Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
Windows Mobile Developer Center
Click to Rate and Give Feedback
MSDN
MSDN Library
Windows Mobile
Windows Mobile 5.0
Native Code
Security Policies
 Default Security Policy Settings fo...

  Switch on low bandwidth view
Windows Mobile Version 5.0 SDK
Default Security Policy Settings for Windows Mobile-Based Devices
Send Feedback

The following topics shows the default security policy settings:

Default Security Policy Settings for Windows Mobile-based Pocket PC

The following code shows the default security policy settings for Windows Mobile-based Pocket PC:

; AutoRun Policy
; Value: 0 - Applications on a CF card are allowed to auto-run
;[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
;    "00000002"=dword:0

; RAPI Policy
; Value: 2 - RAPI calls in restricted mode
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001001"=dword:2

; Unsigned cabs role
; (default: SECROLE_USERAUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001005"=dword:10

; Unsigned Applications Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001006"=dword:1

; UNAUTHENTICATED role is used for processing Homescreens
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001007"=dword:40

; TPS Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001008"=dword:1

; Message Authentication Retry Number Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001009"=dword:3

; WAP Signed Message Policy
; (default: SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED | SECROLE_OPERATOR_TPS)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100b"=dword:c80

; SL Message Policy
; (default: SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100c"=dword:800

; SI Message Policy
; (default: SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100d"=dword:c00

; Unauthenticated Message Policy
; Value: 64 - USER_UNAUTH
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100e"=dword:40

; OTA Provisioning Policy
; (default: OPERATOR_TPS | SECROLE_PPG_TRUSTED | SECROLE_PPG_AUTH | SECROLE_TRUSTED_PPG | USER_AUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100f"=dword:e90

; WSP Push Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001011"=dword:1

; Grant Manager Policy
; (default: OPERATOR_TPS for phone skus; USER_AUTH for non-phone skus)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
IF SKUTYPE=PHONESKU
    "00001017"=dword:80
ENDIF ; SKUTYPE=PHONESKU
IF SKUTYPE=PHONESKU !
    "00001017"=dword:10
ENDIF ; SKUTYPE=PHONESKU !

; Grant User Auth Policy
; (default: USER_AUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001018"=dword:10

; Trust WAP Proxy Policy
; (default: OPERATOR | OPERATOR_TPS | MANAGER)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001019"=dword:8c

; Unsigned Prompt Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000101a"=dword:0

; Privileged Apps Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000101b"=dword:1

; DRM Security Policy
; (default SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001021"=dword:c00

Default Security Policy Settings for Windows Mobile-based Smartphone

The following code shows the default security policy settings for Windows Mobile-based Smartphone:

; RAPI Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001001"=dword:2

; Unsigned cabs role
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001005"=dword:10

; Unsigned Applications Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001006"=dword:1

; UNAUTHENTICATED role is used for processing Homescreens
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001007"=dword:40

; TPS Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001008"=dword:1

; Message Authentication Retry Number Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001009"=dword:3

; WAP Signed Message Policy
; (default: SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED | SECROLE_OPERATOR_TPS)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100b"=dword:c80

; SL Message Policy
; (default: SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100c"=dword:800

; SI Message Policy
; (default: SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100d"=dword:c00

; Unauthenticated Message Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100e"=dword:40

; OTA Provisioning Policy
; (default:  OPERATOR_TPS | SECROLE_PPG_TRUSTED | SECROLE_PPG_AUTH | SECROLE_TRUSTED_PPG | USER_AUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "0000100f"=dword:e90

; WSP Push Policy
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001011"=dword:1

; Grant Manager Policy
; (default: OPERATOR_TPS)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001017"=dword:80

; Grant User Auth Policy
; (default: USER_AUTH)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001018"=dword:10

; Trust WAP Proxy Policy
; (default: OPERATOR | OPERATOR_TPS | MANAGER)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001019"=dword:8c

; Unsigned Prompt Policy
;If the registry value is not present, the behavior is the same as setting the value to 0 (zero).

; Privileged Apps Policy
;If the registry value is not present, the behavior is the same as setting the value to 0 (zero).

; DRM Security Policy
; (default SECROLE_PPG_AUTH | SECROLE_PPG_TRUSTED)
[HKEY_LOCAL_MACHINE\Security\Policies\Policies]
    "00001021"=dword:c00

See Also

Security Policies | Security Policy Settings | Security Roles | Metabase Configuration Service Provider


Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.


© 2009 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
Page view tracker