PDE CSP
The Personal Data Encryption (PDE) configuration service provider (CSP) is used by the enterprise to protect data confidentiality of PCs and devices. This CSP was added in Windows 11, version 22H2.
The following list shows the PDE configuration service provider nodes:
- ./User/Vendor/MSFT/PDE
EnablePersonalDataEncryption
| Scope | Editions | Applicable OS |
|---|---|---|
| ❌ Device ✅ User |
❌ Pro ✅ Enterprise ✅ Education ❌ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC |
✅ Windows 11, version 22H2 [10.0.22621] and later |
./User/Vendor/MSFT/PDE/EnablePersonalDataEncryption
Allows the Admin to enable Personal Data Encryption. Set to '1' to set this policy.
The UserDataProtectionManager Class public API allows the applications running as the user to encrypt data as soon as this policy is enabled. However, prerequisites must be met for PDE to be enabled.
Description framework properties:
| Property name | Property value |
|---|---|
| Format | int |
| Access Type | Add, Delete, Get, Replace |
Allowed values:
| Value | Description |
|---|---|
| 0 | Disable Personal Data Encryption. |
| 1 | Enable Personal Data Encryption. |
Status
| Scope | Editions | Applicable OS |
|---|---|---|
| ❌ Device ✅ User |
❌ Pro ✅ Enterprise ✅ Education ❌ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC |
✅ Windows 11, version 22H2 [10.0.22621] and later |
./User/Vendor/MSFT/PDE/Status
Reports the current status of Personal Data Encryption (PDE) for the user.
- If prerequisites of PDE aren't met, then the status will be 0.
- If all prerequisites are met for PDE, then PDE will be enabled and status will be 1.
Description framework properties:
| Property name | Property value |
|---|---|
| Format | node |
| Access Type | Get |
Status/PersonalDataEncryptionStatus
| Scope | Editions | Applicable OS |
|---|---|---|
| ❌ Device ✅ User |
❌ Pro ✅ Enterprise ✅ Education ❌ Windows SE ✅ IoT Enterprise / IoT Enterprise LTSC |
✅ Windows 11, version 22H2 [10.0.22621] and later |
./User/Vendor/MSFT/PDE/Status/PersonalDataEncryptionStatus
This node reports the current state of Personal Data Encryption for a user. '0' means disabled. '1' means enabled.
Description framework properties:
| Property name | Property value |
|---|---|
| Format | int |
| Access Type | Get |