Merge pull request #10635 from MicrosoftDocs/main

Publish main to live 02/25/2025, 10:30 AM
2025-05-12 13:27:23 +00:00 · 2025-02-25 12:07:18 -08:00 · 2025-02-25 12:07:18 -08:00 · 14cbe2c24f
commit 14cbe2c24f
parent b1ac25b679 7e3fc66405
30 changed files with 82 additions and 40 deletions
--- a/education/windows/suspcs/index.md
+++ b/education/windows/suspcs/index.md
@ -2,7 +2,7 @@
 title: Use Set up School PCs app
 description: Learn how to use the Set up School PCs app and apply the provisioning package.
 ms.topic: how-to
-ms.date: 07/09/2024
+ms.date: 02/25/2025
 appliesto:
  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
  - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 10</a>
--- a/windows/configuration/assigned-access/policy-settings.md
+++ b/windows/configuration/assigned-access/policy-settings.md
@ -2,7 +2,7 @@
 title: Assigned Access policy settings
 description: Learn about the policy settings enforced on a device configured with Assigned Access.
 ms.topic: reference
-ms.date: 10/31/2024
+ms.date: 02/25/2025
 ---
 # Assigned Access policy settings
@ -20,6 +20,7 @@ The following policy settings are applied at the device level when you deploy a
 | Type    | Path                                                                       | Name/Description                                                          |
 |---------|----------------------------------------------------------------------------|---------------------------------------------------------------------------|
 | **CSP** | `./Vendor/MSFT/Policy/Config/Settings/AllowOnlineTips`                     | Allow Online Tips                                                         |
 | **CSP** | `./Vendor/MSFT/Policy/Config/Experience/AllowCortana`                      | Disable Cortana                                                           |
 | **CSP** | `./Vendor/MSFT/Policy/Config/Start/AllowPinnedFolderDocuments`             | Disable Start documents icon                                              |
 | **CSP** | `./Vendor/MSFT/Policy/Config/Start/AllowPinnedFolderDownloads`             | Disable Start downloads icon                                              |
@ -45,8 +46,9 @@ The following policy settings are applied to targeted user accounts when you dep
 |---------|----------------------------------------------------------------------------------|-------------------------------------------------------------------|
 | **CSP** | `./User/Vendor/MSFT/Policy/Config/Start/DisableContextMenus`                     | Disable Context Menu for Start menu apps                          |
 | **CSP** | `./User/Vendor/MSFT/Policy/Config/Start/HidePeopleBar`                           | Hide People Bar from appearing on taskbar                         |
 | **CSP** | `./User/Vendor/MSFT/Policy/Config/Start/HideRecentlyAddedApps`                   | Hide recently added apps from appearing on the Start menu         |
 | **CSP** | `./User/Vendor/MSFT/Policy/Config/Start/HideRecentJumplists`                     | Hide recent jumplists from appearing on the Start menu/taskbar    |
 | **CSP** | `./User/Vendor/MSFT/Policy/Config/Start/HideRecentlyAddedApps`                   | Hide recently added apps from appearing on the Start menu         |
 | **CSP** | User Configuration\Administrative Templates\Windows Components\Windows Copilot   | Turn off Windows Copilot                                          |
 | **GPO** | User Configuration\Administrative Templates\Desktop                              | Hide and disable all items on the desktop                         |
 | **GPO** | User Configuration\Administrative Templates\Start Menu and Taskbar               | Clear history of recently opened documents on exit                |
 | **GPO** | User Configuration\Administrative Templates\Start Menu and Taskbar               | Disable showing balloon notifications as toasts                   |
@ -81,6 +83,7 @@ The following policy settings are applied to targeted user accounts when you dep
 | **GPO** | User Configuration\Administrative Templates\Windows Components\File Explorer     | Remove *Map network drive* and *Disconnect Network Drive*         |
 | **GPO** | User Configuration\Administrative Templates\Windows Components\File Explorer     | Remove File Explorer's default context menu                       |
 | **GPO** | User Configuration\Administrative Templates\Windows Components\Windows Copilot   | Turn off Windows Copilot                                          |
 | **GPO** | User Configuration\Administrative Templates\WindowsComponents\File Explorer      | Prevent access to drives from My Computer                         |
 The following policy settings are applied to the kiosk account when you configure a kiosk experience with Microsoft Edge:
--- a/windows/configuration/start/includes/hide-recently-added-apps.md
+++ b/windows/configuration/start/includes/hide-recently-added-apps.md
@ -1,7 +1,7 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
-ms.date: 04/10/2024
+ms.date: 02/25/2025
 ms.topic: include
 ---
@ -9,14 +9,8 @@ ms.topic: include
 With this policy setting, you can prevent the Start menu from displaying a list of recently installed applications:
- If **enabled**, the Start menu doesn't display the **Recently added** list. The corresponding option in Settings can't be configured (grayed out).
