This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 56.00000000000001%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBH%3C/text%3E%3C/svg%3E)
I am trying to do some ADMX Ingestion for the first time and I am hoping someone can help verify my process. From my understand reading many docs pages and blog posts this is what I have come up with. I am basing this all on Biometrics.admx available in standard windows install.
First, there needs to a Custom policy that contains the policy definition. It has in it:
OMA-URI - ./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Biometrics/Policy/Biometricsadmx
Data Type - String
Value - Full contents of Biometrics.admx
Second, there needs to be a Custom policy that contains the actual settings you want to apply. I am trying to recreate this GPO:
I have created three settings:
Any help verifying my settings is appreciated. The construction of the OMA-URI string isn't obvious to me. The value I am not sure to put enabled or just 1. Thanks.
Brian Hoyt
Dir of IT
French American School of Puget Sound
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 42%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELP%3C/text%3E%3C/svg%3E)
Did you eventually find out how to setup those settings?
I'm trying to do the same, but the policy definition can't be applied because the regkey "software\policies\microsoft\biometrics" is locked (ID event 850, 865 and 404)
Thank you
Luca
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 66%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Hi Brian,
I know it is difficult to verify if your OMA-URI settings are correct. What helped me a lot was the fact that the ingested ADMX is stored in the registry of a device where it is deployed to in:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\AdmxDefault
And I copied the registry paths of the settings and used them in the OMA-URI after
./Device/Vendor/MSFT/Policy/Config/
(Change \ to /)
./Device/Vendor/MSFT/Policy/Config/microsoft_edge~Policy~microsoft_edge_recommended/AutofillAddressEnabled_recommended
I hope that helps
Sascha
Thanks, that is a really good way to figure it out. It is an important detail left out of much documentation.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 84%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Here is the approximate process:
Step 1 - Download the ADMX files
Step 2 - Create the OMA-URI custom policy
Step 3 - Assign the policy to users
Here is the detailed guide, just for your reference and hope it helpful.
https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-ingesting-office-admx-backed-policies-using/ba-p/354824
The real catch there is Step 2. Step 1 and 3 are pretty easy but Step 2 is a lot of work.