deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #4323 from MicrosoftDocs/repo_sync_working_branch

Browse Source 
Confirm merge from repo_sync_working_branch to master to sync with https://github.com/MicrosoftDocs/windows-itpro-docs (branch public)
This commit is contained in:
Jeff Borsecnik 2020-12-01 08:51:54 -08:00 committed by GitHub
commit 80914c65ff
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 53 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md
View File

@ -20,7 +20,7 @@ The enrollment into Intune is triggered by a group policy created on your local
Requirements: Requirements:
- AD-joined PC running Windows 10, version 1709 or later - AD-joined PC running Windows 10, version 1709 or later
- The enterprise has configured a mobile device management (MDM) service - The enterprise has configured a mobile device management (MDM) service
- The enterprise AD must be [registered with Azure Active Directory (Azure AD)](azure-active-directory-integration-with-mdm.md) - The on-premises AD must be [integrated with Azure AD (via Azure AD Connect)](https://docs.microsoft.com/azure/architecture/reference-architectures/identity/azure-ad)
- The device should not already be enrolled in Intune using the classic agents (devices managed using agents will fail enrollment with `error 0x80180026`) - The device should not already be enrolled in Intune using the classic agents (devices managed using agents will fail enrollment with `error 0x80180026`)
- The minimum Windows Server version requirement is based on the Hybrid Azure AD join requirement. See [How to plan your hybrid Azure Active Directory join implementation](https://docs.microsoft.com/azure/active-directory/devices/hybrid-azuread-join-plan) for more information. - The minimum Windows Server version requirement is based on the Hybrid Azure AD join requirement. See [How to plan your hybrid Azure Active Directory join implementation](https://docs.microsoft.com/azure/active-directory/devices/hybrid-azuread-join-plan) for more information.

5
windows/client-management/mdm/policy-csp-userrights.md
View File

@ -75,9 +75,6 @@ Here are examples of data fields. The encoded 0xF000 is the standard delimiter/s
If you use Intune custom profiles to assign UserRights policies, you must use the CDATA tag (`<![CDATA[...]]>`) to wrap the data fields. You can specify one or more user groups within the CDATA tag by using 0xF000 as the delimiter/separator. If you use Intune custom profiles to assign UserRights policies, you must use the CDATA tag (`<![CDATA[...]]>`) to wrap the data fields. You can specify one or more user groups within the CDATA tag by using 0xF000 as the delimiter/separator.
> [!NOTE]
> There is currently a reporting issue in the Microsoft Endpoint Manager (MEM) console which results in the setting reporting back a 'Remediation failed' (0x87d1fde8) error, even when the setting is successfully applied. To verify whether the setting has applied successfully, check the local Windows 10 device: Event Viewer>Applications and Services Logs<Microsoft>Windows>DeviceManagement-Enterprise-Diagnostics-Provider>Admin>Event ID 814. This issue is the result of the use of the CDATA tags, which are neccesary when more than a single entry is required. If there is only a single entry, the CDATA tags can be omitted - which will resolve the reporting false positive.
> [!NOTE] > [!NOTE]
> `&#xF000;` is the entity encoding of 0xF000. > `&#xF000;` is the entity encoding of 0xF000.
@ -87,7 +84,7 @@ For example, the following syntax grants user rights to Authenticated Users and
<![CDATA[Authenticated Users&#xF000;Replicator]]> <![CDATA[Authenticated Users&#xF000;Replicator]]>
``` ```
For example, the following syntax grants user rights to two specific users from Contoso, user1 and user2: For example, the following syntax grants user rights to two specific Azure Active Directory (AAD) users from Contoso, user1 and user2:
```xml ```xml
<![CDATA[AzureAD\user1@contoso.com&#xF000;AzureAD\user2@contoso.com]]> <![CDATA[AzureAD\user1@contoso.com&#xF000;AzureAD\user2@contoso.com]]>

6
windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md
View File

@ -91,6 +91,12 @@ The [DisableAntiSpyware](https://docs.microsoft.com/windows-hardware/customize/d
`Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender` <br/> `Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender` <br/>
> [!NOTE]
> When using the DISM command within a task sequence running PS, the following path to cmd.exe is required.
> Example:<br/>
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender-Features`<br/>
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender`<br/>
3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/> 3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/>
`Get-Service -Name windefend` `Get-Service -Name windefend`

2
windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
View File

@ -139,7 +139,7 @@ You can prevent further propagation of an attack in your organization by banning
>[!IMPORTANT] >[!IMPORTANT]
> >
>- This feature is available if your organization uses Microsoft Defender Antivirus and Cloudbased protection is enabled. For more information, see [Manage cloudbased protection](../microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md). >- This feature is available if your organization uses Microsoft Defender Antivirus and Clouddelivered protection is enabled. For more information, see [Manage clouddelivered protection](../microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md).
> >
>- The Antimalware client version must be 4.18.1901.x or later. >- The Antimalware client version must be 4.18.1901.x or later.
>- This feature is designed to prevent suspected malware (or potentially malicious files) from being downloaded from the web. It currently supports portable executable (PE) files, including _.exe_ and _.dll_ files. The coverage will be extended over time. >- This feature is designed to prevent suspected malware (or potentially malicious files) from being downloaded from the web. It currently supports portable executable (PE) files, including _.exe_ and _.dll_ files. The coverage will be extended over time.

6
windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-setup.md
View File

@ -87,6 +87,12 @@ The [DisableAntiSpyware](https://docs.microsoft.com/windows-hardware/customize/d
`Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender` <br/> `Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender` <br/>
> [!NOTE]
> When using the DISM command within a task sequence running PS, the following path to cmd.exe is required.
> Example:<br/>
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender-Features`<br/>
> `c:\windows\sysnative\cmd.exe /c Dism /online /Get-FeatureInfo /FeatureName:Windows-Defender`<br/>
3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/> 3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/>
`Get-Service -Name windefend` `Get-Service -Name windefend`