+- If **enabled**, the Start menu doesn't display the **Recently added** list. The corresponding option in Settings can't be configured (grayed out)
- If **disabled** or **not configured**, the Start menu displays the **Recently added** list. The corresponding option in Settings can be configured.
+- If **disabled** or **not configured**, the Start menu displays the **Recently added** list. The corresponding option in Settings can be configured
 > [!IMPORTANT]
 > Starting in Windows 11, version 22H2 with [KB5048685](https://support.microsoft.com/topic/4602-ea3736d3-6948-4fd7-9faf-8d732ac2ed59), the policy setting behavior changed.
 >
 > - If **enabled**, the corresponding option in Settings can't be configured (grayed out). The policy setting doesn't affect the display of recently installed applications in the Recommended section of the Start menu.
 > - If **disabled** or **not configured**, the corresponding option in Settings can be configured.
 |  | Path |
 |--|--|
--- a/windows/configuration/start/policy-settings.md
+++ b/windows/configuration/start/policy-settings.md
@ -2,7 +2,7 @@
 title: Start policy settings
 description: Learn about the policy settings to configure the Windows Start menu.
 ms.topic: reference
-ms.date: 07/10/2024
+ms.date: 02/25/2025
 appliesto:
 zone_pivot_groups: windows-versions-11-10
 ---
--- a/windows/configuration/taskbar/includes/show-notification-bell-icon.md
+++ b/windows/configuration/taskbar/includes/show-notification-bell-icon.md
@ -0,0 +1,23 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
 ms.date: 02/25/2025
 ms.topic: include
 ---
 ### Show notification bell icon
 This policy setting allows you to show the notification bell icon in the system tray:
 - If you enable this policy setting, the notification icon is always displayed
 - If you disable or don't configure this policy setting, the notification icon is only displayed when there's a special status (for example, when *do not disturb* is turned on)
 > [!NOTE]
 > A reboot is required for this policy setting to take effect.
 |  | Path |
 |--|--|
 | **CSP** |- `./User/Vendor/MSFT/Policy/Config/Start/`[AlwaysShowNotificationIcon](/windows/client-management/mdm/policy-csp-start#AlwaysShowNotificationIcon) |
 | **GPO** |- **User Configuration** > **Administrative Templates** > **Start Menu and Taskbar** |
 <!-- not linked yet as it's in Insider>
--- a/windows/configuration/taskbar/includes/turn-off-abbreviated-date-time-format.md
+++ b/windows/configuration/taskbar/includes/turn-off-abbreviated-date-time-format.md
@ -0,0 +1,22 @@
 ---
 author: paolomatarazzo
 ms.author: paoloma
 ms.date: 02/25/2025
 ms.topic: include
 ---
 ### Turn off abbreviated time and date format
 This policy setting allows you to show the longer time and date format in the system tray:
 - If you enable this policy setting, the time format will include the AM/PM time marker and the date will include the year.
 > [!NOTE]
 > A reboot is required for this policy setting to take effect.
 |  | Path |
 |--|--|
 | **CSP** |- `./User/Vendor/MSFT/Policy/Config/Start/`[TurnOffAbbreviatedDateTimeFormat](/windows/client-management/mdm/policy-csp-start#TurnOffAbbreviatedDateTimeFormat) |
 | **GPO** |- **User Configuration** > **Administrative Templates** > **Start Menu and Taskbar** |
 <!-- not linked yet as it's in Insider>
--- a/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md
+++ b/windows/security/application-security/application-control/app-control-for-business/AppIdTagging/design-create-appid-tagging-policies.md
@ -21,7 +21,7 @@ You can use the App Control for Business Wizard and the PowerShell commands to c
    :::image type="content" alt-text="Configuring the policy base and template." source="../images/appid-appcontrol-wizard-1.png" lightbox="../images/appid-appcontrol-wizard-1.png":::
    > [!NOTE]
-    > If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates. For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#slow-boot-and-performance-with-custom-policies).
