deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-16 07:17:24 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #9904 from paolomatarazzo/pm-9048783

Browse Source 
[Security] removed GA for least privileged efforts
This commit is contained in:
Jeff Borsecnik 2024-06-04 10:10:59 -07:00 committed by GitHub
commit 22d8c1328d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md
View File

@ -495,7 +495,7 @@ Connector group automatically round-robin, load balance the Microsoft Entra appl
Sign-in a workstation with access equivalent to a *domain user*.
1. Sign-in to the [Azure portal](https://portal.azure.com/) with access equivalent to **Global Administrator**
1. Access to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Administrator](/entra/identity/role-based-access-control/permissions-reference#application-administrator)
1. Select **All Services**. Type **Microsoft Entra ID** to filter the list of services. Under **SERVICES**, select **Microsoft Entra ID**
1. Under **MANAGE**, select **Application proxy**
1. Select **Download connector service**. Select **Accept terms & Download**. Save the file (AADApplicationProxyConnectorInstaller.exe) in a location accessible by others on the domain
@ -506,7 +506,7 @@ Sign-in a workstation with access equivalent to a *domain user*.
1. Start **AADApplicationProxyConnectorInstaller.exe**
1. Read the license terms and then select **I agree to the license terms and conditions**. Select **Install**
![Azure Application Proxy Connector: license terms](images/aadjcert/azureappproxyconnectorinstall-01.png)
1. Sign-in to Microsoft Azure with access equivalent to **Global Administrator**
1. Sign-in as at least an [Application Administrator](/entra/identity/role-based-access-control/permissions-reference#application-administrator)
![Azure Application Proxy Connector: sign-in](images/aadjcert/azureappproxyconnectorinstall-02.png)
1. When the installation completes. Read the information regarding outbound proxy servers. Select **Close**
![Azure Application Proxy Connector: read](images/aadjcert/azureappproxyconnectorinstall-03.png)
@ -516,7 +516,7 @@ Sign-in a workstation with access equivalent to a *domain user*.
Sign-in a workstation with access equivalent to a *domain user*.
1. Sign-in to the [Azure portal](https://portal.azure.com/) with access equivalent to **Global Administrator**
1. Access to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Administrator](/entra/identity/role-based-access-control/permissions-reference#application-administrator)
1. Select **All Services**. Type **Microsoft Entra ID** to filter the list of services. Under **SERVICES**, select **Microsoft Entra ID**
1. Under **MANAGE**, select **Application proxy**.
@ -533,7 +533,7 @@ Sign-in a workstation with access equivalent to a *domain user*.
Sign-in a workstation with access equivalent to a *domain user*.
1. Sign-in to the [Azure portal](https://portal.azure.com/) with access equivalent to **Global Administrator**
1. Access to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Administrator](/entra/identity/role-based-access-control/permissions-reference#application-administrator)
1. Select **All Services**. Type **Microsoft Entra ID** to filter the list of services. Under **SERVICES**, select **Microsoft Entra ID**
1. Under **MANAGE**, select **Application proxy**
1. Select **Configure an app**
@ -692,7 +692,7 @@ Optionally (not required), you can configure the Intune connector for certificat
Sign-in a workstation with access equivalent to a *domain user*.
1. Sign-in to the [Azure portal](https://portal.azure.com/) with access equivalent to **Global Administrator**
1. Access to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least an [Application Administrator](/entra/identity/role-based-access-control/permissions-reference#application-administrator)
1. Select **All Services**. Type **Microsoft Entra ID** to filter the list of services. Under **SERVICES**, select **Microsoft Entra ID**
1. Select **Groups**. Select **New group**
1. Select **Security** from the **Group type** list

4
windows/security/identity-protection/hello-for-business/pin-reset.md
View File

@ -49,7 +49,7 @@ To register the applications, follow these steps:
:::row:::
:::column span="3":::
1. Go to the [Microsoft PIN Reset Service Production website][APP-1], and sign in using a *Global Administrator* account you use to manage your Microsoft Entra tenant. Review the permissions requested by the *Microsoft Pin Reset Service Production* application and select **Accept** to give consent to the application to access your organization
1. Go to the [Microsoft PIN Reset Service Production website][APP-1], and sign in as at least an [Application Administrator](/entra/identity/role-based-access-control/permissions-reference#application-administrator). Review the permissions requested by the *Microsoft Pin Reset Service Production* application and select **Accept** to give consent to the application to access your organization
:::column-end:::
:::column span="1":::
:::image type="content" alt-text="Screenshot showing the PIN reset service permissions page." source="images/pin-reset/pin-reset-service-prompt.png" lightbox="images/pin-reset/pin-reset-service-prompt.png" border="true":::
@ -57,7 +57,7 @@ To register the applications, follow these steps:
:::row-end:::
:::row:::
:::column span="3":::
2. Go to the [Microsoft PIN Reset Client Production website][APP-2], and sign in using a *Global Administrator* account you use to manage your Microsoft Entra tenant. Review the permissions requested by the *Microsoft Pin Reset Client Production* application, and select **Next**.
2. Go to the [Microsoft PIN Reset Client Production website][APP-2], and sign as at least an [Application Administrator](/entra/identity/role-based-access-control/permissions-reference#application-administrator). Review the permissions requested by the *Microsoft Pin Reset Client Production* application, and select **Next**.
:::column-end:::
:::column span="1":::
:::image type="content" alt-text="Screenshot showing the PIN reset client permissions page." source="images/pin-reset/pin-reset-client-prompt.png" lightbox="images/pin-reset/pin-reset-client-prompt.png" border="true":::