From adf14256505cd07c682a9a33fe2495e71513f73f Mon Sep 17 00:00:00 2001 From: illfated Date: Sun, 12 Apr 2020 19:28:29 +0200 Subject: [PATCH 1/5] Threat Protection/Auditing: event 4985 page link Description: As reported in issue ticket #6470 (Incorrect link), the current link named "4985(S): The state of a transaction has changed." links to Event "4674(S, F): An operation was attempted on a privileged object." This typo is a "no-brainer" and is likely the result of a copy-paste mistake or a mass conversion oversight, not a dedicated operation. Thanks to azupwn for pointing out this issue. Changes proposed: - Insert the correct event number 4985 in the link - Reduce markdown bullet list spacing from 3 to 1 under "Applies to" Ticket closure or reference: Closes #6470 --- .../auditing/audit-other-privilege-use-events.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md index e13d22c6e3..f6d870f605 100644 --- a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md +++ b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md @@ -2,7 +2,7 @@ title: Audit Other Privilege Use Events (Windows 10) description: This security policy setting is not used. ms.assetid: 5f7f5b25-42a6-499f-8aa2-01ac79a2a63c -ms.reviewer: +ms.reviewer: manager: dansimp ms.author: dansimp ms.pagetype: security @@ -17,8 +17,8 @@ ms.date: 04/19/2017 # Audit Other Privilege Use Events **Applies to** -- Windows 10 -- Windows Server 2016 +- Windows 10 +- Windows Server 2016 This auditing subcategory should not have any events in it, but for some reason Success auditing will enable generation of event 4985(S): The state of a transaction has changed. @@ -31,7 +31,7 @@ This auditing subcategory should not have any events in it, but for some reason **Events List:** -- [4985](event-4674.md)(S): The state of a transaction has changed. +- [4985](event-4985.md)(S): The state of a transaction has changed. From 87ee74186500ad3670427b05f959f0595b5f20a3 Mon Sep 17 00:00:00 2001 From: Mizanur Rahman <41208456+Mizanurra@users.noreply.github.com> Date: Tue, 21 Apr 2020 16:24:12 -0700 Subject: [PATCH 2/5] Update hololens2-autopilot.md Moved requirements verification steps before submitting the private preview request and also added user-targeted apps clarification. --- devices/hololens/hololens2-autopilot.md | 64 ++++++++++++------------- 1 file changed, 31 insertions(+), 33 deletions(-) diff --git a/devices/hololens/hololens2-autopilot.md b/devices/hololens/hololens2-autopilot.md index 1d2c68e80e..4a84b33ae9 100644 --- a/devices/hololens/hololens2-autopilot.md +++ b/devices/hololens/hololens2-autopilot.md @@ -31,7 +31,7 @@ When a user starts the Autopilot self-deploying process, the process completes t > [!NOTE] > Autopilot for HoloLens does not support Active Directory join or Hybrid Azure AD join. 1. Use Azure AD to enroll the device in Microsoft Intune (or another MDM service). -1. Download the device-targeted policies, certificates, and networking profiles. +1. Download the device-targeted policies, user-targeted apps, certificates, and networking profiles. 1. Provision the device. 1. Present the sign-in screen to the user. @@ -39,8 +39,8 @@ When a user starts the Autopilot self-deploying process, the process completes t The following steps summarize the process of setting up your environment for the Windows Autopilot for HoloLens 2. The rest of this section provides the details of these steps. -1. Enroll in the Windows Autopilot for HoloLens 2 program. 1. Make sure that you meet the requirements for Windows Autopilot for HoloLens. +1. Enroll in the Windows Autopilot for HoloLens 2 program. 1. Verify that your tenant is flighted (enrolled to participate in the program). 1. Register devices in Windows Autopilot. 1. Create a device group. @@ -49,7 +49,35 @@ The following steps summarize the process of setting up your environment for the 1. Configure a custom configuration profile for HoloLens devices (known issue). 1. Verify the profile status of the HoloLens devices. -### 1. Enroll in the Windows Autopilot for HoloLens 2 program +### 1. Make sure that you meet the requirements for Windows Autopilot for HoloLens +For the latest information about how to participate in the program, review [Windows Insider Release Notes](hololens-insider.md#windows-insider-release-notes). + +Review the following sections of the Windows Autopilot requirements article: + +- [Network requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot-requirements#networking-requirements) +- [Licensing requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot-requirements#licensing-requirements) +- [Configuration requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot-requirements#configuration-requirements) +> [!IMPORTANT] +> Unlike other Windows Autopilot programs, Windows Autopilot for HoloLens 2 has specific operating system requirements. + +Review the "[Requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/self-deploying#requirements)" section of the Windows Autopilot Self-Deploying mode article. Your environment has to