Merge branch 'master' of https://github.com/microsoftdocs/windows-itpro-docs

2025-06-16 02:43:43 +00:00 · 2018-07-30 09:46:29 -07:00
parent 5736a9c89b b37855540b
commit 210b01eaca
8 changed files with 29 additions and 7 deletions
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@ -255,7 +255,14 @@ An optional flag to enable Always On mode. This will automatically connect the V

 > **Note**  Always On only works for the active profile. The first profile provisioned that can be auto triggered will automatically be set as active.

- 
+Preserving user Always On preference
+
+Windows has a feature to preserve a user’s AlwaysOn preference.  In the event that a user manually unchecks the “Connect    automatically” checkbox, Windows will remember this user preference for this profile name by adding the profile name to the value AutoTriggerDisabledProfilesList.  
+Should a management tool remove/add the same profile name back and set AlwaysOn to true, Windows will not check the box if the profile name exists in the below registry value in order to preserve user preference.
+Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Config
+Value: AutoTriggerDisabledProfilesList
+Type: REG_MULTI_SZ
+

 Valid values:

--- a/windows/deployment/update/waas-overview.md
+++ b/windows/deployment/update/waas-overview.md
@ -70,7 +70,7 @@ To align with this new update delivery model, Windows 10 has three servicing cha
 ### Naming changes

 As part of the alignment with Windows 10 and Office 365 ProPlus, we are adopting common terminology to make it as easy as possible to understand the servicing process. Going forward, these are the new terms we will be using:
-* Semi-Annual Channel - We will be referreing to Current Branch (CB) as "Semi-Annual Channel (Targeted)", while Current Branch for Business (CBB) will simply be referred to as "Semi-Annual Channel". 
+* Semi-Annual Channel - We will be referring to Current Branch (CB) as "Semi-Annual Channel (Targeted)", while Current Branch for Business (CBB) will simply be referred to as "Semi-Annual Channel". 
 * Long-Term Servicing Channel -  The Long-Term Servicing Branch (LTSB) will be referred to as Long-Term Servicing Channel (LTSC).

 >[!IMPORTANT]
--- a/windows/security/hardware-protection/tpm/change-the-tpm-owner-password.md
+++ b/windows/security/hardware-protection/tpm/change-the-tpm-owner-password.md
@ -45,7 +45,7 @@ To change to a new TPM owner password, in TPM.msc, click **Change Owner Password

 ## Use the TPM cmdlets

-You can manage the TPM using Windows PowerShell. For details, see [TPM Cmdlets in Windows PowerShell](http://technet.microsoft.com/library/jj603116.aspx).
+You can manage the TPM using Windows PowerShell. For details, see [TPM Cmdlets in Windows PowerShell](https://docs.microsoft.com/en-us/powershell/module/trustedplatformmodule).

 ## Related topics

--- a/windows/security/hardware-protection/tpm/trusted-platform-module-overview.md
+++ b/windows/security/hardware-protection/tpm/trusted-platform-module-overview.md
@ -68,7 +68,7 @@ Some things that you can check on the device are:
 -   Is SecureBoot supported and enabled?

 > [!NOTE]
-> The device must be running Windows 10 and it must support at least TPM 2.0.
+> The device must be running Windows 10 and it must support at least TPM 2.0 in order to utilize Device Health Attestation.

 ## Supported versions

--- a/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
+++ b/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
@ -58,6 +58,15 @@ When the trigger occurs, VPN tries to connect. If an error occurs or any user in

 When a device has multiple profiles with Always On triggers, the user can specify the active profile in **Settings** > **Network & Internet** > **VPN** > *VPN profile* by selecting the **Let apps automatically use this VPN connection** checkbox. By default, the first MDM-configured profile is marked as **Active**. 

+Preserving user Always On preference
+
+Windows has a feature to preserve a user’s AlwaysOn preference.  In the event that a user manually unchecks the “Connect automatically” checkbox, Windows will remember this user preference for this profile name by adding the profile name to the value AutoTriggerDisabledProfilesList.  
+Should a management tool remove/add the same profile name back and set AlwaysOn to true, Windows will not check the box if the profile name exists in the below registry value in order to preserve user preference.
+Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Config
+Value: AutoTriggerDisabledProfilesList
+Type: REG_MULTI_SZ
+
+
 ## Trusted network detection

 This feature configures the VPN such that it would not get triggered if a user is on a trusted corporate network. The value of this setting is a list of DNS suffices. The VPN stack will look at the DNS suffix on the physical interface and if it matches any in the configured list and the network is private or provisioned by MDM, then VPN will not get triggered.
@ -86,4 +95,4 @@ After you add an associated app, if you select the **Only these apps can use thi
 - [VPN and conditional access](vpn-conditional-access.md)
 - [VPN name resolution](vpn-name-resolution.md)
 - [VPN security features](vpn-security-features.md)
- [VPN profile options](vpn-profile-options.md)
+- [VPN profile options](vpn-profile-options.md)