From 6e8588319f6c8288e060737e1b10978491540eb4 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 29 Oct 2024 06:37:40 -0400 Subject: [PATCH 1/4] Edge AUMID for secondary tiles. --- windows/configuration/start/layout.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/configuration/start/layout.md b/windows/configuration/start/layout.md index 30baa389a1..2bc5402a79 100644 --- a/windows/configuration/start/layout.md +++ b/windows/configuration/start/layout.md @@ -304,10 +304,10 @@ Column="2"/> You can use the `start:SecondaryTile` tag to pin a web link through a Microsoft Edge secondary tile. This method doesn't require more actions compared to the method of using legacy `.url` shortcuts (through the `start:DesktopApplicationTile` tag). -The following example shows how to create a tile of the Web site's URL using the Microsoft Edge secondary tile: +The following example shows how to create a tile of the Web site's URL using the Microsoft Edge secondary tile. Ensure to replace `<--Microsoft Edge AUMID-->` with the AUMID of Microsoft Edge (learn how to [Find the Application User Model ID of an installed app](../store/find-aumid.md)): ```XML - Date: Wed, 30 Oct 2024 12:23:00 +0000 Subject: [PATCH 2/4] Update windows-autopatch-prerequisites.md Added info on IoT edition and updated links for LTSC. --- .../prepare/windows-autopatch-prerequisites.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md index 74379f93b0..4c7127d25e 100644 --- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md +++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md @@ -135,12 +135,14 @@ For more information about feature entitlement, see [Features and capabilities]( The following Windows 10/11 editions, build version, and architecture are supported when [devices are registered with Windows Autopatch](../deploy/windows-autopatch-register-devices.md): - Windows 11 Professional, Education, Enterprise, Pro Education, or Pro for Workstations editions +- Windows 11 IoT Enterprise edition - Windows 10 Professional, Education, Enterprise, Pro Education, or Pro for Workstations editions +- Windows 10 IoT Enterprise edition Windows Autopatch service supports Windows client devices on the **General Availability Channel**. > [!NOTE] -> Windows Autopatch supports registering [Windows 10 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/) devices that are being currently serviced by the [Windows LTSC](/windows/release-health/release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC. +> Windows Autopatch supports registering [Windows 10 and Windows 11 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/overview) devices that are being currently serviced by the [Windows 10 LTSC](/windows/release-health/release-information) or [Windows 11 LTSC](/windows/release-health/windows11-release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC. ## Configuration Manager co-management requirements From eaac5b25f02a07f9950dff50d8dea40f561aaf93 Mon Sep 17 00:00:00 2001 From: Matheesha Date: Wed, 30 Oct 2024 17:37:48 +0000 Subject: [PATCH 3/4] Update settings-and-configuration.md Added details for the InteractiveLogonFirst (REG_DWORD) value. This controls UAC's behaviour for using cached logon details (potentially stale) over doing a logon over the wire to confirm if account can be used for elevation. Useful for Entra ID joined devices administered by others. --- .../user-account-control/settings-and-configuration.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/application-security/application-control/user-account-control/settings-and-configuration.md b/windows/security/application-security/application-control/user-account-control/settings-and-configuration.md index 8c81845b7b..68d64ea7fe 100644 --- a/windows/security/application-security/application-control/user-account-control/settings-and-configuration.md +++ b/windows/security/application-security/application-control/user-account-control/settings-and-configuration.md @@ -96,6 +96,7 @@ The registry keys are found under the key: `HKLM:\SOFTWARE\Microsoft\Windows\Cur | Run all administrators in Admin Approval Mode | `EnableLUA` | 0 = Disabled
1 (Default) = Enabled | | Switch to the secure desktop when prompting for elevation| `PromptOnSecureDesktop` | 0 = Disabled
1 (Default) = Enabled | | Virtualize file and registry write failures to per-user locations | `EnableVirtualization` | 0 = Disabled
1 (Default) = Enabled | +| Prioritise network logons over cached logons | `InteractiveLogonFirst` | 0 (Default) = Disabled
1 = Enabled | [WIN-1]: /windows/client-management/mdm/policy-csp-localpoliciessecurityoptions [MEM-1]: /mem/intune/configuration/custom-settings-windows-10 From c5977ce98faa2b0ff138957e2daf830b8e276944 Mon Sep 17 00:00:00 2001 From: Padma Jayaraman Date: Thu, 31 Oct 2024 00:14:27 +0530 Subject: [PATCH 4/4] Fixed alignment --- windows/configuration/start/layout.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/configuration/start/layout.md b/windows/configuration/start/layout.md index 2bc5402a79..81f5d11c75 100644 --- a/windows/configuration/start/layout.md +++ b/windows/configuration/start/layout.md @@ -427,13 +427,13 @@ You can edit the JSON file to make any modifications to the **Pinned** section o 1. Open the `LayoutModification.json` file in a JSON editor, such as Visual Studio Code or Notepad 1. The `pinnedList` section includes all the pins that are applied to the Start layout -You can add more apps to the section using the following keys: + You can add more apps to the section using the following keys: -| Key | Description | -|--|--| -| `packagedAppID` | Used for Universal Windows Platform (UWP) apps. To pin a UWP app, use the app's AUMID. | -| `desktopAppID` | Used for desktop apps. To pin a desktop app, use the app's AUMID. If the app doesn't have an AUMID, use the `desktopAppLink` instead. | -| `desktopAppLink` | Used for desktop apps that don't have an associated AUMID. To pin this type of app, use the path to the `.lnk` shortcut that points to the app. | + | Key | Description | + |--|--| + | `packagedAppID` | Used for Universal Windows Platform (UWP) apps. To pin a UWP app, use the app's AUMID. | + | `desktopAppID` | Used for desktop apps. To pin a desktop app, use the app's AUMID. If the app doesn't have an AUMID, use the `desktopAppLink` instead. | + | `desktopAppLink` | Used for desktop apps that don't have an associated AUMID. To pin this type of app, use the path to the `.lnk` shortcut that points to the app. | ::: zone-end