From 4e442c064c2a27a01458f1df2a90b0883f6141cb Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Fri, 12 May 2023 12:49:18 +0200
Subject: [PATCH 1/9] Update-ProfileList-in-vpnv2-csp.md
ProfileList - added some description, usage information and an example on how to use it.
---
windows/client-management/mdm/vpnv2-csp.md | 41 +++++++++++++++++++---
1 file changed, 36 insertions(+), 5 deletions(-)
diff --git a/windows/client-management/mdm/vpnv2-csp.md b/windows/client-management/mdm/vpnv2-csp.md
index 84b7a6c4ec..191bbe2977 100644
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@@ -2785,6 +2785,9 @@ Required for native profiles. Type of tunneling protocol used.
| Automatic | Automatic. |
| SSTP | SSTP. |
| ProtocolList | ProtocolList. |
+
+> [!NOTE]
+> Using ProtocolList requires additional configuration of the NativeProfile/ProtocolList parameter.
@@ -2887,11 +2890,13 @@ True: Plumb traffic selectors as routes onto VPN interface, False: Do not plumb
-List of inbox VPN protocols in priority order.
+List of inbox VPN protocols in priority order. Up to 4 VPN protocols are supported.
+> [!NOTE]
+> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
@@ -2930,6 +2935,8 @@ List of inbox VPN protocols in priority order.
+> [!NOTE]
+> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
@@ -2969,6 +2976,8 @@ Inbox VPN protocols type.
+> [!NOTE]
+> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
@@ -3014,11 +3023,13 @@ Inbox VPN protocols type.
-Default 168, max 500000.
+Default 168, max 500000, min 0
+RetryTimeInHours specifies the length of time Windows will try to use the last succesful protocol first when making a new connection.
+Setting this to 0 disables remembering the last successful protocol.
@@ -7010,6 +7021,9 @@ Required for native profiles. Type of tunneling protocol used.
| Automatic | Automatic. |
| SSTP | SSTP. |
| ProtocolList | ProtocolList. |
+
+> [!NOTE]
+> Using ProtocolList requires additional configuration of the NativeProfile/ProtocolList parameter.
@@ -7112,11 +7126,13 @@ True: Plumb traffic selectors as routes onto VPN interface, False: Do not plumb
-List of inbox VPN protocols in priority order.
+List of inbox VPN protocols in priority order. Up to 4 VPN protocols are supported.
+> [!NOTE]
+> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
@@ -7155,6 +7171,8 @@ List of inbox VPN protocols in priority order.
+> [!NOTE]
+> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
@@ -7194,6 +7212,8 @@ Inbox VPN protocols type.
+> [!NOTE]
+> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
@@ -7239,11 +7259,13 @@ Inbox VPN protocols type.
-Default 168, max 500000.
+Default 168, max 500000, min 0
+RetryTimeInHours specifies the length of time Windows will try to use the last succesful protocol first when making a new connection.
+Setting this to 0 disables remembering the last successful protocol.
@@ -8994,7 +9016,16 @@ Profile example
VPN_Demo
VPNServer.contoso.com
- Automatic
+ ProtocolList
+
+
+ Ikev2
+
+
+ Sstp
+
+ 1
+
Eap
From b3baaececd2e7cf63d156878f465ec6760bc349e Mon Sep 17 00:00:00 2001
From: Narkis Engler <41025789+narkissit@users.noreply.github.com>
Date: Fri, 12 May 2023 17:12:42 -0700
Subject: [PATCH 2/9] Update waas-delivery-optimization-faq.yml
DO Metadata for MUv6 content is being moved from emdl hostname to download.windowsupdate.com
---
windows/deployment/do/waas-delivery-optimization-faq.yml | 1 +
1 file changed, 1 insertion(+)
diff --git a/windows/deployment/do/waas-delivery-optimization-faq.yml b/windows/deployment/do/waas-delivery-optimization-faq.yml
index 1a0f413fd5..4cccd98fa6 100644
--- a/windows/deployment/do/waas-delivery-optimization-faq.yml
+++ b/windows/deployment/do/waas-delivery-optimization-faq.yml
@@ -81,6 +81,7 @@ sections:
Delivery Optimization metadata:
- `http://emdl.ws.microsoft.com`
+ - `http://download.windowsupdate.com`
- `http://*.dl.delivery.mp.microsoft.com`
Windows Update and Microsoft Store backend services and Windows Update and Microsoft Store payloads
From 3be4de44585cccce7fd39eff1dc35e78ad27c5b8 Mon Sep 17 00:00:00 2001
From: Narkis Engler <41025789+narkissit@users.noreply.github.com>
Date: Fri, 12 May 2023 17:15:18 -0700
Subject: [PATCH 3/9] Update delivery-optimization-workflow.md
DO Metadata for MUv6 content is being moved from emdl hostname to download.windowsupdate.com
---
