From 93dd413ce5c6bca582d49ffe74d00ac8a3b9de0f Mon Sep 17 00:00:00 2001 From: SaiDuanZX <44047860+SaiDuanZX@users.noreply.github.com> Date: Wed, 22 Jan 2020 15:39:25 +0800 Subject: [PATCH 01/20] Request more clear guidelines to add a Desktop App Please talk with WIP product team and get a more clear guideline about how to add a new Desktop app to protected apps or exempted apps based on the PowerShell, the current guideline does not provide anything about how to get the "Product Name" field which we must to fill in and there are many possible different format of Product Name we may able to use. --- .../create-wip-policy-using-intune-azure.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md index b3f555bb13..a02c440908 100644 --- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md +++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md @@ -214,6 +214,8 @@ Path Publisher Where `O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US` is the **Publisher** name and `WORDPAD.EXE` is the **File** name. +Regarding to how to get the Product Name for the Apps you wish to Add, please reach out to our Windows Support Team to request the guidelines + ### Import a list of apps This section covers two examples of using an AppLocker XML file to the **Protected apps** list. You’ll use this option if you want to add multiple apps at the same time. From 989cfad909656a6e216837bec4840f2939c18d38 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Mon, 4 May 2020 23:39:59 +0300 Subject: [PATCH 02/20] add info about 0x801c004D https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6505 --- .../hello-for-business/hello-errors-during-pin-creation.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md index 300a074c68..6631350839 100644 --- a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md +++ b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md @@ -98,6 +98,7 @@ For errors listed in this table, contact Microsoft Support for assistance. | 0x801C03F0 | ​There is no key registered for the user. | | 0x801C03F1 | ​There is no UPN in the token. | | ​0x801C044C | There is no core window for the current thread. | +| 0x801c004D | Unable to enroll a device to use a PIN for login. | ## Related topics From f304ed45fec6e178836d4f3b187a5442488c68f8 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Tue, 12 May 2020 09:49:48 +0300 Subject: [PATCH 03/20] Update description for 0x801c004D as advised by mapalko in https://github.com/MicrosoftDocs/windows-itpro-docs/pull/6639 --- .../hello-for-business/hello-errors-during-pin-creation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md index 6631350839..01f18214de 100644 --- a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md +++ b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md @@ -98,7 +98,7 @@ For errors listed in this table, contact Microsoft Support for assistance. | 0x801C03F0 | ​There is no key registered for the user. | | 0x801C03F1 | ​There is no UPN in the token. | | ​0x801C044C | There is no core window for the current thread. | -| 0x801c004D | Unable to enroll a device to use a PIN for login. | +| 0x801c004D | DSREG_NO_DEFAULT_ACCOUNT: NGC provisioning is unable to find the default WAM account to use to request AAD token for provisioning. Unable to enroll a device to use a PIN for login. | ## Related topics From 9a7af3e19e1a04a537a198cb1579a26b0bab2663 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Thu, 2 Jul 2020 19:22:25 +0500 Subject: [PATCH 04/20] Update troubleshoot-tcpip-netmon.md --- windows/client-management/troubleshoot-tcpip-netmon.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/client-management/troubleshoot-tcpip-netmon.md b/windows/client-management/troubleshoot-tcpip-netmon.md index 739c11d55d..f708897928 100644 --- a/windows/client-management/troubleshoot-tcpip-netmon.md +++ b/windows/client-management/troubleshoot-tcpip-netmon.md @@ -16,6 +16,9 @@ manager: dansimp In this topic, you will learn how to use Microsoft Network Monitor 3.4, which is a tool for capturing network traffic. +> [Note] +> Network Monitor is the archived protocol analyzer and is no longer under development. **Microsoft Message Analyzer** is the replacement for Network Monitor. For more details, see [Microsoft Message Analyzer Operating Guide](https://docs.microsoft.com/message-analyzer/microsoft-message-analyzer-operating-guide). + To get started, [download and run NM34_x64.exe](https://www.microsoft.com/download/details.aspx?id=4865). When you install Network Monitor, it installs its driver and hooks it to all the network adapters installed on the device. You can see the same on the adapter properties, as shown in the following image. ![Adapters](images/nm-adapters.png) From 3f8e733234477e91ff02b739e1181f0cf77ecc7d Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Tue, 14 Jul 2020 12:19:48 +0300 Subject: [PATCH 05/20] remove extra method which was also incorrect (Certificate not EAP) https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6936 --- .../security/identity-protection/vpn/vpn-profile-options.