deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'main' into Benny-54-cleanup-cm1

Browse Source
This commit is contained in:
Benny Shilpa 2022-05-20 16:21:18 +05:30
commit 86bca79355
17 changed files with 202 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
.openpublishing.redirection.json
View File

@ -19448,7 +19448,7 @@
{
"source_path": "windows/security/threat-protection/intelligence/supply-chain-malware.md",
"redirect_url": "/microsoft-365/security/intelligence/supply-chain-malware",
"redirect_document_id": true
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/intelligence/support-scams.md",
@ -19498,7 +19498,7 @@
{
"source_path": "education/itadmins.yml",
"redirect_url": "/education",
"redirect_document_id": true
"redirect_document_id": false
},
{
"source_path": "education/partners.yml",
@ -19539,6 +19539,16 @@
"source_path": "windows/client-management/mdm/messaging-csp.md",
"redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
"redirect_document_id": false
},
{
"source_path": "windows/client-management/mdm/policymanager-csp.md",
"redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
"redirect_document_id": false
},
{
"source_path": "windows/client-management/mdm/proxy-csp.md",
"redirect_url": "/windows/client-management/mdm/configuration-service-provider-reference",
"redirect_document_id": false
}
]
}

52
windows/client-management/mdm/configuration-service-provider-reference.md
View File

@ -615,18 +615,6 @@ Additional lists:
<!--EndSKU-->
<!--EndCSP-->
<!--StartCSP-->
[Proxy CSP](proxy-csp.md)
<!--StartSKU-->
|Home|Pro|Business|Enterprise|Education|
|--- |--- |--- |--- |--- |
|Yes|Yes|Yes|Yes|Yes|
<!--EndSKU-->
<!--EndCSP-->
<!--StartCSP-->
[PXLogical CSP](pxlogical-csp.md)
@ -675,18 +663,6 @@ Additional lists:
<!--EndSKU-->
<!--EndCSP-->
<!--StartCSP-->
[PolicyManager CSP](policymanager-csp.md)
<!--StartSKU-->
|Home|Pro|Business|Enterprise|Education|
|--- |--- |--- |--- |--- |
|No|No|No|No|No|
<!--EndSKU-->
<!--EndCSP-->
<!--StartCSP-->
[Provisioning CSP](provisioning-csp.md)
@ -820,6 +796,15 @@ Additional lists:
<!--EndCSP-->
<!--StartCSP-->
[SurfaceHub](surfacehub-csp.md)
<!--StartSKU-->
<!--EndSKU-->
<!--EndCSP-->
<!--StartCSP-->
[TenantLockdown CSP](tenantlockdown-csp.md)
<!--StartSKU-->
@ -904,6 +889,16 @@ Additional lists:
<!--EndCSP-->
<!--StartCSP-->
[W4 Application CSP](w4-application-csp.md)
<!--StartSKU-->
<!--EndSKU-->
<!--EndCSP-->
<!--StartCSP-->
[WiFi CSP](wifi-csp.md)
<!--StartSKU-->
@ -988,6 +983,15 @@ Additional lists:
<!--EndSKU-->
<!--EndCSP-->
<!--StartCSP-->
[w7 Application CSP](w7-application-csp.md)
<!--StartSKU-->
<!--EndSKU-->
<!--EndCSP-->
<hr/>
<!--EndCSPs-->

9
windows/client-management/mdm/multisim-csp.md
View File

@ -13,6 +13,15 @@ manager: dansimp
# MultiSIM CSP
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|Yes|Yes|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The MultiSIM configuration service provider (CSP) is used by the enterprise to manage devices with dual SIM single active configuration. An enterprise can set policies on whether that user can switch between SIM slots, specify which slot is the default, and whether the slot is embedded. This CSP was added in Windows 10, version 1803.

