deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-29 13:47:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'main' into sheshachary-5714481

Browse Source
This commit is contained in:
Shesh 2022-03-23 10:36:45 +05:30 committed by GitHub
commit 0e08672ee4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 10 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/client-management/mdm/configuration-service-provider-reference.md
View File

@ -1091,7 +1091,7 @@ The following list shows the CSPs supported in HoloLens devices:
| [CertificateStore CSP](certificatestore-csp.md) | Yes | Yes| Yes | | [CertificateStore CSP](certificatestore-csp.md) | Yes | Yes| Yes |
| [ClientCertificateInstall CSP](clientcertificateinstall-csp.md) | No | Yes | Yes | | [ClientCertificateInstall CSP](clientcertificateinstall-csp.md) | No | Yes | Yes |
| [DevDetail CSP](devdetail-csp.md) | Yes | Yes | Yes | | [DevDetail CSP](devdetail-csp.md) | Yes | Yes | Yes |
| [DeveloperSetup CSP](developersetup-csp.md) | No | Yes (runtime provisioning via provisioning packages only; no MDM support)| Yes | | [DeveloperSetup CSP](developersetup-csp.md) | No | Yes (runtime provisioning via provisioning packages only; no MDM support)| Yes (runtime provisioning via provisioning packages only; no MDM support) |
| [DeviceManageability CSP](devicemanageability-csp.md) | No | No | Yes | | [DeviceManageability CSP](devicemanageability-csp.md) | No | No | Yes |
| [DeviceStatus CSP](devicestatus-csp.md) | No | Yes | Yes | | [DeviceStatus CSP](devicestatus-csp.md) | No | Yes | Yes |
| [DevInfo CSP](devinfo-csp.md) | Yes | Yes | Yes | | [DevInfo CSP](devinfo-csp.md) | Yes | Yes | Yes |

5
windows/client-management/mdm/policy-configuration-service-provider.md
View File

@ -70,7 +70,7 @@ Policy
<p>Supported operation is Get. <p>Supported operation is Get.
<a href="" id="policy-config"></a>**Policy/Config** <a href="" id="policy-config"></a>**Policy/Config**
<p>Node for grouping all policies configured by one source. The configuration source can use this path to set policy values and later query any policy value that it previously set. One policy can be configured by multiple configuration sources. If a configuration source wants to query the result of conflict resolution (for example, if Exchange and MDM both attempt to set a value) the configuration source can use the Policy/Result path to retrieve the resulting value. <p>Node for grouping all policies configured by one source. The configuration source can use this path to set policy values and later query any policy value that it previously set. One policy can be configured by multiple configuration sources. If a configuration source wants to query the result of conflict resolution (for example, if Exchange and MDM both attempt to set a value,) the configuration source can use the Policy/Result path to retrieve the resulting value.
<p>Supported operation is Get. <p>Supported operation is Get.
@ -8360,9 +8360,6 @@ dfsdiscoverdc">ADMX_DFS/DFSDiscoverDC</a>
<dd> <dd>
<a href="./policy-csp-search.md#search-disableremovabledriveindexing" id="search-disableremovabledriveindexing">Search/DisableRemovableDriveIndexing</a> <a href="./policy-csp-search.md#search-disableremovabledriveindexing" id="search-disableremovabledriveindexing">Search/DisableRemovableDriveIndexing</a>
</dd> </dd>
<dd>
<a href="./policy-csp-search.md#search-disablesearch" id="search-disablesearch">Search/DisableSearch</a>
</dd>
<dd> <dd>
<a href="./policy-csp-search.md#search-donotusewebresults" id="search-donotusewebresults">Search/DoNotUseWebResults</a> <a href="./policy-csp-search.md#search-donotusewebresults" id="search-donotusewebresults">Search/DoNotUseWebResults</a>
</dd> </dd>

