From 7de799f287eeb476801c30cc7397b4bd9cc6c61c Mon Sep 17 00:00:00 2001 From: mapalko Date: Tue, 18 Jun 2019 18:19:26 -0700 Subject: [PATCH 01/20] Added note for AAD endpoint needed for ADFS to verify cert requests --- .../hello-for-business/hello-hybrid-cert-whfb-provision.md | 3 +++ .../hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md | 3 +++ 2 files changed, 6 insertions(+) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md index 4e0e71aa57..8095b29452 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md @@ -66,6 +66,9 @@ After a successful key registration, Windows creates a certificate request using The AD FS registration authority verifies the key used in the certificate request matches the key that was previously registered. On a successful match, the AD FS registration authority signs the certificate request using its enrollment agent certificate and sends it to the certificate authority. +> [!NOTE] +> In order for AD FS to verify the key used in the certificate request, it needs to be able to access the https://enterpriseregistration.windows.net endpoint. + The certificate authority validates the certificate was signed by the registration authority. On successful validation of the signature, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user’s certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user that they can use their PIN to sign-in through the Windows Action Center.

diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md index da3bf064e5..c4d3011a16 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-adfs.md @@ -28,6 +28,9 @@ The Windows Server 2016 Active Directory Federation Server Certificate Registrat The Windows Hello for Business Authentication certificate template is configured to only issue certificates to certificate requests that have been signed with an enrollment agent certificate. +> [!NOTE] +> In order for AD FS to verify user certificate requests for Windows Hello for Business, it needs to be able to access the https://enterpriseregistration.windows.net endpoint. + ### Configure the Registration Authority Sign-in the AD FS server with *Domain Admin* equivalent credentials. From a163d35183cbfa1b7cd3fcb8f24e223f916d77e1 Mon Sep 17 00:00:00 2001 From: mapalko Date: Tue, 18 Jun 2019 18:58:07 -0700 Subject: [PATCH 02/20] Added notes to PKI sections to call out DC certs needing to be in NTAuth Store --- .../hello-for-business/hello-hybrid-cert-whfb-provision.md | 2 +- .../hello-for-business/hello-hybrid-key-whfb-settings-pki.md | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md index 8095b29452..eaf63601ae 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-provision.md @@ -67,7 +67,7 @@ After a successful key registration, Windows creates a certificate request using The AD FS registration authority verifies the key used in the certificate request matches the key that was previously registered. On a successful match, the AD FS registration authority signs the certificate request using its enrollment agent certificate and sends it to the certificate authority. > [!NOTE] -> In order for AD FS to verify the key used in the certificate request, it needs to be able to access the https://enterpriseregistration.windows.net endpoint. +> In order for AD FS to verify the key used in the certificate request, it needs to be able to access the https://enterpriseregistration.windows.net endpoint. The certificate authority validates the certificate was signed by the registration authority. On successful validation of the signature, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user’s certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user that they can use their PIN to sign-in through the Windows Action Center. diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md index 0c6d6de655..bda944c54a 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-whfb-settings-pki.md @@ -77,6 +77,8 @@ Sign-in a certificate authority or management workstations with _Enterprise Admi The certificate template is configured to supersede all the certificate templates provided in the certificate templates superseded templates list. However, the certificate template and the superseding of certificate templates is not active until you publish the certificate template to one or more certificate authorities. +>[!NOTE] +>The Domain Controller Certificate must be present in the NTAuth store. By default, Microsoft Enterprise CAs are added to the NTAuth store. If you are using a 3rd party CA, this may not be done by default. If the Domain Controller Certificate is not present in the NTAuth store, user authentication will fail. ### Publish Certificate Templates to a Certificate Authority From 3a68919285e7039d36ae45a12fe3285021f18802 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Wed, 19 Jun 2019 08:24:18 -0700 Subject: [PATCH 03/20] Cleaned up and added alt text --- .../mdm/policy-csp-cryptography.md | 26 ++++--------------- 1 file changed, 5 insertions(+), 21 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-cryptography.md b/windows/client-management/mdm/policy-csp-cryptography.md index 1921989b07..811f4acfc2 100644 --- a/windows/client-management/mdm/policy-csp-cryptography.md +++ b/windows/client-management/mdm/policy-csp-cryptography.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: manikadhiman -ms.date: 05/14/2018 +ms.date: 06/19/2019 ms.reviewer: manager: dansimp --- @@ -18,31 +18,20 @@ manager: dansimp ## Cryptography policies +[Cryptography/AllowFipsAlgorithmPolicy](#CryptographyAllowFipsAlgorithmPolicy) +[Cryptography/TLSCipherSuites](#CryptographyTLSCipherSuites) -<<<<<<< HEAD -* [Cryptography/AllowFipsAlgorithmPolicy](#CryptographyAllowFipsAlgorithmPolicy) -* [Cryptography/TLSCipherSuites](#CryptographyTLSCipherSuites) -======= -* [Cryptography/AllowFipsAlgorithmPolicy](#cryptographyallowfipsalgorithmpolicy) -* [Cryptography/TLSCipherSuites](#cryptographytlsciphersuites) ->>>>>>> master -* [Cryptography/Microsoft Surface Hub](#cryptography-policies-supported-by-microsoft-surface-hub)
-<<<<<<< HEAD -## Cryptography/AllowFipsAlgorithmPolicy -======= ## Cryptography/AllowFipsAlgorithmPolicy ->>>>>>> master |Home|Pro|Business |Enterprise |Education |Mobile |Mobile Enterprise | | :---: | :---: | :---: | :---: | :---: | :---: | :---: | -|![][x] | ![][check] | ![][check] | ![][check] | ![][check] | ![][check] | ![][check]| - +|![No][x] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check]| @@ -77,16 +66,12 @@ The following list shows the supported values: -<<<<<<< HEAD -## Cryptography/TLSCipherSuites -======= ## Cryptography/TLSCipherSuites ->>>>>>> master |Home|Pro|Business |Enterprise |Education |Mobile |Mobile Enterprise | | :---: | :---: | :---: | :---: | :---: | :---: | :---: | -|![][x] | ![][check] | ![][check] | ![][check] | ![][check] | ![][check] | ![][check]| +|![No][x] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check]| @@ -123,6 +108,5 @@ Footnote: - [check]: images/checkmark.png "Check" [x]: images/crossmark.png "X" From 23407cfe92bef8309a3a914295bdc096de463e21 Mon Sep 17 00:00:00 2001 From: v-savila Date: Wed, 19 Jun 2019 09:57:37 -0700 Subject: [PATCH 04/20] add Excel Data Streamer to Ed hub page --- education/images/data-streamer.png | Bin 0 -> 15443 bytes education/index.md | 19 +++++++++++++++++++ 2 files changed, 19 insertions(+) create mode 100644 education/images/data-streamer.png diff --git a/education/images/data-streamer.png b/education/images/data-streamer.png new file mode 100644 index 0000000000000000000000000000000000000000..7751ccab1edd94fe102d36e9c13b8d09b32e64e5 GIT binary patch literal 15443 zcmeIZWmHt*yFR=Tk&qCTP)bEYIut}wQIQg)kuH%g>6BE4P>_&DIwYlr?k=Taz+r%) zyYqdvXPy85_vL(e*ZY1vvzBWM%zk#Kc5v}OOX)WCW0V{MEccpB?!W!f*_m@ zf-B%RLx!k)a3HjOrRe}cT#WEP9G47nCkVO&Nk4z8;*zk6BKsCK?8$w~Nz6llOF%&S z<5ZoT>9!2JTABeKOs^EM8jFy>H@`z4Kei`9Jh}g^DP6M&R_J8B-+<2p zTXC@AALtpnfe&sF@|p6e3?jsZ|NHwI*CqIvLqLTC4n8XW2>3?{wx$>G@eT$09(?=~ zY)cLwU%jX#fRE|-v@gR)CG!70{eNHG|Lit0QD(r+*gCt}M}mee1go(SljWlHS#$d5 zwB}C}cdd;Cg;NdmFeenE;A;}&d4)E_3Swt^=qi)KfXrw$LE03#kQ}<(1t%Cplm8YY z>i7DV0ql{ABO?WqwC7vx3IQmRQ0s>h-{b5WtI)>^+OzvkwPceHz*||hcr|LA*CTyj z`0!P{U+UUyki0szV0{Pn+%6?;B06?TPQNSJ#NBE(L_6NczSXE!*!d+ij|UaJ3Jl3p znnd;(*qfq}bk^=v*I_?5VNv63Bcg=ZWb@U$&A0fRYp)W5u<Xlm%)B9lyo4^h6t!^j$^S)g@2@sj>{;wZAciW@lK9I%^2 z#kgXHsOw74&W{XsG7^(@R4IxYIG#O7o+&yOqgJGa1+M)08awZ@C+mbCmi=N5>PH?o zqkou1%FzS=-~qO?4WVWgyGSk!jIx*^s;0ReF8tJD#-&;xZTPP0A-K*Ie4T6%7xiBA zq4#+#xfMmUMMzUr)~5elQ>)$2Ji&(&?*o^owyWvC3!fm`i+QU_8=Z zS7YdzJy~_|NgN?>YKUDbMD4tC@#@UI6mkuM2%=x$LP3aOMDaGaR-Qcp6?R%wnD7$6 zS|N%yE-tQl!PzM=bK$K0vj4anx>bErgpUiAB)ma|rjk_)?4R*aRZ1mInKaNJU@a6`pAgBkVeNnUq-qa~MQQ@5pQacG(Y5FY!{MUHXlqT7+c3a;*OJkxfRS$BBoO|jr30{&y(EL+SN=?|VAikdwU@vw9Y=hx!d%&$~D!^moMGtihD~T=B63hNpLr$ur`h0 zCC-=lm3Q8wArznKqr`9^#V}Gb%Cw{Ynwv>_CAl1hkJc}!+4<{_0#=&S2g|JJ4`#&p z9?4OQm&mpQ%rgHPzKQg@x~*7!Ud&g#{(!O-ftan7Cr}w~o8B#@&l>?Z#d5*J*iI)6?G&L(qUg6arHGVMwqaTJJ4a6f0GX?j2os zy+5=z72jh)Yz;8b#E5~=};Ml?F%*~GjVV{WQ*&i}`R@~fb z-Knl)XHcQAiI^nwuXjxovJ^f%=hZt|?Nmi)+Ib>Pv#i+`@BFr_F9+qvcEtZ{ zTr&hU*lAFbKuqf(2{g@2A7vTHtqmA)87tP;p#v?%f3Hy;`t9`^>?1QVR}g~-(^e$? zBXr`loWCk}t9}9-HMUbSbq|2&V+5rqg}8;St%a?5fFFWHoY{2_m-gP_N=l6$5>928#ZG`;L=sM}E^RrUp zp!B0D{GK$-s%Dj6dcX%kv@qf`dDnFK6|Lnw{bjXXgLrx>MyF_OU_unfIH9m|!%Toa z=|HX`1eDz1C=e{H*(4-%+@HfnOm97-d}f(_Gfz~wq&k(C<84h3KJYm&S+F84qZ;|S zrGxBYXXaTaa^=NDveX&fnyzL*`Y+SJ85Eg?r8K z$){Rlr;X|a=JVgcmQlKis=$F#GyqWcc}`3ze(=_z+CZO}I>>5*p@42!I8R!u$kDrz zMNsXnb?!xPY|t*D!Qtn`$vq~g@bkWl18>r^4c;=zW=C(2H@^?