1.5.1 Ensure 'Configure users ability to override feature flags' is set to 'Enabled: Prevent users from overriding feature flags'


This policy setting configures users ability to override state of feature flags. Feature flags are settings a team can define that indicate whether a given set of features is visible in the user experience and/or invoked within the functionality.

The recommended state for this setting is: Enabled: Prevent users from overriding feature flags.


Users ability to enter commands and to override programs should be limited at the CLI in order to prevent users from altering systems configurations. Additionally, Feature flags are not necessary for users, as they are used by the DevOps team during the development and experimental process.


It can be risky for experimental features to be allowed in an enterprise managed environment because this can introduce bugs and security holes into systems, making it easier for an attacker to gain access. It is generally preferred to only use production-ready features.


To establish the recommended configuration via GP, set the following UI path to Enabled: Prevent users from overriding feature flags:

Computer Configuration\Policies\Administrative Templates\Microsoft Edge\Experimentation\Configure users ability to override feature flags

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from: Download Microsoft Edge for Business - Microsoft.

Default Value:

Allow users to override feature flags.

See Also


Item Details


References: 800-53|CM-10, 800-53|CM-11, 800-53|SC-18, CSCv7|7.2

Plugin: Windows

Control ID: c58f2c62db222c2f7ffdf6f44b5e0a0a981ade5b8401d9b1e29859290b31b332