deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 10:23:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into v-gmoor-add-periods-alt-text

Browse Source
This commit is contained in:
Rebecca Agiewich
2021-08-26 17:51:39 -06:00
committed by GitHub
parent 17262985e6 5bbfaef48c
commit 7cbe9c1f1d
18 changed files with 77 additions and 237 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
windows/client-management/mdm/policy-csp-mixedreality.md
View File

@ -40,20 +40,6 @@ manager: dansimp
</dd>
</dl>
Steps to use this policy correctly:
1. Create a device configuration profile for kiosk targeting Azure AD groups and assign it to HoloLens device(s).
1. Create a custom OMA URI based device configuration that sets this policy value to desired number of days (> 0) and assign it to HoloLens device(s).
1. The URI value should be entered in OMA-URI text box as ./Vendor/MSFT/Policy/Config/MixedReality/AADGroupMembershipCacheValidityInDays
1. The value can be between min / max allowed.
1. Enroll HoloLens devices and verify both configurations get applied to the device.
1. Let Azure AD user 1 sign-in when internet is available. Once the user signs-in and Azure AD group membership is confirmed successfully, cache will be created.
1. Now Azure AD user 1 can take HoloLens offline and use it for kiosk mode as long as policy value allows for X number of days.
1. Steps 4 and 5 can be repeated for any other Azure AD user N. The key point here is that any Azure AD user must sign-in to device using Internet at least once. Then we can determine that they are member of Azure AD group to which Kiosk configuration is targeted.
> [!NOTE]
> Until step 4 is performed for a Azure AD user will experience failure behavior mentioned similar to “disconnected” environments.
<hr/>
<!--Policy-->
@ -79,6 +65,20 @@ Steps to use this policy correctly:
</tr>
</table>
Steps to use this policy correctly:
1. Create a device configuration profile for kiosk targeting Azure AD groups and assign it to HoloLens device(s).
1. Create a custom OMA URI based device configuration that sets this policy value to desired number of days (> 0) and assign it to HoloLens device(s).
1. The URI value should be entered in OMA-URI text box as ./Vendor/MSFT/Policy/Config/MixedReality/AADGroupMembershipCacheValidityInDays
1. The value can be between min / max allowed.
1. Enroll HoloLens devices and verify both configurations get applied to the device.
1. Let Azure AD user 1 sign-in when internet is available. Once the user signs-in and Azure AD group membership is confirmed successfully, cache will be created.
1. Now Azure AD user 1 can take HoloLens offline and use it for kiosk mode as long as policy value allows for X number of days.
1. Steps 4 and 5 can be repeated for any other Azure AD user N. The key point here is that any Azure AD user must sign-in to device using Internet at least once. Then we can determine that they are member of Azure AD group to which Kiosk configuration is targeted.
> [!NOTE]
> Until step 4 is performed for a Azure AD user will experience failure behavior mentioned similar to “disconnected” environments.
<!--/SupportedSKUs-->
<hr/>

3
windows/client-management/mdm/policy-csp-start.md
View File

@ -817,6 +817,7 @@ The following list shows the supported values:
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * User
> * Device
<hr/>
@ -883,6 +884,7 @@ The following list shows the supported values:
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * User
> * Device
<hr/>
@ -1440,6 +1442,7 @@ To validate on Desktop, do the following:
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * User
> * Device
<hr/>

15
windows/client-management/mdm/policy-csp-system.md
View File

@ -7,7 +7,7 @@ ms.prod: w10
ms.technology: windows
author: manikadhiman
ms.localizationpriority: medium
ms.date: 10/14/2020
ms.date: 08/26/2021
ms.reviewer:
manager: dansimp
---
@ -62,7 +62,7 @@ manager: dansimp
<a href="#system-allowusertoresetphone">System/AllowUserToResetPhone</a>
</dd>
<dd>
<a href="#system-allowwufbcloudprocessing">System/AllowWuFBCloudProcessing</a>
<a href="#system-allowwufbcloudprocessing">System/AllowWUfBCloudProcessing</a>
</dd>
<dd>
<a href="#system-bootstartdriverinitialization">System/BootStartDriverInitialization</a>
@ -964,7 +964,7 @@ The following list shows the supported values:
<hr/>
<!--Policy-->
<a href="" id="system-allowwufbcloudprocessing"></a>**System/AllowWuFBCloudProcessing**
<a href="" id="system-allowwufbcloudprocessing"></a>**System/AllowWUfBCloudProcessing**
<hr/>
@ -985,6 +985,15 @@ If you disable or do not configure this policy setting, devices enrolled to the
<hr/>
<!--/Description-->
<!--SupportedValues-->
The following list shows the supported values:
- 0 - Disabled.
- 8 - Enabled.
<!--/SupportedValues-->
<!--Policy-->
<a href="" id="system-bootstartdriverinitialization"></a>**System/BootStartDriverInitialization**