@An0)fcv&(MmiM*` z#l3m8MNAAU=b9Xv04#E4*p;NwD#_)m$tqwX-as*GD^2c)lNTG>ZB?H%*NBcka`;U7 zh?byYT{u?xu}h6i_jf<{%(r!kUzh05X1g5G%i_p8+7GRimK|^)iK-i1mm~;3$v=;K z`!@0n!Z30T*4i$QcZz*HDq-y|=o^d?cobAf=OXT5XT3#0DDomQLOLVqY z){CBu%$2Oqz41guKp^h(Q|zFjqe=Z@gbtFLqQc3Dk~wsqT}Pd)#8(vHgFRo|i=tsSC% zM_Op^u(T(9LK=87x?v+od^TPE(_rcYcf$$EJxqn*ka2jI1N>Ooj zc3(Rm9h+i58~Ig}?C)_zK*?{|aEtxAjYc`QrmkmYvXwQV_r8p>nrd`0a(f&(QWFY% z<8ibe7FU8C#+!KpBW1!3pgQi@<0uF16DOmTqg2i){HV33e`WG&4^&8HFWEhFakyxl z>$fj{@1C~|IwRIQ;#S~%t>f7|I#TQHmO?@?TiCTF?m7PNjozvzC-G+-l=hZ zk(yFW+k@8k3xAV3uWvjHJ}}*z=rurPB8x!&g_Ak@v=bv^Uk4gHPEf~h=1^-p&K-y; zR`RTnT{&RuwB@~mDDBVgJ8=ysy%A1X&kTS?%5UKDDX&_u<%tg0=E5las=%RhyiDO& znN<#*Px`#b3v|GmS8dt}@ag%EB;W`B%PTbDT6E5p(wNtriw(&WgKw1>La8~t+?5P` zTi=6(=TtvEcyC_D*9Et6NTX2JZXL^ z+Ppa}+SEBL`mFimL33aru7TE0+u0dOzyg{*qHdz;{ln^fhir@a?TR}GGX`V{JV zLVM&-fT)5${sR~_R-8G^_npkn7pjJH*a(a|s1IaAu&)@o(AMucJsQRa>kz^R4{v%9 zt7KAh0C@ADY9E>Cju!$+48kpZ(5dmCa}{^aHpQY+oj8ow=Pg<@+&1~W05U2}9bzqK zvab5CQOdT+aZ72CZ)*rOkJnm~RMUiGyyrd0$J(U-1(bbFTw{iIWWz$(=fn}ySj5@7 zJzJSjRoXa)t{6)T|&LvRxO)bbOcm`n1iK!I_XGx<< z&~TvvR0$-+NFn0^LIyV{f%l2x^Nf21Pva=IeZTKS$OwxSch7i`Rpjud`J=7r$_d^Y zHL6h0pjq~@HZdiGPGveu=<~;NA985%HSFr&5p>@-a%3yQ4W$a`$N0y&d1q$pLW?mU z3cU8LvB=kw54tXg^mA*@pW{F}uVFAz)i%PHu=M9Q}+5|RK-Hjy+vG_Zk#h5c13{)l%xp?Ce~%IfpHL`p{q(FYc8 z{_$=54;H6Gz9{gr(s~|m8ZVWCSHUXa6+i~v{5j}K$}{?_hJk+C^^OO&?44j@#P#^H zmQ2p!+LAnyPdFG{GEUn_93Nlhs#sIb&`<-c&qotSc?s;^Oa*uL*Lzf@*2#a?2dh?3 zMhD);nhauIbDUVWcel5p5SBmDG=b0`}sR^IlV5$8RfoU1eFJ6zsuozRt*jPAP}X0tA?vH5vYBjw#g z#btXEYQZ5Zg5S zpxWJIyq3XzgXi^ao%rFh7L%b%FQGd#r^X}@1=o$oUap3YO1-fN)0wr(oab+g$$M)= z0|==swrif#B4vrG>s`88ngH%KdE_hCQ0atvcR&nvTm?3_?U=)lF* z3N0f0>BVoC98&|=uhW#zUFT^F`vYH!0aVb2yUp&{{j{g65;~u*@o-gyHJa45cJ)-A zo@5sPe$k~sOwA3zT7E%ZPKGLQs<{_YW|twp*Bi+v_GtIzw@pI0xe=MXN86xkOWS_W zqo#kC%Z-Wsao2Nu@|N4kn#07|@l>@bcCGe~x}fKA2~UaBE0+)G2vWW8gw!^5)-NA> zZ$EY*`7d^l^p-)&Pgtu3Tu#cxPdkhlJ1-RJ*e z)!=f`e6@KmMnQP@3FM;{f_<0R|F+DzaJ#grvkDC`Ep-InNdX8VAVz%HEvt{$iu+?B<-lno@cow zdWLk8oz>Iti7ej!eiU?s__LNuAcereEdB{%kxe!VFqGnp3S*r+s-KFLwm^Z|9A%G>P~@{JqHgZ-SU(_`H-=#@oV}KH$A@pW z_-uU)qC5ochNd#;Mrb3P>YLMA+1jZ2+S-fgS^UX%&*TrCWssQhPCL=u16{4q7XyM^8xxj)%;b{ClCd(?!AgfKKi8x|dA$oDb{5wh>o6OU3h zK2Es?s&q4wM5}4JEWSDV=VWu;LNtsM;y1p@GiFm?U%1XwFrg7cOQXlA@4vrhAxf=Q z6O-I^+Q(k2M|~*+M)4FJPG(%g`nhe5~1;C4cN`Q?hhFjK!&(8r3t z8j%EXSM8DJS^yMW>wn2L9Ex8oq~?c(-%SUZ;XMM>Keizl^l=wju^l0jOUs2kTz_Qf zeMo+G*#}*5S3h;mZC$Rxr8`vJpS(;GX;pyZGs_5Y5>c5Y_G9|EOip|SR^qWU=qAQG zbam{R#yLa-%3HeHwArW-(jYcnFEG+Zv6bG8ki-DzZHR5u9bZOVqv!B=;S9LLxv-9; zK-&=M&sbM;b2E~IKF<<@mzSWMaP+EVJ6xG7_d)mQviR52470$g2aRvKPohq?s;P40 zplUQuQqtn+a^|SlcTX?Qj1;U}~Q{xY&L8xKSAK|K2W|k(6mtw4~ zq(yPg z=Y6!s?H%@XS{`%kFB?QhF#5Br_T+;{vX;~yp()w2T{a(|(egkN`Wwh2&BCQ*)CW<6 zx)C==V0t(RE9$_i((@@)c6PMHs>U9)%LbsS!=tfS`-@}HQWV+r_bG1EK;&^yswBSS zaRLmavM_jn9n*p{XR6OuD(49d2g5b5B!*Hy>suV<&yr~_3|&PT#9+rwRf4{lG*J6> zg*7RT0ftQE$;S60bEC-T=-(1P=4i&~ER_W5{RwF3h~~>RVbIIh4O%y78>T9x*s}Ei+A@m+?xX z1r3}n{jBJ3#He_iJYx`ybP}yMR&_CMbdVm!>~jDRM|f9ih;+&JnGwPFjcY~M42xV~ zSlHELNkEC?V>$MP0P2W0@GQ9)oW*4A_8pIDJUv>I9+viT5lI%UVmlRQShOg7F+mY? zsUP4LQoq&^Q$3dqOXi28`gU?_ij9D(qY(dy3!w~E_4>S_&N3u5om&2lQ87eWTV7seH{s_>;wzrR3SB{fu;E)V@1^FL-u@m=<)IBp99`pDVC5oT%161= zG!>*FuhSRUZ0H(1r$<7U5=X~s#4X2*vrs#8n3HF#=Y&z|Kj(WD35qXqUwLPz`9WY9 zv2}86T9Ev8*bC7rR|F6g9-w7ruYc`x+x=|X3<%dr5m{o&`n@P|&bIEL;GMjf5&w-o zoq=@|Eav3WH-u%(lhNIdTJvI!9;D~%YQ_fvZS+yOX+Cy!%>_B=x*vmx~D24_vs=Rs6Nz;;})XCSrX&M5Edg^^MhB6s~dlcOYYBdIyW zkUS^mw}5R1G+}T{&NiP>23yl(169tRIqQW`PngJ)ZNDtl&G9v?06E)K5}T~;+q$f) zie6ZG_w7XnGc-^OTwX#K^{_zU(66!fznh}Y9Kls#>SZnOQrah8biq%B9&sNvii^`F zX`Q>Nwf`4~2m^D#>Woi*rWUq10hzkd=3DFBF~ZwOa~eNJkB~5P-HR-jleJ_iu5bn^YikLf^gs zUjS^MVugc^nja;{B`5&qsZ-|uI|dAXS1LD~#3bmI%X-6MTnuZ8irZdi%QUGu8IQ)j zdBkSVePiSjsWZJcdw700z0#ce%jqcGge!h(Hqtl?&{mYHlqHn%7#3mdc>tWx%p>^u z_F|vhZvr(y4X8Jz?bwG%0lB2dPkLg-GK>pt){wpE=_&5lYt$?8xk&tJ`ux%UI=uB><1hOr{R&iSIN;h#s;b}=c)G|UP9~^*@-<>g@;bz-@b893e)4lG1lGB&EzG$B)?v<7 z616|)+BBxzy|BX*i$B_oE_2MH8 zBNSFf`4co8pOJ@LP7(R1aIf_ zA8r>!D-}PgcYmxkSeecub97oCPxF4fmadTbL|w9bLL{6N@{s|26%f35H9RubciJE7 zk5^oT+AeHz&x;(2%5x*J(h{d4rOmh5@f}?|e7UVHyqTscFN2z9Ve@>8 z19dP0ceU~bK$>roeGwBb?D+?+P^m&Z@ci+|P z-e@X{yOo-G9HN4~1f^8M$s<_B!9r&QS6H`UY^;RIa{R0iofwFx8SqUCv2ig{;N6L| zlbfR14qcm(jkYjt;o+~lILhiH@pKQ}e1i+I^25%+M~>T8vF{_&Pr5F;E*4rf zQModmF1eTES3p|pM*4ndxR}p=ZQq7o@LFi&!m{)ElLTdVJs^rhDZB3%LGnv~nfyVk z4;O*f&8O^~vOH;XH!&@Bct zq}>%$DwGvD%l>gSi59?9BCvqkj>K-InMYzvnM34~9N*$YtRnEDU-NRr7{|SN1=Jsy zh`JB?^GaU0PZ#Qg%)ppL#i{dM1P-Zi0Z8KGzcfCe^HFum+fE&`BV8J;bkncZLE$K9 zpkkDOK@eK>sil9wgarBE+b0~)KK4$nC_+jjJZ8W2WRJwd{4}pByLFzZP4V%rg3L)`{7+Zk}_QJx0e|~mAeMQ?n5;`{o8Bh zmXj3!c!-=Ott~-gRJ_*YnHzwhIs%lzQm7OlIFeAF5@%VMEUUKe4Iw1+XvLqFRd;#+CVcy2+qGA!XSM{!7 zU}%)(FyNAFjtPwv_ELZHB>sFWV)eJzVA)KZFfC|mY<)Ut%fgiOLdkyhQ=EdMc|=~` zOQ+>MkTS0T%jj@jK{)rio>o%0@ml83`PhM?HH+VOYm&(*)g}Gs+mPX4Y{It0b+-NG z?`QVME~}N1HqyE@{a@SMPt=2=ao5z*z-5o&7nigDk5fGVo19!wNpl1HZn$kf?+<`7 z`x*HhG|s0ys>6oFc>SXD3{BE3NilA9vlbYk-zv zVkAu2lYo%NUg5=sZP;8x?L_2CgISLlTXG*RkV)LJVz+<>QtDRyz%(>BTc6js>i#ic zzcn3{`V5OIGtR&IY8y;(7xPmfU{1jd_kzQ6%F*U^;iS@q#?$83D(8N#u_};r!oY&Q z-2e|9*6=sUC)efwu$B{${ei!?Lc<&~dOxlD9}-~fVBVBL@=>vBgviD!Fo^JPU_%p= zogaxY>_4oH-Lo*vFsd2xP*J=j!K8^a?&MW>Z~SE@hI^9<*amM8D3fTQ$C}V_=z1Uh z;xRh@7F_dSYk~?0WAWW>+~1!Rceg(`_(eaZUgSWwBrKY>z*+U!Y9Q30e`K|}b@8VT zSx~7({hKdakc1fF#vM9%(bD%@C7X*)M&2tE(K4izMv>7jYg=2}!FvW<4&C9|#`){2 z6q(+Or`B|gM?1PZNZ;OtqPQm2v$l*8&s=kd34D7g%xsaNtY{z?#+pL|2f zz_bL5_T`j2mk~>?wageJ;O?7401LOO+V~@~ulifM#`@hsN^tnnq zYs+{Z+An_`R+bzle1vY9#yqPR!}y0m5R)8;qv?Ni`#C?iiQ|OESLexm_BAFKT1NAr z`|b+UDjyirN=a!gSvzR=H$2}pZpaf~7G}Tkur0SOWJ|K{wmH7nufG_4=uW*`tOB&X z1ZW%r%2eFmpITS>UWmHid{@}ota|Vy;|>;8v{L7rKn3|Uf&BJGkXJ*y+)Y_6>jsBX z=WAiJcfW_f&wNhIa9-20ehH9J2rzt22a^VvJCG=P^#aapAwo+#OhR~PCn21j4!Dpa z^*(qL$}qL!N!CY3vs`ZK7zcnb@5$|6>1-D}@5aMV!*0dyyLD$a{+^t9&F&|o=}B?T z@tHTf+_tmFEal);neYfuXamah$)*-wv@p>S?d`=J`-PhB{g#?cb9x zWVt(CO>&Xspiiww!_Ih>=}Ib?NdWNgPL#G^E37$UZR&Do{aVMQg-bm|&JR@8wa3#TP=0lIlzPBhI(CNs_q?sKf)s}NJq=L%skvYgR=r+n>AOS70is8 z##)f$|-<8;K{z@6FA6mrZy2fc;rGPrxkM9ri7TZ8EWP z)|G#w3ITu-RhgS>V;X?x*kA%fla7J?Hs(BP2DuaH8y@=mPksMbLOX39)u>fHJ6!*D zqovyC2WXs7F*_?D9r4>3y^;hSh@y*V4=+Rqb3T=TIP-0#6{%P)i@3$!%6Y}1`B*1v zhZ-~esc^_s>=$i^warj@i@x3bNI%m@6E4G6!@GX1VBU^ut_A=sFtQ<04fsD0`7xh< zy(prNnD13)G10S919JJ4J%$30?nZ`{#NM0=CL9L?;0DdK=SG!E;Y=ka$lxeC-ky{) zjr`Fl#VDGfK13k>lj_q!eo6f@vqI>`CEA2?C34w!c4P9S`Fw>u0sx>los+R+MT@wMlh8 z1@Z+=R%NB43d!il3R5=7paA1SDH)*T`C#1srs5flFUxDnzb2-%iFY*7bP@?8xvN%N z&YSOIWuyTHmZqNUZ0BDZsvMmJ<1U>R6ZTuKrv3`&Tdlq?Cdw8P>t)%l39}0rjhF7V z4rJvD5U=i>q$&&-rEAKyCAG~P%$)BTIPV~G*eJ*Zy%y>4>T}i}$pl{^TTb$%2S_{A zwm9T;Iiv5Q*>Bfe;nwZfbOsogE=eXlMDbA<;8KCczc%R{v{pTR74V+{$hGRyY13_& zOg)cjyXIDnpNF07=ZaA*bO0oj2Oha5W^062{@fG9_LN<96fhh%6suOra-1N5Q9aTZ zT+73G-B%{r*LrVI{8XZH>-ZLh2<|roU<0TlP%gc@jJ~a!75$xV%nM+eYQ@Mw$ff`r z)@xou5&z1VhNum5Wp5?^gJ0OJx88Z`4x5*POv#NHW~{KrDiKJ6b%s1@H=Wb<>X)sP zuL2|wJ2N@^;kvu6SCA|Tf0s#N!?SSlz|U8`tF*IUy#^K1x?NE2EzN8>t{uYHR%3Kg z!-}>eq1^`7zoetF%pSh!Z(0XjXUqOrZUbKft!esKeFRUofOK-%1$3?%s z=(1d&whcAfe)iA8Uj_nE2 z6pzbV9$$*ePm_4!bjuqIu>~ikkyNi=1<97G@fF}d?t^+N-Edgpd~Q|}V<^zYsV`#D z)Il2l8NC8eKe;bG6-fSG`S6MQ+3{Stw>|)JJYF5@%|cls*ZOWdsZ(o+mc3t>&u`GK zI4dx|0L^??3}};HwPf@aOUss@fZ?&N!n&Qb67$sva=(^|RKF%LxzyY-ao1pXsW}p& zD^r#9>Z#A6-mGon?ox_m5v?dB<9cpl01QO zl&A<-sBX2jLto>EwTAG(g^{1=pQ2>tu5$TmA?Y6__x4EU^}8@#oH5m2oU~{m*Q1%ZXxf|*zF=Q9bK_mvDWmVHGrI|WphDB7 z8v)5Xj9jvbdwTn`ad@L85PK{RL?Tqoo@P|)FOSpdE+OT|)eq^`fO`>Tk<r0@}Mv;#%$4rh!#ryrl6d$wi90$xG} z==(kbD8P!E(($ZYzb6JvsZztM)=zgmv~Q!5K%Xo8h_2Xot7-6po{Rp3L3+&P@H}{Y zd7SZNv<2Gv6)853wzH$f4o#050RFm_Q1XIpxH7yP#&Y6y+qIjEH~IqsE%wAy41%`d z`dn?;;Iid9t}4?ix^Ou}B|`l0ucnpmT8ft^km#H*wsXB|nT5mIy|R zy=B&~0dj|?<4}N-)8H>@gK1^i$SzcfM(^XZ*`45potaXp`uyW~3(^((v7jt%^xfn0-Pu9alwu=KkAJghXMWNKK#zBI7l)t{04ndWfA_95rQw;r z*lbES?-oCN;2h(5a&P=r<)VaXv69sq#z>a1{iRFLA~RqC z>;()?J8S`1bs(ZP+QCa%F{uup{alN%2_N!4s=$Vg^>4e(9;9B)OhV~M0tUtfoTJqF zNIxW$>T-x;&9O?Nl8O;RUK?g?gW7e#Ojvf#5@^USL4P&iuY$HjZ^ljj_s>T(mtHQ? zuF_{06`vTfFTZ%A>r_|-KiW3SXC7|l=DAawcyrlf)u$C-I^KzO`*Yyj#WZ8yF zKn>eldW7ox$do#v7B-vPse-n$lCN7I@0#d1?b&U#S{~@FT5p{^ONa*@EJ-+r3l|uY zrsuz>3cBgmrx4&@niqM|_dXziY^Wf9ta+W@>3-msOE1}a;ql6(<8TUT4ay7B zmd#ZFIXy@xu3;B&u^}X|Tw|F%>DBTymlE(he!zD-;t$Er;Be;w6MdSAd^dQkb0*Qu ziX*f1zIMVsU}W~ga|+%3E<{wwFHSGLqh+dstLi$(jgsxzZvn|d58nUwI+%qJ$@1BX zKM?2APql000I1e@OPO$jshwphJW>E9AE!+`(TDgr>s_Y;oMDlr{R z<%jz>ilzisy3%nUeM2yu?);$>VA?wB*G)*aLAgri5K}=)e_jPD0lLt~_cIP=FUIu1 z?<)~k*I-@dLVf|;&Jid^Y{`HSl>s|)e0<};WL+N)2F%|~-RyeCrFFTb|6Bw>ci^>Yy2~8S2(_7_zL}$qPr<^2EpiZ^x0V$iM1hr7J2h)nFV|(c=$I{ z`}t{Hcf>rVR*WiIN|^|dhyzT9iY_ZX-H}{{_ zd2powY@q-=D-q=LONA@?Yx}~fNrnQB;#^;{2-lR8VY2a(L%yPAKMcyY6uC-r^kFhR z+EF=%`o0+0W)XIHB7X5brs+!~Zu5&j%#JH#V6%}FAa!)uuCNrdTf0+)z|(}VyIK>Q zWYrS2!F>&AWHh1$J>h;6%mH%{UJpM&1V~YeWPQH@NqknSB9Msbz8oU%;bB+uaN8Da z2Qk`zl$x1YNF%BFL>JG9cv9SZN7cl+%Fd>hCHcIt2#o1Eg(E&<#Lo|NHut!_x@J6C zl}(3siAMv)Uf9`5p4`lAV@^7lP!68E?M_t?w)msbvq|%ejB@o5u59`(!0Z= zP3=;YQk5F7{siu^OSmnSB|M-vd^LvDcehsM*@OI2-Rp-7kH9JiF7^;acA) zmFyw_i(8fO7y$5r2%f^Rno4_}kw(LptMo9l@&>$u3NReCx3LCVT06sr*gWd{ZNUxi zhue^IF{xZngmY@ zDBd%ans26Q{Kd3xbeo}{(_1vpmRC)(V6tewQqSW3dmCE z<~?N(JOhc1)f@gZ-?anv9xOfLyUFl(qK-c=iAm0mRZp@Z$o4XTsgMEKmm&|85up`> zE?A84c?jPV^dAZb{H^~NoBVR+w6@GFry0EVe#glqUtuMpnf7Q81uOUn5KtioqUqe5 zoUvTlyJqmJDIJ{D0Z~`uD;nC=Be7F@OU1V(k*{;gMio-@gp`a4XY+SyHg?Lk5LE XH``J7sAFdz{#p9P>*oc}^nL#yyn(zG literal 0 HcmV?d00001 diff --git a/education/index.md b/education/index.md index 5b3aeb6502..80767cde7f 100644 --- a/education/index.md +++ b/education/index.md @@ -194,6 +194,25 @@ ms.prod: w10 +
  • + +
    +
    +
    +
    +
    + +
    +
    +
    +

