deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 10:53:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #4494 from nschonni/fix--MD005/list-indent

Browse Source 
fix: MD005/list-indent
This commit is contained in:
Daniel Simpson
2019-07-24 08:41:43 -07:00
committed by GitHub
parent c9339d32bf 536872ec34
commit a38bdb7a0a
10 changed files with 146 additions and 177 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/client-management/mdm/appv-deploy-and-config.md
View File

@ -37,7 +37,7 @@ manager: dansimp
- LastErrorDescription
- SyncStatusDescription
- SyncProgress
- Sync
- Sync
- PublishXML
- AppVDynamicPolicy

2
windows/client-management/mdm/enable-admx-backed-policies-in-mdm.md
View File

@ -32,7 +32,7 @@ See [Support Tip: Ingesting Office ADMX-backed policies using Microsoft Intune](
## Enable a policy
1. Find the policy from the list [ADMX-backed policies](policy-configuration-service-provider.md#admx-backed-policies). You need the following information listed in the policy description.
- GP English name
- GP English name
- GP name
- GP ADMX file name
- GP path

2
windows/client-management/mdm/index.md
View File

@ -44,7 +44,7 @@ The MDM security baseline includes policies that cover the following areas:
For more details about the MDM policies defined in the MDM security baseline and what Microsofts recommended baseline policy values are, see:
- [MDM Security baseline for Windows 10, version 1903](https://download.microsoft.com/download/2/C/4/2C418EC7-31E0-4A74-8928-6DCD512F9A46/1903-MDM-SecurityBaseLine-Document.zip)
- [MDM Security baseline for Windows 10, version 1809](https://download.microsoft.com/download/2/C/4/2C418EC7-31E0-4A74-8928-6DCD512F9A46/1809-MDM-SecurityBaseLine-Document-[Preview].zip)
- [MDM Security baseline for Windows 10, version 1809](https://download.microsoft.com/download/2/C/4/2C418EC7-31E0-4A74-8928-6DCD512F9A46/1809-MDM-SecurityBaseLine-Document-[Preview].zip)
For information about the MDM policies defined in the Intune security baseline public preview, see [Windows security baseline settings for Intune](https://docs.microsoft.com/intune/security-baseline-settings-windows)

12
windows/client-management/mdm/policy-csp-devicelock.md
View File

@ -387,12 +387,12 @@ Specifies whether device lock is enabled.
> [!Important]
> **DevicePasswordEnabled** should not be set to Enabled (0) when WMI is used to set the EAS DeviceLock policies given that it is Enabled by default in Policy CSP for back compat with Windows 8.x. If **DevicePasswordEnabled** is set to Enabled(0) then Policy CSP will return an error stating that **DevicePasswordEnabled** already exists. Windows 8.x did not support DevicePassword policy. When disabling **DevicePasswordEnabled** (1) then this should be the only policy set from the DeviceLock group of policies listed below:
> - **DevicePasswordEnabled** is the parent policy of the following:
> - AllowSimpleDevicePassword
> - MinDevicePasswordLength
> - AlphanumericDevicePasswordRequired
> - MinDevicePasswordComplexCharacters 
> - DevicePasswordExpiration
> - DevicePasswordHistory
> - AllowSimpleDevicePassword
> - MinDevicePasswordLength
> - AlphanumericDevicePasswordRequired
> - MinDevicePasswordComplexCharacters 
> - DevicePasswordExpiration
> - DevicePasswordHistory
> - MaxDevicePasswordFailedAttempts
> - MaxInactivityTimeDeviceLock

