From 96ae5670f93011861d0048d251448aa364af2e46 Mon Sep 17 00:00:00 2001 From: Shesh <56231259+sheshachary@users.noreply.github.com> Date: Fri, 11 Feb 2022 18:38:02 +0530 Subject: [PATCH] updated the changes --- .../enterprise-mode-schema-version-2-guidance.md | 6 +++--- windows/client-management/manage-corporate-devices.md | 2 -- windows/client-management/mdm/alljoynmanagement-csp.md | 2 +- windows/client-management/mdm/enterprise-app-management.md | 2 +- windows/client-management/mdm/passportforwork-csp.md | 2 +- .../client-management/mdm/policy-csp-internetexplorer.md | 6 +++--- windows/configuration/guidelines-for-assigned-access-app.md | 2 +- .../hello-for-business/hello-hybrid-aadj-sso-base.md | 2 +- 8 files changed, 11 insertions(+), 13 deletions(-) diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md index d35dd497b1..5af6fab521 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md +++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md @@ -45,7 +45,7 @@ You can continue to use the v.1 version of the schema on Windows 10, but you wo The following is an example of the v.2 version of the Enterprise Mode schema. > [!IMPORTANT] -> Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both http://contoso.com and https://contoso.com. +> Make sure that you don't specify a protocol when adding your URLs. Using a URL like ``, automatically applies to both `http://contoso.com` and `https://contoso.com`. ```xml @@ -109,9 +109,9 @@ The <url> attribute, as part of the <site> element in the v.2 versio |Attribute|Description|Supported browser| |---------|---------|---------| -|allow-redirect|A boolean attribute of the <open-in> element that controls the behavior for redirected sites. Setting this attribute to "true" indicates that the site will open in IE11 or Microsoft Edge even if the site is navigated to as part of a HTTP or meta refresh redirection chain. Omitting the attribute is equivalent to "false" (sites in redirect chain will not open in another browser).
**Example**
<site url="contoso.com/travel">
  <open-in allow-redirect="true">IE11 </open-in>
</site>
In this example, if `https://contoso.com/travel` is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer.
  • | Internet Explorer 11 and Microsoft Edge| +|allow-redirect|A boolean attribute of the <open-in> element that controls the behavior for redirected sites. Setting this attribute to "true" indicates that the site will open in IE11 or Microsoft Edge even if the site is navigated to as part of a HTTP or meta refresh redirection chain. Omitting the attribute is equivalent to "false" (sites in redirect chain will not open in another browser).
    **Example**
    <site url="contoso.com/travel">
      <open-in allow-redirect="true">IE11 </open-in>
    </site>
    In this example, if `https://contoso.com/travel` is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer. | Internet Explorer 11 and Microsoft Edge| |version |Specifies the version of the Enterprise Mode Site List. This attribute is supported for the <site-list> element. | Internet Explorer 11 and Microsoft Edge| -|url|Specifies the URL (and port number using standard port conventions) to which the child elements apply. The URL can be a domain, sub-domain, or any path URL.
    **Note**
    Make sure that you don't specify a protocol. Using <site url="contoso.com"> applies to both [https://contoso.com](https://contoso.com) and [https://contoso.com](https://contoso.com).
    **Example**
    <site url="contoso.com:8080">
       <compat-mode>IE8Enterprise</compat-mode> 
     <open-in>IE11</open-in>
    </site>
    In this example, going to [https://contoso.com:8080](https://contoso.com:8080) using Microsoft Edge, causes the site to open in IE11 and load in IE8 Enterprise Mode. | Internet Explorer 11 and Microsoft Edge| +|url|Specifies the URL (and port number using standard port conventions) to which the child elements apply. The URL can be a domain, sub-domain, or any path URL.
    **Note**
    Make sure that you don't specify a protocol. Using <site url="contoso.com"> applies to both `http://contoso.com` and `https://contoso.com`.