    Excel Data Streamer

    +

    Bring new STEM experiences into the classroom with real-time data in Excel using Data Streamer. Data Streamer can send data to Excel from a sensor or application.

    +
    +
    +
    +
    +     +
    • From a56806a7121e554c50471b4e6bad73e0a16a7357 Mon Sep 17 00:00:00 2001 From: v-savila Date: Wed, 19 Jun 2019 10:47:18 -0700 Subject: [PATCH 05/20] update image path --- education/index.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/education/index.md b/education/index.md index 80767cde7f..bf6f3d20fd 100644 --- a/education/index.md +++ b/education/index.md @@ -144,7 +144,7 @@ ms.prod: w10
    - +
    @@ -163,7 +163,7 @@ ms.prod: w10
    - +
    @@ -182,7 +182,7 @@ ms.prod: w10
    - +
    @@ -235,7 +235,7 @@ ms.prod: w10
    - +
    @@ -254,7 +254,7 @@ ms.prod: w10
    - +
    @@ -273,7 +273,7 @@ ms.prod: w10
    - +
    @@ -292,7 +292,7 @@ ms.prod: w10
    - +
    From a6f2f9bd887239b8e6defc3e499b750a0d24a24f Mon Sep 17 00:00:00 2001 From: v-savila Date: Wed, 19 Jun 2019 11:05:39 -0700 Subject: [PATCH 06/20] update entry for images --- education/docfx.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/education/docfx.json b/education/docfx.json index 5e87a91352..7a2761cf2e 100644 --- a/education/docfx.json +++ b/education/docfx.json @@ -14,7 +14,9 @@ "resource": [ { "files": [ - "**/images/**" + "**/*.png", + "**/*.jpg", + "**/*.svg" ], "exclude": [ "**/obj/**" From 5c747e8d0e1e7bdbd121902204153d541bc60ccd Mon Sep 17 00:00:00 2001 From: v-savila Date: Wed, 19 Jun 2019 11:53:19 -0700 Subject: [PATCH 07/20] update image path to media --- education/index.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/education/index.md b/education/index.md index bf6f3d20fd..a48ba62d9f 100644 --- a/education/index.md +++ b/education/index.md @@ -235,7 +235,7 @@ ms.prod: w10
    - +
    @@ -254,7 +254,7 @@ ms.prod: w10
    - +
    @@ -273,7 +273,7 @@ ms.prod: w10
    - +
    @@ -292,7 +292,7 @@ ms.prod: w10
    - +
    From 6f5052d401cf68b1eba2e79afc2f86453cfdc2c2 Mon Sep 17 00:00:00 2001 From: v-savila Date: Wed, 19 Jun 2019 12:10:50 -0700 Subject: [PATCH 08/20] update svg --- education/images/education-partner-aep-2.svg | 2 +- education/images/education-partner-directory-3.svg | 2 +- education/images/education-partner-mepn-1.svg | 2 +- education/images/education-partner-yammer.svg | 2 +- education/index.md | 8 ++++---- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/education/images/education-partner-aep-2.svg b/education/images/education-partner-aep-2.svg index 96ecbf019b..6bf0c2c3ac 100644 --- a/education/images/education-partner-aep-2.svg +++ b/education/images/education-partner-aep-2.svg @@ -1,4 +1,4 @@ - +
    - +
    @@ -254,7 +254,7 @@ ms.prod: w10
    - +
    @@ -273,7 +273,7 @@ ms.prod: w10
    - +
    @@ -292,7 +292,7 @@ ms.prod: w10
    - +
    From 84e64fabb717f28beb8e16affa522729bea4119a Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Wed, 19 Jun 2019 14:36:51 -0700 Subject: [PATCH 09/20] Reverted the syntax to match other policy docs --- .../mdm/policy-csp-cryptography.md | 122 +++++++++++++----- 1 file changed, 89 insertions(+), 33 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-cryptography.md b/windows/client-management/mdm/policy-csp-cryptography.md index 811f4acfc2..4aaf66a50c 100644 --- a/windows/client-management/mdm/policy-csp-cryptography.md +++ b/windows/client-management/mdm/policy-csp-cryptography.md @@ -13,25 +13,49 @@ manager: dansimp # Policy CSP - Cryptography + +
    ## Cryptography policies -[Cryptography/AllowFipsAlgorithmPolicy](#CryptographyAllowFipsAlgorithmPolicy) -[Cryptography/TLSCipherSuites](#CryptographyTLSCipherSuites) +
    +
    + Cryptography/AllowFipsAlgorithmPolicy +
    +
    + Cryptography/TLSCipherSuites +
    +
    +
    - -## Cryptography/AllowFipsAlgorithmPolicy +**Cryptography/AllowFipsAlgorithmPolicy** - -|Home|Pro|Business |Enterprise |Education |Mobile |Mobile Enterprise | -| :---: | :---: | :---: | :---: | :---: | :---: | :---: | -|![No][x] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check]| + + + + + + + + + + + + + + + + + + + +
    HomeProBusinessEnterpriseEducationMobileMobile Enterprise
    cross markcheck markcheck markcheck markcheck markcheck markcheck mark
    @@ -47,32 +71,53 @@ manager: dansimp Allows or disallows the Federal Information Processing Standard (FIPS) policy. - -GP Info: + + +ADMX Info: - GP English name: *System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing* - GP path: *Windows Settings/Security Settings/Local Policies/Security Options* - + The following list shows the supported values: - 0 (default) – Not allowed. - 1– Allowed. - + + + + + +
    - -## Cryptography/TLSCipherSuites +**Cryptography/TLSCipherSuites** -|Home|Pro|Business |Enterprise |Education |Mobile |Mobile Enterprise | -| :---: | :---: | :---: | :---: | :---: | :---: | :---: | -|![No][x] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check] | ![Yes][check]| - + + + + + + + + + + + + + + + + + + + +
    HomeProBusinessEnterpriseEducationMobileMobile Enterprise
    cross markcheck markcheck markcheck markcheck markcheck markcheck mark
    @@ -88,25 +133,36 @@ The following list shows the supported values: Lists the Cryptographic Cipher Algorithms allowed for SSL connections. Format is a semicolon delimited list. Last write win. + + + + + + + + + + + + + -
    -Footnote: - -- 1 - Added in Windows 10, version 1607. -- 2 - Added in Windows 10, version 1703. -- 3 - Added in Windows 10, version 1709. -- 4 - Added in Windows 10, version 1803. - - -## Cryptography policies supported by Microsoft Surface Hub +## Cryptography policies supported by Microsoft Surface Hub -- [Cryptography/AllowFipsAlgorithmPolicy](#CryptographyAllowFipsAlgorithmPolicy) -- [Cryptography/TLSCipherSuites](#CryptographyTLSCipherSuites) - +- [Cryptography/AllowFipsAlgorithmPolicy](#cryptography-allowfipsalgorithmpolicy) +- [Cryptography/TLSCipherSuites](#cryptography-tlsciphersuites) + +
