From c7199606f9386893c852d2a535f89ff47617c10d Mon Sep 17 00:00:00 2001 From: Nicole Zhao Date: Fri, 2 Sep 2022 10:45:55 -0700 Subject: [PATCH 01/10] Update take-a-test-multiple-pcs.md --- education/windows/take-a-test-multiple-pcs.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/education/windows/take-a-test-multiple-pcs.md b/education/windows/take-a-test-multiple-pcs.md index e6daee3daa..c3ecdbff8f 100644 --- a/education/windows/take-a-test-multiple-pcs.md +++ b/education/windows/take-a-test-multiple-pcs.md @@ -14,7 +14,7 @@ ms.date: 08/10/2022 ms.reviewer: manager: aaroncz appliesto: -- ✅ Windows 10 +- ✅ Windows 10 and above --- # Set up Take a Test on multiple PCs @@ -275,4 +275,4 @@ This assessment URL uses our lockdown API: [Set up Take a Test on a single PC](take-a-test-single-pc.md) -[Take a Test app technical reference](take-a-test-app-technical.md) \ No newline at end of file +[Take a Test app technical reference](take-a-test-app-technical.md) From 61850f305a50963f4713abc71df9f7565c4c33a8 Mon Sep 17 00:00:00 2001 From: Nagappan Veerappan Date: Thu, 8 Sep 2022 09:57:41 -0700 Subject: [PATCH 02/10] updated line72 updated line72 --- .../hello-for-business/hello-errors-during-pin-creation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md index d995550c13..b2cdb408bf 100644 --- a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md +++ b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md @@ -69,7 +69,7 @@ If the error occurs again, check the error code against the following table to s | 0x801C044D | Authorization token does not contain device ID. | Unjoin the device from Azure AD and rejoin. | | | Unable to obtain user token. | Sign out and then sign in again. Check network and credentials. | | 0x801C044E | Failed to receive user credentials input. | Sign out and then sign in again. | -| 0xC00000BB | Your PIN or this option is temporarily unavailable.| The destination domain controller doesn't support the login method. Most often the KDC service doesn't have the proper certificate to support the login. Use a different login method.| +| 0xC00000BB | Your PIN or this option is temporarily unavailable.| The destination domain controller doesn't support the login method. Most often the KDC service doesn't have the proper certificate to support the login. Another common cause can be the client can not reach the CRL endpoints. Use a different login method.| From b2be43938410cf26dc2f72594c3cff30d035ae0b Mon Sep 17 00:00:00 2001 From: jjstreic Date: Fri, 9 Sep 2022 09:30:29 -0500 Subject: [PATCH 03/10] Update index.yml Added link to Hybrid Cloud Trust Deployment #sign-off --- .../security/identity-protection/hello-for-business/index.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/identity-protection/hello-for-business/index.yml b/windows/security/identity-protection/hello-for-business/index.yml index bdd841ab2c..a0fa9d6144 100644 --- a/windows/security/identity-protection/hello-for-business/index.yml +++ b/windows/security/identity-protection/hello-for-business/index.yml @@ -65,6 +65,8 @@ landingContent: url: hello-identity-verification.md - linkListType: how-to-guide links: + - text: Hybrid Cloud Trust Deployment + url: hello-hybrid-cloud-trust.md - text: Hybrid Azure AD Joined Key Trust Deployment url: hello-hybrid-key-trust.md - text: Hybrid Azure AD Joined Certificate Trust Deployment From b7dc1ed93064a8038a0d3968cff321a7abb6771d Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Fri, 9 Sep 2022 16:22:39 -0400 Subject: [PATCH 04/10] minor changes --- education/windows/take-a-test-multiple-pcs.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/education/windows/take-a-test-multiple-pcs.md b/education/windows/take-a-test-multiple-pcs.md index c3ecdbff8f..c997343c49 100644 --- a/education/windows/take-a-test-multiple-pcs.md +++ b/education/windows/take-a-test-multiple-pcs.md @@ -14,7 +14,9 @@ ms.date: 08/10/2022 ms.reviewer: manager: aaroncz appliesto: -- ✅ Windows 10 and above +- ✅ Windows 10 +- ✅ Windows 11 +- ✅ Windows 11 SE --- # Set up Take a Test on multiple PCs @@ -271,7 +273,7 @@ This assessment URL uses our lockdown API: ## Related topics -[Take tests in Windows 10](take-tests-in-windows-10.md) +[Take tests in Windows](take-tests-in-windows-10.md) [Set up Take a Test on a single PC](take-a-test-single-pc.md) From e6454fe0007609dc5993bfc45c168f0eaf92cc58 Mon Sep 17 00:00:00 2001 From: mapalko <20977663+mapalko@users.noreply.github.com> Date: Fri, 9 Sep 2022 13:55:22 -0700 Subject: [PATCH 05/10] add cloud trust policy --- windows/client-management/mdm/passportforwork-csp.