Configure Security Policy for Scripted Diagnostics

This policy setting determines whether scripted diagnostics will execute diagnostic packages that are signed by untrusted publishers.

If you enable this policy setting, the scripted diagnostics execution engine validates the signer of any diagnostic package and runs only those signed by trusted publishers.

If you disable or do not configure this policy setting, the scripted diagnostics execution engine runs all digitally signed packages.

Supported on: At least Windows 7

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics
Value NameValidateTrust
Value TypeREG_DWORD
Enabled Value1
Disabled Value0

sdiageng.admx

Administrative Templates (Computers)

Administrative Templates (Users)