From 381af7cc81e1d7642d2f421eb56f99ea4580811a Mon Sep 17 00:00:00 2001 From: Junkui Chen Date: Fri, 17 Mar 2023 18:02:37 +0800 Subject: [PATCH 1/3] add the adobe-target metadata for A/B testing --- browsers/edge/docfx.json | 1 + browsers/internet-explorer/docfx.json | 1 + education/docfx.json | 1 + store-for-business/docfx.json | 1 + windows/application-management/docfx.json | 1 + windows/client-management/docfx.json | 1 + windows/configuration/docfx.json | 1 + windows/deployment/docfx.json | 1 + windows/hub/docfx.json | 1 + windows/privacy/docfx.json | 1 + windows/security/docfx.json | 1 + windows/whats-new/docfx.json | 1 + 12 files changed, 12 insertions(+) diff --git a/browsers/edge/docfx.json b/browsers/edge/docfx.json index f021f6aafb..2205218007 100644 --- a/browsers/edge/docfx.json +++ b/browsers/edge/docfx.json @@ -29,6 +29,7 @@ "globalMetadata": { "uhfHeaderId": "MSDocsHeader-MSEdge", "recommendations": true, + "adobe-target": true, "ms.collection": [ "tier3" ], diff --git a/browsers/internet-explorer/docfx.json b/browsers/internet-explorer/docfx.json index 626d8e7d35..ed0fa381c5 100644 --- a/browsers/internet-explorer/docfx.json +++ b/browsers/internet-explorer/docfx.json @@ -24,6 +24,7 @@ ], "globalMetadata": { "recommendations": true, + "adobe-target": true, "ms.collection": [ "tier3" ], diff --git a/education/docfx.json b/education/docfx.json index 993809eee6..8662cf333f 100644 --- a/education/docfx.json +++ b/education/docfx.json @@ -28,6 +28,7 @@ ], "globalMetadata": { "recommendations": true, + "adobe-target": true, "ms.topic": "article", "ms.collection": [ "education", diff --git a/store-for-business/docfx.json b/store-for-business/docfx.json index 4be7b72365..c0b85a8a1d 100644 --- a/store-for-business/docfx.json +++ b/store-for-business/docfx.json @@ -32,6 +32,7 @@ "externalReference": [], "globalMetadata": { "recommendations": true, + "adobe-target": true, "ms.collection": [ "tier2" ], diff --git a/windows/application-management/docfx.json b/windows/application-management/docfx.json index 1c1b014b8d..76647fae53 100644 --- a/windows/application-management/docfx.json +++ b/windows/application-management/docfx.json @@ -34,6 +34,7 @@ "externalReference": [], "globalMetadata": { "recommendations": true, + "adobe-target": true, "breadcrumb_path": "/windows/resources/breadcrumb/toc.json", "ms.collection": [ "tier2" diff --git a/windows/client-management/docfx.json b/windows/client-management/docfx.json index ae506a8cb0..1fcb22e3c9 100644 --- a/windows/client-management/docfx.json +++ b/windows/client-management/docfx.json @@ -34,6 +34,7 @@ "externalReference": [], "globalMetadata": { "recommendations": true, + "adobe-target": true, "ms.collection": [ "tier2" ], diff --git a/windows/configuration/docfx.json b/windows/configuration/docfx.json index 90a28bb7e6..ae433621cc 100644 --- a/windows/configuration/docfx.json +++ b/windows/configuration/docfx.json @@ -34,6 +34,7 @@ "externalReference": [], "globalMetadata": { "recommendations": true, + "adobe-target": true, "ms.collection": [ "tier2" ], diff --git a/windows/deployment/docfx.json b/windows/deployment/docfx.json index 1387984499..066cd3ec04 100644 --- a/windows/deployment/docfx.json +++ b/windows/deployment/docfx.json @@ -34,6 +34,7 @@ "externalReference": [], "globalMetadata": { "recommendations": true, + "adobe-target": true, "ms.collection": [ "tier2" ], diff --git a/windows/hub/docfx.json b/windows/hub/docfx.json index c1b07ce9d8..92c7e04bad 100644 --- a/windows/hub/docfx.json +++ b/windows/hub/docfx.json @@ -34,6 +34,7 @@ "externalReference": [], "globalMetadata": { "recommendations": true, + "adobe-target": true, "ms.collection": [ "tier1" ], diff --git a/windows/privacy/docfx.json b/windows/privacy/docfx.json index 79774ab7cc..9527d8b80f 100644 --- a/windows/privacy/docfx.json +++ b/windows/privacy/docfx.json @@ -34,6 +34,7 @@ "externalReference": [], "globalMetadata": { "recommendations": true, + "adobe-target": true, "breadcrumb_path": "/windows/resources/breadcrumb/toc.json", "uhfHeaderId": "MSDocsHeader-M365-IT", "ms.technology": "windows", diff --git a/windows/security/docfx.json b/windows/security/docfx.json index 0310c13313..7591454011 100644 --- a/windows/security/docfx.json +++ b/windows/security/docfx.json @@ -34,6 +34,7 @@ "externalReference": [], "globalMetadata": { "recommendations": true, + "adobe-target": true, "ms.collection": [ "tier2" ], diff --git a/windows/whats-new/docfx.json b/windows/whats-new/docfx.json index bd292f17c7..e833279c7f 100644 --- a/windows/whats-new/docfx.json +++ b/windows/whats-new/docfx.json @@ -34,6 +34,7 @@ "externalReference": [], "globalMetadata": { "recommendations": true, + "adobe-target": true, "ms.collection": [ "tier2" ], From c7685c70578f7a01f2a8f346bb2e91406e7d1422 Mon Sep 17 00:00:00 2001 From: Erik Parkkonen <61334012+SAINT-SCOBBERLOTCHER@users.noreply.github.com> Date: Fri, 17 Mar 2023 08:47:08 -0700 Subject: [PATCH 2/3] Update connect-to-remote-aadj-pc.md I added some new suggested verbiage to the page. Also some other feedback. - It took me a while to figure out that the Supported configurations table only applied to the Connect without Azure AD authentication section. Can you add a table or note to the Connect with Azure AD Authentication section that either enumerates all the credential types that are supported or that makes this more clear? To me it first made me think that credentials like FIDO2 security keys were not supported with Azure AD Authentication, but after testing I discovered that they are in fact supported. - Can you add notes about how long the RDP session lives by default. WIth Azure AD Authentication, even signing out of the remote desktop does not cause the user to reauth again when signing back in. The session length seems quite long. Maybe add a suggestion for CA Policy Session Controls to limit the session length also. - The App name/appID needed in the CA Policy isn't easy to find, so I put a specific mention of it in the page. --- windows/client-management/connect-to-remote-aadj-pc.