17
windows/client-management/mdm/nap-csp.md
View File

@ -13,6 +13,16 @@ ms.date: 06/26/2017
# NAP CSP
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The NAP (Network Access Point) Configuration Service Provider is used to manage and query GPRS and CDMA connections.
> [!Note]
@ -66,7 +76,7 @@ Root node.
<a href="" id="napx"></a>***NAPX***
Required. Defines the name of the network access point.
It's recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two network access points, use "NAP0" and "NAP1" as the element names. Any unique name can be used if desired (such as "GPRS-NAP"), but no spaces may appear in the name (use %20 instead).
It is recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two network access points, use "NAP0" and "NAP1" as the element names. Any unique name can be used if desired (such as "GPRS-NAP"), however, no spaces may appear in the name (use %20 instead).
<a href="" id="napx-napid"></a>***NAPX*/NAPID**
Required. Specifies the identifier of the destination network.
@ -96,7 +106,7 @@ The following table shows some commonly used ADDRTYPE values and the types of co
Optional node. Specifies the authentication information, including the protocol, user name, and password.
<a href="" id="napx-authinfo-authtype"></a>***NAPX*/AuthInfo/AuthType**
Optional. Specifies the method of authentication. Some supported protocols are PAP, CHAP, HTTP-BASIC, HTTP-DIGEST, WTLS-SS, MD5.
Optional. Specifies the method of authentication. Some supported protocols are PAP, CHAP, HTTP-BASIC, HTTP-DIGEST, WTLS-SS, and MD5.
<a href="" id="napx-authinfo-authname"></a>***NAPX*/AuthInfo/AuthName**
Optional. Specifies the user name and domain to be used during authentication. This field is in the form *Domain*\\*UserName*.
@ -110,7 +120,8 @@ Queries of this field will return a string composed of 16 asterisks (\*).
Node.
<a href="" id="napx-bearer-bearertype"></a>***NAPX*/Bearer/BearerType**
Required. Specifies the network type of the destination network. This parameter's value can be set to GPRS, CDMA2000, WCDMA, TDMA, CSD, DTPT, WiFi.
Required. Specifies the network type of the destination network. This can be set to GPRS, CDMA2000, WCDMA, TDMA, CSD, DTPT, and Wi-Fi.
## Related articles

14
windows/client-management/mdm/napdef-csp.md
View File

@ -13,7 +13,17 @@ ms.date: 06/26/2017
# NAPDEF CSP
The NAPDEF configuration service provider is used to add, modify, or delete WAP network access points (NAPs). For complete information about these settings, see the standard WAP specification WAP-183-ProvCont-20010724-a.
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The NAPDEF configuration service provider is used to add, modify, or delete WAP Network Access Points (NAPs). For complete information about these settings, see the standard WAP specification WAP-183-ProvCont-20010724-a.
> [!Note]
> You cannot use NAPDEF CSP on the desktop to update the Push Proxy Gateway (PPG) list.
@ -70,7 +80,7 @@ A query of this parameter returns asterisks (\*) in the results.
<a href="" id="authtype"></a>**AUTHTYPE**
Specifies the protocol used to authenticate the user.
The only permitted values for this element are "POP" (Password Authentication Protocol) and "CHAP" (Challenge Handshake Authentication Protocol) authentication protocols. Note
The only permitted values for this element are "POP" (Password Authentication Protocol) and "CHAP" (Challenge Handshake Authentication Protocol) authentication protocols.
> [!Note]
> **AuthName** and **AuthSecret** are not created if **AuthType** isn't included in the initial device configuration. **AuthName** and **AuthSecret** cannot be changed if **AuthType** isn't included in the provisioning XML used to make the change.

12
windows/client-management/mdm/networkproxy-csp.md
View File

@ -13,11 +13,21 @@ manager: dansimp
# NetworkProxy CSP
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The NetworkProxy configuration service provider (CSP) is used to configure a proxy server for ethernet and Wi-Fi connections. These settings do not apply to VPN connections. This CSP was added in Windows 10, version 1703.
How the settings work:
- If auto-detect is enabled, the system tries to find the path to a proxy auto config (PAC) script and download it.
- If auto-detect is enabled, the system tries to find the path to a Proxy Auto Config (PAC) script and download it.
- If #1 fails and a setup script is specified, the system tries to download the explicitly configured PAC script.
- If #2 fails and a proxy server is specified, the system tries to use the explicitly configured proxy server.
- Otherwise, the system tries to reach the site directly.

14
windows/client-management/mdm/networkqospolicy-csp.md
View File

@ -13,6 +13,16 @@ manager: dansimp
# NetworkQoSPolicy CSP
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|Yes|Yes|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The NetworkQoSPolicy configuration service provider creates network Quality of Service (QoS) policies. A QoS policy performs a set of actions on network traffic based on a set of matching conditions. This CSP was added in Windows 10, version 1703.
The following conditions are supported:
@ -71,7 +81,7 @@ NetworkQoSPolicy
<p>The supported operations are Add, Get, Delete, and Replace.
<a href="" id="name-apppathnamematchcondition"></a>***Name*/AppPathNameMatchCondition**
<p>Specifies the name of an application to be used to match the network traffic, such as application.exe or %ProgramFiles%\application.exe.
<p>Specifies the name of an application to be used to match the network traffic, such as `application.exe` or `%ProgramFiles%\application.exe`.
<p>The data type is char.
@ -111,7 +121,7 @@ NetworkQoSPolicy
<p>The supported operations are Add, Get, Delete, and Replace.
<a href="" id="name-dscpaction"></a>***Name*/DSCPAction**
<p>The differentiated services code point (DSCP) value to apply to matching network traffic.
<p>The Differentiated Services Code Point (DSCP) value to apply to matching network traffic.
<p>Valid values are 0-63.

