From be2399cba2d330f63eeea8928586838163173d47 Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sat, 10 Nov 2018 10:39:15 -0500 Subject: [PATCH 1/8] typo: visbility -> visibility --- .../client-management/manage-settings-app-with-group-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/manage-settings-app-with-group-policy.md b/windows/client-management/manage-settings-app-with-group-policy.md index aa9b63bd2b..7b80381b7c 100644 --- a/windows/client-management/manage-settings-app-with-group-policy.md +++ b/windows/client-management/manage-settings-app-with-group-policy.md @@ -38,7 +38,7 @@ Policy paths: The Group Policy can be configured in one of two ways: specify a list of pages that are shown or specify a list of pages to hide. To do this, add either **ShowOnly:** or **Hide:** followed by a semicolon delimited list of URIs in **Settings Page Visiblity**. For a full list of URIs, see the URI scheme reference section in [Launch the Windows Settings app](https://docs.microsoft.com/windows/uwp/launch-resume/launch-settings-app#ms-settings-uri-scheme-reference). >[!NOTE] -> When you specify the URI in the Settings Page Visbility textbox, don't include **ms-settings:** in the string. +> When you specify the URI in the Settings Page Visibility textbox, don't include **ms-settings:** in the string. Here are some examples: From a027e34ffd597eb14d60f07626aa0a64d77b72e7 Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sat, 10 Nov 2018 10:59:56 -0500 Subject: [PATCH 2/8] typo: Additonal -> Additional --- .../mdm/bulk-enrollment-using-windows-provisioning-tool.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md b/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md index 4e860c0b4b..8aa018c18c 100644 --- a/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md +++ b/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md @@ -79,7 +79,7 @@ Using the ICD, create a provisioning package using the enrollment information re 12. Enter the values for your package and specify the package output location. ![enter package information](images/bulk-enrollment3.png) - ![enter additonal information for package information](images/bulk-enrollment4.png) + ![enter additional information for package information](images/bulk-enrollment4.png) ![specify file location](images/bulk-enrollment6.png) 13. Click **Build**. From e75db18d7f4f6978d1f05c0eb47f2934854eca2f Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sat, 10 Nov 2018 11:27:29 -0500 Subject: [PATCH 3/8] Update gdpr-win10-whitepaper.md --- windows/privacy/gdpr-win10-whitepaper.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/privacy/gdpr-win10-whitepaper.md b/windows/privacy/gdpr-win10-whitepaper.md index 5a54e998e6..a8a0214f4a 100644 --- a/windows/privacy/gdpr-win10-whitepaper.md +++ b/windows/privacy/gdpr-win10-whitepaper.md @@ -293,7 +293,7 @@ For example, employees can’t send protected work files from a personal email a #### Capabilities to classify, assign permissions and share data Windows Information Protection is designed to coexist with advanced data loss prevention (DLP) capabilities found in Office 365 ProPlus, Azure Information Protection, and Azure Rights Management. Advanced DLP prevents printing, for example, or protects work data that is emailed outside your company. -To continously protect your data, regardless of where it is stored, with whom it is shared, or if the device is running iOS, Android or Windows, the classification and protection needs to be built into the file itself, so this protection can travel with the data wherever it goes. Microsoft Azure Information Protection (AIP) is designed to provide this persistent data protection both on-premises and in the cloud. +To continuously protect your data, regardless of where it is stored, with whom it is shared, or if the device is running iOS, Android or Windows, the classification and protection needs to be built into the file itself, so this protection can travel with the data wherever it goes. Microsoft Azure Information Protection (AIP) is designed to provide this persistent data protection both on-premises and in the cloud. Data classification is an important part of any data governance plan. Adopting a classification scheme that applies throughout your business can be particularly helpful in responding to what the GDPR calls data subject (for example, your EU employee or customer) requests, because it enables enterprises to identify more readily and process personal data requests. @@ -332,4 +332,4 @@ This article does not provide you with any legal rights to any intellectual prop Published September 2017
Version 1.0
-© 2017 Microsoft. All rights reserved. \ No newline at end of file +© 2017 Microsoft. All rights reserved. From b1db2507f1ad429da66ca9ad375867246a086f36 Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sat, 10 Nov 2018 12:17:33 -0500 Subject: [PATCH 4/8] typo: Controler -> Controller --- ...-down-system-immediately-if-unable-to-log-security-audits.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md index 5b63d093b8..d5b8c58676 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md +++ b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md @@ -60,7 +60,7 @@ The following table lists the actual and effective default values for this polic | Server type or GPO | Default value | | - | - | | Default Domain Policy | Not defined -| Default Domain Controler Policy | Not defined +| Default Domain Controller Policy | Not defined | Stand-Alone Server Default Settings | Disabled | DC Effective Default Settings | Disabled | Member Server Effective Default Settings | Disabled From 87c4ab1a319bd73f953cd7ba7aced8f0b2e13b35 Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sat, 10 Nov 2018 18:38:16 -0500 Subject: [PATCH 5/8] typo: Availabilty -> Availability --- .../hello-for-business/hello-hybrid-aadj-sso-cert.