Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into FromPrivateRepo

2025-05-14 06:17:22 +00:00 · 2018-02-07 11:42:32 -08:00 · 2018-02-07 11:42:32 -08:00 · 7fda3e9fc1
commit 7fda3e9fc1
parent 5802dbddfa 7d00a111a7
5 changed files with 24 additions and 23 deletions
--- a/windows/application-management/manage-windows-mixed-reality.md
+++ b/windows/application-management/manage-windows-mixed-reality.md
@ -23,11 +23,7 @@ Windows 10, version 1709 (also known as the Fall Creators Update), introduces [W
 <span id="enable" />
 ## Enable Windows Mixed Reality in WSUS
-To enable users to download the Windows Mixed Reality software, enterprises using WSUS can approve Windows Mixed Reality package by unblocking the following KBs:
+To enable users to download the Windows Mixed Reality software for devices running Windows 10, version 1703, enterprises using WSUS can approve Windows Mixed Reality package by unblocking **KB4016509: FeatureOnDemandOasis - Windows 10 version 1703 for x64-based Systems**. 
 - KB4016509: FeatureOnDemandOasis - Windows 10 version 1703 for x64-based Systems
 - KB3180030: language packs
 - KB3197985: language packs
 Enterprises devices running Windows 10, version 1709, will not be able to install Windows Mixed Reality Feature on Demand (FOD) directly from WSUS. Instead, use one of the following options to install Windows Mixed Reality software:
--- a/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@ -1485,7 +1485,11 @@ In the **Background Apps** area, you can choose which apps can run in the backgr
 To turn off **Let apps run in the background**:
-   Turn off the feature in the UI for each app.
+-   In **Background apps**, set **Let apps run in the background** to **Off**.
     -or-
 -   In **Background apps**, turn off the feature for each app.
     -or-
--- a/windows/device-security/bitlocker/bitlocker-recovery-guide-plan.md
+++ b/windows/device-security/bitlocker/bitlocker-recovery-guide-plan.md
@ -100,15 +100,16 @@ Before you create a thorough BitLocker recovery process, we recommend that you t
 1.  Click the **Start** button, type **cmd** in the **Start Search** box, right-click **cmd.exe**, and then click **Run as administrator**.
 2.  At the command prompt, type the following command and then press ENTER:
-    `manage-bde -forcerecovery <Volume>`
+    `manage-bde -forcerecovery <BitLockerVolume>`
 **To force recovery for a remote computer**
 1.  On the Start screen, type **cmd.exe**, and then click **Run as administrator**.
 2.  At the command prompt, type the following command and then press ENTER:
-    `manage-bde. -ComputerName <ComputerName> -forcerecovery <Volume>`
+    `manage-bde. -ComputerName <RemoteComputerName> -forcerecovery <BitLockerVolume>`
-> **Note:**  *ComputerName* represents the name of the remote computer. *Volume* represents the volume on the remote computer that is protected with BitLocker.
+> **Note:**  Recovery triggered by `-forcerecovery` persists for multiple restarts until a TPM protector is added or protection is suspended by the user.
 ## <a href="" id="bkmk-planningrecovery"></a>Planning your recovery process
--- a/windows/device-security/device-guard/images/wdac-edit-gp.png
+++ b/windows/device-security/device-guard/images/wdac-edit-gp.png
--- a/windows/device-security/device-guard/steps-to-deploy-windows-defender-application-control.md
+++ b/windows/device-security/device-guard/steps-to-deploy-windows-defender-application-control.md
@ -1056,7 +1056,7 @@ To deploy and manage a WDAC policy with Group Policy:
 1.  On a domain controller on a client computer on which RSAT is installed, open the GPMC by running **GPMC.MSC** or searching for “Group Policy Management” in Windows Search.
-2.  Create a new GPO: right-click an OU, for example, the **DG Enabled PCs OU**, and then click **Create a GPO in this domain, and Link it here**, as shown in Figure 3.
+2.  Create a new GPO: right-click an OU and then click **Create a GPO in this domain, and Link it here**, as shown in Figure 3.
    > **Note**&nbsp;&nbsp;You can use any OU name. Also, security group filtering is an option when you consider different ways of combining WDAC policies (or keeping them separate), as discussed in [Planning and getting started on the Windows Defender Device Guard deployment process](planning-and-getting-started-on-the-device-guard-deployment-process.md).
@ -1064,15 +1064,15 @@ To deploy and manage a WDAC policy with Group Policy:
    Figure 3. Create a GPO
-3.  Name new GPO **Contoso GPO Test**. This example uses Contoso GPO Test as the name of the GPO. You can choose any name that you prefer for this example.
+3.  Name new GPO. You can choose any name. 
 4.  Open the Group Policy Management Editor: right-click the new GPO, and then click **Edit**.
-5.  In the selected GPO, navigate to Computer Configuration\\Administrative Templates\\System\\Windows Defender Device Guard. Right-click **Deploy Windows Defender Application Control** and then click **Edit**.
+5.  In the selected GPO, navigate to Computer Configuration\\Administrative Templates\\System\\Device Guard. Right-click **Deploy Windows Defender Application Control** and then click **Edit**.
-    ![Edit the group policy for Windows Defender Application Control](images/dg-fig25-editcode.png)
+    ![Edit the Group Policy for Windows Defender Application Control](images/wdac-edit-gp.png)
-    Figure 4. Edit the group policy for Windows Defender Application Control
+    Figure 4. Edit the Group Policy for Windows Defender Application Control
 6.  In the **Deploy Windows Defender Application Control** dialog box, select the **Enabled** option, and then specify the code integrity policy deployment path.