Merge branch 'master' into v-mathavale-5548257-part1

2025-05-13 13:57:22 +00:00 · 2021-11-09 16:49:15 +05:30 · 2021-11-09 16:49:15 +05:30 · 4b856bb1f4
commit 4b856bb1f4
parent 227c55a187 6cde31c23d
8 changed files with 243 additions and 360 deletions
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md
@ -29,7 +29,6 @@ ms.date: 07/22/2020
 - [Defender/AllowFullScanOnMappedNetworkDrives](policy-csp-defender.md#defender-allowfullscanonmappednetworkdrives)
 - [Defender/AllowFullScanRemovableDriveScanning](policy-csp-defender.md#defender-allowfullscanremovabledrivescanning)
 - [Defender/AllowIOAVProtection](policy-csp-defender.md#defender-allowioavprotection)
- [Defender/AllowIntrusionPreventionSystem](policy-csp-defender.md#defender-allowintrusionpreventionsystem)
 - [Defender/AllowOnAccessProtection](policy-csp-defender.md#defender-allowonaccessprotection)
 - [Defender/AllowRealtimeMonitoring](policy-csp-defender.md#defender-allowrealtimemonitoring)
 - [Defender/AllowScanningNetworkFiles](policy-csp-defender.md#defender-allowscanningnetworkfiles)
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@ -5841,9 +5841,6 @@ dfsdiscoverdc">ADMX_DFS/DFSDiscoverDC</a>
  <dd>
    <a href="./policy-csp-defender.md#defender-allowioavprotection" id="defender-allowioavprotection">Defender/AllowIOAVProtection</a>
  </dd>
-  <dd>
-    <a href="./policy-csp-defender.md#defender-allowintrusionpreventionsystem" id="defender-allowintrusionpreventionsystem">Defender/AllowIntrusionPreventionSystem</a>
-  </dd>
  <dd>
    <a href="./policy-csp-defender.md#defender-allowonaccessprotection" id="defender-allowonaccessprotection">Defender/AllowOnAccessProtection</a>
  </dd>
--- a/windows/client-management/mdm/policy-csp-browser.md
+++ b/windows/client-management/mdm/policy-csp-browser.md
--- a/windows/client-management/mdm/policy-csp-defender.md
+++ b/windows/client-management/mdm/policy-csp-defender.md
@ -43,9 +43,6 @@ manager: dansimp
  <dd>
    <a href="#defender-allowioavprotection">Defender/AllowIOAVProtection</a>
  </dd>
-  <dd>
-    <a href="#defender-allowintrusionpreventionsystem">Defender/AllowIntrusionPreventionSystem</a>
-  </dd>
  <dd>
    <a href="#defender-allowonaccessprotection">Defender/AllowOnAccessProtection</a>
  </dd>
@ -690,75 +687,6 @@ The following list shows the supported values:

 <hr/>

-<!--Policy-->
-<a href="" id="defender-allowintrusionpreventionsystem"></a>**Defender/AllowIntrusionPreventionSystem**  
-
-<!--SupportedSKUs-->
-<table>
-<tr>
-    <th>Edition</th>
-    <th>Windows 10</th>
-    <th>Windows 11</th> 
-</tr>
-<tr>
-    <td>Home</td>
-    <td>Yes</td>
-    <td>Yes</td>
-</tr>
-<tr>
-    <td>Pro</td>
-    <td>Yes</td>
-    <td>Yes</td>
-</tr>
-<tr>
-    <td>Business</td>
-    <td>Yes</td>
-    <td>Yes</td>
-</tr>
-<tr>
-    <td>Enterprise</td>
-    <td>Yes</td>
-    <td>Yes</td>
-</tr>
-<tr>
-    <td>Education</td>
-    <td>Yes</td>
-    <td>Yes</td>
-</tr>
-</table>
-
-
-<!--/SupportedSKUs-->
-<hr/>
-
-<!--Scope-->
-[Scope](./policy-configuration-service-provider.md#policy-scope):
-
-> [!div class = "checklist"]
-> * Device
-
-<hr/>
-
-<!--/Scope-->
-<!--Description-->
-> [!NOTE]
-> This policy is only enforced in Windows 10 for desktop.
-
-
-Allows or disallows Windows Defender Intrusion Prevention functionality.
-
-<!--/Description-->
-<!--SupportedValues-->
-The following list shows the supported values:
-
-   0 – Not allowed.
-   1 (default) – Allowed.
-
-<!--/SupportedValues-->
-<!--/Policy-->
-
-<hr/>
-
 <!--Policy-->
 <a href="" id="defender-allowonaccessprotection"></a>**Defender/AllowOnAccessProtection**  

@ -3400,4 +3328,4 @@ ADMX Info:



-<!--/Policies-->
+<!--/Policies-->
--- a/windows/client-management/mdm/policy-csp-security.md
+++ b/windows/client-management/mdm/policy-csp-security.md
@ -123,51 +123,11 @@ The following list shows the supported values:
 <!--Policy-->
 <a href="" id="security-allowautomaticdeviceencryptionforazureadjoineddevices"></a>**Security/AllowAutomaticDeviceEncryptionForAzureADJoinedDevices**  

