Information
This policy setting specifics whether device lock is enabled. when enabled, the following policy settings take effect on the system which are included in the Device Lock Section:
- AllowSimpleDevicePassword
- MinDevicePasswordLength
- AlphanumericDevicePasswordRequired
- MaxDevicePasswordFailedAttempts
- MaxInactivityTimeDeviceLock
- MinDevicePasswordComplexCharacters
The recommended state for this setting is: Enabled
This policy setting allows for the configuration of settings such as those contained in the password and device lock policy.
Solution
To establish the recommended configuration via configuration profiles, set the following Settings Catalog path to `3Enabled:
Device Lock\Device Password Enabled
Impact:
This setting is not supported if MDMWinsOverGP is enabled. MDMWinsOverGP is a setting that ensures MDM policies win over Active Directory Group Policies.