Merging changes synced from https://github.com/MicrosoftDocs/windows-docs-pr (branch live)

2025-05-14 06:17:22 +00:00 · 2021-08-09 22:40:24 +00:00 · 2021-08-09 22:40:24 +00:00 · aaa99302c2
commit aaa99302c2
parent dfed56f988 bac09e37da
2 changed files with 27 additions and 25 deletions
--- a/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
+++ b/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool.md
@ -41,10 +41,11 @@ On the desktop and mobile devices, you can use an enrollment certificate or enro
 ## What you need
-   Windows 10 devices
+-   Windows 10 devices.
-   Windows Configuration Designer (WCD) tool
+-   Windows Configuration Designer (WCD) tool.
    To get the WCD tool, download from the [Microsoft Store](https://www.microsoft.com/store/productId/9NBLGGH4TX22). For more information about the WCD tool, see [Windows Configuration Designer](/windows/configuration/provisioning-packages/provisioning-install-icd) and [Getting started with Windows WCD](/windows/configuration/provisioning-packages/provisioning-install-icd).
-   Enrollment credentials (domain account for enrollment, generic enrollment credentials for MDM, enrollment certificate for MDM.)
+-   Enrollment credentials (domain account for enrollment, generic enrollment credentials for MDM, enrollment certificate for MDM.).
 -   Wi-Fi credentials, computer name scheme, and anything else required by your organization.
    Some organizations require custom APNs to be provisioned before talking to the enrollment endpoint or custom VPN to join a domain.
@ -72,7 +73,8 @@ Using the WCD, create a provisioning package using the enrollment information re
   -   **Secret** - Password
   For detailed descriptions of these settings, see [Provisioning CSP](provisioning-csp.md).
   Here is the screenshot of the WCD at this point.
-   ![bulk enrollment screenshot](images/bulk-enrollment.png)
+   
    ![bulk enrollment screenshot](images/bulk-enrollment.png)
 9. Configure the other settings, such as the Wi-Fi connections so that the device can join a network before joining MDM (e.g., **Runtime settings** &gt; **ConnectivityProfiles** &gt; **WLANSetting**).
 10. When you are done adding all the settings, on the **File** menu, click **Save**.
 11. On the main menu click **Export** &gt; **Provisioning package**.
--- a/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md
+++ b/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md
@ -87,30 +87,30 @@ reg add hklm\system\currentcontrolset\control\ci -v TestFlags -t REG_DWORD -d 0x
 ```
 ## System Integrity Policy Options
-The WDAC policy rule-option values can be derived from the "Options" field in the Details section of the Code integrity 3099 event. To parse the values, first convert the hex value to binary. Next, use the bit addresses and their values from the table below to determine the state of each [policy rule-option](select-types-of-rules-to-create#table-1-windows-defender-application-control-policy---rule-options).
+The WDAC policy rule-option values can be derived from the "Options" field in the Details section of the Code integrity 3099 event. To parse the values, first convert the hex value to binary. Next, use the bit addresses and their values from the table below to determine the state of each [policy rule-option](/select-types-of-rules-to-create#table-1-windows-defender-application-control-policy---rule-options).
 | Bit Address | Policy Rule Option |
 |-------|------|
-| 2 | Enabled:UMCI |
+| 2 | `Enabled:UMCI` |
-| 3 | Enabled:Boot Menu Protection |
+| 3 | `Enabled:Boot Menu Protection` |
-| 4 | Enabled:Intelligent Security Graph Authorization |
+| 4 | `Enabled:Intelligent Security Graph Authorization` |
-| 5 | Enabled:Invalidate EAs on Reboot |
+| 5 | `Enabled:Invalidate EAs on Reboot` |
-| 7 | Required:WHQL |
+| 7 | `Required:WHQL` |
-| 10 | Enabled:Allow Supplemental Policies |
+| 10 | `Enabled:Allow Supplemental Policies` |
-| 11 | Disabled:Runtime FilePath Rule Protection |
+| 11 | `Disabled:Runtime FilePath Rule Protection` |
-| 13 | Enabled:Revoked Expired As Unsigned |
+| 13 | `Enabled:Revoked Expired As Unsigned` |
-| 16 | Enabled:Audit Mode (Default) |
+| 16 | `Enabled:Audit Mode (Default)` |
-| 17 | Disabled:Flight Signing |
+| 17 | `Disabled:Flight Signing` |
-| 18 | Enabled:Inherit Default Policy |
+| 18 | `Enabled:Inherit Default Policy` |
-| 19 | Enabled:Unsigned System Integrity Policy (Default) |
+| 19 | `Enabled:Unsigned System Integrity Policy (Default)` |
-| 20 | Enabled:Dynamic Code Security |
+| 20 | `Enabled:Dynamic Code Security` |
-| 21 | Required:EV Signers |
+| 21 | `Required:EV Signers` |
-| 22 | Enabled:Boot Audit on Failure |
+| 22 | `Enabled:Boot Audit on Failure` |
-| 23 | Enabled:Advanced Boot Options Menu |
+| 23 | `Enabled:Advanced Boot Options Menu` |
-| 24 | Disabled:Script Enforcement |
+| 24 | `Disabled:Script Enforcement` |
-| 25 | Required:Enforce Store Applications |
+| 25 | `Required:Enforce Store Applications` |
-| 27 | Enabled:Managed Installer  |
+| 27 | `Enabled:Managed Installer`  |
-| 28 | Enabled:Update Policy No Reboot |
+| 28 | `Enabled:Update Policy No Reboot` |
 ## Appendix
 A list of other relevant event IDs and their corresponding description.