-<!--SupportedSKUs-->
-<table>
-<tr>
-    <th>Edition</th>
-    <th>Windows 10</th>
-    <th>Windows 11</th>
-</tr>
-<tr>
-    <td>Home</td>
-    <td>No</td>
-    <td>No</td>
-</tr>
-<tr>
-    <td>Pro</td>
-    <td>Yes</td>
-    <td>Yes</td>
-</tr>
-<tr>
-    <td>Business</td>
-
-</tr>
-<tr>
-    <td>Enterprise</td>
-    <td>Yes</td>
-    <td>Yes</td>
-</tr>
-<tr>
-    <td>Education</td>
-    <td>Yes</td>
-    <td>Yes</td>
-</tr>
-</table>
-
-<!--/SupportedSKUs-->
-<hr/>
-
 <!--Description-->
 > [!NOTE]
-> This policy has been deprecated in Windows 10, version 1607
-
-<br>
-
-> [!NOTE]
-> This policy is only enforced in Windows 10 for desktop and not supported in Windows 10 Mobile.
-
+> 
+> - This policy is deprecated in Windows 10, version 1607.<br/>
+> - This policy is only enforced in Windows 10 for desktop.

 Specifies whether to allow automatic [device encryption](/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10#bitlocker-device-encryption) during OOBE when the device is Azure AD joined.

@ -764,4 +724,4 @@ The following list shows the supported values:
 <hr/>


-<!--/Policies-->
+<!--/Policies-->
--- a/windows/client-management/mdm/policy-csp-start.md
+++ b/windows/client-management/mdm/policy-csp-start.md
@ -2215,22 +2215,22 @@ To validate on Desktop, do the following:
 <tr>
    <td>Pro</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 <tr>
    <td>Business</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 <tr>
    <td>Enterprise</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 <tr>
    <td>Education</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 </table>

@ -2275,4 +2275,4 @@ ADMX Info:
 <!--/Policy-->
 <hr/>

-<!--/Policies-->
+<!--/Policies-->
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@ -3494,22 +3494,22 @@ This policy is deprecated. Use [Update/RequireUpdateApproval](#update-requireupd
 <tr>
    <td>Pro</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 <tr>
    <td>Business</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 <tr>
    <td>Enterprise</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 <tr>
    <td>Education</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 </table>

@ -3569,22 +3569,22 @@ The following list shows the supported values:
 <tr>
    <td>Pro</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 <tr>
    <td>Business</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 <tr>
    <td>Enterprise</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 <tr>
    <td>Education</td>
    <td>Yes</td>
-    <td>Yes</td>
+    <td>No</td>
 </tr>
 </table>

--- a/windows/configuration/wcd/wcd-policies.md
+++ b/windows/configuration/wcd/wcd-policies.md
@ -196,7 +196,6 @@ PreventTabPreloading | Prevent Microsoft Edge from starting and loading the Star
 | [AllowEmailScanning](/windows/client-management/mdm/policy-configuration-service-provider#defender-allowemailscanning)  | Allow or disallow scanning of email.  |  ✔️ |  |   |   |  |
 | [AllowFullScanOnMappedNetworkDrives](/windows/client-management/mdm/policy-configuration-service-provider#defender-allowfullscanonmappednetworkdrives) | Allow or disallow a full scan of mapped network drives. | ✔️ |  |  |  |  |
 | [AllowFullScanRemovableDriveScanning](/windows/client-management/mdm/policy-configuration-service-provider#defender-allowfullscanremovabledrivescanning)  | Allow or disallow a full scan of removable drives.  |  ✔️ |  |   |   |  |
-| [AllowIntrusionPreventionSystem](/windows/client-management/mdm/policy-configuration-service-provider#defender-allowintrusionpreventionsystem) | Allow or disallow Windows Defender Intrusion Prevention functionality. | ✔️ |  |  |  |  |
 | [AllowIOAVProtection](/windows/client-management/mdm/policy-configuration-service-provider#defender-allowioavprotection)  | Allow or disallow Windows Defender IOAVP Protection functionality.  |  ✔️ |  |   |   |  |
 | [AllowOnAccessProtection](/windows/client-management/mdm/policy-configuration-service-provider#defender-allowonaccessprotection) | Allow or disallow Windows Defender On Access Protection functionality. | ✔️ |  |  |  |  |
 | [AllowRealtimeMonitoring](/windows/client-management/mdm/policy-configuration-service-provider#defender-allowrealtimemonitoring)  | Allow or disallow Windows Defender Realtime Monitoring functionality.  |  ✔️ |  |   |   |  |
@ -588,4 +587,4 @@ ConfigureTelemetryOptInSettingsUx | This policy setting determines whether peopl

 | Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core |
 | --- | --- | :---: | :---: | :---: | :---: | :---: |
-| [AllowUserInputFromWirelessDisplayReceiver](/windows/client-management/mdm/policy-configuration-service-provider#wirelessdisplay-allowuserinputfromwirelessdisplayreceiver) | This policy controls whether or not the wireless display can send input (keyboard, mouse, pen, and touch, dependent upon display support) back to the source device. For example, a Surface Laptop is projecting wirelessly to a Surface Hub. If input from the wireless display receiver is allowed, users can draw with a pen on the Surface Hub.  | ✔️ | ✔️ |  |  |  |
+| [AllowUserInputFromWirelessDisplayReceiver](/windows/client-management/mdm/policy-configuration-service-provider#wirelessdisplay-allowuserinputfromwirelessdisplayreceiver) | This policy controls whether or not the wireless display can send input (keyboard, mouse, pen, and touch, dependent upon display support) back to the source device. For example, a Surface Laptop is projecting wirelessly to a Surface Hub. If input from the wireless display receiver is allowed, users can draw with a pen on the Surface Hub.  | ✔️ | ✔️ |  |  |  |