meet these requirements as well as the standard Windows Autopilot requirements. + +> [!NOTE] +> You do not have to review the "Step by step" and "Validation" sections of the article. The procedures later in this article provide corresponding steps that are specific to HoloLens. +> [!IMPORTANT] +> For information about how to register devices and configure profiles, see [4. Register devices in Windows Autopilot](#4-register-devices-in-windows-autopilot) and [6. Create a deployment profile](#6-create-a-deployment-profile) in this article. These sections provide steps that are specific to HoloLens. + +Before you start the OOBE and provisioning process, make sure that the HoloLens devices meet the following requirements: + +- The devices are not already members of Azure AD, and are not enrolled in Intune (or another MDM system). The Autopilot self-deploying process completes these steps. To make sure that all the device-related information is cleaned up, check the **Devices** pages in both Azure AD and Intune. +- Every device can connect to the internet. You can use a wired or wireless connection. +- Every device can connect to a computer by using a USB-C cable, and that computer has the following available: + - Advanced Recovery Companion (ARC) + - The latest Windows update: Windows 10, version 19041.1002.200107-0909 or a later version) + +To configure and manage the Autopilot self-deploying mode profiles, make sure that you have access to [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com). + +### 2. Enroll in the Windows Autopilot for HoloLens 2 program To participate in the program, you have to use a tenant that is flighted for HoloLens. To do this, go to [Windows Autopilot for HoloLens Private Preview request](https://aka.ms/APHoloLensTAP) or use the following QR code to submit a request. @@ -62,36 +90,6 @@ In this request, provide the following information: - Number of HoloLens 2 devices that are participating in this evaluation - Number of HoloLens 2 devices that you plan to deploy by using Autopilot self-deploying mode -### 2. Make sure that you meet the requirements for Windows Autopilot for HoloLens - -For the latest information about how to participate in the program, review [Windows Insider Release Notes](hololens-insider.md#windows-insider-release-notes). - -Review the following sections of the Windows Autopilot requirements article: - -- [Network requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot-requirements#networking-requirements) -- [Licensing requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot-requirements#licensing-requirements) -- [Configuration requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/windows-autopilot-requirements#configuration-requirements) - > [!IMPORTANT] - > For information about how to register devices and configure profiles, see [4. Register devices in Windows Autopilot](#4-register-devices-in-windows-autopilot) and [6. Create a deployment profile](#6-create-a-deployment-profile) in this article. These sections provide steps that are specific to HoloLens. - -> [!IMPORTANT] -> Unlike other Windows Autopilot programs, Windows Autopilot for HoloLens 2 has specific operating system requirements. - -Review the "[Requirements](https://docs.microsoft.com/windows/deployment/windows-autopilot/self-deploying#requirements)" section of the Windows Autopilot Self-Deploying mode article. Your environment has to meet these requirements as well as the standard Windows Autopilot requirements. - -> [!NOTE] -> You do not have to review the "Step by step" and "Validation" sections of the article. The procedures later in this article provide corresponding steps that are specific to HoloLens. - -Before you start the OOBE and provisioning process, make sure that the HoloLens devices meet the following requirements: - -- The devices are not already members of Azure AD, and are not enrolled in Intune (or another MDM system). The Autopilot self-deploying process completes these steps. To make sure that all the device-related information is cleaned up, check the **Devices** pages in both Azure AD and Intune. -- Every device can connect to the internet. You can use a wired or wireless connection. -- Every device can connect to a computer by using a USB-C cable, and that computer has the following available: - - Advanced Recovery Companion (ARC) - - The latest Windows update: Windows 10, version 19041.1002.200107-0909 or a later version) - -To configure and manage the Autopilot self-deploying mode profiles, make sure that you have access to [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com). - ### 3. Verify that your tenant is flighted To verify that your tenant is flighted for the Autopilot program after you submit your request, follow these steps: From 7f2e12a101ef43211deca76e35c9c986de50e867 Mon Sep 17 00:00:00 2001 From: Anya Novicheva Date: Wed, 22 Apr 2020 12:29:41 -0400 Subject: [PATCH 3/5] Update mac-install-with-intune.md A note should be added to the very beginning of this article that stands out. This