Subscribe to Help Center RSS FeedSome policies you create provide a list of options for you to specify, enable, or disable. For example, when you create a policy for Window devices to control when the screen saver locks down an inactive device, you need to also configure the timeout in seconds.
Specific policies have nuances that are important to note as you apply them to your fleet. For example, after applying a Windows policy, it may take 5-10 minutes for the policy update process to run. We recommend that you reference the article for a specific policy if you have concerns.
Below is a list of all Windows policies in JumpCloud. Specific instructions for more nuanced policies are linked in the Learn More column. If a Learn More article isn't listed, you can use the basic steps in Get Started: Policies for help.
Windows Policies
| Policy Name | Description | Category | Learn More |
|---|---|---|---|
| Advanced: Custom Registry Keys | Manage the specific registry keys you need all in one place, and easily see which devices have the registry changes applied. | Enterprise Settings, Configuration | Create Your Own Windows Policy Using Registry Keys |
| Allow System To Be Shutdown Without Having To Logon | Ensure the device is able to be shut down from the log on screen. | Enterprise Settings | |
| Allow The Use of Biometrics | Allow or restrict users from logging in to a managed device using biometrics. Note: JumpCloud doesn’t allow the use of Multi-Factor Authentication (MFA) and biometrics simultaneously. | Security, Compliance | Manage Windows Biometrics Using a Policy |
| Allow Use Of Camera | Control access to the camera on the device. | Enterprise Settings, Security | |
| BitLocker Full Disk Encryption | Enable and enforce BitLocker Full Disk Encryption for JumpCloud-managed devices. The BitLocker policy also lets admins easily view Recovery Keys for Windows devices that have this policy applied. | Enterprise Settings, Security | BitLocker Policy |
| Block Microsoft Accounts | Manage the ability to add or log in with Microsoft Accounts. | Enterprise Settings, Compliance | |
| Built-in Administrator Account Status | Disable or enable the built-in administrator account. | Enterprise Settings, Compliance | |
| Built-in Guest Account Status | Disable or enable the built-in guest account. | Enterprise Settings, Compliance | |
| Configure Explorer | Configure the behavior of Explorer in Windows. | Enterprise Settings, Configuration | |
| Configure Help | Configure the behavior of Help in Windows. | Enterprise Settings, Configuration | |
| Configure QoS | Configure the behavior of QoS in Windows. | Enterprise Settings, Configuration | |
| Configure Windows Updates | Control when and how updates and upgrades are downloaded and installed. | Enterprise Settings, OS Management | Deploy Windows Updates to your Devices with Windows Update Policy |
| Control Panel Display | Set computer and user configurations to force a specific visual style on a Windows system. | Enterprise Settings, Configuration | Control Display Styles on a Windows System Using a Policy |
| Device Installation | Control the behavior of Device Installation in Windows. | Enterprise Settings, Security | |
| Disable Cortana | Control the behavior of Device Installation in Windows. | Enterprise Settings, Configuration | |
| Disable Windows Spotlight Features | Disable the device's ability to utilize Windows Spotlight. | Enterprise Settings, Security | |
| Disable Windows Store Application | Disable the device’s ability to launch the Windows Store application. | Enterprise Settings, Configuration | |
| Disable Windows Store & Universal Windows Platform Applications | Disable the device’s ability to launch Windows Store and all Universal Windows Platform Applications on the system. | Enterprise Settings, Configuration | |
| Display Configuration | Control the behavior of Displays in Windows. | Enterprise Settings, Configuration | |
| Display User Info When The Session Is Locked | Control visibility of logged-in user's information when the device is locked. | Enterprise Settings, Security | |
| DNS Client | Control the behavior of the DNS Client in Windows. | Enterprise Settings, Network | |
| Do Not Display Last Username on Logon Screen | Require a username and password before logging into a device. | Enterprise Settings, Security | |
| Do Not Require CTRL+ALT+DEL on logon screen | Require CTRL+ALT+DEL before logging into a system. | Enterprise Settings, Compliance | |
| Error Reporting | Control the behavior of Error Reporting in Windows. | Enterprise Settings, Compliance | |
| Event Logging | Control the behavior of Event Logging in Windows. | Enterprise Settings, Compliance | |