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md index d47f46ccc8..d855efc036 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert.md @@ -100,7 +100,7 @@ Sign-in to a domain controller or management workstation with access equivalent 4. Type **NDES Servers** in **Enter the object names to select**. Click **OK**. Click **OK** on the **Active Directory Domain Services** success dialog. > [!NOTE] -> For high-availabilty, you should have more than one NDES server to service Windows Hello for Business certificate requests. You should add additional Windows Hello for Business NDES servers to this group to ensure they receive the proper configuration. +> For high-availability, you should have more than one NDES server to service Windows Hello for Business certificate requests. You should add additional Windows Hello for Business NDES servers to this group to ensure they receive the proper configuration. ### Create the NDES Service Account The Network Device Enrollment Services (NDES) role runs under a service account. Typically, it is preferential to run services using a Group Managed Service Account (GMSA). While the NDES role can be configured to run using a GMSA, the Intune Certificate Connector was not designed nor tested using a GMSA and is considered an unsupported configuration. The deployment uses a normal services account. @@ -686,4 +686,4 @@ You have successfully completed the configuration. Add users that need to enrol > * Install and Configure the NDES Role > * Configure Network Device Enrollment Services to work with Microsoft Intune > * Download, Install, and Configure the Intune Certificate Connector -> * Create and Assign a Simple Certificate Enrollment Protocol (SCEP Certificate Profile) \ No newline at end of file +> * Create and Assign a Simple Certificate Enrollment Protocol (SCEP Certificate Profile) From 2427f9694ae0cc3c8a2db421f5c2a1bc7976ed57 Mon Sep 17 00:00:00 2001 From: CCDFischer <38050005+CCDFischer@users.noreply.github.com> Date: Mon, 12 Nov 2018 08:55:07 -0500 Subject: [PATCH 6/8] Update how-to-download-and-deploy-mdop-group-policy--admx--templates.md add instructions on how to expand the downloaded .cab file --- ...to-download-and-deploy-mdop-group-policy--admx--templates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md b/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md index b183080d0a..bb717d6751 100644 --- a/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md +++ b/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md @@ -22,7 +22,7 @@ You can manage the feature settings of certain Microsoft Desktop Optimization Pa 1. Download the latest [MDOP Group Policy templates](https://www.microsoft.com/en-us/download/details.aspx?id=55531) -2. Run the downloaded file to extract the template folders. +2. Expand the downloaded .cab file by running `expand \MDOP_ADMX_Templates.cab -F:* ` **Warning**   Do not extract the templates directly to the Group Policy deployment directory. Multiple technologies and versions are bundled in this file. From db587ec0a244efff6ae97f0c412685acd273cb80 Mon Sep 17 00:00:00 2001 From: Kartikay Sharma <44971599+SharmaKartikay@users.noreply.github.com> Date: Mon, 12 Nov 2018 19:29:01 +0530 Subject: [PATCH 7/8] Updated the TPM 2.0 Heal Time Info The Heal Time for TPM 2.0 on Windows 10 is 10 Minutes where as the document says 2 hours which is not correct. --- .../security/information-protection/tpm/manage-tpm-lockout.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/manage-tpm-lockout.md b/windows/security/information-protection/tpm/manage-tpm-lockout.md index db918c0ba6..6f31a72d96 100644 --- a/windows/security/information-protection/tpm/manage-tpm-lockout.md +++ b/windows/security/information-protection/tpm/manage-tpm-lockout.md @@ -31,7 +31,7 @@ The industry standards from the Trusted Computing Group (TCG) specify that TPM m **TPM 2.0** -TPM 2.0 devices have standardized lockout behavior which is configured by Windows. TPM 2.0 devices have a maximum count threshold and a healing time. Windows configures the maximum count to be 32 and the healing time to be 2 hours. This means that every continuous two hours of powered on operation without an event which increases the counter will cause the counter to decrease by 1. +TPM 2.0 devices have standardized lockout behavior which is configured by Windows. TPM 2.0 devices have a maximum count threshold and a healing time. Windows 10 configures the maximum count to be 32 and the healing time to be 10 minutes. This means that every continuous ten minutes of powered on operation without an event which increases the counter will cause the counter to decrease by 1. If your TPM has entered lockout mode or is responding slowly to commands, you can reset the lockout value by using the following procedures. Resetting the TPM lockout requires the TPM owner’s authorization. This value is no longer retained by default starting with Windows 10 version 1607. From b01a6eb6ad0a9257fd66d80a43bf0bf0db1359fb Mon Sep 17 00:00:00 2001 From: John Rajunas Date: Mon, 12 Nov 2018 12:38:41 -0500 Subject: [PATCH 8/8] Spelling correction Add Missing letter, changing "indows Defender ATP uses . . ." to "Windows Defender ATP uses . . ." --- .../windows-defender-advanced-threat-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md index 6d9b834f75..743cb4b2da 100644 --- a/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md @@ -22,7 +22,7 @@ ms.date: 11/07/2018 Windows Defender Advanced Threat Protection is a platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. -indows Defender ATP uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service: +Windows Defender ATP uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service: - **Endpoint behavioral sensors**: Embedded in Windows 10, these sensors collect and process behavioral signals from the operating system and sends this sensor data to your private, isolated, cloud instance of Windows Defender ATP.