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index 2abfcd2135..be69216aa6 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -49,13 +49,14 @@ There's no requirement for the local device to be joined to a domain or Azure AD To connect to the remote computer: - Launch **Remote Desktop Connection** from Windows Search, or by running `mstsc.exe`. -- Specify the name of the remote computer. +- Specify the **name** of the remote computer (IP address cannot be used when **Use a web account to sign in to the remote computer** option is used.) - Select **Use a web account to sign in to the remote computer** option in the **Advanced** tab. This option is equivalent to the `enablerdsaadauth` RDP property. For more information, see [Supported RDP properties with Remote Desktop Services](/windows-server/remote/remote-desktop-services/clients/rdp-files). - When prompted for credentials, specify your user name in `user@domain.com` format. - You're then prompted to allow the remote desktop connection when connecting to a new PC. Azure AD remembers up to 15 hosts for 30 days before prompting again. If you see this dialogue, select **Yes** to connect. > [!IMPORTANT] -> If your organization has configured and is using [Azure AD Conditional Access](/azure/active-directory/conditional-access/overview), your device must satisfy the conditional access requirements to allow connection to the remote computer. +> If your organization has configured and is using [Azure AD Conditional Access](/azure/active-directory/conditional-access/overview), your device must satisfy the conditional access requirements to allow connection to the remote computer. Conditional Access Policies can be used to "Require multi-factor authentication", "Require authentication strength" and session controls like "Sign-in frequency" by applying the Conditional Access Policy to the specific application **Microsoft Remote Desktop (a4a365df-50f1-4397-bc59-1a1564b8bb9c)** + ### Disconnection when the session is locked From 2a06b2ea7717f041083c86879421a8b485af9a7d Mon Sep 17 00:00:00 2001 From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Date: Fri, 17 Mar 2023 14:32:02 -0400 Subject: [PATCH 3/3] Update connect-to-remote-aadj-pc.md --- .../client-management/connect-to-remote-aadj-pc.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/windows/client-management/connect-to-remote-aadj-pc.md b/windows/client-management/connect-to-remote-aadj-pc.md index be69216aa6..32fe81be20 100644 --- a/windows/client-management/connect-to-remote-aadj-pc.md +++ b/windows/client-management/connect-to-remote-aadj-pc.md @@ -49,14 +49,17 @@ There's no requirement for the local device to be joined to a domain or Azure AD To connect to the remote computer: - Launch **Remote Desktop Connection** from Windows Search, or by running `mstsc.exe`. -- Specify the **name** of the remote computer (IP address cannot be used when **Use a web account to sign in to the remote computer** option is used.) - Select **Use a web account to sign in to the remote computer** option in the **Advanced** tab. This option is equivalent to the `enablerdsaadauth` RDP property. For more information, see [Supported RDP properties with Remote Desktop Services](/windows-server/remote/remote-desktop-services/clients/rdp-files). +- Specify the name of the remote computer and select **Connect**. + + > [!NOTE] + > IP address cannot be used when **Use a web account to sign in to the remote computer** option is used. + - When prompted for credentials, specify your user name in `user@domain.com` format. - You're then prompted to allow the remote desktop connection when connecting to a new PC. Azure AD remembers up to 15 hosts for 30 days before prompting again. If you see this dialogue, select **Yes** to connect. > [!IMPORTANT] -> If your organization has configured and is using [Azure AD Conditional Access](/azure/active-directory/conditional-access/overview), your device must satisfy the conditional access requirements to allow connection to the remote computer. Conditional Access Policies can be used to "Require multi-factor authentication", "Require authentication strength" and session controls like "Sign-in frequency" by applying the Conditional Access Policy to the specific application **Microsoft Remote Desktop (a4a365df-50f1-4397-bc59-1a1564b8bb9c)** - +> If your organization has configured and is using [Azure AD Conditional Access](/azure/active-directory/conditional-access/overview), your device must satisfy the conditional access requirements to allow connection to the remote computer. Conditional Access policies with [grant controls](/azure/active-directory/conditional-access/concept-conditional-access-grant) and [session controls](/azure/active-directory/conditional-access/howto-conditional-access-session-lifetime) may be applied to the application **Microsoft Remote Desktop (a4a365df-50f1-4397-bc59-1a1564b8bb9c)** for controlled access. ### Disconnection when the session is locked @@ -88,7 +91,7 @@ To connect to the remote computer: ### Supported configurations -This table lists the supported configurations for remotely connecting to an Azure AD joined device: +This table lists the supported configurations for remotely connecting to an Azure AD joined device without using Azure AD authentication: | **Criteria** | **Client operating system** | **Supported credentials** | |--------------------------------------------|-----------------------------------|--------------------------------------------------------------------|