|
| APN | Configures Access Point Name (APN) settings for your devices. Restriction: This functionality is
not supported for AMAPI-enrolled devices. |
| Modern VPN: VPN Native Profile | Configures VPN account settings for your devices using the Native profile. |
| Modern VPN: VPN Plugin Profile | Configures VPN account settings for your devices using the Plugin profile. |
| SOTI VPN | Configuration Details | Configures SOTI VPN service settings. |
| Wi-Fi | Configures Wi-Fi settings on your devices. |
Email, Contacts, & Calendars
| Configuration | Description |
|---|---|
| Email: Exchange for Gmail: Exchange Active Sync | Configures Exchange Active Sync email account settings for your devices. |
| Email: Exchange for Gmail: IMAP | Configures IMAP email account settings for your devices. |
| Email: Exchange for Gmail: POP3 | Configures POP3 email account settings for your devices. |
| Local Users | Adds Local users to your devices. |
| Reboot | Configures restart schedule for your devices. |
| SOTI Identity Login | Allows users to use SOTI Identity for authentication. |
| Task Scheduler | Configures schedules for executing device scripts. |