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md index 68bd28dd1e..cec5819973 100644 --- a/windows/client-management/mdm/passportforwork-csp.md +++ b/windows/client-management/mdm/passportforwork-csp.md @@ -139,6 +139,15 @@ If you disable or do not configure this policy setting, the PIN will be provisio Supported operations are Add, Get, Delete, and Replace. +***TenantId*/Policies/UseCloudTrustForOnPremAuth** (only for ./Device/Vendor/MSFT) +Boolean value that enables Windows Hello for Business to use Azure AD Kerberos to authenticate to on-premises resources. + +If you enable this policy setting, Windows Hello for Business will use an Azure AD Kerberos ticket to authenticate to on-premises resources. The Azure AD Kerberos ticket is returned to the client after a successful authentication to Azure AD if Azure AD Kerberos is enabled for the tenant and domain. + +If you disable or do not configure this policy setting, Windows Hello for Business will use a key or certificate to authenticate to on-premises resources. + +Supported operations are Add, Get, Delete, and Replace. + ***TenantId*/Policies/PINComplexity** Node for defining PIN settings. From 8148c61d7f29d64d2faf42385722c1007905d4af Mon Sep 17 00:00:00 2001 From: tiaraquan Date: Fri, 9 Sep 2022 14:44:38 -0700 Subject: [PATCH 06/10] Removed it as a service reference. --- .../windows-autopatch/references/windows-autopatch-privacy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md b/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md index fa5d7a9ffd..c90d19fae5 100644 --- a/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md +++ b/windows/deployment/windows-autopatch/references/windows-autopatch-privacy.md @@ -20,7 +20,7 @@ Windows Autopatch is a cloud service for enterprise customers designed to keep e Windows Autopatch provides its service to enterprise customers, and properly administers customers' enrolled devices by using data from various sources. -The sources include Azure Active Directory (Azure AD), Microsoft Intune, and Microsoft Windows 10/11. The sources provide a comprehensive view of the devices that Windows Autopatch manages. The service also uses these Microsoft services to enable Windows Autopatch to provide IT as a Service (ITaaS) capabilities: +The sources include Azure Active Directory (Azure AD), Microsoft Intune, and Microsoft Windows 10/11. The sources provide a comprehensive view of the devices that Windows Autopatch manages. | Data source | Purpose | | ------ | ------ | From 54a89e7de96dc2e4d514b8c714e6dd4c7b2c6764 Mon Sep 17 00:00:00 2001 From: Office Content Publishing 2 <44301038+officedocspr2@users.noreply.github.com> Date: Sat, 10 Sep 2022 23:32:17 -0700 Subject: [PATCH 07/10] Uploaded file: education-content-updates.md - 2022-09-10 23:32:17.2531 --- education/includes/education-content-updates.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/education/includes/education-content-updates.md b/education/includes/education-content-updates.md index 7a931d7ddb..47c8557394 100644 --- a/education/includes/education-content-updates.md +++ b/education/includes/education-content-updates.md @@ -2,6 +2,17 @@ +## Week of September 05, 2022 + + +| Published On |Topic title | Change | +|------|------------|--------| +| 9/8/2022 | [Education scenarios Microsoft Store for Education](/education/windows/education-scenarios-store-for-business) | modified | +| 9/8/2022 | [Get Minecraft Education Edition](/education/windows/get-minecraft-for-education) | modified | +| 9/8/2022 | [For teachers get Minecraft Education Edition](/education/windows/teacher-get-minecraft) | modified | +| 9/9/2022 | [Take tests in Windows](/education/windows/take-tests-in-windows-10) | modified | + + ## Week of August 29, 2022 From 81156b85fc622c9a05237b192573909135ea6d93 Mon Sep 17 00:00:00 2001 From: Nimisha Satapathy Date: Mon, 12 Sep 2022 11:36:19 +0530 Subject: [PATCH 08/10] Updated --- windows/client-management/mdm/policy-csp-defender.md | 6 +++--- .../mdm/policy-csp-wirelessdisplay.md | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-defender.md b/windows/client-management/mdm/policy-csp-defender.md index 4e05320c00..de7c75321a 100644 --- a/windows/client-management/mdm/policy-csp-defender.md +++ b/windows/client-management/mdm/policy-csp-defender.md @@ -2100,17 +2100,17 @@ This policy setting allows you to define the security intelligence location for ADMX Info: -- GP Friendly name: *Define security intelligence location for VDI clients* +- GP Friendly name: *Specify the signature (Security intelligence) delivery optimization for Defender in Virtual Environments* - GP name: *SecurityIntelligenceLocation* - GP element: *SecurityIntelligenceLocation* -- GP path: *Windows Components/Microsoft Defender Antivirus/Security Intelligence Updates* +- GP path: *Windows Components/Microsoft Defender Antivirus/Windows Defender* - GP ADMX file name: *WindowsDefender.admx* - Empty