+    > If your AppId Tagging Policy does not build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates. For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#slow-boot-and-performance-with-custom-policies).
 2. Set the following rule-options using the Wizard toggles:
--- a/windows/security/identity-protection/credential-guard/additional-mitigations.md
+++ b/windows/security/identity-protection/credential-guard/additional-mitigations.md
@ -1,5 +1,5 @@
 ---
-ms.date: 06/20/2024
+ms.date: 02/25/2025
 title: Additional mitigations
 description: Learn how to improve the security of your domain environment with additional mitigations for Credential Guard and sample code.
 ms.topic: reference
--- a/windows/security/identity-protection/credential-guard/configure.md
+++ b/windows/security/identity-protection/credential-guard/configure.md
@ -1,5 +1,5 @@
 ---
-ms.date: 06/20/2024
+ms.date: 02/25/2025
 title: Configure Credential Guard
 description: Learn how to configure Credential Guard using MDM, Group Policy, or the registry.
 ms.topic: how-to
--- a/windows/security/identity-protection/credential-guard/considerations-known-issues.md
+++ b/windows/security/identity-protection/credential-guard/considerations-known-issues.md
@ -1,5 +1,5 @@
 ---
-ms.date: 06/20/2024
+ms.date: 02/25/2025
 title: Considerations and known issues when using Credential Guard
 description: Considerations, recommendations, and known issues when using Credential Guard.
 ms.topic: troubleshooting
--- a/windows/security/identity-protection/credential-guard/how-it-works.md
+++ b/windows/security/identity-protection/credential-guard/how-it-works.md
@ -1,5 +1,5 @@
 ---
-ms.date: 06/20/2024
+ms.date: 02/25/2025
 title: How Credential Guard works
 description: Learn how Credential Guard uses virtualization to protect secrets, so that only privileged system software can access them.
 ms.topic: concept-article
--- a/windows/security/identity-protection/credential-guard/index.md
+++ b/windows/security/identity-protection/credential-guard/index.md
@ -1,5 +1,5 @@
 ---
-ms.date: 06/20/2024
+ms.date: 02/25/2025
 title: Credential Guard overview
 description: Learn about Credential Guard and how it isolates secrets so that only privileged system software can access them.
 ms.topic: overview
--- a/windows/security/identity-protection/hello-for-business/deploy/cloud-only.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/cloud-only.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business cloud-only deployment guide
 description: Learn how to deploy Windows Hello for Business in a cloud-only deployment scenario.
-ms.date: 11/22/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md
@ -1,7 +1,7 @@
 ---
 title: Configure Active Directory Federation Services in a hybrid certificate trust model
 description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business hybrid certificate trust model.
-ms.date: 06/23/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md
@ -1,7 +1,7 @@
 ---
 title: Configure and enroll in Windows Hello for Business in hybrid certificate trust model
 description: Learn how to configure devices and enroll them in Windows Hello for Business in a hybrid certificate trust scenario.
-ms.date: 09/26/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
@ -1,7 +1,7 @@
 ---
 title: Configure and validate the PKI in a hybrid certificate trust model
 description: Configure and validate the Public Key Infrastructure when deploying Windows Hello for Business in a hybrid certificate trust model.
-ms.date: 06/23/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business hybrid certificate trust deployment guide
 description: Learn how to deploy Windows Hello for Business in a hybrid certificate trust scenario.
-ms.date: 06/23/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cloud-kerberos-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business cloud Kerberos trust deployment guide
 description: Learn how to deploy Windows Hello for Business in a cloud Kerberos trust scenario.
-ms.date: 11/22/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
@ -45,7 +45,7 @@ When Microsoft Entra Kerberos is enabled in an Active Directory domain, an *Azur
 - Is only used by Microsoft Entra ID to generate TGTs for the Active Directory domain
  > [!NOTE]
-  > Similar rules and restrictions used for RODCs apply to the AzureADKerberos computer object. For example, users that are direct or indirect members of priviliged built-in security groups won't be able to use cloud Kerberos trust.