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/identity-protection/vpn/vpn-profile-options.md b/windows/security/identity-protection/vpn/vpn-profile-options.md index 3d0fdc211e..19df534358 100644 --- a/windows/security/identity-protection/vpn/vpn-profile-options.md +++ b/windows/security/identity-protection/vpn/vpn-profile-options.md @@ -62,8 +62,7 @@ The following is a sample Native VPN profile. This blob would fall under the Pro - Eap - Eap + Eap From a943948b2601bb84fc172e4aba4b1201cf74a034 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Wed, 15 Jul 2020 10:50:46 +0500 Subject: [PATCH 06/20] Update hello-hybrid-key-whfb-settings-policy.md --- .../hello-hybrid-key-whfb-settings-policy.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md index 440ab1ea70..c92c871269 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md @@ -74,6 +74,9 @@ Sign-in a domain controller or management workstations with _Domain Admin_ equiv The Windows Hello for Business Group Policy object delivers the correct Group Policy settings to the user, which enables them to enroll and use Windows Hello for Business to authenticate to Azure and Active Directory +> [!NOTE] +> If you deployed Windows Hello for Business configuration using both Group Policy and Microsoft Intune, Group Policy settings will take precedence and Intune settings will be ignored. For more details about deploying Windows Hello for Business configuration using Microsoft Intune, see [Windows 10 device settings to enable Windows Hello for Business in Intune](https://docs.microsoft.com/mem/intune/protect/identity-protection-windows-settings) and [PassportForWork CSP](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp). + #### Enable Windows Hello for Business The Enable Windows Hello for Business Group Policy setting is the configuration needed for Windows to determine if a user should be attempt to enroll for Windows Hello for Business. A user will only attempt enrollment if this policy setting is configured to enabled. From 4a7806d9094e9d54b6845c27d4fe33d255a20db1 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Thu, 16 Jul 2020 07:14:16 +0500 Subject: [PATCH 07/20] Update windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../hello-for-business/hello-hybrid-key-whfb-settings-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md index c92c871269..4037b136c8 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md @@ -79,7 +79,7 @@ The Windows Hello for Business Group Policy object delivers the correct Group Po #### Enable Windows Hello for Business -The Enable Windows Hello for Business Group Policy setting is the configuration needed for Windows to determine if a user should be attempt to enroll for Windows Hello for Business. A user will only attempt enrollment if this policy setting is configured to enabled. +The Enable Windows Hello for Business Group Policy setting is the configuration needed for Windows to determine if a user should attempt to enroll for Windows Hello for Business. A user will only attempt enrollment if this policy setting is configured to enabled. You can configure the Enable Windows Hello for Business Group Policy setting for computer or users. Deploying this policy setting to computers results in ALL users that sign-in that computer to attempt a Windows Hello for Business enrollment. Deploying this policy setting to a user results in only that user attempting a Windows Hello for Business enrollment. Additionally, you can deploy the policy setting to a group of users so only those users attempt a Windows Hello for Business enrollment. If both user and computer policy settings are deployed, the user policy setting has precedence. From efea56292626e1417a70d0601beea0c6dac3930f Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Thu, 16 Jul 2020 08:40:13 +0500 Subject: [PATCH 08/20] Update hello-hybrid-key-whfb-settings-policy.md --- .../hello-for-business/hello-hybrid-key-whfb-settings-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md