document explains the legacy method for deploying and configurating the Microsoft Defender ATP application on macOS devices. The note should explain this, and point admins to the new docs and the blog post that show the native experience which is much easier. The docs to link to from the note are - Blog: https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/microsoft-endpoint-manager-simplifies-deployment-of-microsoft/ba-p/1322995 Deployment: https://docs.microsoft.com/en-us/mem/intune/apps/apps-advanced-threat-protection-macos Configuration: https://docs.microsoft.com/en-us/mem/intune/protect/antivirus-microsoft-defender-settings-macos In order of steps in the note, the blog should come first, then config, then deployment. Thank you! --- .../microsoft-defender-atp/mac-install-with-intune.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md index 1daa3a12b2..8bafdd7fd7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md @@ -19,6 +19,10 @@ ms.topic: conceptual # Intune-based deployment for Microsoft Defender ATP for Mac +Note - This documentation explains the legacy method for deploying and configuring Microsoft Defender ATP on macOS devices. The native experience is now avaliable in the MEM console. The release of the native UI in the MEM console provide admins with a much simpler way to configure and dfeploy the application and send it down to macOS devices. This blog post explains the new features: https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/microsoft-endpoint-manager-simplifies-deployment-of-microsoft/ba-p/1322995 +To configure the app go here: https://docs.microsoft.com/en-us/mem/intune/protect/antivirus-microsoft-defender-settings-macos +To deploy the app go here: https://docs.microsoft.com/en-us/mem/intune/apps/apps-advanced-threat-protection-macos + **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) From 9626d5d0213a90cac24d7b2a77a50957a7d93305 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Wed, 22 Apr 2020 09:34:31 -0700 Subject: [PATCH 4/5] Update devices/hololens/hololens2-autopilot.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- devices/hololens/hololens2-autopilot.md | 1 + 1 file changed, 1 insertion(+) diff --git a/devices/hololens/hololens2-autopilot.md b/devices/hololens/hololens2-autopilot.md index 4a84b33ae9..a807dffdde 100644 --- a/devices/hololens/hololens2-autopilot.md +++ b/devices/hololens/hololens2-autopilot.md @@ -64,6 +64,7 @@ Review the "[Requirements](https://docs.microsoft.com/windows/deployment/windows > [!NOTE] > You do not have to review the "Step by step" and "Validation" sections of the article. The procedures later in this article provide corresponding steps that are specific to HoloLens. + > [!IMPORTANT] > For information about how to register devices and configure profiles, see [4. Register devices in Windows Autopilot](#4-register-devices-in-windows-autopilot) and [6. Create a deployment profile](#6-create-a-deployment-profile) in this article. These sections provide steps that are specific to HoloLens. From 732ba8833389f28226a6a72cd805feba66d7517f Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Wed, 22 Apr 2020 10:01:36 -0700 Subject: [PATCH 5/5] pencil edits --- .../microsoft-defender-atp/mac-install-with-intune.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md index 8bafdd7fd7..08235662b7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md @@ -19,9 +19,11 @@ ms.topic: conceptual # Intune-based deployment for Microsoft Defender ATP for Mac -Note - This documentation explains the legacy method for deploying and configuring Microsoft Defender ATP on macOS devices. The native experience is now avaliable in the MEM console. The release of the native UI in the MEM console provide admins with a much simpler way to configure and dfeploy the application and send it down to macOS devices. This blog post explains the new features: https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/microsoft-endpoint-manager-simplifies-deployment-of-microsoft/ba-p/1322995 -To configure the app go here: https://docs.microsoft.com/en-us/mem/intune/protect/antivirus-microsoft-defender-settings-macos -To deploy the app go here: https://docs.microsoft.com/en-us/mem/intune/apps/apps-advanced-threat-protection-macos +> [!NOTE] +> This documentation explains the legacy method for deploying and configuring Microsoft Defender ATP on macOS devices. The native experience is now available in the MEM console. The release of the native UI in the MEM console provide admins with a much simpler way to configure and dfeploy the application and send it down to macOS devices. +> This blog post explains the new features: https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/microsoft-endpoint-manager-simplifies-deployment-of-microsoft/ba-p/1322995 +> To configure the app go here: https://docs.microsoft.com/mem/intune/protect/antivirus-microsoft-defender-settings-macos +> To deploy the app go here: https://docs.microsoft.com/mem/intune/apps/apps-advanced-threat-protection-macos **Applies to:**