    + +Footnotes: + +- 1 - Added in Windows 10, version 1607. +- 2 - Added in Windows 10, version 1703. +- 3 - Added in Windows 10, version 1709. +- 4 - Added in Windows 10, version 1803. +- 5 - Added in Windows 10, version 1809. -[check]: images/checkmark.png "Check" -[x]: images/crossmark.png "X" From 92cceae217abfcc6fd770aecc8b1b21dff29740f Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Wed, 19 Jun 2019 14:57:01 -0700 Subject: [PATCH 10/20] updated bookmarks --- .../mdm/policy-configuration-service-provider.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 05e9f8b8a0..0e44c74693 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -738,10 +738,10 @@ The following diagram shows the Policy configuration service provider in tree fo
    - Cryptography/AllowFipsAlgorithmPolicy + Cryptography/AllowFipsAlgorithmPolicy
    - Cryptography/TLSCipherSuites + Cryptography/TLSCipherSuites
    @@ -4381,7 +4381,7 @@ The following diagram shows the Policy configuration service provider in tree fo - [CredentialsDelegation/RemoteHostAllowsDelegationOfNonExportableCredentials](./policy-csp-credentialsdelegation.md#credentialsdelegation-remotehostallowsdelegationofnonexportablecredentials) - [CredentialsUI/DisablePasswordReveal](./policy-csp-credentialsui.md#credentialsui-disablepasswordreveal) - [CredentialsUI/EnumerateAdministrators](./policy-csp-credentialsui.md#credentialsui-enumerateadministrators) -- [Cryptography/AllowFipsAlgorithmPolicy](./policy-csp-cryptography.md#cryptographyallowfipsalgorithmpolicy) +- [Cryptography/AllowFipsAlgorithmPolicy](./policy-csp-cryptography.md#cryptography-allowfipsalgorithmpolicy) - [DataUsage/SetCost4G](./policy-csp-datausage.md#datausage-setcost4g) - [Defender/AllowArchiveScanning](./policy-csp-defender.md#defender-allowarchivescanning) - [Defender/AllowBehaviorMonitoring](./policy-csp-defender.md#defender-allowbehaviormonitoring) @@ -5246,8 +5246,8 @@ The following diagram shows the Policy configuration service provider in tree fo - [Camera/AllowCamera](#camera-allowcamera) - [Cellular/ShowAppCellularAccessUI](#cellular-showappcellularaccessui) -- [Cryptography/AllowFipsAlgorithmPolicy](#cryptographyallowfipsalgorithmpolicy) -- [Cryptography/TLSCipherSuites](#cryptographytlsciphersuites) +- [Cryptography/AllowFipsAlgorithmPolicy](#cryptography-allowfipsalgorithmpolicy) +- [Cryptography/TLSCipherSuites](#cryptography-tlsciphersuites) - [Defender/AllowArchiveScanning](#defender-allowarchivescanning) - [Defender/AllowBehaviorMonitoring](#defender-allowbehaviormonitoring) - [Defender/AllowCloudProtection](#defender-allowcloudprotection) From 1840d06df0ade9b15acc275fc7e5e1279f681f47 Mon Sep 17 00:00:00 2001 From: v-savila Date: Wed, 19 Jun 2019 19:08:39 -0700 Subject: [PATCH 11/20] update icon --- education/images/data-streamer.png | Bin 15443 -> 6090 bytes education/index.md | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/education/images/data-streamer.png b/education/images/data-streamer.png index 7751ccab1edd94fe102d36e9c13b8d09b32e64e5..6473d9da334b1db56398b9f51f8f58175765ee34 100644 GIT binary patch literal 6090 zcmdT|XE>Z)w;m-7(cb8t2ofa9=)EL}-b)fj?;(08M2QwskQrr2h!!nFbR&AS5#`l8 zBYGJ|9nRzXdwzfCy3UV1GuM9hGi%>#uXXRW?gRrp4N7trau5ha`Bd|<5eP&G2YzpY zNq|qn>NQ5-i|m!Ar7sBdi05Vy1QjX;fIy64Pamt81ZD5c>3d|Yhm-E}yC&Wnexd7FhkzvXwSq<#2$R&U= z1KXC(xy|OBWa4}A7bnh(VxUE$+7PV6CG|`2Qg&TzVk4ufg;yO*7WVS+VGfZVAWJY1LJr(6grKz8JTj0n!+&j39`o{6cZr$Tys-T2F-^Nu z)A;0(I+00I9vK@jYfZ)dJ(i|5cQ>?k&TX6ObSOt#N`*Ghj#xL(qedIdp*p*sd@N8v|@Vj8&qf9?Q2JQ+CXw!>FMf9mU zX{z`#wWzwTA3!U|v%Cu0g8TW6g7y7S1gPe~(?ya2&Ov46l7KRAshC#{J$2~g;EAEY zIqTcpvx2wbCGaVByOkf8*5&iF`w1W+5_;XdqIzninOAq!=^!0bosrA7rN7YjT=I2j zOOI7Q;aUQnXRPk)TU;)xUE`aB$Q;m=r-Y)>FONEwt?>5c`;wz8x%cJc(tgkFx}6~V zPdbp1FW8(!g7xKbXZx!?O3*Xv_{#v)1%7{5II@;zuO^R-K0_7bNgkT%cIV3FQefyR;0+>pbK{W1Pl+2bvn1N>sVlI7<-*Hk`} z8K?X&K@Vb432#%BcFcGr85B6xzPa(W*%|(cNz@vYcGj}ScQ&<-y6~)|fEbbiqo14{ zGEAwV*|mjRHO-uru3kp{=b+>s9n!%MU$<>&CPsaP@Ll^jp9uwP772%nZMIHKu6a|d z-xVg-xPv0#I!%1D*f+)5?HH5sYZrv=;Lt73ljea)uEfyf0=@-vzi_W(F;@@fHw&QB zV^DQs>hKAwj+PmbAQZ987|L&-F7LJmFKvIGkNVN`;N2q@v+rrG^T!Z$XG@{%C;-&qDsv@9iwKSQ7t!aIIi}`NgQuW;m*jN&{pSq+0};`yj{exjRO8bItyonlf4c@3dICS zP<5Tb+@*xGrv)#Tq}^{~rUmAH5Io|e1oCYI{P8Zu@B6~|*r0;uqEMMpci-}spd2Z8 zY^SrB>OrNda^aG{tr{+d*wJ1VrLw&km) z8R0u>cCp@$>x+dSs-N_Do7}IxN9DVnUbnz{wv4Jja+wVJm!aXwGMc0~u9DH(F*{4f z;LQ+#w4%T=OJpg8wZb`2lN(oaBDcg(Wdao*>J!>{Bs^X=+MHVdDYABJ=8fdNKZRyqip7L= z&ncf%zxDtKqlk{-B85Jr9P+dH{w?%)P^kfU$tV?p3QP`+{Is+eR)t?QI<;}{T00^o zYqM}AA>?@bX2LvxY8MEi*}Yj+u+pxvX!E?FLqHP{4r?Fm@5$*ERBPyHlEdccmnQH3 zoUs=cZqo!T+3&pNJ^aF>=9C$6Vx_NPC8ppUqsv9Ay{_DINVC_uV~aEEc05YYc_XFO zEfiZ5j~(h8`js+PKzH)NdSjex%u{0dg!7<;U0KOG3Q5DEEh^OOi2GMk1;C(t5eYkHUxkV(X~k1%ALBxZ2jA&so;R3SjqBz< zrP!(s@s)@@x0{?zTJZfQFGA%@FCKZ8)U>o;UC3O2$LV)bdT+)(zgGR)Gz4!Rz;RPz@fVsmBpynRXC$Z z-K*jB^>d~8<1=j^{FC-H^d;=?xUy+;Bzaa>98wW!YY@Jslf)s_8njI6Crn?w>uY}a z+K>hKt(?n)y4@-S;ONUyR>&)Qkw_Bxt;_t$f{!?t0O71|Oxp2~QJ@=Lqfe*z`;!qx z^qS&@lrXi3Gje3aB|oLc#OkM4Kp=Tfe7C4(DNGrfF%)G4oN{CH58q)K3BFv0qkNGd zYRI@I#I<;I)UMYYrut-tQ6nd3%owU)(JovEXGD!)8y2^PE6ms0V1 z$}q&vsA>G|-iF0VIqq{IbBvA+Q#7AQ=@xJQ&*zSFt5&vHkMlY=r-tzlY0PnKQvM#Q zd?JsK9O7u|R|u)5YwrzK=cjhPar#!{hd%;$i4gK&~Ku~8MsL(=2)EA(kTlNjnK7OlJW zff-qMg+(P%2L+}r+~zC&{*NPCLj+zCwNZT@+A!zl5Uy|BD>S3V+VWX$wY{npo3j`8 zm%sHez4DWy>OsVlmWX!;Ren_TX${MPy#DFJMUi{1`^>3N9~$3=DL(>WeyE}IT$s<^ zq!rsM)Y^QEi*5I2H+^qXo&5+XmA;JpNq5vpnb(Ghy^I2>-*q9>v1I9uknrE{S**(n z75o+;SuYx5ajd>kWK?ZB92Wmm%PdH76CLB^?pOzLk6*^grKn*3K7$;ykOz=5q}ob zBdv+d7#%KF6uqZD4|T8Vj#F_T5IeI{0+ z{VbRCV_n?zPGC*}v5)|8yD4L-t6cn&(4?XNX%L>!g2bkRE?WMR5lW~1Xhn|JngYpB zZxUUsBiwIVh$pl*i4>!x3@`vAyDf!{A{cH!Q0fHId6P#r+=06?V*3^$86LQ|ywQBh= zfz`;3u!AN>eNO8Q-w9-RtCS?JpD;;hm{@=(b|9$YG$HLO{NQM5ZFy^99{LO*PvgT@ zoqJ(~LgY7)#<%n1xgiZTEhxIi4kz-jEdn`ZqA}L;;X!4mDHYw^x@w?=JTep2Qls4a z!R4YJ*5uqTsJV|y9RfNL3)}Okh8C2c*sW1*D`@Be07DmLsXR^wSLW>$SOxG=d|VG{ zp0|cx_u_w^Wa1j((T_4?M#~Nqf$i>|?L^DpcvFS8_(Oejc$tQyFO%~~Iie{7`MMO~ z6BU1_~*?-*Yf$~sP)0!%978qADKBX0w`eBKJWt>5T^U9q5xARz>!TUmEDH2wILAa z;-#Q}Q%_4KMd(uDVFkWP*HqliqHV|>G8l-HM%*^psCPTLK?Xu(i#(m3DDq>6*oH>B z9>3i^G=G$<_~PNvujK32pmPz)J1tDA^%Lvs{xBlHYCkG_BQT8J*{BFx<0QavLcXiF zA1CrU7;v%-G9K?}x&uOq z2c4It3nmQ}7gs2dbP@K6E9IbX!0reNczFA}*Jd@-2TJ_tiv%zsjsB#I+DROesU^^^ zvpyhlw`umCr|Yq=;W1XN3~&B&vo!J%i#W$tol!63 zMhP+xu6cz$6jH*&f+NU$zxKTU@Ta!^9($Jb@}Zw$CH_s` z6{pE`rP`D?B{hDXbNfy`D$xQSx$53EP8}**VN<%B6MD5N)UrJ$|E+_~!Uf}^szNT} z$nCp`t%At9ZPaPa>+tXUvG|@3wr6*)|Kvc+RQ{_08b;)i-6|2l+5Nsa%(J}bAEMuJ zTx$9-eys9M6BN{}(D^_KpMAeflE}o;F=I#xdx0PqzFb3~+tQQyTB#0`F4#t|`t5jz zVRVw_@i}XsFRtj1)NRp@sQj%m-ZwaCBan&#@2RH^IgGgGwjlF=b=WWw2S@oW86y12 zPy5QmRIsCwukJSQn?rM=1Z}Mgs)EZLG(-74^!zpD@`L*H4>X74?WBTa2iLXEr$Ykc zgW$oz!J&~Go(R6Yo1|5oMP$K~oZJ@pO%iORIfZi6I9-{;YaLuA;s#s%?