54
windows/deployment/update/waas-wu-settings.md
View File

@ -190,47 +190,47 @@ To do this, follow these steps:
3. Add one of the following registry values to configure Automatic Update.
* NoAutoUpdate (REG_DWORD):
* **0**: Automatic Updates is enabled (default).
* **1**: Automatic Updates is disabled.
* AUOptions (REG_DWORD):
* **1**: Keep my computer up to date is disabled in Automatic Updates.
* **2**: Notify of download and installation.
* **3**: Automatically download and notify of installation.
* **4**: Automatically download and scheduled installation.
* NoAutoUpdate (REG_DWORD):
* **0**: Automatic Updates is enabled (default).
* **1**: Automatic Updates is disabled.
* AUOptions (REG_DWORD):
* **1**: Keep my computer up to date is disabled in Automatic Updates.
* **2**: Notify of download and installation.
* **3**: Automatically download and notify of installation.
* **4**: Automatically download and scheduled installation.
* ScheduledInstallDay (REG_DWORD):
* **0**: Every day.
* **1** through **7**: The days of the week from Sunday (1) to Saturday (7).
* ScheduledInstallTime (REG_DWORD):
**n**, where **n** equals the time of day in a 24-hour format (0-23).
* UseWUServer (REG_DWORD)
Set this value to **1** to configure Automatic Updates to use a server that is running Software Update Services instead of Windows Update.
* RescheduleWaitTime (REG_DWORD)
**m**, where **m** equals the time period to wait between the time Automatic Updates starts and the time that it begins installations where the scheduled times have passed. The time is set in minutes from 1 to 60, representing 1 minute to 60 minutes)
> [!NOTE]
> This setting only affects client behavior after the clients have updated to the SUS SP1 client version or later versions.
* NoAutoRebootWithLoggedOnUsers (REG_DWORD):
**0** (false) or **1** (true). If set to **1**, Automatic Updates does not automatically restart a computer while users are logged on.
> [!NOTE]
> This setting affects client behavior after the clients have updated to the SUS SP1 client version or later versions.

95
windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
View File

@ -62,29 +62,29 @@ This page explains how to create an AAD application, get an access token to Micr
4. Allow your Application to access Microsoft Defender ATP and assign it 'Read alerts' permission:
- On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**.
- On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**.
- **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
- **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
![Image of API access and API selection](images/add-permission.png)
![Image of API access and API selection](images/add-permission.png)
- Choose **Delegated permissions** > **Alert.Read** > Click on **Add permissions**
- Choose **Delegated permissions** > **Alert.Read** > Click on **Add permissions**
![Image of API access and API selection](images/application-permissions-public-client.png)
![Image of API access and API selection](images/application-permissions-public-client.png)
- **Important note**: You need to select the relevant permissions. 'Read alerts' is only an example!
- **Important note**: You need to select the relevant permissions. 'Read alerts' is only an example!
For instance,
For instance,
- To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
- To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
- To determine which permission you need, please look at the **Permissions** section in the API you are interested to call.
- To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
- To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
- To determine which permission you need, please look at the **Permissions** section in the API you are interested to call.
- Click **Grant consent**
- Click **Grant consent**
**Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect.
**Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect.
![Image of Grant permissions](images/grant-consent.png)
![Image of Grant permissions](images/grant-consent.png)
6. Write down your application ID and your tenant ID:
@ -102,42 +102,42 @@ For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.co
- Copy/Paste the below class in your application.
- Use **AcquireUserTokenAsync** method with the your application ID, tenant ID, user name and password to acquire a token.
```
namespace WindowsDefenderATP
{
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json.Linq;
```csharp
namespace WindowsDefenderATP
{
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json.Linq;
public static class WindowsDefenderATPUtils
{
private const string Authority = "https://login.windows.net";
public static class WindowsDefenderATPUtils
{
private const string Authority = "https://login.windows.net";
private const string WdatpResourceId = "https://api.securitycenter.windows.com";
private const string WdatpResourceId = "https://api.securitycenter.windows.com";
public static async Task<string> AcquireUserTokenAsync(string username, string password, string appId, string tenantId)
{
using (var httpClient = new HttpClient())
{
var urlEncodedBody = $"resource={WdatpResourceId}&client_id={appId}&grant_type=password&username={username}&password={password}";
public static async Task<string> AcquireUserTokenAsync(string username, string password, string appId, string tenantId)
{
using (var httpClient = new HttpClient())
{
var urlEncodedBody = $"resource={WdatpResourceId}&client_id={appId}&grant_type=password&username={username}&password={password}";
var stringContent = new StringContent(urlEncodedBody, Encoding.UTF8, "application/x-www-form-urlencoded");
var stringContent = new StringContent(urlEncodedBody, Encoding.UTF8, "application/x-www-form-urlencoded");
using (var response = await httpClient.PostAsync($"{Authority}/{tenantId}/oauth2/token", stringContent).ConfigureAwait(false))
{
response.EnsureSuccessStatusCode();
using (var response = await httpClient.PostAsync($"{Authority}/{tenantId}/oauth2/token", stringContent).ConfigureAwait(false))
{
response.EnsureSuccessStatusCode();
var json = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
var json = await response.Content.ReadAsStringAsync().ConfigureAwait(false);
var jObject = JObject.Parse(json);
var jObject = JObject.Parse(json);
return jObject["access_token"].Value<string>();
}
}
}
}
}
return jObject["access_token"].Value<string>();
}
}
}
}
}
```
## Validate the token
@ -156,16 +156,17 @@ Sanity check to make sure you got a correct token:
- The Expiration time of the token is 1 hour (you can send more then one request with the same token)
- Example of sending a request to get a list of alerts **using C#**
```
var httpClient = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Get, "https://api.securitycenter.windows.com/api/alerts");
```csharp
var httpClient = new HttpClient();
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
var request = new HttpRequestMessage(HttpMethod.Get, "https://api.securitycenter.windows.com/api/alerts");
var response = httpClient.SendAsync(request).GetAwaiter().GetResult();
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
// Do something useful with the response
var response = httpClient.SendAsync(request).GetAwaiter().GetResult();
// Do something useful with the response
```
## Related topics

