Merge branch 'main' into v-smandalika-5694287-B2

2025-06-18 20:03:40 +00:00 · 2022-02-24 09:28:11 +05:30
parent 1221b97293 d00702809e
commit 1a9369ab03
94 changed files with 1016 additions and 615 deletions
--- a/windows/client-management/mdm/defender-csp.md
+++ b/windows/client-management/mdm/defender-csp.md
@ -10,7 +10,7 @@ ms.prod: w10
 ms.technology: windows
 author: dansimp
 ms.localizationpriority: medium
-ms.date: 10/04/2021
+ms.date: 02/22/2022
 ---

 # Defender CSP
@ -623,9 +623,9 @@ Valid values are:
 <a href="" id="configuration-hideexclusionsfromlocaladmins"></a>**Configuration/HideExclusionsFromLocalAdmins**<br>
 This policy setting controls whether or not exclusions are visible to Local Admins.  For end users (that are not Local Admins) exclusions are not visible, whether or not this setting is enabled.

-If you disable or do not configure this setting, Local Admins will be able to see exclusions in the Windows Security App and via PowerShell.
+If you disable or do not configure this setting, Local Admins will be able to see exclusions in the Windows Security App, in the registry, and via PowerShell.

-If you enable this setting, Local Admins will no longer be able to see the exclusion list in the Windows Security app or via PowerShell.
+If you enable this setting, Local Admins will no longer be able to see the exclusion list in the Windows Security app, in the registry, or via PowerShell.

 > [!NOTE]
 > Applying this setting will not remove exclusions, it will only prevent them from being visible to Local Admins. This is reflected in **Get-MpPreference**.
--- a/windows/client-management/mdm/policy-csp-applicationmanagement.md
+++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md
@ -834,6 +834,9 @@ Value type is string.
 <!--/Description-->
 <!--SupportedValues-->

+> [!NOTE]
+> The check for recurrence is done in a case sensitive manner. For instance the value needs to be “Daily” instead of “daily”. The wrong case will cause SmartRetry to fail to execute.
+
 <!--/SupportedValues-->
 <!--Example-->
 Sample SyncML:
@ -853,7 +856,7 @@ Sample SyncML:
        </Meta> 
        <Data> 
          <ForceRestart StartDateTime="2018-03-28T22:21:52Z"  
-                        Recurrence="[none/daily/weekly/monthly]"  
+                        Recurrence="[None/Daily/Weekly/Monthly]"  
                        DayOfWeek=”1”  
                        DayOfMonth=”12”  
                        RunIfTaskIsMissed=”1”/> 
--- a/windows/client-management/mdm/surfacehub-csp.md
+++ b/windows/client-management/mdm/surfacehub-csp.md
@ -31,7 +31,7 @@ SurfaceHub
 --------Email
 --------CalendarSyncEnabled
 --------ErrorContext
--------PasswordRotationPeriod
+--------PasswordRotationEnabled
 ----MaintenanceHoursSimple
 --------Hours
 ------------StartTime
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@ -963,6 +963,11 @@ items:
          items: 
            - name: WindowsAdvancedThreatProtection DDF file
              href: windowsadvancedthreatprotection-ddf.md
+        - name: WindowsAutoPilot CSP
+          href: windowsautopilot-csp.md
+          items: 
+            - name: WindowsAutoPilot DDF file
+              href: windowsautopilot-ddf-file.md
        - name: WindowsDefenderApplicationGuard CSP
          href: windowsdefenderapplicationguard-csp.md
          items: 
--- a/windows/client-management/mdm/windowsautopilot-csp.md
+++ b/windows/client-management/mdm/windowsautopilot-csp.md
@ -0,0 +1,29 @@
+---
+title: WindowsAutoPilot CSP
+description: Learn how without the ability to mark a device as remediation required, the device will remain in a broken state, which results in security and privacy concerns in Autopilot.
+ms.assetid: E6BC6B0D-1F16-48A5-9AC4-76D69A7EDDA6
+ms.reviewer: 
+manager: dansimp
+ms.author: v-nsatapathy
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: dansimp
+ms.date: 02/07/2022
+---
+
+# WindowsAutoPilot CSP
+
+> [!WARNING]
+> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+
+The WindowsAutopilot CSP collects hardware information about a device and formats it into a BLOB. This BLOB is used as input for calling Windows Autopilot Service to mark a device as remediation required if the device underwent a hardware change that affects its ability to use Windows Autopilot.” with “The WindowsAutopilot CSP exposes Windows Autopilot related device information.” Because the CSP description should be more general/high level.
+
+**./Vendor/MSFT/WindowsAutopilot**
+
+Root node. Supported operation is Get.
+
+**HardwareMismatchRemediationData**
+
+Interior node. Supported operation is Get. Collects hardware information about a device and returns it as an encoded string. This string is used as input for calling Windows Autopilot Service to remediate a device if the device underwent a hardware change that affects its ability to use Windows Autopilot.
--- a/windows/client-management/mdm/windowsautopilot-ddf-file.md
+++ b/windows/client-management/mdm/windowsautopilot-ddf-file.md
@ -0,0 +1,76 @@
+---
+title: WindowsAutoPilot DDF file
+description: Learn how without the ability to mark a device as remediation required, the device will remain in a broken state, for the WindowsAutoPilot DDF file configuration service provider (CSP) .
+ms.author: dansimp
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: dansimp
+ms.date: 02/07/2022
+ms.reviewer: 
+manager: dansimp
+---
+
+# WindowsAutoPilot DDF file
+
+> [!WARNING]
+> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+This topic shows the device description framework (DDF) for the **WindowsAutoPilot** configuration service provider. 
+
+Looking for the DDF XML files? See [CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download).
+
+```xml
+<NodeName>WindowsAutopilot</NodeName>
+        <Path>./Vendor/MSFT</Path>
+        <DFProperties>
+          <AccessType>
+            <Get />
+          </AccessType>
+          <Description>These settings enable configuration of Windows Autopilot</Description>
+          <DFFormat>
+            <node />
+          </DFFormat>
+          <Occurrence>
+            <One />
+          </Occurrence>
+          <Scope>
+            <Permanent />
+          </Scope>
+          <DFType>
+            <MIME>com.microsoft/1.0/MDM/WindowsAutopilot</MIME>
+          </DFType>
+          <Applicability>
+            <OsBuildVersion>99.9.99999, 10.0.19041.1202, 10.0.19042.1202, 10.0.19043.1202</OsBuildVersion>
+            <CspVersion>1.0</CspVersion>
+          </Applicability>
+          <ExposedTo>
+            <Mdm />
+          </ExposedTo>
+        </DFProperties>
+        <Node>
+          <NodeName>HardwareMismatchRemediationData</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <Description>This data is used to remediate Autopilot hardware mismatches.</Description>
+            <DFFormat>
+              <chr />
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+      </Node>
+    </MgmtTree>
+  </cspDefinition>
+</identity>
+```