(rI@HEwwY zDqsci6?aMclZvR#N6ROez5q06(5sUgShy-v$u3HF6$Nz6hGkMKE~TeE$>DWv?RUhN zz#Er`KdPptkPkfc(CRGN*DspJnJ^Z;)*+_F+8XLs^5IMfY$2UABGvY&m^Ny};_J{; zJ@1mMV;G=hb@#RfFey`Hm9U0GOd)c5emhfa0Txm`TBd{ELzE9G6Y#hf0k~i)TVxfz zJzI(<2=ep^Eyn9U_n|F={CM-#&W_Y%q4@zx1r2`{pO{jXt8;zg@s<9mb#Uqt+&i!A70aw#d zeKsVPG|?6!P2v+Wk~?*Jwa30rR|L4Fr-g0dC4>^T7u2;%D9vG?fKhXd#-Jn5%J$16 zFEdM^J&dS*85LiG0zggT&@k<;YLNeip^KwwYG{g{y-D;ApeVYJ)I>q5XTr(^!58cV z4Ddo=FTtW)MmG4JSB$o&IZD`66g(0|AZ0iG8rPOf}c)i z*Z;tOGB+-yeN9#d02%q1s$}sq_vc!X66Dz3=F)C5xxa>&zpJyV!5xip0HlucXDw&X zes3t^hh#aM#!iu;v*BOb7G*;v)DU?1+{uHlUts!<(M}XWtXq)~BJ=hyiJ=55uEMd{ zKb2&#kK>*a{~8Z(ZRfN|CRAnSVm-)fSvNEXASE(7lf(kQfg}9trx>DX>wA|VK2?hz zLkdOgJ6BoyV9t4Mk&TkM;bF^__*itr<*%0`)6fW?FKB5UdZR9%5C9MosCmB?8hPDRX1#@0T3b}5NtLJ~AG;odPbD%jP4}m&QKWnTX3SP-^#Azfl&eh(V zug++knMnL4j(=bM$8@}zo%PeDBFL22h0wG{a@9Qox$0h~Q2H-xP8Po5KbJiH%XErq z;q;8o{?^**l`9#22ExyR7#G6yk2tSfeXPD0C-xYD%_15`B=Q+Nb&XuB8dRE)!-}eb z1MwKp5x)x|TmGC|Siw{9>#vrwr2kukwOfKmNurK-s*VzVBOYpV>|HJA1~Py!W9_#F zXOu3^C|=wGt@y0#fxWJS&Qq=tVVCAhC%LD;0Ve4RJl#5Bz(}xo5x41FoU~|g&VJh~ z_ah>4Oudm9g;bwl)0yi@_|`K{SU{MLS<*p3wi6}FBmgP@x{-%Zashof0MIA@>mua; jnc8_{C>aV~x+duCWBg@ic(?_K^Ps0s^d48J+C={k{yuf1 literal 15443 zcmeIZWmHt*yFR=Tk&qCTP)bEYIut}wQIQg)kuH%g>6BE4P>_&DIwYlr?k=Taz+r%) zyYqdvXPy85_vL(e*ZY1vvzBWM%zk#Kc5v}OOX)WCW0V{MEccpB?!W!f*_m@ zf-B%RLx!k)a3HjOrRe}cT#WEP9G47nCkVO&Nk4z8;*zk6BKsCK?8$w~Nz6llOF%&S z<5ZoT>9!2JTABeKOs^EM8jFy>H@`z4Kei`9Jh}g^DP6M&R_J8B-+<2p zTXC@AALtpnfe&sF@|p6e3?jsZ|NHwI*CqIvLqLTC4n8XW2>3?{wx$>G@eT$09(?=~ zY)cLwU%jX#fRE|-v@gR)CG!70{eNHG|Lit0QD(r+*gCt}M}mee1go(SljWlHS#$d5 zwB}C}cdd;Cg;NdmFeenE;A;}&d4)E_3Swt^=qi)KfXrw$LE03#kQ}<(1t%Cplm8YY z>i7DV0ql{ABO?WqwC7vx3IQmRQ0s>h-{b5WtI)>^+OzvkwPceHz*||hcr|LA*CTyj z`0!P{U+UUyki0szV0{Pn+%6?;B06?TPQNSJ#NBE(L_6NczSXE!*!d+ij|UaJ3Jl3p znnd;(*qfq}bk^=v*I_?5VNv63Bcg=ZWb@U$&A0fRYp)W5u<Xlm%)B9lyo4^h6t!^j$^S)g@2@sj>{;wZAciW@lK9I%^2 z#kgXHsOw74&W{XsG7^(@R4IxYIG#O7o+&yOqgJGa1+M)08awZ@C+mbCmi=N5>PH?o zqkou1%FzS=-~qO?4WVWgyGSk!jIx*^s;0ReF8tJD#-&;xZTPP0A-K*Ie4T6%7xiBA zq4#+#xfMmUMMzUr)~5elQ>)$2Ji&(&?*o^owyWvC3!fm`i+QU_8=Z zS7YdzJy~_|NgN?>YKUDbMD4tC@#@UI6mkuM2%=x$LP3aOMDaGaR-Qcp6?R%wnD7$6 zS|N%yE-tQl!PzM=bK$K0vj4anx>bErgpUiAB)ma|rjk_)?4R*aRZ1mInKaNJU@a6`pAgBkVeNnUq-qa~MQQ@5pQacG(Y5FY!{MUHXlqT7+c3a;*OJkxfRS$BBoO|jr30{&y(EL+SN=?|VAikdwU@vw9Y=hx!d%&$~D!^moMGtihD~T=B63hNpLr$ur`h0 zCC-=lm3Q8wArznKqr`9^#V}Gb%Cw{Ynwv>_CAl1hkJc}!+4<{_0#=&S2g|JJ4`#&p z9?4OQm&mpQ%rgHPzKQg@x~*7!Ud&g#{(!O-ftan7Cr}w~o8B#@&l>?Z#d5*J*iI)6?G&L(qUg6arHGVMwqaTJJ4a6f0GX?j2os zy+5=z72jh)Yz;8b#E5~=};Ml?F%*~GjVV{WQ*&i}`R@~fb z-Knl)XHcQAiI^nwuXjxovJ^f%=hZt|?Nmi)+Ib>Pv#i+`@BFr_F9+qvcEtZ{ zTr&hU*lAFbKuqf(2{g@2A7vTHtqmA)87tP;p#v?%f3Hy;`t9`^>?1QVR}g~-(^e$? zBXr`loWCk}t9}9-HMUbSbq|2&V+5rqg}8;St%a?5fFFWHoY{2_m-gP_N=l6$5>928#ZG`;L=sM}E^RrUp zp!B0D{GK$-s%Dj6dcX%kv@qf`dDnFK6|Lnw{bjXXgLrx>MyF_OU_unfIH9m|!%Toa z=|HX`1eDz1C=e{H*(4-%+@HfnOm97-d}f(_Gfz~wq&k(C<84h3KJYm&S+F84qZ;|S zrGxBYXXaTaa^=NDveX&fnyzL*`Y+SJ85Eg?r8K z$){Rlr;X|a=JVgcmQlKis=$F#GyqWcc}`3ze(=_z+CZO}I>>5*p@42!I8R!u$kDrz zMNsXnb?!xPY|t*D!Qtn`$vq~g@bkWl18>r^4c;=zW=C(2H@^?@An0)fcv&(MmiM*` z#l3m8MNAAU=b9Xv04#E4*p;NwD#_)m$tqwX-as*GD^2c)lNTG>ZB?H%*NBcka`;U7 zh?byYT{u?xu}h6i_jf<{%(r!kUzh05X1g5G%i_p8+7GRimK|^)iK-i1mm~;3$v=;K z`!@0n!Z30T*4i$QcZz*HDq-y|=o^d?cobAf=OXT5XT3#0DDomQLOLVqY z){CBu%$2Oqz41guKp^h(Q|zFjqe=Z@gbtFLqQc3Dk~wsqT}Pd)#8(vHgFRo|i=tsSC% zM_Op^u(T(9LK=87x?v+od^TPE(_rcYcf$$EJxqn*ka2jI1N>Ooj zc3(Rm9h+i58~Ig}?C)_zK*?{|aEtxAjYc`QrmkmYvXwQV_r8p>nrd`0a(f&(QWFY% z<8ibe7FU8C#+!KpBW1!3pgQi@<0uF16DOmTqg2i){HV33e`WG&4^&8HFWEhFakyxl z>$fj{@1C~|IwRIQ;#S~%t>f7|I#TQHmO?@?TiCTF?m7PNjozvzC-G+-l=hZ zk(yFW+k@8k3xAV3uWvjHJ}}*z=rurPB8x!&g_Ak@v=bv^Uk4gHPEf~h=1^-p&K-y; zR`RTnT{&RuwB@~mDDBVgJ8=ysy%A1X&kTS?%5UKDDX&_u<%tg0=E5las=%RhyiDO& znN<#*Px`#b3v|GmS8dt}@ag%EB;W`B%PTbDT6E5p(wNtriw(&WgKw1>La8~t+?5P` zTi=6(=TtvEcyC_D*9Et6NTX2JZXL^ z+Ppa}+SEBL`mFimL33aru7TE0+u0dOzyg{*qHdz;{ln^fhir@a?TR}GGX`V{JV zLVM&-fT)5${sR~_R-8G^_npkn7pjJH*a(a|s1IaAu&)@o(AMucJsQRa>kz^R4{v%9 zt7KAh0C@ADY9E>Cju!$+48kpZ(5dmCa}{^aHpQY+oj8ow=Pg<@+&1~W05U2}9bzqK zvab5CQOdT+aZ72CZ)*rOkJnm~RMUiGyyrd0$J(U-1(bbFTw{iIWWz$(=fn}ySj5@7 zJzJSjRoXa)t{6)T|&LvRxO)bbOcm`n1iK!I_XGx<< z&~TvvR0$-+NFn0^LIyV{f%l2x^Nf21Pva=IeZTKS$OwxSch7i`Rpjud`J=7r$_d^Y zHL6h0pjq~@HZdiGPGveu=<~;NA985%HSFr&5p>@-a%3yQ4W$a`$N0y&d1q$pLW?mU z3cU8LvB=kw54tXg^mA*@pW{F}uVFAz)i%PHu=M9Q}+5|RK-Hjy+vG_Zk#h5c13{)l%xp?Ce~%IfpHL`p{q(FYc8 z{_$=54;H6Gz9{gr(s~|m8ZVWCSHUXa6+i~v{5j}K$}{?_hJk+C^^OO&?44j@#P#^H zmQ2p!+LAnyPdFG{GEUn_93Nlhs#sIb&`<-c&qotSc?s;^Oa*uL*Lzf@*2#a?2dh?3 zMhD);nhauIbDUVWcel5p5SBmDG=b0`}sR^IlV5$8RfoU1eFJ6zsuozRt*jPAP}X0tA?vH5vYBjw#g z#btXEYQZ5Zg5S zpxWJIyq3XzgXi^ao%rFh7L%b%FQGd#r^X}@1=o$oUap3YO1-fN)0wr(oab+g$$M)= z0|==swrif#B4vrG>s`88ngH%KdE_hCQ0atvcR&nvTm?3_?U=)lF* z3N0f0>BVoC98&|=uhW#zUFT^F`vYH!0aVb2yUp&{{j{g65;~u*@o-gyHJa45cJ)-A zo@5sPe$k~sOwA3zT7E%ZPKGLQs<{_YW|twp*Bi+v_GtIzw@pI0xe=MXN86xkOWS_W zqo#kC%Z-Wsao2Nu@|N4kn#07|@l>@bcCGe~x}fKA2~UaBE0+)G2vWW8gw!^5)-NA> zZ$EY*`7d^l^p-)&Pgtu3Tu#cxPdkhlJ1-RJ*e z)!=f`e6@KmMnQP@3FM;{f_<0R|F+DzaJ#grvkDC`Ep-InNdX8VAVz%HEvt{$iu+?B<-lno@cow zdWLk8oz>Iti7ej!eiU?s__LNuAcereEdB{%kxe!VFqGnp3S*r+s-KFLwm^Z|9A%G>P~@{JqHgZ-SU(_`H-=#@oV}KH$A@pW z_-uU)qC5ochNd#;Mrb3P>YLMA+1jZ2+S-fgS^UX%&*TrCWssQhPCL=u16{4q7XyM^8xxj)%;b{ClCd(?!AgfKKi8x|dA$oDb{5wh>o6OU3h zK2Es?s&q4wM5}4JEWSDV=VWu;LNtsM;y1p@GiFm?U%1XwFrg7cOQXlA@4vrhAxf=Q z6O-I^+Q(k2M|~*+M)4FJPG(%g`nhe5~1;C4cN`Q?hhFjK!&(8r3t z8j%EXSM8DJS^yMW>wn2L9Ex8oq~?c(-%SUZ;XMM>Keizl^l=wju^l0jOUs2kTz_Qf zeMo+G*#}*5S3h;mZC$Rxr8`vJpS(;GX;pyZGs_5Y5>c5Y_G9|EOip|SR^qWU=qAQG zbam{R#yLa-%3HeHwArW-(jYcnFEG+Zv6bG8ki-DzZHR5u9bZOVqv!B=;S9LLxv-9; zK-&=M&sbM;b2E~IKF<<@mzSWMaP+EVJ6xG7_d)mQviR52470$g2aRvKPohq?s;P40 zplUQuQqtn+a^|SlcTX?Qj1;U}~Q{xY&L8xKSAK|K2W|k(6mtw4~ zq(yPg z=Y6!s?H%@XS{`%kFB?QhF#5Br_T+;{vX;~yp()w2T{a(|(egkN`Wwh2&BCQ*)CW<6 zx)C==V0t(RE9$_i((@@)c6PMHs>U9)%LbsS!=tfS`-@}HQWV+r_bG1EK;&^yswBSS zaRLmavM_jn9n*p{XR6OuD(49d2g5b5B!*Hy>suV<&yr~_3|&PT#9+rwRf4{lG*J6> zg*7RT0ftQE$;S60bEC-T=-(1P=4i&~ER_W5{RwF3h~~>RVbIIh4O%y78>T9x*s}Ei+A@m+?xX z1r3}n{jBJ3#He_iJYx`ybP}yMR&_CMbdVm!>~jDRM|f9ih;+&JnGwPFjcY~M42xV~ zSlHELNkEC?V>$MP0P2W0@GQ9)oW*4A_8pIDJUv>I9+viT5lI%UVmlRQShOg7F+mY? zsUP4LQoq&^Q$3dqOXi28`gU?