string - no policy is set -- Non-empty string - the policy is set and security intelligence is gathered from the location +- Non-empty string - the policy is set and security intelligence is gathered from the location. diff --git a/windows/client-management/mdm/policy-csp-wirelessdisplay.md b/windows/client-management/mdm/policy-csp-wirelessdisplay.md index d61b982f66..995c9deb8c 100644 --- a/windows/client-management/mdm/policy-csp-wirelessdisplay.md +++ b/windows/client-management/mdm/policy-csp-wirelessdisplay.md @@ -124,7 +124,7 @@ This policy setting allows you to turn off discovering the display service adver The following list shows the supported values: -- 0 - Do not allow +- 0 - Doesn't allow - 1 - Allow @@ -160,9 +160,9 @@ The following list shows the supported values: This policy setting allows you to disable the infrastructure movement detection feature. -If you set it to 0, your PC may stay connected and continue to project if you walk away from a Wireless Display receiver to which you are projecting over infrastructure. +- If you set it to 0, your PC may stay connected and continue to project if you walk away from a Wireless Display receiver to which you are projecting over infrastructure. -If you set it to 1, your PC will detect that you have moved and will automatically disconnect your infrastructure Wireless Display session. +- If you set it to 1, your PC will detect that you have moved and will automatically disconnect your infrastructure Wireless Display session. The default value is 1. @@ -171,7 +171,7 @@ The default value is 1. The following list shows the supported values: -- 0 - Do not allow +- 0 - Doesn't allow - 1 (Default) - Allow @@ -251,8 +251,8 @@ This policy allows you to turn off projection from a PC over infrastructure. The following list shows the supported values: -- 0 - your PC cannot discover or project to other infrastructure devices, although it is possible to discover and project over WiFi Direct. -- 1 - your PC can discover and project to other devices over infrastructure. +- 0 - Your PC cannot discover or project to other infrastructure devices, although it is possible to discover and project over WiFi Direct. +- 1 - Your PC can discover and project to other devices over infrastructure. From e051c498ad50d3a9a6ffcb229cee2012e326b853 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 12 Sep 2022 09:38:11 -0400 Subject: [PATCH 09/10] Updated Lightspeed version Checked supplemental policy ingested in Hailey build --- education/windows/windows-11-se-overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md index b740384ed0..697a926c74 100644 --- a/education/windows/windows-11-se-overview.md +++ b/education/windows/windows-11-se-overview.md @@ -63,7 +63,7 @@ Windows 11 SE comes with some preinstalled apps. The following apps can also run |Kortext |2.3.433.0 |Store |Kortext| |Kurzweil 3000 Assistive Learning |20.13.0000 |Win32 |Kurzweil Educational Systems| |LanSchool |9.1.0.46 |Win32 |Stoneware| -|Lightspeed Smart Agent |2.6.2 |Win32 |Lightspeed Systems| +|Lightspeed Smart Agent |1.9.1 |Win32 |Lightspeed Systems| |MetaMoJi ClassRoom |3.12.4.0 |Store |MetaMoJi Corporation| |Microsoft Connect |10.0.22000.1 |Store |Microsoft| |Mozilla Firefox |99.0.1 |Win32 |Mozilla| From dbe1d666e3023f92d2882d29229289f41b8e1e93 Mon Sep 17 00:00:00 2001 From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Date: Mon, 12 Sep 2022 11:25:31 -0400 Subject: [PATCH 10/10] Remove video link which demonstrates RAIL mode - Fixes https://github.com/MicrosoftDocs/windows-itpro-docs/issues/9637 --- .../windows-sandbox/windows-sandbox-overview.md | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md index e42fab8ddb..5325926107 100644 --- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md +++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md @@ -28,13 +28,8 @@ Windows Sandbox has the following properties: - **Secure**: Uses hardware-based virtualization for kernel isolation. It relies on the Microsoft hypervisor to run a separate kernel that isolates Windows Sandbox from the host. - **Efficient:** Uses the integrated kernel scheduler, smart memory management, and virtual GPU. - > [!IMPORTANT] - > Windows Sandbox enables network connection by default. It can be disabled using the [Windows Sandbox configuration file](/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file#networking). - -The following video provides an overview of Windows Sandbox. - -> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4rFAo] - +> [!IMPORTANT] +> Windows Sandbox enables network connection by default. It can be disabled using the [Windows Sandbox configuration file](/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file#networking). ## Prerequisites