index 4037b136c8..d7355b0c32 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-policy.md @@ -75,7 +75,7 @@ Sign-in a domain controller or management workstations with _Domain Admin_ equiv The Windows Hello for Business Group Policy object delivers the correct Group Policy settings to the user, which enables them to enroll and use Windows Hello for Business to authenticate to Azure and Active Directory > [!NOTE] -> If you deployed Windows Hello for Business configuration using both Group Policy and Microsoft Intune, Group Policy settings will take precedence and Intune settings will be ignored. For more details about deploying Windows Hello for Business configuration using Microsoft Intune, see [Windows 10 device settings to enable Windows Hello for Business in Intune](https://docs.microsoft.com/mem/intune/protect/identity-protection-windows-settings) and [PassportForWork CSP](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp). +> If you deployed Windows Hello for Business configuration using both Group Policy and Microsoft Intune, Group Policy settings will take precedence and Intune settings will be ignored. For more details about deploying Windows Hello for Business configuration using Microsoft Intune, see [Windows 10 device settings to enable Windows Hello for Business in Intune](https://docs.microsoft.com/mem/intune/protect/identity-protection-windows-settings) and [PassportForWork CSP](https://docs.microsoft.com/windows/client-management/mdm/passportforwork-csp). For more details about policy conflicts, see [Policy conflicts from multiple policy sources](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-manage-in-organization#policy-conflicts-from-multiple-policy-sources) #### Enable Windows Hello for Business From e7931044cc4a7151630cd2e264845a777d33f93c Mon Sep 17 00:00:00 2001 From: David Gardiner Date: Fri, 17 Jul 2020 10:27:45 +0930 Subject: [PATCH 09/20] Fix cmdlet usage Remove spurious space --- .../windows-sandbox/windows-sandbox-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md index fa85062872..5c421a9094 100644 --- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md +++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md @@ -48,7 +48,7 @@ The following video provides an overview of Windows Sandbox. 2. Enable virtualization on the machine. - If you're using a physical machine, make sure virtualization capabilities are enabled in the BIOS. - - If you're using a virtual machine, run the following PowerShell command to enable nested virtualization:
**Set -VMProcessor -VMName \ -ExposeVirtualizationExtensions $true** + - If you're using a virtual machine, run the following PowerShell command to enable nested virtualization:
**Set-VMProcessor -VMName \ -ExposeVirtualizationExtensions $true** 1. Use the search bar on the task bar and type **Turn Windows Features on and off** to access the Windows Optional Features tool. Select **Windows Sandbox** and then **OK**. Restart the computer if you're prompted. - If the **Windows Sandbox** option is unavailable, your computer doesn't meet the requirements to run Windows Sandbox. If you think this is incorrect, review the prerequisite list as well as steps 1 and 2. From 551f0e39185f3f4a6916e40495acea82f732087f Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Mon, 20 Jul 2020 11:18:04 +0500 Subject: [PATCH 10/20] minor edits As user has mentioned that when he tried to run a delete function, it doesn't work. While checking for DMClient CSP, I have found that Provider/ProviderID/Push/PFN only supports Add, Get, and Replace function not Delete. See details at https://docs.microsoft.com/en-us/windows/client-management/mdm/dmclient-csp Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/7061 --- windows/client-management/mdm/dmclient-ddf-file.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/client-management/mdm/dmclient-ddf-file.md b/windows/client-management/mdm/dmclient-ddf-file.md index 15b21d0197..44ff431b60 100644 --- a/windows/client-management/mdm/dmclient-ddf-file.md +++ b/windows/client-management/mdm/dmclient-ddf-file.md @@ -1022,7 +1022,6 @@ The XML below is for Windows 10, version 1803. - From d499690ab24be504a0bf81880b7a5985249ce7da Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Mon, 20 Jul 2020 12:28:20 +0300 Subject: [PATCH 11/20] Reg key breaks Windows Store connectivity https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6600 --- windows/deployment/update/waas-manage-updates-wsus.