18
windows/client-management/mdm/nodecache-csp.md
View File

@ -13,6 +13,15 @@ ms.date: 06/26/2017
# NodeCache CSP
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|Yes|Yes|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The NodeCache configuration service provider is used to manage the client cache. This configuration service provider is to be used only by enterprise management servers. It provides a level of abstraction that decouples the management of the node list from a specific backing store. It synchronizes the client cache with the server side cache. It also provides an API for monitoring device-side cache changes.
@ -71,7 +80,7 @@ NodeCache
Required. The root node for the NodeCache object. Supported operation is Get. This configuration service provider is used for enterprise device management only. This parameter's value is a predefined MIME type to identify this managed object in OMA DM syntax.
<a href="" id="providerid"></a>***ProviderID***
Optional. Group settings per DM server. Each group of settings is distinguished by the servers Provider ID. It should be the same DM server **PROVIDER-ID** value that was supplied through the [w7 APPLICATION configuration service provider](w7-application-csp.md) XML during the enrollment process. Only one enterprise management server is supported. That is, there should be only one *ProviderID* node under **NodeCache**. Scope is dynamic.
Optional. Group settings per DM server. Each group of settings is distinguished by the servers Provider ID. It should be the same DM server **PROVIDER-ID** value that was supplied through the [w7 APPLICATION configuration service provider](w7-application-csp.md) XML during the enrollment process. Only one enterprise management server is supported. That is, there should be only one **ProviderID** node under **NodeCache**. Scope is dynamic.
Supported operations are Get, Add, and Delete.
@ -382,10 +391,11 @@ It represents this example:
<Node Id="20" Uri="./DevDetail/Ext/Microsoft/DeviceName">U09NRU5FV1ZBTFVF</Node>
</Nodes>
```
Id is the node Id that was added by the MDM server, and Uri is the path that the node is tracking.
If a Uri isn't set, the node will always be reported as changed, as in Node Id 10.
The value inside of the node tag is the actual value returned by the Uri, which means that for Node Id 20 the DeviceName didn't match what was previously expected, and the device name is now U09NRU5FV1ZBTFVF instead of what it was previously.
Id is the node ID that was added by the MDM server, and Uri is the path that the node is tracking.
If a Uri is not set, the node will always be reported as changed, as in Node ID 10.
The value inside of the node tag is the actual value returned by the Uri, which means that for Node ID 20 the DeviceName did not match what was previously expected, and the device name is now U09NRU5FV1ZBTFVF instead of what it was previously.
## Related topics

9
windows/client-management/mdm/office-csp.md
View File

@ -13,6 +13,15 @@ manager: dansimp
# Office CSP
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The Office configuration service provider (CSP) enables a Microsoft Office client to be installed on a device via the Office Deployment Tool (ODT). For more information, see [Configuration options for the Office Deployment Tool](/deployoffice/office-deployment-tool-configuration-options) and [How to assign Office 365 apps to Windows 10 devices with Microsoft Intune](/intune/apps-add-office365).

13
windows/client-management/mdm/passportforwork-csp.md
View File

@ -13,7 +13,18 @@ ms.date: 07/19/2019
# PassportForWork CSP
The PassportForWork configuration service provider is used to provision Windows Hello for Business (formerly Microsoft Passport for Work). It allows you to sign in to Windows using your Active Directory or Azure Active Directory account and replace passwords, smartcards, and virtual smart cards.
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|Yes|Yes|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The PassportForWork configuration service provider is used to provision Windows Hello for Business (formerly Microsoft Passport for Work). It allows you to log in to Windows using your Active Directory or Azure Active Directory account and replace passwords, smartcards, and virtual smart cards.
> [!IMPORTANT]
> Starting with Windows 10, version 1607 all devices only have one PIN associated with Windows Hello for Business. This means that any PIN on a device will be subject to the policies specified in the PassportForWork CSP. The values specified take precedence over any complexity rules set via Exchange ActiveSync (EAS) or the DeviceLock CSP.

10
windows/client-management/mdm/personalization-csp.md
View File

@ -13,6 +13,16 @@ manager: dansimp