_ij9D(qY(dy3!w~E_4>S_&N3u5om&2lQ87eWTV7seH{s_>;wzrR3SB{fu;E)V@1^FL-u@m=<)IBp99`pDVC5oT%161= zG!>*FuhSRUZ0H(1r$<7U5=X~s#4X2*vrs#8n3HF#=Y&z|Kj(WD35qXqUwLPz`9WY9 zv2}86T9Ev8*bC7rR|F6g9-w7ruYc`x+x=|X3<%dr5m{o&`n@P|&bIEL;GMjf5&w-o zoq=@|Eav3WH-u%(lhNIdTJvI!9;D~%YQ_fvZS+yOX+Cy!%>_B=x*vmx~D24_vs=Rs6Nz;;})XCSrX&M5Edg^^MhB6s~dlcOYYBdIyW zkUS^mw}5R1G+}T{&NiP>23yl(169tRIqQW`PngJ)ZNDtl&G9v?06E)K5}T~;+q$f) zie6ZG_w7XnGc-^OTwX#K^{_zU(66!fznh}Y9Kls#>SZnOQrah8biq%B9&sNvii^`F zX`Q>Nwf`4~2m^D#>Woi*rWUq10hzkd=3DFBF~ZwOa~eNJkB~5P-HR-jleJ_iu5bn^YikLf^gs zUjS^MVugc^nja;{B`5&qsZ-|uI|dAXS1LD~#3bmI%X-6MTnuZ8irZdi%QUGu8IQ)j zdBkSVePiSjsWZJcdw700z0#ce%jqcGge!h(Hqtl?&{mYHlqHn%7#3mdc>tWx%p>^u z_F|vhZvr(y4X8Jz?bwG%0lB2dPkLg-GK>pt){wpE=_&5lYt$?8xk&tJ`ux%UI=uB><1hOr{R&iSIN;h#s;b}=c)G|UP9~^*@-<>g@;bz-@b893e)4lG1lGB&EzG$B)?v<7 z616|)+BBxzy|BX*i$B_oE_2MH8 zBNSFf`4co8pOJ@LP7(R1aIf_ zA8r>!D-}PgcYmxkSeecub97oCPxF4fmadTbL|w9bLL{6N@{s|26%f35H9RubciJE7 zk5^oT+AeHz&x;(2%5x*J(h{d4rOmh5@f}?|e7UVHyqTscFN2z9Ve@>8 z19dP0ceU~bK$>roeGwBb?D+?+P^m&Z@ci+|P z-e@X{yOo-G9HN4~1f^8M$s<_B!9r&QS6H`UY^;RIa{R0iofwFx8SqUCv2ig{;N6L| zlbfR14qcm(jkYjt;o+~lILhiH@pKQ}e1i+I^25%+M~>T8vF{_&Pr5F;E*4rf zQModmF1eTES3p|pM*4ndxR}p=ZQq7o@LFi&!m{)ElLTdVJs^rhDZB3%LGnv~nfyVk z4;O*f&8O^~vOH;XH!&@Bct zq}>%$DwGvD%l>gSi59?9BCvqkj>K-InMYzvnM34~9N*$YtRnEDU-NRr7{|SN1=Jsy zh`JB?^GaU0PZ#Qg%)ppL#i{dM1P-Zi0Z8KGzcfCe^HFum+fE&`BV8J;bkncZLE$K9 zpkkDOK@eK>sil9wgarBE+b0~)KK4$nC_+jjJZ8W2WRJwd{4}pByLFzZP4V%rg3L)`{7+Zk}_QJx0e|~mAeMQ?n5;`{o8Bh zmXj3!c!-=Ott~-gRJ_*YnHzwhIs%lzQm7OlIFeAF5@%VMEUUKe4Iw1+XvLqFRd;#+CVcy2+qGA!XSM{!7 zU}%)(FyNAFjtPwv_ELZHB>sFWV)eJzVA)KZFfC|mY<)Ut%fgiOLdkyhQ=EdMc|=~` zOQ+>MkTS0T%jj@jK{)rio>o%0@ml83`PhM?HH+VOYm&(*)g}Gs+mPX4Y{It0b+-NG z?`QVME~}N1HqyE@{a@SMPt=2=ao5z*z-5o&7nigDk5fGVo19!wNpl1HZn$kf?+<`7 z`x*HhG|s0ys>6oFc>SXD3{BE3NilA9vlbYk-zv zVkAu2lYo%NUg5=sZP;8x?L_2CgISLlTXG*RkV)LJVz+<>QtDRyz%(>BTc6js>i#ic zzcn3{`V5OIGtR&IY8y;(7xPmfU{1jd_kzQ6%F*U^;iS@q#?$83D(8N#u_};r!oY&Q z-2e|9*6=sUC)efwu$B{${ei!?Lc<&~dOxlD9}-~fVBVBL@=>vBgviD!Fo^JPU_%p= zogaxY>_4oH-Lo*vFsd2xP*J=j!K8^a?&MW>Z~SE@hI^9<*amM8D3fTQ$C}V_=z1Uh z;xRh@7F_dSYk~?0WAWW>+~1!Rceg(`_(eaZUgSWwBrKY>z*+U!Y9Q30e`K|}b@8VT zSx~7({hKdakc1fF#vM9%(bD%@C7X*)M&2tE(K4izMv>7jYg=2}!FvW<4&C9|#`){2 z6q(+Or`B|gM?1PZNZ;OtqPQm2v$l*8&s=kd34D7g%xsaNtY{z?#+pL|2f zz_bL5_T`j2mk~>?wageJ;O?7401LOO+V~@~ulifM#`@hsN^tnnq zYs+{Z+An_`R+bzle1vY9#yqPR!}y0m5R)8;qv?Ni`#C?iiQ|OESLexm_BAFKT1NAr z`|b+UDjyirN=a!gSvzR=H$2}pZpaf~7G}Tkur0SOWJ|K{wmH7nufG_4=uW*`tOB&X z1ZW%r%2eFmpITS>UWmHid{@}ota|Vy;|>;8v{L7rKn3|Uf&BJGkXJ*y+)Y_6>jsBX z=WAiJcfW_f&wNhIa9-20ehH9J2rzt22a^VvJCG=P^#aapAwo+#OhR~PCn21j4!Dpa z^*(qL$}qL!N!CY3vs`ZK7zcnb@5$|6>1-D}@5aMV!*0dyyLD$a{+^t9&F&|o=}B?T z@tHTf+_tmFEal);neYfuXamah$)*-wv@p>S?d`=J`-PhB{g#?cb9x zWVt(CO>&Xspiiww!_Ih>=}Ib?NdWNgPL#G^E37$UZR&Do{aVMQg-bm|&JR@8wa3#TP=0lIlzPBhI(CNs_q?sKf)s}NJq=L%skvYgR=r+n>AOS70is8 z##)f$|-<8;K{z@6FA6mrZy2fc;rGPrxkM9ri7TZ8EWP z)|G#w3ITu-RhgS>V;X?x*kA%fla7J?Hs(BP2DuaH8y@=mPksMbLOX39)u>fHJ6!*D zqovyC2WXs7F*_?D9r4>3y^;hSh@y*V4=+Rqb3T=TIP-0#6{%P)i@3$!%6Y}1`B*1v zhZ-~esc^_s>=$i^warj@i@x3bNI%m@6E4G6!@GX1VBU^ut_A=sFtQ<04fsD0`7xh< zy(prNnD13)G10S919JJ4J%$30?nZ`{#NM0=CL9L?;0DdK=SG!E;Y=ka$lxeC-ky{) zjr`Fl#VDGfK13k>lj_q!eo6f@vqI>`CEA2?C34w!c4P9S`Fw>u0sx>los+R+MT@wMlh8 z1@Z+=R%NB43d!il3R5=7paA1SDH)*T`C#1srs5flFUxDnzb2-%iFY*7bP@?8xvN%N z&YSOIWuyTHmZqNUZ0BDZsvMmJ<1U>R6ZTuKrv3`&Tdlq?Cdw8P>t)%l39}0rjhF7V z4rJvD5U=i>q$&&-rEAKyCAG~P%$)BTIPV~G*eJ*Zy%y>4>T}i}$pl{^TTb$%2S_{A zwm9T;Iiv5Q*>Bfe;nwZfbOsogE=eXlMDbA<;8KCczc%R{v{pTR74V+{$hGRyY13_& zOg)cjyXIDnpNF07=ZaA*bO0oj2Oha5W^062{@fG9_LN<96fhh%6suOra-1N5Q9aTZ zT+73G-B%{r*LrVI{8XZH>-ZLh2<|roU<0TlP%gc@jJ~a!75$xV%nM+eYQ@Mw$ff`r z)@xou5&z1VhNum5Wp5?^gJ0OJx88Z`4x5*POv#NHW~{KrDiKJ6b%s1@H=Wb<>X)sP zuL2|wJ2N@^;kvu6SCA|Tf0s#N!?SSlz|U8`tF*IUy#^K1x?NE2EzN8>t{uYHR%3Kg z!-}>eq1^`7zoetF%pSh!Z(0XjXUqOrZUbKft!esKeFRUofOK-%1$3?%s z=(1d&whcAfe)iA8Uj_nE2 z6pzbV9$$*ePm_4!bjuqIu>~ikkyNi=1<97G@fF}d?t^+N-Edgpd~Q|}V<^zYsV`#D z)Il2l8NC8eKe;bG6-fSG`S6MQ+3{Stw>|)JJYF5@%|cls*ZOWdsZ(o+mc3t>&u`GK zI4dx|0L^??3}};HwPf@aOUss@fZ?&N!n&Qb67$sva=(^|RKF%LxzyY-ao1pXsW}p& zD^r#9>Z#A6-mGon?ox_m5v?dB<9cpl01QO zl&A<-sBX2jLto>EwTAG(g^{1=pQ2>tu5$TmA?Y6__x4EU^}8@#oH5m2oU~{m*Q1%ZXxf|*zF=Q9bK_mvDWmVHGrI|WphDB7 z8v)5Xj9jvbdwTn`ad@L85PK{RL?Tqoo@P|)FOSpdE+OT|)eq^`fO`>Tk<r0@}Mv;#%$4rh!#ryrl6d$wi90$xG} z==(kbD8P!E(($ZYzb6JvsZztM)=zgmv~Q!5K%Xo8h_2Xot7-6po{Rp3L3+&P@H}{Y zd7SZNv<2Gv6)853wzH$f4o#050RFm_Q1XIpxH7yP#&Y6y+qIjEH~IqsE%wAy41%`d z`dn?;;Iid9t}4?ix^Ou}B|`l0ucnpmT8ft^km#H*wsXB|nT5mIy|R zy=B&~0dj|?<4}N-)8H>@gK1^i$SzcfM(^XZ*`45potaXp`uyW~3(^((v7jt%^xfn0-Pu9alwu=KkAJghXMWNKK#zBI7l)t{04ndWfA_95rQw;r z*lbES?-oCN;2h(5a&P=r<)VaXv69sq#z>a1{iRFLA~RqC z>;()?J8S`1bs(ZP+QCa%F{uup{alN%2_N!4s=$Vg^>4e(9;9B)OhV~M0tUtfoTJqF zNIxW$>T-x;&9O?Nl8O;RUK?g?gW7e#Ojvf#5@^USL4P&iuY$HjZ^ljj_s>T(mtHQ? zuF_{06`vTfFTZ%A>r_|-KiW3SXC7|l=DAawcyrlf)u$C-I^KzO`*Yyj#WZ8yF zKn>eldW7ox$do#v7B-vPse-n$lCN7I@0#d1?b&U#S{~@FT5p{^ONa*@EJ-+r3l|uY zrsuz>3cBgmrx4&@niqM|_dXziY^Wf9ta+W@>3-msOE1}a;ql6(<8TUT4ay7B zmd#ZFIXy@xu3;B&u^}X|Tw|F%>DBTymlE(he!zD-;t$Er;Be;w6MdSAd^dQkb0*Qu ziX*f1zIMVsU}W~ga|+%3E<{wwFHSGLqh+dstLi$(jgsxzZvn|d58nUwI+%qJ$@1BX zKM?2APql000I1e@OPO$jshwphJW>E9AE!+`(TDgr>s_Y;oMDlr{R z<%jz>ilzisy3%nUeM2yu?);$>VA?wB*G)*aLAgri5K}=)e_jPD0lLt~_cIP=FUIu1 z?<)~k*I-@dLVf|;&Jid^Y{`HSl>s|)e0<};WL+N)2F%|~-RyeCrFFTb|6Bw>ci^>Yy2~8S2(_7_zL}$qPr<^2EpiZ^x0V$iM1hr7J2h)nFV|(c=$I{ z`}t{Hcf>rVR*WiIN|^|dhyzT9iY_ZX-H}{{_ zd2powY@q-=D-q=LONA@?Yx}~fNrnQB;#^;{2-lR8VY2a(L%yPAKMcyY6uC-r^kFhR z+EF=%`o0+0W)XIHB7X5brs+!~Zu5&j%#JH#V6%}FAa!)uuCNrdTf0+)z|(}VyIK>Q zWYrS2!F>&AWHh1$J>h;6%mH%{UJpM&1V~YeWPQH@NqknSB9Msbz8oU%;bB+uaN8Da z2Qk`zl$x1YNF%BFL>JG9cv9SZN7cl+%Fd>hCHcIt2#o1Eg(E&<#Lo|NHut!_x@J6C zl}(3siAMv)Uf9`5p4`lAV@^7lP!68E?M_t?w)msbvq|%ejB@o5u59`(!0Z= zP3=;YQk5F7{siu^OSmnSB|M-vd^LvDcehsM*@OI2-Rp-7kH9JiF7^;acA) zmFyw_i(8fO7y$5r2%f^Rno4_}kw(LptMo9l@&>$u3NReCx3LCVT06sr*gWd{ZNUxi zhue^IF{xZngmY@ zDBd%ans26Q{Kd3xbeo}{(_1vpmRC)(V6tewQqSW3dmCE z<~?N(JOhc1)f@gZ-?anv9xOfLyUFl(qK-c=iAm0mRZp@Z$o4XTsgMEKmm&|85up`> zE?A84c?jPV^dAZb{H^~NoBVR+w6@GFry0EVe#glqUtuMpnf7Q81uOUn5KtioqUqe5 zoUvTlyJqmJDIJ{D0Z~`uD;nC=Be7F@OU1V(k*{;gMio-@gp`a4XY+SyHg?Lk5LE XH``J7sAFdz{#p9P>*oc}^nL#yyn(zG diff --git a/education/index.md b/education/index.md index 4aa0c932f2..b1cce0eedf 100644 --- a/education/index.md +++ b/education/index.md @@ -205,7 +205,7 @@ ms.prod: w10
    -