46
windows/security/threat-protection/microsoft-defender-atp/user-roles.md
View File

@ -34,31 +34,31 @@ The following steps guide you on how to create roles in Microsoft Defender Secur
3. Enter the role name, description, and permissions you'd like to assign to the role.
- **Role name**
- **Description**
- **Permissions**
- **View data** - Users can view information in the portal.
- **Alerts investigation** - Users can manage alerts, initiate automated investigations, collect investigation packages, manage machine tags, and export machine timeline.
- **Active remediation actions** - Users can take response actions and approve or dismiss pending remediation actions.
- **Manage portal system settings** - Users can configure storage settings, SIEM and threat intel API settings (applies globally), advanced settings, automated file uploads, roles and machine groups.
>[!NOTE]
>This setting is only available in the Microsoft Defender ATP administrator (default) role.
- **Role name**
- **Description**
- **Permissions**
- **View data** - Users can view information in the portal.
- **Alerts investigation** - Users can manage alerts, initiate automated investigations, collect investigation packages, manage machine tags, and export machine timeline.
- **Active remediation actions** - Users can take response actions and approve or dismiss pending remediation actions.
- **Manage portal system settings** - Users can configure storage settings, SIEM and threat intel API settings (applies globally), advanced settings, automated file uploads, roles and machine groups.
- **Manage security settings** - Users can configure alert suppression settings, manage allowed/blocked lists for automation, create and manage custom detections, manage folder exclusions for automation, onboard and offboard machines, and manage email notifications.
> [!NOTE]
> This setting is only available in the Microsoft Defender ATP administrator (default) role.
- **Live response capabilities** - Users can take basic or advanced live response commands. <br>
- Basic commands allow users to:
- Start a live response session
- Run read only live response commands on a remote machine
- Advanced commands allow users to:
- Run basic actions
- Download a file from the remote machine
- View a script from the files library
- Run a script on the remote machine from the files library take read and write commands.
For more information on the available commands, see [Investigate machines using Live response](live-response.md).
- **Manage security settings** - Users can configure alert suppression settings, manage allowed/blocked lists for automation, create and manage custom detections, manage folder exclusions for automation, onboard and offboard machines, and manage email notifications.
- **Live response capabilities** - Users can take basic or advanced live response commands.
- Basic commands allow users to:
- Start a live response session
- Run read only live response commands on a remote machine
- Advanced commands allow users to:
- Run basic actions
- Download a file from the remote machine
- View a script from the files library
- Run a script on the remote machine from the files library take read and write commands.
For more information on the available commands, see [Investigate machines using Live response](live-response.md).
4. Click **Next** to assign the role to an Azure AD group.
5. Use the filter to select the Azure AD group that you'd like to add to this role.