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/deployment/update/waas-manage-updates-wsus.md b/windows/deployment/update/waas-manage-updates-wsus.md index 13b02958f8..1e26155297 100644 --- a/windows/deployment/update/waas-manage-updates-wsus.md +++ b/windows/deployment/update/waas-manage-updates-wsus.md @@ -82,6 +82,9 @@ When using WSUS to manage updates on Windows client devices, start by configurin 9. Under **Options**, from the **Configure automatic updating** list, select **3 - Auto download and notify for install**, and then click **OK**. ![Example of UI](images/waas-wsus-fig5.png) + + >[!IMPORTANT] + > Under Group Policy Management Editor make sure the following key is not enabled, because it can break Windows Store connectivity: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdateDoNotConnectToWindowsUpdateInternetLocations > [!NOTE] > There are three other settings for automatic update download and installation dates and times. This is simply the option this example uses. For more examples of how to control automatic updates and other related policies, see [Configure Automatic Updates by Using Group Policy](https://technet.microsoft.com/library/cc720539%28v=ws.10%29.aspx). From 296b68d7054a60bbb5a1dbcfb067184feaab022f Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Sat, 25 Jul 2020 18:27:10 +0500 Subject: [PATCH 12/20] updated information As checked in the portal, protected domains should be added with |. Updating the information in doc. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/7135 --- .../create-wip-policy-using-intune-azure.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md index b3f555bb13..29ad99192e 100644 --- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md +++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md @@ -461,10 +461,10 @@ contoso.sharepoint.com|contoso.visualstudio.com Specify the domains used for identities in your environment. All traffic to the fully-qualified domains appearing in this list will be protected. -Separate multiple domains with the "," delimiter. +Separate multiple domains with the "|" delimiter. ```code -exchange.contoso.com,contoso.com,region.contoso.com +exchange.contoso.com|contoso.com|region.contoso.com ``` ### Network domains From 0b08be80aadc87c5d4af222a4e30b06bdde79b8b Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Sat, 25 Jul 2020 22:36:04 +0500 Subject: [PATCH 13/20] note additon As recommended by user, updated the note section in the doc. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/7062 --- windows/client-management/mdm/certificatestore-csp.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/client-management/mdm/certificatestore-csp.md b/windows/client-management/mdm/certificatestore-csp.md index 6e878defd1..7c534c850a 100644 --- a/windows/client-management/mdm/certificatestore-csp.md +++ b/windows/client-management/mdm/certificatestore-csp.md @@ -17,7 +17,9 @@ ms.date: 02/28/2020 The CertificateStore configuration service provider is used to add secure socket layers (SSL), intermediate, and self-signed certificates. -> **Note**   The CertificateStore configuration service provider does not support installing client certificates. +> [!Note] +> The CertificateStore configuration service provider does not support installing client certificates. +> Microsoft protocol version of OMA is case insensitive. From b134bccc6f3ec6bb78f289d4e0f618c5f8b23c67 Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Sun, 26 Jul 2020 09:10:14 +0500 Subject: [PATCH 14/20] Update windows/client-management/mdm/certificatestore-csp.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/mdm/certificatestore-csp.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/client-management/mdm/certificatestore-csp.md b/windows/client-management/mdm/certificatestore-csp.md index 7c534c850a..f709de39d0 100644 --- a/windows/client-management/mdm/certificatestore-csp.md +++ b/windows/client-management/mdm/certificatestore-csp.md @@ -19,7 +19,7 @@ The CertificateStore configuration service provider is used to add secure socket > [!Note] > The CertificateStore configuration service provider does not support installing client certificates. -> Microsoft protocol version of OMA is case insensitive. +> The Microsoft protocol version of Open Mobile Alliance (OMA) is case insensitive. @@ -645,4 +645,3 @@ Configure the device to automatically renew an MDM client certificate with the s - From 8455245852edd379dc678392dd6315a6b12e7664 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Wed, 29 Jul 2020 11:17:45 +0300 Subject: [PATCH 15/20] incorrect Editor name change from Group Policy Management Editor to Registry Editor --- windows/deployment/update/waas-manage-updates-wsus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-manage-updates-wsus.md b/windows/deployment/update/waas-manage-updates-wsus.md index 1e26155297..5a2120fcb1 100644 --- a/windows/deployment/update/waas-manage-updates-wsus.md +++ b/windows/deployment/update/waas-manage-updates-wsus.md @@ -84,7 +84,7 @@ When using WSUS to manage updates on Windows client devices, start by configurin ![Example of UI](images/waas-wsus-fig5.png) >[!IMPORTANT] - > Under Group Policy Management Editor make sure the following key is not enabled, because it can break Windows Store connectivity: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdateDoNotConnectToWindowsUpdateInternetLocations + > Under Registry Editor make sure the following key is not enabled, because it can break Windows Store connectivity: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdateDoNotConnectToWindowsUpdateInternetLocations > [!NOTE] > There are three other settings for automatic update download and installation dates and times. This is simply the option this example uses. For more examples of how to control automatic updates and other related policies, see [Configure Automatic Updates by Using Group Policy](https://technet.microsoft.com/library/cc720539%28v=ws.10%29.aspx). From 98015a400d30e3f3d93f8e24319268ddd89f98a9 Mon Sep 17 00:00:00 2001 From: Jaime Ondrusek Date: Wed, 29 Jul 2020 10:46:41 -0700 Subject: [PATCH 16/20] Update waas-manage-updates-wsus.md Slight rewording. --- windows/deployment/update/waas-manage-updates-wsus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-manage-updates-wsus.md b/windows/deployment/update/waas-manage-updates-wsus.md index 5a2120fcb1..db7cd77c90 100644 --- a/windows/deployment/update/waas-manage-updates-wsus.md +++ b/windows/deployment/update/waas-manage-updates-wsus.md @@ -84,7 +84,7 @@ When using WSUS to manage updates on Windows client devices, start by configurin ![Example of UI](images/waas-wsus-fig5.png) >[!IMPORTANT] - > Under Registry Editor make sure the following key is not enabled, because it can break Windows Store connectivity: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdateDoNotConnectToWindowsUpdateInternetLocations + > Use Regedit.exe to check that the following key is not enabled, because it can break Windows Store connectivity: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdateDoNotConnectToWindowsUpdateInternetLocations > [!NOTE] > There are three other settings for automatic update download and installation dates and times. This is simply the option this example uses. For more examples of how to control automatic updates and other related policies, see [Configure Automatic Updates by Using Group Policy](https://technet.microsoft.com/library/cc720539%28v=ws.10%29.aspx). From 804603413b00c91580678f09123d6cfae971e1f9 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Thu, 30 Jul 2020 12:17:48 +0300 Subject: [PATCH 17/20] Update event-4624.md https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6534 --- windows/security/threat-protection/auditing/event-4624.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/threat-protection/auditing/event-4624.md b/windows/security/threat-protection/auditing/event-4624.md index cf8e0d63b8..b310cd06ca 100644 --- a/windows/security/threat-protection/auditing/event-4624.md +++ b/windows/security/threat-protection/auditing/event-4624.md @@ -146,6 +146,7 @@ This event generates when a logon session is created (on destination machine). I | Logon Type | Logon Title | Description | |:----------:|---------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `0` | `System` | Used only by the System account, for example at system startup. | | `2` | `Interactive` | A user logged on to this computer. | | `3` | `Network` | A user or computer logged on to this computer from the network. | | `4` | `Batch` | Batch logon type is used by batch servers, where processes may be executing on behalf of a user without their direct intervention. | @@ -155,6 +156,8 @@ This event generates when a logon session is created (on destination machine). I | `9` | `NewCredentials` | A caller cloned its current token and specified new credentials for outbound connections. The new logon session has the same local identity, but uses different credentials for other network connections. | | `10` | `RemoteInteractive` | A user logged