Category: At least Windows Server 2012, Windows 8 or Windows RT

Prevents users from changing the background image shown when the machine is locked. By default users can change the background image shown when the machine is locked. If you enable this setting the user will not be able to change their lock screen image and they will instead see the default image.

This policy setting controls whether the lock screen appears for users. If you enable this policy setting users that are not required to press CTRL + ALT + DEL before signing in will see their selected tile after locking their PC. If you disable or do not configure this policy setting users that are not required to press CTRL + ALT + DEL before signing in will see a lock screen after locking their PC. They must dismiss the lock screen using touch the keyboard or by dragging it with the mouse.

This policy setting lets you control whether Windows Store apps can open URIs using the default desktop app for a URI scheme. Because desktop apps run at a higher integrity level than Windows Store apps there is a risk that a URI scheme launched by a Windows Store app might compromise the system by launching a desktop app. If you enable this policy setting Windows Store apps cannot open URIs in the default desktop app for a URI scheme; they can open URIs only in other Windows Store apps. If you disable or do not configure this policy setting Windows Store apps can open URIs in the default desktop app for a URI scheme. Note: Enabling this policy setting does not block Windows Store apps from opening the default desktop app for the http https and mailto URI schemes. The handlers for these URI schemes are hardened against URI-based vulnerabilities from untrusted sources reducing the associated risk.

This policy setting lets you control whether Windows Store apps can open files using the default desktop app for a file type. Because desktop apps run at a higher integrity level than Windows Store apps there is a risk that a Windows Store app might compromise the system by opening a file in the default desktop app for a file type. If you enable this policy setting Windows Store apps cannot open files in the default desktop app for a file type; they can open files only in other Windows Store apps. If you disable or do not configure this policy setting Windows Store apps can open files in the default desktop app for a file type.

Allows or denies development of Windows Store applications without installing a developer license. If you enable this setting and enable the “Allow all trusted apps to install” Group Policy you can develop Windows Store apps without installing a developer license. If you disable or do not configure this setting you’ll need to install a developer license before you can develop Windows Store apps.

This policy setting allows you to manage the deployment of Windows Store apps when the user is signed in using a special profile. Special profiles are the following user profiles where changes are discarded after the user signs off:Roaming user profiles to which the “Delete cached copies of roaming profiles” Group Policy setting appliesMandatory user profiles and super-mandatory profiles which are created by an administratorTemporary user profiles which are created when an error prevents the correct profile from loadingUser profiles for the Guest account and members of the Guests groupIf you enable this policy setting Group Policy allows deployment operations (adding registering staging updating or removing an app package) of Windows Store apps when using a special profile. If you disable or do not configure this policy setting Group Policy blocks deployment operations of Windows Store apps when using a special profile.

This policy setting allows you to manage the installation of trusted line-of-business (LOB) Windows Store apps. If you enable this policy setting you can install any LOB Windows Store app (which must be signed with a certificate chain that can be successfully validated by the local computer). If you disable or do not configure this policy setting you cannot install LOB Windows Store apps.