    Excel Data Streamer

    +

    Data Streamer

    Bring new STEM experiences into the classroom with real-time data in Excel using Data Streamer. Data Streamer can send data to Excel from a sensor or application.

    From 16c13a5131887ea3e635a4178a484352c12278d1 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 21 Jun 2019 13:30:42 -0700 Subject: [PATCH 12/20] Update surface-hub-2s-manage-intune.md Updating links per feedback --- devices/surface-hub/surface-hub-2s-manage-intune.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/devices/surface-hub/surface-hub-2s-manage-intune.md b/devices/surface-hub/surface-hub-2s-manage-intune.md index 6c4f69a022..3648f8453f 100644 --- a/devices/surface-hub/surface-hub-2s-manage-intune.md +++ b/devices/surface-hub/surface-hub-2s-manage-intune.md @@ -35,11 +35,11 @@ Select Windows 10 Team for preset device restriction settings for Surface Hub an ![Set device restrictions for Surface Hub 2S.](images/sh2-set-intune3.png)
    -These settings include user experience and app behavior, Azure Log Analytics registration, Maintenance windows configuration, Session settings, and Miracast settings. For a complete list of configuration service providers (CSPs) for the Windows 10 Team operating system, see [Surface Hub CSPs in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/surfacehub-csp) +These settings include user experience and app behavior, Azure Log Analytics registration, Maintenance windows configuration, Session settings, and Miracast settings. For a complete list of available Windows 10 Team settings, see [SurfaceHub CSP](https://docs.microsoft.com/windows/client-management/mdm/surfacehub-csp). -## Additional supported configuration service providers +## Additional supported configuration service providers (CSPs) -For addtional supported CSPs, see [SurfaceHub CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/configuration-service-provider-reference#surfacehubcspsuppor). +For addtional supported CSPs, see [Surface Hub CSPs in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#surfacehubcspsupport). ## Quality of Service (QoS) settings From 10e9cade83b263625ba7e766b221cab07cc41292 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 21 Jun 2019 13:36:16 -0700 Subject: [PATCH 13/20] Update surface-hub-2s-manage-intune.md Updates links per feedback --- devices/surface-hub/surface-hub-2s-manage-intune.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface-hub/surface-hub-2s-manage-intune.md b/devices/surface-hub/surface-hub-2s-manage-intune.md index 3648f8453f..1853f3264d 100644 --- a/devices/surface-hub/surface-hub-2s-manage-intune.md +++ b/devices/surface-hub/surface-hub-2s-manage-intune.md @@ -39,7 +39,7 @@ These settings include user experience and app behavior, Azure Log Analytics reg ## Additional supported configuration service providers (CSPs) -For addtional supported CSPs, see [Surface Hub CSPs in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#surfacehubcspsupport). +For additional supported CSPs, see [Surface Hub CSPs in Windows 10](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#surfacehubcspsupport). ## Quality of Service (QoS) settings From 67cea7347fa86a5908365a1a56696a4714941df0 Mon Sep 17 00:00:00 2001 From: DocsPreview <49669258+DocsPreview@users.noreply.github.com> Date: Fri, 21 Jun 2019 15:52:51 -0700 Subject: [PATCH 14/20] Latest updates for the issue posted in morning (#545) --- .../resolved-issues-windows-server-2012.yml | 2 ++ windows/release-information/status-windows-server-2012.yml | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml index 2735e58837..15736d25c5 100644 --- a/windows/release-information/resolved-issues-windows-server-2012.yml +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -64,6 +65,7 @@ sections: - type: markdown text: "
    SummaryOriginating updateStatusDate resolved
    Some devices and generation 2 Hyper-V VMs may have issues installing updates
    Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing some updates when Secure Boot is enabled.

    See details >    		June 11, 2019
    KB4503285    		Resolved
    KB4503295    		June 21, 2019
    02:00 PM PT
    IE11 may stop working when loading or interacting with Power BI reports
    Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.

    See details >    		May 14, 2019
    KB4499171    		Resolved
    KB4503295    		June 21, 2019
    02:00 PM PT
    Event Viewer may close or you may receive an error when using Custom Views
    When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

    See details >    		June 11, 2019
    KB4503285    		Resolved
    KB4503295    		June 20, 2019
    02:00 PM PT
    Issue using PXE to start a device from WDS
    There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.

    See details >    		March 12, 2019
    KB4489891    		Resolved
    KB4503285    		June 11, 2019
    10:00 AM PT
    +
    DetailsOriginating updateStatusHistory
    Some devices and generation 2 Hyper-V VMs may have issues installing updates
    Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing KB4503285 or later updates when Secure Boot is enabled.

    Affected platforms:
    • Server: Windows Server 2012
    Resolution: This issue was resolved in KB4503295. If your device is using Security Only updates, this issue was resolved in KB4508776.

    Back to top    		June 11, 2019
    KB4503285    		Resolved
    KB4503295    		Resolved:
    June 21, 2019
    02:00 PM PT

    Opened:
    June 19, 2019
    04:57 PM PT
    IE11 may stop working when loading or interacting with Power BI reports
    Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.


    Affected platforms:
    • Client: Windows 7 SP1; Windows 8.1
    • Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2

    Resolution: This issue was resolved in Preview Rollup KB4503295. If you are using the Internet Explorer cumulative updates, this issue was resolved in KB4508646.

    Back to top    		May 14, 2019
    KB4499171    		Resolved
    KB4503295    		Resolved:
    June 21, 2019
    02:00 PM PT

    Opened:
    June 07, 2019
    02:57 PM PT
    Event Viewer may close or you may receive an error when using Custom Views
    When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

    Affected platforms:
    • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
    • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
    Resolution: This issue was resolved in KB4503295. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

    Back to top    		June 11, 2019
    KB4503285    		Resolved
    KB4503295    		Resolved:
    June 20, 2019
    02:00 PM PT

    Opened:
    June 12, 2019
    11:11 AM PT
    diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml index 45c7ef8b45..7588536963 100644 --- a/windows/release-information/status-windows-server-2012.yml +++ b/windows/release-information/status-windows-server-2012.yml @@ -60,9 +60,9 @@ sections: - type: markdown text: "
    This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

    - + @@ -81,7 +81,7 @@ sections: - type: markdown text: "
    SummaryOriginating updateStatusLast updated
    Some devices and generation 2 Hyper-V VMs may have issues installing updates
    Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing some updates when Secure Boot is enabled.

    See details >    		June 11, 2019
    KB4503285    		Mitigated
    		June 19, 2019
    04:57 PM PT
    Japanese IME doesn't show the new Japanese Era name as a text input option
    If previous dictionary updates are installed, the Japanese input method editor (IME) doesn't show the new Japanese Era name as a text input option.

    See details >    		April 25, 2019
    KB4493462    		Mitigated
    		May 15, 2019
    05:53 PM PT
    Certain operations performed on a Cluster Shared Volume may fail
    Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”.

    See details >    		January 08, 2019
    KB4480975    		Mitigated
    		April 25, 2019
    02:00 PM PT
    Some devices and generation 2 Hyper-V VMs may have issues installing updates
    Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing some updates when Secure Boot is enabled.

    See details >    		June 11, 2019
    KB4503285    		Resolved
    KB4503295    		June 21, 2019
    02:00 PM PT
    IE11 may stop working when loading or interacting with Power BI reports
    Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.

    See details >    		May 14, 2019
    KB4499171    		Resolved
    KB4503295    		June 21, 2019
    02:00 PM PT
    Event Viewer may close or you may receive an error when using Custom Views
    When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

    See details >    		June 11, 2019
    KB4503285    		Resolved
    KB4503295    		June 20, 2019
    02:00 PM PT
    Issue using PXE to start a device from WDS
    There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.

    See details >    		March 12, 2019
    KB4489891    		Resolved
    KB4503285    		June 11, 2019
    10:00 AM PT
    - +
    DetailsOriginating updateStatusHistory
    Some devices and generation 2 Hyper-V VMs may have issues installing updates
    Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing KB4503285 or later updates when Secure Boot is enabled.

    Affected platforms:
    • Server: Windows Server 2012
    Workaround: Disabling Secure Boot should allow the update to install as expected. You can enable Secure Boot again after installation is complete.

    Next steps: We are working on a resolution and will provide an update in an upcoming release.

    Back to top    		June 11, 2019
    KB4503285    		Mitigated
    		Last updated:
    June 19, 2019
    04:57 PM PT

    Opened:
    June 19, 2019
    04:57 PM PT
    Some devices and generation 2 Hyper-V VMs may have issues installing updates
    Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing KB4503285 or later updates when Secure Boot is enabled.

    Affected platforms:
    • Server: Windows Server 2012
    Resolution: This issue was resolved in KB4503295. If your device is using Security Only updates, this issue was resolved in KB4508776.

    Back to top    		June 11, 2019
    KB4503285    		Resolved
    KB4503295    		Resolved:
    June 21, 2019
    02:00 PM PT

    Opened:
    June 19, 2019
    04:57 PM PT
    IE11 may stop working when loading or interacting with Power BI reports
    Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.


    Affected platforms:
    • Client: Windows 7 SP1; Windows 8.1
    • Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2

    Resolution: This issue was resolved in Preview Rollup KB4503295. If you are using the Internet Explorer cumulative updates, this issue was resolved in KB4508646.

    Back to top    		May 14, 2019
    KB4499171    		Resolved
    KB4503295    		Resolved:
    June 21, 2019
    02:00 PM PT

    Opened:
    June 07, 2019
    02:57 PM PT
    Event Viewer may close or you may receive an error when using Custom Views
    When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

    Affected platforms:
    • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
    • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
    Resolution: This issue was resolved in KB4503295. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

    Back to top    		June 11, 2019
    KB4503285    		Resolved
    KB4503295    		Resolved:
    June 20, 2019
    02:00 PM PT

    Opened:
    June 12, 2019
    11:11 AM PT
    From a05e42f52731bf6b64b2df109b47c690ac74e525 Mon Sep 17 00:00:00 2001 From: DocsPreview <49669258+DocsPreview@users.noreply.github.com> Date: Fri, 21 Jun 2019 18:02:54 -0700 Subject: [PATCH 15/20] New updates for 21 june (#547) --- .../status-windows-10-1607-and-windows-server-2016.yml | 4 ++-- windows/release-information/status-windows-10-1703.yml | 10 ++++++++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index d03c300a4e..74ca531bab 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -61,8 +61,8 @@ sections: text: "
    This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

    + - @@ -98,7 +98,7 @@ sections: - type: markdown text: "
    SummaryOriginating updateStatusLast updated
    Difficulty connecting to some iSCSI-based SANs
    Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

    See details >    		OS Build 14393.2999

    May 23, 2019
    KB4499177    		Investigating
    		June 21, 2019
    10:08 AM PT
    Devices with Hyper-V enabled may see BitLocker error 0xC0210000
    Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000

    See details >    		OS Build 14393.2969

    May 14, 2019
    KB4494440    		Mitigated
    		June 21, 2019
    05:23 PM PT
    Some applications may fail to run as expected on clients of AD FS 2016
    Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)

    See details >    		OS Build 14393.2941

    April 25, 2019
    KB4493473    		Mitigated
    		June 07, 2019
    04:25 PM PT
    Devices running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000
    Some devices running Windows Server with Hyper-V enabled may start into Bitlocker recovery with error 0xC0210000

    See details >    		OS Build 14393.2969

    May 14, 2019
    KB4494440    		Mitigated
    		May 23, 2019
    09:57 AM PT
    Cluster service may fail if the minimum password length is set to greater than 14
    The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

    See details >    		OS Build 14393.2639

    November 27, 2018
    KB4467684    		Mitigated
    		April 25, 2019
    02:00 PM PT
    SCVMM cannot enumerate and manage logical switches deployed on the host
    For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

    See details >    		OS Build 14393.2639

    November 27, 2018
    KB4467684    		Mitigated
    		April 25, 2019
    02:00 PM PT
    Certain operations performed on a Cluster Shared Volume may fail
    Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

    See details >    		OS Build 14393.2724

    January 08, 2019
    KB4480961    		Mitigated
    		April 25, 2019
    02:00 PM PT
    - +
    DetailsOriginating updateStatusHistory
    Devices running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000
    Some devices running Windows Server 2016 with Hyper-V enabled may enter Bitlocker recovery mode and receive an error, \"0xC0210000\" after installing KB4494440 and restarting.

    Note Windows 10, version 1607 may also be affected when Bitlocker and Hyper-V are both enabled.

    Affected platforms:
    • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
    • Server: Windows Server 2016
    Workaround: If your device is already in this state, you can successfully start Windows after suspending Bitlocker from the Windows Recovery Environment (WinRE) using the following steps:
    1. Retrieve the 48 digit Bitlocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when Bitlocker was first enabled.
    2. From the recovery screen, press the enter key and enter the recovery password when prompted.
    3. If your device starts in the Windows Recovery Environment and asks for recovery key again, select Skip the drive to continue to WinRE.
    4. select Advanced options then Troubleshoot then Advanced options then Command Prompt.
    5. Unlock OS drive using the command: Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group>
    6. Suspend Bitlocker using the command: Manage-bde -protectors -disable c:
    7. Exit the command window using the command: exit
    8. Select Continue from recovery environment.
    9. The device should now start Windows.
    10. Once started, launch an Administrator Command Prompt and resume the Bitlocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:
    Note The workaround needs to be followed on every system restart unless Bitlocker is suspended before restarting.

