From 8da9b9dbbcfaf5be232f472c23c39b54462d1389 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 8 Sep 2020 16:30:11 -0700 Subject: [PATCH 1/5] Added a note for EnterpriseDataProtection CSP SKU --- .../mdm/configuration-service-provider-reference.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/client-management/mdm/configuration-service-provider-reference.md b/windows/client-management/mdm/configuration-service-provider-reference.md index fb69460ed8..e6fcf00668 100644 --- a/windows/client-management/mdm/configuration-service-provider-reference.md +++ b/windows/client-management/mdm/configuration-service-provider-reference.md @@ -1119,6 +1119,9 @@ Additional lists: +> [!NOTE] + +> The EnterpriseDataProtection CSP is supported in Home edition only for [mobile application management (MAM)](https://docs.microsoft.com/en-us/windows/client-management/mdm/implement-server-side-mobile-application-management#supported-csps). From ab38252cde368f1fa4354546a799a9a331465a08 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 8 Sep 2020 16:51:33 -0700 Subject: [PATCH 2/5] Updated the link --- .../mdm/configuration-service-provider-reference.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/windows/client-management/mdm/configuration-service-provider-reference.md b/windows/client-management/mdm/configuration-service-provider-reference.md index e6fcf00668..639742e2af 100644 --- a/windows/client-management/mdm/configuration-service-provider-reference.md +++ b/windows/client-management/mdm/configuration-service-provider-reference.md @@ -1108,7 +1108,8 @@ Additional lists: Mobile Enterprise - check mark + check mark +Only in mobile application management check mark check mark @@ -1119,9 +1120,6 @@ Additional lists: -> [!NOTE] - -> The EnterpriseDataProtection CSP is supported in Home edition only for [mobile application management (MAM)](https://docs.microsoft.com/en-us/windows/client-management/mdm/implement-server-side-mobile-application-management#supported-csps). From cdd835571ba581b9318975b64b8ed1eeead31df8 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 8 Sep 2020 16:58:45 -0700 Subject: [PATCH 3/5] Minor update --- .../mdm/configuration-service-provider-reference.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/configuration-service-provider-reference.md b/windows/client-management/mdm/configuration-service-provider-reference.md index 639742e2af..75ed9ad662 100644 --- a/windows/client-management/mdm/configuration-service-provider-reference.md +++ b/windows/client-management/mdm/configuration-service-provider-reference.md @@ -1109,7 +1109,7 @@ Additional lists: check mark -Only in mobile application management +Only for mobile application management (MAM) check mark check mark From bd0c63d9d17ff5954232c9a385cc3dd74c774791 Mon Sep 17 00:00:00 2001 From: John Marlin <37387786+JohnMarlin-MSFT@users.noreply.github.com> Date: Thu, 17 Sep 2020 10:31:32 -0700 Subject: [PATCH 4/5] Update network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md When disabling the GPO, it breaks Clustering and Cluster Sets as our local accounts (CLIUSR and CSUSR) and local certificates are prohibited from authenticating properly. --- ...cation-requests-to-this-computer-to-use-online-identities.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md index 9fef84e4b2..14f67ae3d2 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md @@ -83,6 +83,8 @@ Set this policy to *Disabled* or don't configure this security policy for domain If you don't set or you disable this policy, the PKU2U protocol won't be used to authenticate between peer devices, which forces users to follow domain-defined access control policies. If you enable this policy, you allow your users to authenticate by using local certificates between systems that aren't part of a domain that uses PKU2U. This configuration allows users to share resources between devices. +Please be aware that some roles/features (such as Failover Clustering) do not utilize a domain account for its PKU2U authentication and will cease to function properly when disabling this policy. + ## Related topics - [Security options](security-options.md) From 20cbb024df71bbec05314b81c09914728b3ba9f2 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Fri, 18 Sep 2020 08:40:26 -0700 Subject: [PATCH 5/5] minor update to trigger build --- .../mdm/configuration-service-provider-reference.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/configuration-service-provider-reference.md b/windows/client-management/mdm/configuration-service-provider-reference.md index f31c2ecb0f..39b81e1e82 100644 --- a/windows/client-management/mdm/configuration-service-provider-reference.md +++ b/windows/client-management/mdm/configuration-service-provider-reference.md @@ -9,7 +9,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: manikadhiman -ms.date: 06/03/2020 +ms.date: 09/18/2020 --- # Configuration service provider reference