on to this computer remotely using Terminal Services or Remote Desktop. | | `11` | `CachedInteractive` | A user logged on to this computer with network credentials that were stored locally on the computer. The domain controller was not contacted to verify the credentials. | +| `12` | `CashedRemoteInteractive` | Same as RemoteInteractive. This is used for internal auditing. | +| `13` | `CachedUnlock` | Workstation logon. | - **Restricted Admin Mode** \[Version 2\] \[Type = UnicodeString\]**:** Only populated for **RemoteInteractive** logon type sessions. This is a Yes/No flag indicating if the credentials provided were passed using Restricted Admin mode. Restricted Admin mode was added in Win8.1/2012R2 but this flag was added to the event in Win10. From f6eb7f9e89c8a78e724bd7008256b87abb36a25b Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 31 Jul 2020 22:59:23 +0530 Subject: [PATCH 18/20] added new link in related topics as per the user feedback, in issue #7981 .so i added the following link **https://techcommunity.microsoft.com/t5/microsoft-defender-atp/advanced-hunting-data-schema-changes/ba-p/1043914** --- .../microsoft-defender-atp/advanced-hunting-schema-reference.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md index 94c74051a1..59a850ea64 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md @@ -57,3 +57,4 @@ Table and column names are also listed within the Microsoft Defender Security Ce - [Advanced hunting overview](advanced-hunting-overview.md) - [Work with query results](advanced-hunting-query-results.md) - [Learn the query language](advanced-hunting-query-language.md) +- [Advanced hunting data schema changes](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/advanced-hunting-data-schema-changes/ba-p/1043914) From f1cc4629f9f329b078d566e14cedfe702e47a023 Mon Sep 17 00:00:00 2001 From: Caroline Gitonga Date: Wed, 12 Aug 2020 19:59:39 +0300 Subject: [PATCH 19/20] Remove fs.microsoft.com from Maps --- windows/privacy/manage-windows-2004-endpoints.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/privacy/manage-windows-2004-endpoints.md b/windows/privacy/manage-windows-2004-endpoints.md index 01990ccba5..5c4ad7c28d 100644 --- a/windows/privacy/manage-windows-2004-endpoints.md +++ b/windows/privacy/manage-windows-2004-endpoints.md @@ -71,7 +71,6 @@ The following methodology was used to derive these network endpoints: |||HTTPS|*licensing.mp.microsoft.com| |Maps|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-offlinemaps)| ||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps will not be updated.|TLSv1.2|*maps.windows.com| -|| The following endpoints are used to check for updates to maps that have been downloaded for offline use.|HTTP|fs.microsoft.com*| |Microsoft Account|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-microsoft-account)| ||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users cannot sign in with Microsoft accounts. |TLSv1.2|*login.live.com| |Microsoft forward link redirection service (FWLink)|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. If you disable this endpoint, Windows Defender won't be able to update its malware definitions; links from Windows and other Microsoft products to the Web won't work; and PowerShell updateable Help won't update. To disable the traffic, instead disable the traffic that's getting forwarded.|HTTPS|go.microsoft.com| From b273db911c5a1b048127958cb61273090a9bbba1 Mon Sep 17 00:00:00 2001 From: JECRISPO <69607805+JECRISPO@users.noreply.github.com> Date: Thu, 13 Aug 2020 07:42:06 -0700 Subject: [PATCH 20/20] Added clarifying language about reccomendations Change was reccomended by MCB Privacy to ensure there is discoverable notice. --- windows/configuration/windows-spotlight.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/configuration/windows-spotlight.md b/windows/configuration/windows-spotlight.md index fa8b0e3378..c5fc3f7733 100644 --- a/windows/configuration/windows-spotlight.md +++ b/windows/configuration/windows-spotlight.md @@ -44,7 +44,7 @@ For managed devices running Windows 10 Enterprise and Windows 10 Education, en - **Feature suggestions, fun facts, tips** - The lock screen background will occasionally suggest Windows 10 features that the user hasn't tried yet, such as **Snap assist**. + The lock screen background will occasionally make reccomendations on how to enhance your productivity and enjoyment of Microsoft products including suggesting other relevant Microsoft products and services. ![fun facts](images/funfacts.png)