How to configure Windows Phone 8.1 settings not available in the Configuration Manager console

~ Karan Rustagi | Support Escalation Engineer

This article discusses the process of configuring settings that are not configurable through the available Configuration Manager user interface (ConfigMgr 2012 R2). I’ll be using the method discussed here to manage the settings on mobile devices. If you want to see the complete list of policies that can be set on a device, read the Windows Phone 8.1 MDM protocol documentation at (Page 134-143)

In this example I am going to disable Cortana on a WP 8.1 device.

Area/Policy name


Supported Value

Value evaluation rule


Specify whether screen capture is allowed.

0 – not allowed

1 (default) – allowed

Most restricted value is 0

Step 1 - Create a Configuration Item:


Step2 - Configure additional settings:


Step 3 - Add a setting:


Step 4 - Create a custom setting:


Step 5 - Enter the details:

Setting type: OMA-URI

Data Type: Integer

OMA-URI: ./Vendor/MSFT/PolicyManager/My/Experience/AllowCortana


Step 6 - Search for newly created setting in previous step and select it:


Step 7 - Create a rule and enter a value of 0 to disable Cortana:


Step 8 - Configure supported platforms and complete the wizard:


Step 9 - Create a baseline and add the Configuration Item created in Step 1:


Step 10 - Deploy the Baseline created in Step 9 to a User collection. Do not forget to check the option ‘Remediate noncompliant rules when supported’.


Wait for Windows Phone to pull policies from Intune, or alternatively you can pull them manually via Workplace. Cortana should now be disabled.

Some other example policies:

System/AllowUserToResetPhone : Specify whether allow the user to factory reset the phone from setting control panel and hardware key combination.

Experience/AllowManualMDMUnenrollment : Specify whether allow the user to delete the workplace account via workplace control panel. The MDM server always could remotely delete the account.

Additional reading:

Karan Rustagi | Support Escalation Engineer | Microsoft GBS Management and Security Division

Get the latest System Center news on Facebook and Twitter:

clip_image001 clip_image002

System Center All Up:

Configuration Manager Support Team blog: 
Data Protection Manager Team blog: 
Orchestrator Support Team blog: 
Operations Manager Team blog: 
Service Manager Team blog: 
Virtual Machine Manager Team blog:

Microsoft Intune:
WSUS Support Team blog:
The RMS blog:
App-V Team blog:
MED-V Team blog:
Server App-V Team blog:
The Surface Team blog:
The Application Proxy blog:

The Forefront Endpoint Protection blog :
The Forefront Identity Manager blog :
The Forefront TMG blog:
The Forefront UAG blog:

Comments (1)
  1. shaun says:

    It’s good to see these extra configurations can be easily added – however, if you already know the required OMA-URI values, why can’t these just be added to the console as part of the next CU?

Comments are closed.

Skip to main content