deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'main' into repo_sync_working_branch

Browse Source
This commit is contained in:
Angela Fleischmann 2023-03-08 14:50:36 -07:00 committed by GitHub
commit 1f7781d23c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/client-management/mdm/policy-csp-networklistmanager.md
View File

@ -37,7 +37,7 @@ ms.topic: reference
<!-- AllowedTlsAuthenticationEndpoints-Description-Begin --> <!-- AllowedTlsAuthenticationEndpoints-Description-Begin -->
<!-- Description-Source-DDF --> <!-- Description-Source-DDF -->
List of URLs (seperated by Unicode character 0xF000) to endpoints accessible only within an enterprise's network. If any of the URLs can be resolved over HTTPS, the network would be considered authenticated. List of URLs (separated by Unicode character 0xF000) to endpoints accessible only within an enterprise's network. If any of the URLs can be resolved over HTTPS, the network would be considered authenticated.
<!-- AllowedTlsAuthenticationEndpoints-Description-End --> <!-- AllowedTlsAuthenticationEndpoints-Description-End -->
<!-- AllowedTlsAuthenticationEndpoints-Editable-Begin --> <!-- AllowedTlsAuthenticationEndpoints-Editable-Begin -->

2
windows/deployment/windows-autopatch/operate/windows-autopatch-windows-update.md
View File

@ -75,7 +75,7 @@ The Scheduled install cadence has two options:
| Schedule install and restart | Use this option to prevent the service from installing Windows Updates except during the specified start time. You can specify the following occurrence options:<ul><li>Weekly</li><li>Bi-weekly</li><li>Monthly</li></ul><p>Select a time when the device has low activity for the updates to complete. Ensure that the Windows Update has three to four hours to complete the installation and restart the device.</p> | | Schedule install and restart | Use this option to prevent the service from installing Windows Updates except during the specified start time. You can specify the following occurrence options:<ul><li>Weekly</li><li>Bi-weekly</li><li>Monthly</li></ul><p>Select a time when the device has low activity for the updates to complete. Ensure that the Windows Update has three to four hours to complete the installation and restart the device.</p> |
> [!NOTE] > [!NOTE]
> Changes made in one deployment ring won't impact other rings in your tenant.<p>Configured **Active hours** and **Scheduled install and restart** options will apply to bother Windows quality updates and Windows feature updates.</p> > Changes made in one deployment ring won't impact other rings in your tenant.<p>Configured **Active hours** and **Scheduled install and restart** options will apply to both Windows quality updates and Windows feature updates.</p>
### User notifications ### User notifications

8
windows/security/threat-protection/auditing/event-4624.md
View File

@ -121,12 +121,12 @@ This event generates when a logon session is created (on destination machine). I
**Subject:** **Subject:**
- **Security ID** [Type = SID]**:** SID of account that reported information about successful logon or invokes it. Event Viewer automatically tries to resolve SIDs and show the account name. If the SID cannot be resolved, you will see the source data in the event. - **Security ID** [Type = SID]**:** SID of account that reported information about successful logon or invokes it. Event Viewer automatically tries to resolve SIDs and show the account name. If the SID can't be resolved, you will see the source data in the event.
This field may also contain no subject user information, but the NULL Sid "S-1-0-0" and no user or domain information. This field may also contain no subject user information, but the NULL Sid "S-1-0-0" and no user or domain information.
> [!NOTE] > [!NOTE]
> A **security identifier (SID)** is a unique value of variable length used to identify a trustee (security principal). Each account has a unique SID that is issued by an authority, such as an Active Directory domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it cannot ever be used again to identify another user or group. For more information about SIDs, see [Security identifiers](/windows/access-protection/access-control/security-identifiers). > A **security identifier (SID)** is a unique value of variable length used to identify a trustee (security principal). Each account has a unique SID that is issued by an authority, such as an Active Directory domain controller, and stored in a security database. Each time a user logs on, the system retrieves the SID for that user from the database and places it in the access token for that user. The system uses the SID in the access token to identify the user in all subsequent interactions with Windows security. When a SID has been used as the unique identifier for a user or group, it can't ever be used again to identify another user or group. For more information about SIDs, see [Security identifiers](/windows/access-protection/access-control/security-identifiers).
- **Account Name** [Type = UnicodeString]**:** the name of the account that reported information about successful logon. - **Account Name** [Type = UnicodeString]**:** the name of the account that reported information about successful logon.
@ -318,6 +318,6 @@ For 4624(S): An account was successfully logged on.
- If the **Authentication Package** is NTLM. In this case, monitor for **Key Length** not equal to 128, because all Windows operating systems starting with Windows 2000 support 128-bit Key Length. - If the **Authentication Package** is NTLM. In this case, monitor for **Key Length** not equal to 128, because all Windows operating systems starting with Windows 2000 support 128-bit Key Length.
- If you monitor for potentially malicious software, or software that is not authorized to request logon actions, monitor this event for **Process Name**. - If you monitor for potentially malicious software, or software that isn't authorized to request logon actions, monitor this event for **Process Name**.
- If you have a trusted logon processes list, monitor for a **Logon Process** that is not from the list. - If you have a trusted logon processes list, monitor for a **Logon Process** that isn't from the list.