# Personalization CSP
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|No|No|
|Business|No|No|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The Personalization CSP can set the lock screen and desktop background images. Setting these policies also prevents the user from changing the image. You can also use the Personalization settings in a provisioning package.
This CSP was added in Windows 10, version 1703.

43
windows/client-management/mdm/policy-csp-accounts.md
View File

@ -31,6 +31,9 @@ manager: dansimp
<dd>
<a href="#accounts-allowmicrosoftaccountsigninassistant">Accounts/AllowMicrosoftAccountSignInAssistant</a>
</dd>
<dd>
<a href="#accounts-domainnamesforemailsync">Accounts/DomainNamesForEmailSync</a>
</dd>
</dl>
@ -66,7 +69,7 @@ Specifies whether user is allowed to add non-MSA email accounts.
Most restricted value is 0.
> [!NOTE]
> This policy will only block UI/UX-based methods for adding non-Microsoft accounts. Even if this policy is enforced, you can still provision non-MSA accounts using the [EMAIL2 CSP](email2-csp.md).
> This policy will only block UI/UX-based methods for adding non-Microsoft accounts.
<!--/Description-->
<!--SupportedValues-->
@ -168,9 +171,47 @@ The following list shows the supported values:
<hr/>
<!--Policy-->
<a href="" id="accounts-domainnamesforemailsync"></a>**Accounts/DomainNamesForEmailSync**
<!--SupportedSKUs-->
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|No|No|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
<!--/SupportedSKUs-->
<hr/>
<!--Scope-->
[Scope](./policy-configuration-service-provider.md#policy-scope):
> [!div class = "checklist"]
> * Device
<hr/>
<!--/Scope-->
<!--Description-->
<!--/Description-->
<!--SupportedValues-->
The following list shows the supported values:
<!--/SupportedValues-->
<!--/Policy-->
<hr/>
<!--/Policies-->
<!--/Policies-->
## Related topics
[Policy CSP](policy-configuration-service-provider.md)

10
windows/client-management/mdm/provisioning-csp.md
View File

@ -13,6 +13,16 @@ ms.date: 06/26/2017
# Provisioning CSP
The table below shows the applicability of Windows:
|Edition|Windows 10|Windows 11|
|--- |--- |--- |
|Home|Yes|Yes|
|Pro|Yes|Yes|
|Business|Yes|Yes|
|Enterprise|Yes|Yes|
|Education|Yes|Yes|
The Provisioning configuration service provider is used for bulk user enrollment to an MDM service.
> [!NOTE]

1
windows/client-management/mdm/pxlogical-csp.md
View File

@ -13,7 +13,6 @@ ms.date: 06/26/2017
# PXLOGICAL configuration service provider
The PXLOGICAL configuration service provider is used to add, remove, or modify WAP logical and physical proxies by using WAP or the standard Windows techniques.
> [!NOTE]

4
windows/client-management/mdm/toc.yml
View File

@ -828,12 +828,8 @@ items:
href: policy-csp-windowssandbox.md
- name: WirelessDisplay
href: policy-csp-wirelessdisplay.md
- name: PolicyManager CSP
href: policymanager-csp.md
- name: Provisioning CSP
href: provisioning-csp.md
- name: PROXY CSP
href: proxy-csp.md
- name: PXLOGICAL CSP
href: pxlogical-csp.md
- name: Reboot CSP

4
windows/security/identity-protection/credential-guard/credential-guard-known-issues.md
View File

@ -59,6 +59,10 @@ The following known issues have been fixed by servicing releases made available
## Known issues involving third-party applications
The following issue affects MSCHAPv2:
- [Credential guard doesn't work with MSCHAPv2 configurations, of which Cisco ISE is a very popular enterprise implementation](https://quickview.cloudapps.cisco.com/quickview/bug/CSCul55352).
The following issue affects the Java GSS API. See the following Oracle bug database article:
- [JDK-8161921: Windows Defender Credential Guard doesn't allow sharing of TGT with Java](http://bugs.java.com/bugdatabase/view_bug.do?bug_id=8161921)

4
windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md
View File

@ -84,8 +84,9 @@ For errors listed in this table, contact Microsoft Support for assistance.
| Hex | Cause |
|-------------|---------|
| 0X80072F0C | Unknown |
| 0x80070057 | Invalid parameter or argument is passed. |
| 0X80072F0C | Unknown |
| 0x80072F8F | A mismatch happens between the system's clock and the activation server's clock when attempting to activate Windows.|
| 0x80090010 | NTE_PERM |
| 0x80090020 | NTE\_FAIL |
| 0x80090027 | Caller provided a wrong parameter. If third-party code receives this error, they must change their code. |
@ -105,7 +106,6 @@ For errors listed in this table, contact Microsoft Support for assistance.
| 0x801C044C | There is no core window for the current thread. |
| 0x801c004D | DSREG_NO_DEFAULT_ACCOUNT: NGC provisioning is unable to find the default WAM account to use to request AAD token for provisioning. Unable to enroll a device to use a PIN for login. |
## Related topics
- [Windows Hello for Business](hello-identity-verification.md)