From 379dda9fe220ac586f1746d9999918b7b240cc28 Mon Sep 17 00:00:00 2001 From: Oscar Beaumont Date: Mon, 28 Jun 2021 13:22:01 +1000 Subject: [PATCH 1/7] fixed broken XML & improved readability of examples --- ...erated-authentication-device-enrollment.md | 70 ++++++++----------- 1 file changed, 30 insertions(+), 40 deletions(-) diff --git a/windows/client-management/mdm/federated-authentication-device-enrollment.md b/windows/client-management/mdm/federated-authentication-device-enrollment.md index 858a51a88b..fe3f5140fd 100644 --- a/windows/client-management/mdm/federated-authentication-device-enrollment.md +++ b/windows/client-management/mdm/federated-authentication-device-enrollment.md @@ -266,12 +266,10 @@ The following is an enrollment policy request example with a received security t https://enrolltest.contoso.com/ENROLLMENTSERVER/DEVICEENROLLMENTWEBSERVICE.SVC - + B64EncodedSampleBinarySecurityToken @@ -410,12 +408,9 @@ The following example shows the enrollment web service request for federated aut https://enrolltest.contoso.com:443/ENROLLMENTSERVER/DEVICEENROLLMENTWEBSERVICE.SVC - + B64EncodedSampleBinarySecurityToken @@ -518,21 +513,18 @@ The following example shows the enrollment web service response. xmlns="http://docs.oasis-open.org/ws-sx/ws-trust/200512"> - http://schemas.microsoft.com/5.0.0.0/ConfigurationManager/Enrollment/DeviceEnrollmentToken + http://schemas.microsoft.com/5.0.0.0/ConfigurationManager/Enrollment/DeviceEnrollmentToken - + + + ValueType="http://schemas.microsoft.com/5.0.0.0/ConfigurationManager/Enrollment/DeviceEnrollmentProvisionDoc" + EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#base64binary" + xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> B64EncodedSampleBinarySecurityToken - 0 - + 0 @@ -558,12 +550,12 @@ The following code shows sample provisioning XML (presented in the preceding pac - - + + - + @@ -581,8 +573,7 @@ The following code shows sample provisioning XML (presented in the preceding pac - + @@ -598,25 +589,24 @@ The following code shows sample provisioning XML (presented in the preceding pac - - - - + + + + + - - - - - - + + + + + - + ``` @@ -627,4 +617,4 @@ The following code shows sample provisioning XML (presented in the preceding pac - Detailed descriptions of these settings are located in the [Enterprise settings, policies and app management](windows-mdm-enterprise-settings.md) section of this document. - The **PrivateKeyContainer** characteristic is required and must be present in the Enrollment provisioning XML by the enrollment. Other important settings are the **PROVIDER-ID**, **NAME**, and **ADDR** parameter elements, which need to contain the unique ID and NAME of your DM provider and the address where the device can connect for configuration provisioning. The ID and NAME can be arbitrary values, but they must be unique. - Also important is SSLCLIENTCERTSEARCHCRITERIA, which is used for selecting the certificate to be used for client authentication. The search is based on the subject attribute of the signed user certificate. -- CertificateStore/WSTEP enables certificate renewal. If the server does not support it, do not set it. \ No newline at end of file +- CertificateStore/WSTEP enables certificate renewal. If the server does not support it, do not set it. From 5133474ae4de73b40857afd285a5cf408e0d2686 Mon Sep 17 00:00:00 2001 From: Kim Klein Date: Mon, 28 Jun 2021 09:48:04 -0700 Subject: [PATCH 2/7] I added the Getting started with commandlets section. --- .../select-types-of-rules-to-create.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md index b3aeeaf2ec..ee3192a969 100644 --- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md @@ -27,6 +27,13 @@ ms.technology: mde Windows Defender Application Control (WDAC) can control what runs on Windows 10 by setting policies that specify whether a driver or application is trusted. A policy includes *policy rules* that control options such as audit mode, and *file rules* (or *file rule levels*) that specify how applications are identified and trusted. +## Getting started with commdlets +Some of the [SKUs](feature-availability.md) that support our PowerShell commandlets [(ConfigCI Module | Microsoft Docs)](powershell/module/configci) support but do not have the module installed on the box. + +**Steps to install the module:** +- Install-Module "ConfigCI" +- Import-Module "ConfigCI" + ## Windows Defender Application Control policy rules To modify the policy rule options of an existing WDAC policy XML, use [Set-RuleOption](/powershell/module/configci/set-ruleoption). The following examples show how to use this cmdlet to add and remove a rule option on an existing WDAC policy: From 541a2983257d2da96a6d354c7e712de92e95392d Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Thu, 1 Jul 2021 11:52:15 -0700 Subject: [PATCH 3/7] Update windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../select-types-of-rules-to-create.