Policy
Certificate Deployment via Controlled Feature Rollout
Microsoft Windows
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2012, WindowsServer2012R2, WindowsServer2016
For enterprises that desire assistance in deploying the new Secure Boot certificates to their devices, this setting can be enabled. Note: The device must be sending required diagnostic data to Microsoft to use this feature. For more information, see: https://aka.ms/GetSecureBoot
Internal name
SecureBoot_MicrosoftUpdateManagedOptIn
Policy ID
34b0b01ee3fc
Elements
0
Registry values
How enabled and disabled states update the registry.
| Scope | Registry location | Type | Enabled value | Disabled value | Copy |
|---|---|---|---|---|---|
| Computer | Path SYSTEM\CurrentControlSet\Control\SecureBoot Value name MicrosoftUpdateManagedOptIn | REG_DWORD | HKLM 22852 | HKLM 0 |
Registry location
Path
SYSTEM\CurrentControlSet\Control\SecureBoot
Value name
MicrosoftUpdateManagedOptIn
Hive
HKLM
Enabled value
22852
Disabled value
0
Policy elements
Inputs and configuration options exposed by this policy.
This policy has no additional user input fields.