+  > Similar rules and restrictions used for RODCs apply to the AzureADKerberos computer object. For example, users that are direct or indirect members of privileged built-in security groups won't be able to use cloud Kerberos trust.
 :::image type="content" source="images/azuread-kerberos-object.png" alt-text="Screenshot of the Active Directory Users and Computers console, showing the computer object representing the Microsoft Entra Kerberos server." lightbox="images/azuread-kerberos-object.png":::
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust-enroll.md
@ -1,7 +1,7 @@
 ---
 title: Configure and enroll in Windows Hello for Business in a hybrid key trust model
 description: Learn how to configure devices and enroll them in Windows Hello for Business in a hybrid key trust scenario.
-ms.date: 11/22/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-key-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business hybrid key trust deployment guide
 description: Learn how to deploy Windows Hello for Business in a hybrid key trust scenario.
-ms.date: 11/22/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/index.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/index.md
@ -1,7 +1,7 @@
 ---
 title: Plan a Windows Hello for Business Deployment
 description: Learn about the role of each component within Windows Hello for Business and how certain deployment decisions affect other aspects of your infrastructure.
-ms.date: 10/30/2024
+ms.date: 02/25/2025
 ms.topic: concept-article
 ---
@ -251,7 +251,7 @@ Here are some considerations regarding licensing requirements for cloud services
 ### Windows requirements
-All supported Windows versions can be used with Windows Hello for Business. However, cloud Kerberos trust requires minimum versions:
+All supported Windows (client) versions can be used with Windows Hello for Business. However, cloud Kerberos trust requires minimum versions:
 || Deployment model | Trust type | Windows version|
 |--|--|--|--|
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
@ -1,7 +1,7 @@
 ---
 title: Configure Active Directory Federation Services in an on-premises certificate trust model
 description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business on-premises certificate trust model.
-ms.date: 06/23/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
@ -1,5 +1,5 @@
 ---
-ms.date: 06/23/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 title: Configure Windows Hello for Business Policy settings in an on-premises certificate trust
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business on-premises certificate trust deployment guide
 description: Learn how to deploy Windows Hello for Business in an on-premises, certificate trust scenario.
-ms.date: 06/23/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-adfs.md
@ -1,7 +1,7 @@
 ---
 title: Configure Active Directory Federation Services in an on-premises key trust model
 description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business key trust model.
-ms.date: 11/22/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
@ -1,5 +1,5 @@
 ---
-ms.date: 06/23/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 title: Configure Windows Hello for Business Policy settings in an on-premises key trust
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises key trust scenario
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md
@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business on-premises key trust deployment guide
 description: Learn how to deploy Windows Hello for Business in an on-premises, key trust scenario.
-ms.date: 06/24/2024
+ms.date: 02/25/2025
 ms.topic: tutorial
 ---
--- a/windows/security/identity-protection/hello-for-business/deploy/prepare-users.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/prepare-users.md
@ -1,7 +1,7 @@
 ---
 title: Prepare users to provision and use Windows Hello for Business
 description: Learn how to prepare users to enroll and to use Windows Hello for Business.
-ms.date: 11/22/2024
+ms.date: 02/25/2025
 ms.topic: end-user-help
 ---
--- a/windows/security/operating-system-security/data-protection/configure-s-mime.md
+++ b/windows/security/operating-system-security/data-protection/configure-s-mime.md
@ -2,7 +2,7 @@
 title: Configure S/MIME For Windows
 description: S/MIME lets users encrypt outgoing messages and attachments so that only intended recipients with a digital ID, also known as a certificate, can read them. Learn how to configure S/MIME for Windows.
 ms.topic: how-to
-ms.date: 12/02/2024
+ms.date: 02/25/2025
 ---
--- a/windows/security/operating-system-security/data-protection/encrypted-hard-drive.md
+++ b/windows/security/operating-system-security/data-protection/encrypted-hard-drive.md
@ -1,7 +1,7 @@
 ---
 title: Encrypted hard drives
 description: Learn how encrypted hard drives use the rapid encryption that is provided by BitLocker to enhance data security and management.
-ms.date: 07/22/2024
+ms.date: 02/25/2025
 ms.topic: concept-article
 ---