| FeedbackNotifications | Control the behavior of FeedbackNotifications in Windows. | Enterprise Settings, Configuration | |
| File Recovery | Control the behavior of File Recovery in Windows. | Enterprise Settings, Compliance | |
| FindMyDevice | Control the behavior of FindMyDevice in Windows. | Enterprise Settings, Security | |
| Globalization | Control the behavior of Globalization in Windows. | Enterprise Settings, Configuration | |
| Google Chrome Browser Preferences | Disable the use of some security-related features of Chrome, such as the use of password manager, data security and privacy, and browsing experience, while making sure that users have access to the sites they need to improve productivity and efficiency. | Enterprise Settings, Configuration | Manage Chrome Browser Preferences Using a Policy |
| JumpCloud App Controls | Control the behavior of the JumpCloud App on JumpCloud-managed Windows systems. | Remote Management, Configuration | |
| Lock Screen | Unattended devices that are still active with a user logged in create opportunities for unauthorized access to information and misuse of accounts. Lock inactive devices using JumpCloud's policy framework. | Security, Compliance | Creating a Lock Screen Policy for Windows Devices |
| Logon | Control the behavior of Logon in Windows. | Security, Compliance | |
| Message Text For Users Attempting To Log On | Specify a text message and title caption that is displayed to users when they log on. | Enterprise Settings, Configuration | |
| MicrosoftAccount | Control the behavior of MicrosoftAccount in Windows. | Enterprise Settings, Configuration | |
| Microsoft Edge | Control the behavior of Microsoft Edge on Windows 10. Note: This does not support the Microsoft Edge Chromium browser. | Enterprise Settings, Configuration | |
| Mobilepcmobilitycenter | Control the behavior of Mobilepcmobilitycenter in Windows. | Enterprise Settings, Configuration | |
| Mozilla Firefox Browser Preferences | Govern the use of Firefox, such as passwords, site and form history, data security by blocking autocomplete features, and the downloading experience. | Enterprise Settings, Configuration | Manage Firefox Browser Preferences Using a Policy |
| Msi | Control the behavior of MSI in Windows. | Enterprise Settings, Configuration | |
| Onedrive | Control the behavior of OneDrive in Windows. | Enterprise Settings, Configuration | |
| Performance Diagnostics | Control the behavior of Performance Diagnostics in Windows. | Enterprise Settings, Configuration | |
| Power Management | Control the behavior of Power in Windows. | Enterprise Settings, Configuration | |
| Remote Assistance | Control the behavior of Remote Assistance in Windows. | Remote Management, Configuration | |
| Remote Management | Control the behavior of Remote Management in Windows. | Remote Management, Configuration | |
| Remote Shell | Control the behavior of Remote Shell in Windows. | Remote Management, Configuration | |
| Removeable Storage | Control the behavior of Removable Storage in Windows. Deny all or specify which types of removable storage to deny. | Enterprise Settings, Security | Manage Removable Storage on Windows Devices |
| Rename Local Administrator Account | Rename the inbuilt Local Administrator account. | Enterprise Settings, Configuration | |
| Rename Local Guest Account | Rename the inbuilt Local Guest account. | Enterprise Settings, Configuration | |
| Restrict Control Panel Access | Restrict access to the panes of the Control Panel. | Enterprise Settings, Configuration | |
| Restrict Settings App Visibility | Restrict access to the pages of the UWP Settings Application. | Enterprise Settings, Configuration | |
| Sharing | Control the behavior of Sharing in Windows. | Enterprise Settings, Configuration | |
| Software Restrictions | Specify locations where applications can run or can’t run. | Enterprise Settings, Software Management | Restrict Software on Windows Devices Using a Policy |
| Start Menu | Control the behavior and preference settings for the Start Menu on Windows. | Enterprise Settings, Configuration | |
| Systemrestore | Control the behavior of Systemrestore in Windows. | Enterprise Settings, Configuration | |
| Turn Off Autoplay. | Disable the autoplay feature on all drives. | Enterprise Settings, Configuration | |
| Windows Defender | Control the behavior of Windows Defender in Windows. | Enterprise Settings, OS Management | |
| Windows Firewall | Control the behavior of Windows Firewall in Windows. | Enterprise Settings, OS Management | |
| Winmaps | Control the behavior of Winmaps in Windows. | Enterprise Settings, Configuration |
Back to Top
Learn More