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md index ee3192a969..e99b5ddafe 100644 --- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md @@ -28,7 +28,7 @@ ms.technology: mde Windows Defender Application Control (WDAC) can control what runs on Windows 10 by setting policies that specify whether a driver or application is trusted. A policy includes *policy rules* that control options such as audit mode, and *file rules* (or *file rule levels*) that specify how applications are identified and trusted. ## Getting started with commdlets -Some of the [SKUs](feature-availability.md) that support our PowerShell commandlets [(ConfigCI Module | Microsoft Docs)](powershell/module/configci) support but do not have the module installed on the box. +Some of the [SKUs](feature-availability.md) that support our PowerShell commandlets [(ConfigCI Module)](powershell/module/configci/?view=windowsserver2019-ps) support but do not have the module installed on the box. **Steps to install the module:** - Install-Module "ConfigCI" From 89376c584e3f9f9033c72ef457bc412fb255d826 Mon Sep 17 00:00:00 2001 From: Kim Klein Date: Tue, 6 Jul 2021 11:29:26 -0700 Subject: [PATCH 4/7] Updated the URL link as recommended. --- .../select-types-of-rules-to-create.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md index ee3192a969..744330910a 100644 --- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md @@ -28,7 +28,7 @@ ms.technology: mde Windows Defender Application Control (WDAC) can control what runs on Windows 10 by setting policies that specify whether a driver or application is trusted. A policy includes *policy rules* that control options such as audit mode, and *file rules* (or *file rule levels*) that specify how applications are identified and trusted. ## Getting started with commdlets -Some of the [SKUs](feature-availability.md) that support our PowerShell commandlets [(ConfigCI Module | Microsoft Docs)](powershell/module/configci) support but do not have the module installed on the box. +Some of the [SKUs](feature-availability.md) that support our PowerShell commandlets [(ConfigCI Module | Microsoft Docs)](powershell/module/configci/?view=windowsserver2019-ps) support but do not have the module installed on the box. **Steps to install the module:** - Install-Module "ConfigCI" From 18f4d2fc1b258cf6d1616bc330487cb190a709cd Mon Sep 17 00:00:00 2001 From: Thomas Raya Date: Thu, 8 Jul 2021 09:00:07 -0700 Subject: [PATCH 5/7] Update select-types-of-rules-to-create.md --- .../select-types-of-rules-to-create.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md index ff505c8beb..29cd125c84 100644 --- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md @@ -29,7 +29,7 @@ Windows Defender Application Control (WDAC) can control what runs on Windows 10 ## Getting started with commdlets -Some of the [SKUs](feature-availability.md) that support our PowerShell commandlets [(ConfigCI Module)](powershell/module/configci/?view=windowsserver2019-ps) support but do not have the module installed on the box. +Some of the [SKUs](feature-availability.md) that support our PowerShell commandlets [(ConfigCI Module)](/powershell/module/configci/?view=windowsserver2019-ps) support but do not have the module installed on the box. **Steps to install the module:** - Install-Module "ConfigCI" From 744476aef5b44394e05c7426c5fadbece2a1e643 Mon Sep 17 00:00:00 2001 From: Marty Hernandez Avedon Date: Fri, 9 Jul 2021 10:12:28 -0400 Subject: [PATCH 6/7] pruning dead link The 'More information' link for the ebook currently redirects to an unrelated marketing page --- windows/security/threat-protection/intelligence/phishing.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md index 55d1b756ed..1f997dac95 100644 --- a/windows/security/threat-protection/intelligence/phishing.md +++ b/windows/security/threat-protection/intelligence/phishing.md @@ -99,4 +99,3 @@ If you feel you've been a victim of a phishing attack: - [Protect yourself from phishing](https://support.microsoft.com/help/4033787/windows-protect-yourself-from-phishing) - [Phishing trends](phishing-trends.md) -- [Microsoft e-book on preventing social engineering attacks](https://info.microsoft.com/Protectyourweakestlink.html?ls=social), especially in enterprise environments. \ No newline at end of file From ffb89f17259a2f487ae6d5753ecd12955793bb62 Mon Sep 17 00:00:00 2001 From: gkomatsu Date: Fri, 9 Jul 2021 10:14:47 -0700 Subject: [PATCH 7/7] Update configuration-service-provider-reference.md Fixed HotSpot CSP support to contain Professional, Business, Education and Enterprise. Reflecting the right applicability. --- .../mdm/configuration-service-provider-reference.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/client-management/mdm/configuration-service-provider-reference.md b/windows/client-management/mdm/configuration-service-provider-reference.md index 4f9dd3d9da..4dc856f036 100644 --- a/windows/client-management/mdm/configuration-service-provider-reference.md +++ b/windows/client-management/mdm/configuration-service-provider-reference.md @@ -1270,10 +1270,10 @@ Additional lists: cross mark - cross mark - cross mark - cross mark - cross mark + check mark + check mark + check mark + check mark check mark