57
windows/client-management/mdm/policy-csp-search.md
View File

@ -57,9 +57,6 @@ manager: dansimp
<dd> <dd>
<a href="#search-disableremovabledriveindexing">Search/DisableRemovableDriveIndexing</a> <a href="#search-disableremovabledriveindexing">Search/DisableRemovableDriveIndexing</a>
</dd> </dd>
<dd>
<a href="#search-disablesearch">Search/DisableSearch</a>
</dd>
<dd> <dd>
<a href="#search-donotusewebresults">Search/DoNotUseWebResults</a> <a href="#search-donotusewebresults">Search/DoNotUseWebResults</a>
</dd> </dd>
@ -632,58 +629,6 @@ The following list shows the supported values:
<hr/> <hr/>
<!--Policy-->
<a href="" id="search-disablesearch"></a>**Search/DisableSearch**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|No|Yes|
|Business|No|Yes|
|Enterprise|No|Yes|
|Education|No|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
This policy setting completely disables Search UI and all its entry points such as keyboard shortcuts and touch-pad gestures.
It removes the Search button from the Taskbar and the corresponding option in the Settings. It also disables type-to-search in the Start menu and removes the Start menu's search box.
<!--/Description-->
<!--ADMXMapped-->
ADMX Info:
- GP Friendly name: *Fully disable Search UI*
- GP name: *DisableSearch*
- GP path: *Windows Components/Search*
- GP ADMX file name: *Search.admx*
<!--/ADMXMapped-->
<!--SupportedValues-->
The following list shows the supported values:
- 0 (default) Do not disable search.
- 1 Disable search.
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
<!--Policy--> <!--Policy-->
<a href="" id="search-donotusewebresults"></a>**Search/DoNotUseWebResults** <a href="" id="search-donotusewebresults"></a>**Search/DoNotUseWebResults**
@ -816,7 +761,7 @@ The following list shows the supported values:
<!--/Scope--> <!--/Scope-->
<!--Description--> <!--Description-->
If enabled, clients will be unable to query this computer's index remotely. Thus, when they are browsing network shares that are stored on this computer, they will not search them using the index. If disabled, client search requests will use this computer's index. If enabled, clients will be unable to query this computer's index remotely. Thus, when they are browsing network shares that are stored on this computer, they will not search them using the index. If disabled, client search requests will use this computer's index..
<!--/Description--> <!--/Description-->
<!--ADMXMapped--> <!--ADMXMapped-->

7
windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
View File

@ -6,7 +6,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library ms.sitesec: library
ms.pagetype: security ms.pagetype: security
author: dansimp author: dansimp
ms.date: 09/23/2021 ms.date: 03/22/2022
ms.reviewer: ms.reviewer:
manager: dansimp manager: dansimp
ms.author: dansimp ms.author: dansimp
@ -29,6 +29,9 @@ The credentials are placed in Credential Manager as a "\*Session" credential.
A "\*Session" credential implies that it is valid for the current user session. A "\*Session" credential implies that it is valid for the current user session.
The credentials are also cleaned up when the WiFi or VPN connection is disconnected. The credentials are also cleaned up when the WiFi or VPN connection is disconnected.
> [!NOTE]
> In Windows 10, version 21h2 and later, the "\*Session" credential is not visible in Credential Manager.
For example, if someone using Microsoft Edge tries to access a domain resource, Microsoft Edge has the right Enterprise Authentication capability. This allows [WinInet](/windows/win32/wininet/wininet-reference) to release the credentials that it gets from the Credential Manager to the SSP that is requesting it. For example, if someone using Microsoft Edge tries to access a domain resource, Microsoft Edge has the right Enterprise Authentication capability. This allows [WinInet](/windows/win32/wininet/wininet-reference) to release the credentials that it gets from the Credential Manager to the SSP that is requesting it.
For more information about the Enterprise Authentication capability, see [App capability declarations](/windows/uwp/packaging/app-capability-declarations). For more information about the Enterprise Authentication capability, see [App capability declarations](/windows/uwp/packaging/app-capability-declarations).
@ -93,4 +96,4 @@ Domain controllers must have appropriate KDC certificates for the client to trus
Domain controllers must be using certificates based on the updated KDC certificate template Kerberos Authentication. Domain controllers must be using certificates based on the updated KDC certificate template Kerberos Authentication.
This requires that all authenticating domain controllers run Windows Server 2016, or you'll need to enable strict KDC validation on domain controllers that run previous versions of Windows Server. This requires that all authenticating domain controllers run Windows Server 2016, or you'll need to enable strict KDC validation on domain controllers that run previous versions of Windows Server.
For more information, see [Enabling Strict KDC Validation in Windows Kerberos](https://www.microsoft.com/download/details.aspx?id=6382). For more information, see [Enabling Strict KDC Validation in Windows Kerberos](https://www.microsoft.com/download/details.aspx?id=6382).

4
windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md
View File

@ -14,7 +14,7 @@ author: jgeurten
ms.reviewer: jsuther1974 ms.reviewer: jsuther1974
ms.author: dansimp ms.author: dansimp
manager: dansimp manager: dansimp
ms.date: 11/29/2021 ms.date: 03/22/2022
ms.technology: windows-sec ms.technology: windows-sec
--- ---
@ -26,7 +26,7 @@ In this article we explain:
1. File Rule Precedence Order 1. File Rule Precedence Order
2. Adding Allow Rules 2. Adding Allow Rules
3. Singe Policy Considerations 3. Single Policy Considerations
4. Multiple Policy Considerations 4. Multiple Policy Considerations
5. Best Practices 5. Best Practices
6. Tutorial 6. Tutorial