    To prevent this issue, execute the following command to temporarily suspend Bitlocker just before restarting the system: Manage-bde -protectors -disable c: -rc 1
    Note This command will suspend Bitlocker for 1 restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).

    Next steps: Microsoft is presently investigating this issue and will provide an update when available.

    Back to top    		OS Build 14393.2969

    May 14, 2019
    KB4494440    		Mitigated
    		Last updated:
    May 23, 2019
    09:57 AM PT

    Opened:
    May 21, 2019
    08:50 AM PT
    Devices with Hyper-V enabled may see BitLocker error 0xC0210000
    Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4494440 and restarting.

    Affected platforms:
    • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
    • Server: Windows Server 2016
    Workaround: If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:
    1. Retrieve the 48 digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.
    2. From the recovery screen, press the enter key and enter the recovery password when prompted.
    3. If your device starts in the Windows Recovery Environment and asks for recovery key again, select Skip the drive to continue to WinRE.
    4. select Advanced options then Troubleshoot then Advanced options then Command Prompt.
    5. Unlock OS drive using the command: Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group>
    6. Suspend BitLocker using the command: Manage-bde -protectors -disable c:
    7. Exit the command window using the command: exit
    8. Select Continue from recovery environment.
    9. The device should now start Windows.
    10. Once started, launch an Administrator Command Prompt and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:
    Note The workaround needs to be followed on every system restart unless BitLocker is suspended before restarting.

    To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: Manage-bde -protectors -disable c: -rc 1
    Note This command will suspend BitLocker for 1 restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).

    Next steps: We are working on a resolution and will provide an update in an upcoming release.

    Back to top    		OS Build 14393.2969

    May 14, 2019
    KB4494440    		Mitigated
    		Last updated:
    June 21, 2019
    05:23 PM PT

    Opened:
    May 21, 2019
    08:50 AM PT
    Update not showing as applicable through WSUS or SCCM or when manually installed
    KB4494440 or later updates may not show as applicable through WSUS or SCCM to the affected platforms. When manually installing the standalone update from Microsoft Update Catalog, it may fail to install with the error, \"The update is not applicable to your computer.\"


    Affected platforms:
    • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
    • Server: Windows Server 2016

    Resolution: The servicing stack update (SSU) (KB4498947) must be installed before installing the latest cumulative update (LCU). The LCU will not be reported as applicable until the SSU is installed. For more information, see Servicing stack updates.

    Back to top    		OS Build 14393.2969

    May 14, 2019
    KB4494440    		Resolved
    KB4498947    		Resolved:
    May 14, 2019
    10:00 AM PT

    Opened:
    May 24, 2019
    04:20 PM PT
    " diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index d1eadde8fc..5b45e36e2d 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -61,6 +61,7 @@ sections: text: "
    This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

    + @@ -85,6 +86,15 @@ sections:
    SummaryOriginating updateStatusLast updated
    Difficulty connecting to some iSCSI-based SANs
    Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

    See details >    		OS Build 15063.1839

    May 28, 2019
    KB4499162    		Investigating
    		June 21, 2019
    10:08 AM PT
    Devices with Hyper-V enabled may see BitLocker error 0xC0210000
    Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000

    See details >    		OS Build 15063.1805

    May 14, 2019
    KB4499181    		Mitigated
    		June 21, 2019
    05:23 PM PT
    Certain operations performed on a Cluster Shared Volume may fail
    Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

    See details >    		OS Build 15063.1563

    January 08, 2019
    KB4480973    		Mitigated
    		April 25, 2019
    02:00 PM PT
    Event Viewer may close or you may receive an error when using Custom Views
    When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

    See details >    		OS Build 15063.1868

    June 11, 2019
    KB4503279    		Resolved
    KB4503289    		June 18, 2019
    02:00 PM PT
    Opening Internet Explorer 11 may fail
    Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

    See details >    		OS Build 15063.1839

    May 28, 2019
    KB4499162    		Resolved
    KB4503279    		June 11, 2019
    10:00 AM PT
    " +- title: May 2019 +- items: + - type: markdown + text: " + + +
    DetailsOriginating updateStatusHistory
    Devices with Hyper-V enabled may see BitLocker error 0xC0210000
    Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4499181 and restarting.

    Affected platforms:
    • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
    • Server: Windows Server 2016
    Workaround: If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:
    1. Retrieve the 48 digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.
    2. From the recovery screen, press the enter key and enter the recovery password when prompted.
    3. If your device starts in the Windows Recovery Environment and asks for recovery key again, select Skip the drive to continue to WinRE.
    4. select Advanced options then Troubleshoot then Advanced options then Command Prompt.
    5. Unlock OS drive using the command: Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group>
    6. Suspend BitLocker using the command: Manage-bde -protectors -disable c:
    7. Exit the command window using the command: exit
    8. Select Continue from recovery environment.
    9. The device should now start Windows.
    10. Once started, launch an Administrator Command Prompt and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:
    Note The workaround needs to be followed on every system restart unless BitLocker is suspended before restarting.

    To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: Manage-bde -protectors -disable c: -rc 1
    Note This command will suspend BitLocker for 1 restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).

    Next steps: We are working on a resolution and will provide an update in an upcoming release.

    Back to top    		OS Build 15063.1805

    May 14, 2019
    KB4499181    		Mitigated
    		Last updated:
    June 21, 2019
    05:23 PM PT

    Opened:
    May 21, 2019
    08:50 AM PT
    + " + - title: January 2019 - items: - type: markdown From 6512ff8f7982a956906baaca3d07c9752281d164 Mon Sep 17 00:00:00 2001 From: jaimeo Date: Mon, 24 Jun 2019 11:06:52 -0700 Subject: [PATCH 16/20] adding statement about licenses for WDAV per Charles --- .../windows-defender-antivirus/troubleshoot-reporting.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md index 81599231f8..a194696c88 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md +++ b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md @@ -11,7 +11,6 @@ ms.pagetype: security ms.localizationpriority: medium author: dansimp ms.author: dansimp -ms.date: 09/03/2018 ms.reviewer: manager: dansimp --- @@ -22,7 +21,9 @@ manager: dansimp - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of machines or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Windows Defender Antivirus, you may encounter problems or issues. +You can use Windows Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the [Microsoft Defender ATP portal](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see [Windows 10 product licensing options](https://www.microsoft.com/licensing/product-licensing/windows10.aspx). + +When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of devices or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Windows Defender Antivirus, you might encounter problems or issues. Typically, the most common indicators of a problem are: - You only see a small number or subset of all the devices you were expecting to see @@ -52,7 +53,9 @@ In order for devices to properly show up in Update Compliance, you have to meet > - If the endpoint is running Windows 10 version 1607 or earlier, [Windows 10 diagnostic data must be set to the Enhanced level](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization#enhanced-level). > - It has been 3 days since all requirements have been met -If the above pre-requisites have all been met, you may need to proceed to the next step to collect diagnostic information and send it to us. +“You can use Windows Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the Microsoft Defender ATP portal (https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see Windows 10 product licensing options" + +If the above pre-requisites have all been met, you might need to proceed to the next step to collect diagnostic information and send it to us. > [!div class="nextstepaction"] > [Collect diagnostic data for Update Compliance troubleshooting](collect-diagnostic-data-update-compliance.md) From aae2dabce503e2458dbe44dfa4ef001525e4b632 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 24 Jun 2019 11:42:09 -0700 Subject: [PATCH 17/20] removing arch posters until they can be updated --- windows/deployment/TOC.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 57fb6fe644..dc75df4d5f 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -1,5 +1,4 @@ # [Deploy and update Windows 10](https://docs.microsoft.com/windows/deployment) -## [Architectural planning posters for Windows 10](windows-10-architecture-posters.md) ## [Deploy Windows 10 with Microsoft 365](deploy-m365.md) ## [What's new in Windows 10 deployment](deploy-whats-new.md) ## [Windows 10 deployment scenarios](windows-10-deployment-scenarios.md) From 5d3a9dd44cb6f47db5f2017546dd5511b1ee6abd Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 24 Jun 2019 13:29:05 -0700 Subject: [PATCH 18/20] removing posters until updated --- .../windows-10-architecture-posters.md | 27 ------------------- 1 file changed, 27 deletions(-) delete mode 100644 windows/deployment/windows-10-architecture-posters.md diff --git a/windows/deployment/windows-10-architecture-posters.md b/windows/deployment/windows-10-architecture-posters.md deleted file mode 100644 index f0245f7e83..0000000000 --- a/windows/deployment/windows-10-architecture-posters.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: Deploy Windows 10 - architectural posters -description: Provides architural planning posters for Windows 10 in the enterprise -ms.prod: w10 -ms.author: greg-lindsay -author: greg-lindsay -ms.date: 09/28/2017 -ms.reviewer: -manager: laurawi -ms.tgt_pltfrm: na -ms.topic: article -ms.localizationpriority: medium ---- -# Architectural planning posters for Windows 10 - -You can download the following posters for architectural information about deploying Windows 10 in the enterprise. - -- [Deploy Windows 10 - Clean installation](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/master/windows/media/ModernSecureDeployment/Deploy-CleanInstallation.pdf) - Learn about the options and steps for a new installation of Windows 10. -- [Deploy Windows 10 - In-place upgrade](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/master/windows/media/ModernSecureDeployment/Deploy-InplaceUpgrade.pdf) - Learn about the steps to upgrade from a previous version of Windows. -- [Deploy Windows 10 - Windows Autopilot](https://github.com/MicrosoftDocs/windows-itpro-docs/blob/master/windows/media/ModernSecureDeployment/Deploy-WindowsAutoPilot.pdf) - Learn how you can set up and pre-configure Windows 10 devices. -- [Deploy Windows 10 - Windows servicing](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/master/windows/media/ModernSecureDeployment/WindowsServicing.pdf) - Learn how to keep Windows up to date. -- [Deploy Windows 10 - Protection solutions](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/master/windows/media/ModernSecureDeployment/ProtectionSolutions.pdf) - Learn about the two tiers of protection available for Windows 10 devices. From 26a9cc21920e2c136d0bf01c3b24d446988079eb Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 24 Jun 2019 13:34:36 -0700 Subject: [PATCH 19/20] adding redir --- .openpublishing.redirection.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 1fe80284d7..0c4909bd02 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -15038,6 +15038,11 @@ "redirect_document_id": true }, { +"source_path": "windows/deployment/windows-10-architecture-posters.md", +"redirect_url": "/windows/deployment/windows-10-deployment-scenarios", +"redirect_document_id": true +}, +{ "source_path": "windows/device-security/index.md", "redirect_url": "/windows/security/threat-protection", "redirect_document_id": true From b018962d96e5056957bb83ea6f9b36a207d1d915 Mon Sep 17 00:00:00 2001 From: mapalko Date: Mon, 24 Jun 2019 16:48:33 -0700 Subject: [PATCH 20/20] DC documentation changes --- .../hello-hybrid-cert-whfb-settings-pki.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md index 6e3126b3c7..3a8ba5db87 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md @@ -55,7 +55,7 @@ Sign-in a certificate authority or management workstations with _Domain Admin_ e 7. On the **Cryptography** tab, select **Key Storage Provider** from the **Provider Category** list. Select **RSA** from the **Algorithm name** list. Type **2048** in the **Minimum key size** text box. Select **SHA256** from the **Request hash** list. Click **OK**. 8. Close the console. -#### Configure Certificate Suspeding for the Domain Controller Authentication (Kerberos) Certificate Template +#### Configure Certificate Superseding for the Domain Controller Authentication (Kerberos) Certificate Template Many domain controllers may have an existing domain controller certificate. The Active Directory Certificate Services provides a default certificate template for domain controllers--the domain controller certificate template. Later releases provided a new certificate template--the domain controller authentication certificate template. These certificate templates were provided prior to update of the Kerberos specification that stated Key Distribution Centers (KDCs) performing certificate authentication needed to include the **KDC Authentication** extension. @@ -77,6 +77,9 @@ Sign-in a certificate authority or management workstations with _Enterprise Admi The certificate template is configured to supersede all the certificate templates provided in the certificate templates superseded templates list. However, the certificate template and the superseding of certificate templates is not active until you publish the certificate template to one or more certificate authorities. +>[!NOTE] +>The Domain Controller Certificate must be present in the NTAuth store. By default, Microsoft Enterprise CAs are added to the NTAuth store. If you are using a 3rd party CA, this may not be done by default. If the Domain Controller Certificate is not present in the NTAuth store, user authentication will fail. + ### Enrollment Agent certificate template Active Directory Federation Server used for Windows Hello for Business certificate enrollment performs its own certificate life-cycle management. Once the registration authority is configured with the proper certificate template, the AD FS server attempts to enroll the certificate on the first certificate request or when the service first starts. @@ -183,6 +186,7 @@ Sign-in to the certificate authority or management workstation with _Enterprise 4. Right-click the **Domain Controller** certificate template in the content pane and select **Delete**. Click **Yes** on the **Disable certificate templates** window. 5. Repeat step 4 for the **Domain Controller Authentication** and **Kerberos Authentication** certificate templates. + ### Section Review > [!div class="checklist"] > * Domain Controller certificate template