Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The following topics shows the default security policy settings:
- Default Security Policy Settings for Windows Mobile-based Pocket PC
- Default Security Policy Settings for Windows Mobile-based Smartphone
Default Security Policy Settings for Windows Mobile-based Pocket PC
The following code shows the default security policy settings for Windows Mobile-based Pocket PC:
; AutoRun Policy
; Value: 0 - Applications on a CF card are allowed to auto-run
;[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
; "00000002"=dword:0
; RAPI Policy
; Value: 2 - RAPI calls in restricted mode
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001001"=dword:2
; Unsigned cabs role
; (default: SECROLE_USERAUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001005"=dword:10
; Unsigned Applications Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001006"=dword:1
; UNAUTHENTICATED role is used for processing Homescreens
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001007"=dword:40
; TPS Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001008"=dword:1
; Message Authentication Retry Number Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001009"=dword:3
; WAP Signed Message Policy
; (default: SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED | SECROLE_OPERATOR_TPS)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100b"=dword:c80
; SL Message Policy
; (default: SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100c"=dword:800
; SI Message Policy
; (default: SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100d"=dword:c00
; Unauthenticated Message Policy
; Value: 64 - USER_UNAUTH
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100e"=dword:40
; OTA Provisioning Policy
; (default: OPERATOR_TPS | SECROLE_PPG_TRUSTED | SECROLE_PPG_AUTH | SECROLE_TRUSTED_PPG | USER_AUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100f"=dword:e90
; WSP Push Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001011"=dword:1
; Grant Manager Policy
; (default: OPERATOR_TPS for phone skus; USER_AUTH for non-phone skus)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
IF SKUTYPE=PHONESKU
"00001017"=dword:80
ENDIF ; SKUTYPE=PHONESKU
IF SKUTYPE=PHONESKU !
"00001017"=dword:10
ENDIF ; SKUTYPE=PHONESKU !
; Grant User Auth Policy
; (default: USER_AUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001018"=dword:10
; Trust WAP Proxy Policy
; (default: OPERATOR | OPERATOR_TPS | MANAGER)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001019"=dword:8c
; Unsigned Prompt Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000101a"=dword:0
; Privileged Apps Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000101b"=dword:1
; DRM Security Policy
; (default SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001021"=dword:c00
Default Security Policy Settings for Windows Mobile-based Smartphone
The following code shows the default security policy settings for Windows Mobile-based Smartphone:
; RAPI Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001001"=dword:2
; Unsigned cabs role
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001005"=dword:10
; Unsigned Applications Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001006"=dword:1
; UNAUTHENTICATED role is used for processing Homescreens
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001007"=dword:40
; TPS Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001008"=dword:1
; Message Authentication Retry Number Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001009"=dword:3
; WAP Signed Message Policy
; (default: SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED | SECROLE_OPERATOR_TPS)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100b"=dword:c80
; SL Message Policy
; (default: SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100c"=dword:800
; SI Message Policy
; (default: SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100d"=dword:c00
; Unauthenticated Message Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100e"=dword:40
; OTA Provisioning Policy
; (default: OPERATOR_TPS | SECROLE_PPG_TRUSTED | SECROLE_PPG_AUTH | SECROLE_TRUSTED_PPG | USER_AUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"0000100f"=dword:e90
; WSP Push Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001011"=dword:1
; Grant Manager Policy
; (default: OPERATOR_TPS)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001017"=dword:80
; Grant User Auth Policy
; (default: USER_AUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001018"=dword:10
; Trust WAP Proxy Policy
; (default: OPERATOR | OPERATOR_TPS | MANAGER)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001019"=dword:8c
; Unsigned Prompt Policy
;If the registry value is not present, the behavior is the same as setting the value to 0 (zero).
; Privileged Apps Policy
;If the registry value is not present, the behavior is the same as setting the value to 0 (zero).
; DRM Security Policy
; (default SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
"00001021"=dword:c00
See Also
Security Policies | Security Policy Settings | Security Roles | Metabase Configuration Service Provider
Send Feedback on this topic to the authors