deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 02:13:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into nimishasatapathy-5263242-englishname

Browse Source
This commit is contained in:
Daniel Simpson
2021-08-19 10:55:00 -07:00
committed by GitHub
parent e6d89cd2c4 4840335f99
commit 42286021e4
15 changed files with 168 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
windows/client-management/mdm/policy-csp-mixedreality.md
View File

@ -40,6 +40,19 @@ manager: dansimp
</dd>
</dl>
Steps to use this policy correctly:
1. Create a device configuration profile for kiosk targeting Azure AD groups and assign it to HoloLens device(s).
1. Create a custom OMA URI based device configuration that sets this policy value to desired number of days (> 0) and assign it to HoloLens device(s).
1. The URI value should be entered in OMA-URI text box as ./Vendor/MSFT/Policy/Config/MixedReality/AADGroupMembershipCacheValidityInDays
1. The value can be between min / max allowed.
1. Enroll HoloLens devices and verify both configurations get applied to the device.
1. Let Azure AD user 1 sign-in when internet is available. Once the user signs-in and Azure AD group membership is confirmed successfully, cache will be created.
1. Now Azure AD user 1 can take HoloLens offline and use it for kiosk mode as long as policy value allows for X number of days.
1. Steps 4 and 5 can be repeated for any other Azure AD user N. The key point here is that any Azure AD user must sign-in to device using Internet at least once. Then we can determine that they are member of Azure AD group to which Kiosk configuration is targeted.
> [!NOTE]
> Until step 4 is performed for a Azure AD user will experience failure behavior mentioned similar to “disconnected” environments.
<hr/>

8
windows/client-management/mdm/surfacehub-csp.md
View File

@ -295,7 +295,7 @@ SurfaceHub
<p style="margin-left: 20px">The data type is boolean. Supported operation is Get and Replace.
<a href="" id="inboxapps-welcome-currentbackgroundpath"></a>**InBoxApps/Welcome/CurrentBackgroundPath**
<p style="margin-left: 20px">Background image for the welcome screen. To set this, specify an https URL to a PNG file (only PNGs are supported for security reasons). If any certificate authorities need to be trusted in order to access the URL, please ensure they are valid and installed on the Hub, otherwise it may not be able to load the image.
<p style="margin-left: 20px">Download location for image to be used as the background during user sessions and on the welcome screen. To set this, specify an https URL to a PNG file (only PNGs are supported for security reasons). If any certificate authorities need to be trusted in order to access the URL, please ensure they are valid and installed on the Hub, otherwise it may not be able to load the image.
<p style="margin-left: 20px">The data type is string. Supported operation is Get and Replace.
@ -316,12 +316,12 @@ SurfaceHub
<p style="margin-left: 20px">Invitations to collaborate from the Whiteboard app are not allowed.
<p style="margin-left: 20px">The data type is boolean. Supported operation is Get and Replace.
<a href="" id="inboxapps-whiteboard-signindisabled"></a>**InBoxApps/Whiteboard/SigninDisabled**
<p style="margin-left: 20px">Sign-ins from the Whiteboard app are not allowed.
<p style="margin-left: 20px">The data type is boolean. Supported operation is Get and Replace.
<a href="" id="inboxapps-whiteboard-telemetrydisabled"></a>**InBoxApps/Whiteboard/TelemeteryDisabled**
<p style="margin-left: 20px">Telemetry collection from the Whiteboard app is not allowed.
@ -571,7 +571,7 @@ SurfaceHub
<p style="margin-left: 20px">If this setting is true, the device account will be used for proxy authentication. If false, a separate account will be used.
<p style="margin-left: 20px">The data type is boolean. Supported operation is Get and Replace.
<a href="" id="properties-proxyservers"></a>**Properties/ProxyServers**
<p style="margin-left: 20px">Added in <a href="https://support.microsoft.com/topic/may-28-2019-kb4499162-os-build-15063-1839-ed6780ab-38d6-f590-d789-5ba873b1e142" data-raw-source="[KB4499162](https://support.microsoft.com/topic/may-28-2019-kb4499162-os-build-15063-1839-ed6780ab-38d6-f590-d789-5ba873b1e142)">KB4499162</a> for Windows 10, version 1703. Specifies FQDNs of proxy servers to provide device account credentials to before any user interaction (if AllowAutoProxyAuth is enabled). This is a semi-colon separated list of server names, without any additional prefixes (e.g. https://).