mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-07 18:17:22 +00:00
Merge pull request #7534 from MicrosoftDocs/repo_sync_working_branch
Confirm merge from repo_sync_working_branch to main to sync with https://github.com/MicrosoftDocs/windows-itpro-docs (branch public)
This commit is contained in:
Stephanie Savell
GitHub
commit
8d8521c4e0
@ -143,8 +143,8 @@ When you configure your MDT Build Lab deployment share, you can also add applica
|
||||
|
||||
On **MDT01**:
|
||||
|
||||
1. Download the Enterprise distribution version of [Adobe Acrobat Reader DC](https://get.adobe.com/reader/enterprise/) (AcroRdrDC2200320263_en_US.exe) to **D:\\setup\\adobe** on MDT01.
|
||||
2. Extract the .exe file that you downloaded to a .msi (ex: .\AcroRdrDC2200320263_en_US.exe -sfx_o"d:\setup\adobe\install\" -sfx_ne).
|
||||
1. Download the Enterprise distribution version of [Adobe Acrobat Reader DC](https://get.adobe.com/reader/enterprise/) (AcroRdrDC2200320282_en_US.exe) to **D:\\setup\\adobe** on MDT01.
|
||||
2. Extract the .exe file that you downloaded to a .msi (ex: .\AcroRdrDC2200320282_en_US.exe -sfx_o"d:\setup\adobe\install\" -sfx_ne).
|
||||
3. In the Deployment Workbench, expand the **MDT Production** node and navigate to the **Applications** node.
|
||||
4. Right-click the **Applications** node, and create a new folder named **Adobe**.
|
||||
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Audit Directory Service Access (Windows 10)
|
||||
description: The policy setting Audit Directory Service Access determines if audit events are generated when an Active Directory Domain Services (ADA DS) object is accessed.
|
||||
description: The policy setting Audit Directory Service Access determines if audit events are generated when an Active Directory Domain Services (AD DS) object is accessed.
|
||||
ms.assetid: ba2562ba-4282-4588-b87c-a3fcb771c7d0
|
||||
ms.reviewer:
|
||||
manager: aaroncz
|
||||
@ -34,4 +34,4 @@ This subcategory allows you to audit when an Active Directory Domain Services (A
|
||||
|
||||
- [4662](event-4662.md)(S, F): An operation was performed on an object.
|
||||
|
||||
- [4661](event-4661.md)(S, F): A handle to an object was requested.
|
||||
- [4661](event-4661.md)(S, F): A handle to an object was requested.
|
||||
|
||||
@ -163,9 +163,9 @@ For 4616(S): The system time was changed.
|
||||
> [!IMPORTANT]
|
||||
> For this event, also see [Appendix A: Security monitoring recommendations for many audit events](appendix-a-security-monitoring-recommendations-for-many-audit-events.md).
|
||||
|
||||
- Report all “**Subject\\Security ID**” not equals **“LOCAL SERVICE”**, which means that the time change was not made not by Windows Time service.
|
||||
- Report all “**Subject\\Security ID**” not equals **“LOCAL SERVICE”**, which means that the time change was not made by Windows Time service.
|
||||
|
||||
- Report all “**Process Information\\Name**” not equals **“C:\\Windows\\System32\\svchost.exe”** (path to svchost.exe can be different, you can search for “svchost.exe” substring), which means that the time change was not made not by Windows Time service.
|
||||
- Report all “**Process Information\\Name**” not equals **“C:\\Windows\\System32\\svchost.exe”** (path to svchost.exe can be different, you can search for “svchost.exe” substring), which means that the time change was not made by Windows Time service.
|
||||
|
||||
<!-- -->
|
||||
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: itpro-security
|
||||
|
||||
**Applies to**
|
||||
|
||||
- Windows 10
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This article discusses different methods to administer security policy settings on a local device or throughout a small- or medium-sized organization.
|
||||
|
||||
@ -313,4 +314,4 @@ Secedit.exe is useful when you have multiple devices on which security must be a
|
||||
|
||||
## <a href="" id="bkmk-grouppolicy"></a>Working with Group Policy tools
|
||||
|
||||
Group Policy is an infrastructure that allows you to specify managed configurations for users and computers through Group Policy settings and Group Policy Preferences. For Group Policy settings that affect only a local device or user, you can use the Local Group Policy Editor. You can manage Group Policy settings and Group Policy Preferences in an Active Directory Domain Services (AD DS) environment through the Group Policy Management Console (GPMC). Group Policy management tools also are included in the Remote Server Administration Tools pack to provide a way for you to administer Group Policy settings from your desktop.
|
||||
Group Policy is an infrastructure that allows you to specify managed configurations for users and computers through Group Policy settings and Group Policy Preferences. For Group Policy settings that affect only a local device or user, you can use the Local Group Policy Editor. You can manage Group Policy settings and Group Policy Preferences in an Active Directory Domain Services (AD DS) environment through the Group Policy Management Console (GPMC). Group Policy management tools also are included in the Remote Server Administration Tools pack to provide a way for you to administer Group Policy settings from your desktop.
|
||||
|
||||
@ -22,7 +22,8 @@ ms.technology: itpro-security
|
||||
# Configure security policy settings
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Describes steps to configure a security policy setting on the local device, on a domain-joined device, and on a domain controller.
|
||||
|
||||
|
||||
@ -21,7 +21,13 @@ ms.technology: itpro-security
|
||||
# Network access: Restrict anonymous access to Named Pipes and Shares
|
||||
|
||||
**Applies to**
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
- Windows 8.1
|
||||
- Windows Server 2022
|
||||
- Windows Server 2019
|
||||
- Windows Server 2016
|
||||
- Windows Server 2012 R2
|
||||
|
||||
Describes the best practices, location, values, policy management and security considerations for the **Network access: Restrict anonymous access to Named Pipes and Shares** security policy setting.
|
||||
|
||||
|
||||
@ -21,7 +21,8 @@ ms.technology: itpro-security
|
||||
# Network List Manager policies
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
Network List Manager policies are security settings that you can use to configure different aspects of how networks are listed and displayed on one device or on many devices.
|
||||
|
||||
|
||||
@ -21,7 +21,8 @@ ms.technology: itpro-security
|
||||
# Security policy settings reference
|
||||
|
||||
**Applies to**
|
||||
- Windows 10
|
||||
- Windows 11
|
||||
- Windows 10
|
||||
|
||||
This reference of security settings provides information about how to implement and manage security policies, including setting options and security considerations.
|
||||
|
||||
|
||||
@ -66,7 +66,7 @@ There are several ways to get and use security baselines:
|
||||
|
||||
2. [Mobile device management (MDM) security baselines](/windows/client-management/mdm/#mdm-security-baseline) function like the Microsoft group policy-based security baselines and can easily integrate these baselines into an existing MDM management tool.
|
||||
|
||||
3. MDM security baselines can easily be configures in Microsoft Intune on devices that run Windows 10 and Windows 11. For more information, see [List of the settings in the Windows 10/11 MDM security baseline in Intune](/mem/intune/protect/security-baseline-settings-mdm-all).
|
||||
3. MDM security baselines can easily be configured in Microsoft Intune on devices that run Windows 10 and Windows 11. For more information, see [List of the settings in the Windows 10/11 MDM security baseline in Intune](/mem/intune/protect/security-baseline-settings-mdm-all).
|
||||
|
||||
## Community
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user