    **Example**
    <site url="contoso.com:8080">
       <compat-mode>IE8Enterprise</compat-mode> 
     <open-in>IE11</open-in>
    </site>
    In this example, going to `https://contoso.com:8080` using Microsoft Edge, causes the site to open in IE11 and load in IE8 Enterprise Mode. | Internet Explorer 11 and Microsoft Edge| ### Deprecated attributes These v.1 version schema attributes have been deprecated in the v.2 version of the schema: diff --git a/windows/client-management/manage-corporate-devices.md b/windows/client-management/manage-corporate-devices.md index fb532ca4b1..100a615574 100644 --- a/windows/client-management/manage-corporate-devices.md +++ b/windows/client-management/manage-corporate-devices.md @@ -47,8 +47,6 @@ You can use the same management tools to manage all device types running Windows [Microsoft Intune End User Enrollment Guide](/samples/browse/?redirectedfrom=TechNet-Gallery) -[Azure AD Join on Windows 10 (and Windows 11) devices](https://go.microsoft.com/fwlink/p/?LinkId=616791) - [Windows 10 (and Windows 11) and Azure Active Directory: Embracing the Cloud](https://go.microsoft.com/fwlink/p/?LinkId=615768) Microsoft Virtual Academy course: [System Center 2012 R2 Configuration Manager & Windows Intune](/learn/) diff --git a/windows/client-management/mdm/alljoynmanagement-csp.md b/windows/client-management/mdm/alljoynmanagement-csp.md index 6e986105de..1df422d0db 100644 --- a/windows/client-management/mdm/alljoynmanagement-csp.md +++ b/windows/client-management/mdm/alljoynmanagement-csp.md @@ -24,7 +24,7 @@ This CSP was added in Windows 10, version 1511. -For the firewall settings, note that PublicProfile and PrivateProfile are mutually exclusive. The Private Profile must be set on the directly on the device itself, and the only supported operation is Get. For PublicProfile, both Add and Get are supported. This CSP is intended to be used in conjunction with the AllJoyn Device System Bridge, and an understanding of the bridge will help when determining when and how to use this CSP. For more information, see [Device System Bridge (DSB)](https://wikipedia.org/wiki/AllJoyn). For more information, see [AllJoyn Device System Bridge](https://wikipedia.org/wiki/AllJoyn). +For the firewall settings, note that PublicProfile and PrivateProfile are mutually exclusive. The Private Profile must be set on the directly on the device itself, and the only supported operation is Get. For PublicProfile, both Add and Get are supported. This CSP is intended to be used in conjunction with the AllJoyn Device System Bridge, and an understanding of the bridge will help when determining when and how to use this CSP. For more information, see [Device System Bridge (DSB)](https://wikipedia.org/wiki/AllJoyn). For more information, see [AllJoyn - Wikipedia](https://wikipedia.org/wiki/AllJoyn). The following shows the AllJoynManagement configuration service provider in tree format diff --git a/windows/client-management/mdm/enterprise-app-management.md b/windows/client-management/mdm/enterprise-app-management.md index ddd6fe4dd5..d5a45549a2 100644 --- a/windows/client-management/mdm/enterprise-app-management.md +++ b/windows/client-management/mdm/enterprise-app-management.md @@ -517,7 +517,7 @@ Provisioning allows you to stage the app to the device and all users of the devi Here are the requirements for this scenario: -- The location of the app can be the local files system (C:\\StagedApps\\app1.appx), a UNC path (\\\\server\\share\\app1.apx), or an HTTPS location (https://contoso.com/app1.appx\_ +- The location of the app can be the local files system (C:\\StagedApps\\app1.appx), a UNC path (\\\\server\\share\\app1.apx), or an HTTPS location (`https://contoso.com/app1.appx\`) - The user must have permission to access the content location. For HTTPs, you can use server authentication or certificate authentication using a certificate associated with the enrollment. HTTP locations are supported, but not recommended because of lack of authentication requirements. - The device doesn't need to have connectivity to the Microsoft Store, or store services enabled. - The device doesn't need any Azure AD identity or domain membership. diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md index 4155f26107..6c384c45db 100644 --- a/windows/client-management/mdm/passportforwork-csp.md +++ b/windows/client-management/mdm/passportforwork-csp.md @@ -88,7 +88,7 @@ PassportForWork Root node for PassportForWork configuration service provider. ***TenantId*** -A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](/powershell/module/servicemanagement/azure.service/get-azureaccount). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell). +A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](https://docs.microsoft.com/powershell/module/servicemanagement/azure.service/get-azureaccount). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell). ***TenantId*/Policies** Node for defining the Windows Hello for Business policy settings. diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md index 036aa82cdc..2775253a06 100644 --- a/windows/client-management/mdm/policy-csp-internetexplorer.md +++ b/windows/client-management/mdm/policy-csp-internetexplorer.md @@ -1960,7 +1960,7 @@ Internet Explorer has 4 security zones, numbered 1-4, and these are used by this If you enable this policy setting, you can enter a list of sites and their related zone numbers. The association of a site with a zone will ensure that the security settings for the specified zone are applied to the site.  For each entry that you add to the list, enter the following information: -Valuename – A host for an intranet site, or a fully qualified domain name for other sites. The valuename may also include a specific protocol. For example, if you enter as the valuename, other protocols are not affected. If you enter just www.contoso.com, then all protocols are affected for that site, including http, https, ftp, and so on. The site may also be expressed as an IP address (e.g., 127.0.0.1) or range (e.g., 127.0.0.1-10). To avoid creating conflicting policies, do not include additional characters after the domain such as trailing slashes or URL path. For example, policy settings for www.contoso.com and www.contoso.com/mail would be treated as the same policy setting by Internet Explorer, and would therefore be in conflict. +Valuename – A host for an intranet site, or a fully qualified domain name for other sites. The valuename may also include a specific protocol. For example, if you enter `` as the valuename, other protocols are not affected. If you enter just `www.contoso.com,` then all protocols are affected for that site, including http, https, ftp, and so on. The site may also be expressed as an IP address (e.g., 127.0.0.1) or range (e.g., 127.0.0.1-10). To avoid creating conflicting policies, do not include additional characters after the domain such as trailing slashes or URL path. For example, policy settings for www.contoso.com and www.contoso.com/mail would be treated as the same policy setting by Internet Explorer, and would therefore be in conflict. Value - A number indicating the zone with which this site should be associated for security settings. The Internet Explorer zones described above are 1-4. @@ -2002,8 +2002,8 @@ ADMX Info: ``` Value and index pairs in the SyncML example: -- http://adfs.contoso.org 1 -- https://microsoft.com 2 +- `http://adfs.contoso.org 1` +- `https://microsoft.com 2` diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md index 47b5e6b872..312cbd0bc3 100644 --- a/windows/configuration/guidelines-for-assigned-access-app.md +++ b/windows/configuration/guidelines-for-assigned-access-app.md @@ -131,7 +131,7 @@ The following table gives examples for blocked URLs. |--------------------------|-------------------------------------------------------------------------------| | `contoso.com` | Blocks all requests to contoso.com, `www.contoso.com,` and sub.www.contoso.com | | `https://*` | Blocks all HTTPS requests to any domain. | -| `mail.contoso.com` | Blocks requests to mail.contoso.com but not to `www.contoso.com` or contoso.com | +| `mail.contoso.com` | Blocks requests to mail.contoso.com but not to `www.contoso.com` or `contoso.com` | | `.contoso.com` | Blocks contoso.com but not its subdomains, like subdomain.contoso.com. | | `.www.contoso.com` | Blocks `www.contoso.com` but not its subdomains. | | `*` | Blocks all requests except for URLs in the Blocked URL Exceptions list. | diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md index ed4dc68548..8fd660dd30 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md @@ -193,7 +193,7 @@ The web server is ready to host the CRL distribution point. Now, configure the 1. On the issuing certificate authority, sign-in as a local administrator. Start the **Certificate Authority** console from **Administrative Tools**. 2. In the navigation pane, right-click the name of the certificate authority and click **Properties** 3. Click **Extensions**. On the **Extensions** tab, select **CRL Distribution Point (CDP)** from the **Select extension** list. -4. On the **Extensions** tab, click **Add**. Type http://crl.[domainname]/cdp/ in **location**. For example, ` or (do not forget the trailing forward slash). ` +4. On the **Extensions** tab, click **Add**. Type http://crl.[domainname]/cdp/ in **location**. For example, `` or ` (do not forget the trailing forward slash). ` ![CDP New Location dialog box.](images/aadj/cdp-extension-new-location.png) 5. Select **\** from the **Variable** list and click **Insert**. Select **\** from the **Variable** list and click **Insert**. Select **\** from the **Variable** list and click **Insert**. 6. Type **.crl** at the end of the text in **Location**. Click **OK**.