windows/deployment/do/delivery-optimization-workflow.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/deployment/do/delivery-optimization-workflow.md b/windows/deployment/do/delivery-optimization-workflow.md
index 2c4b6f9158..b994ac956f 100644
--- a/windows/deployment/do/delivery-optimization-workflow.md
+++ b/windows/deployment/do/delivery-optimization-workflow.md
@@ -39,4 +39,4 @@ This workflow allows Delivery Optimization to securely and efficiently deliver r
| cp\*.prod.do.dsp.mp.microsoft.com
| 443 | Content Policy | Provides content specific policies and as content metadata URLs. | **Profile**: The device type (for example, PC or Xbox)
**ContentId**: The content identifier
**doClientVersion**: The version of the DoSvc client
**countryCode**: The country the client is connected from
**altCatalogID**: If ContentID isn't available, use the download URL instead
**eID**: Client grouping ID
**CacheHost**: Cache host ID |
| disc\*.prod.do.dsp.mp.microsoft.com | 443 | Discovery | Directs clients to a particular instance of the peer matching service (Array), ensuing that clients are collocated by factors, such as content, groupID and external IP. | **Profile**: The device type (for example, PC or Xbox)
**ContentID**: The content identifier
**doClientVersion**: The version of the DoSvc client
**partitionID**: Client partitioning hint
**altCatalogID**: If ContentID isn't available, use the download URL instead
**eID**: Client grouping ID |
| array\*.prod.do.dsp.mp.microsoft.com | 443 | Arrays | Provides the client with list of peers that have the same content and belong to the same peer group. | **Profile**: The device type (for example, PC or Xbox)
**ContentID**: The content identifier
**doClientVersion**: The version of the DoSvc client
**altCatalogID**: If ContentID isn't available, use the download URL instead
**PeerID**: Identity of the device running DO client
**ReportedIp**: The internal / private IP Address
**IsBackground**: Is the download interactive or background
**Uploaded**: Total bytes uploaded to peers
**Downloaded**: Total bytes downloaded from peers
**DownloadedCdn**: Total bytes downloaded from CDN
**Left**: Bytes left to download
**Peers Wanted**: Total number of peers wanted
**Group ID**: Group the device belongs to (set via DownloadMode 2 + Group ID GP / MDM policies)
**Scope**: The Download mode
**UploadedBPS**: The upload speed in bytes per second
**DownloadBPS**: The download speed in Bytes per second
**eID**: Client grouping ID |
-| dl.delivery.mp.microsoft.com
emdl.ws.microsoft.com | 80 | Delivery Optimization metadata file hosting | CDN hostnames for Delivery Optimization content metadata files | Metadata download can come from different hostnames, but it's required for peer to peer. |
+| dl.delivery.mp.microsoft.com
emdl.ws.microsoft.com
download.windowsupdate.com | 80 | Delivery Optimization metadata file hosting | CDN hostnames for Delivery Optimization content metadata files | Metadata download can come from different hostnames, but it's required for peer to peer. |
From 5abea6aca8288ef96e62debf7895db3a9ebdfae8 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 15 May 2023 15:40:22 -0400
Subject: [PATCH 4/9] updated BitLocker licensing information
---
includes/licensing/_edition-requirements.md | 3 ++-
includes/licensing/_licensing-requirements.md | 3 ++-
.../{bitlocker.md => bitlocker-enablement.md} | 4 ++--
includes/licensing/bitlocker-management.md | 22 +++++++++++++++++++
.../bitlocker-management-for-enterprises.md | 13 +++++------
.../bitlocker/bitlocker-overview.md | 6 +----
.../data-protection/toc.yml | 2 +-
windows/whats-new/windows-licensing.md | 2 +-
8 files changed, 36 insertions(+), 19 deletions(-)
rename includes/licensing/{bitlocker.md => bitlocker-enablement.md} (86%)
create mode 100644 includes/licensing/bitlocker-management.md
diff --git a/includes/licensing/_edition-requirements.md b/includes/licensing/_edition-requirements.md
index 207141f3e5..9fb8926776 100644
--- a/includes/licensing/_edition-requirements.md
+++ b/includes/licensing/_edition-requirements.md
@@ -13,7 +13,8 @@ ms.topic: include
|**[Assigned Access (kiosk mode)](/windows/configuration/kiosk-methods)**|Yes|Yes|Yes|Yes|
|**[Attack surface reduction (ASR)](/microsoft-365/security/defender-endpoint/overview-attack-surface-reduction)**|Yes|Yes|Yes|Yes|
|**[Azure AD join, Active Directory domain join, and Hybrid Azure AD join with single sign-on (SSO)](/azure/active-directory/devices/concept-azure-ad-join)**|Yes|Yes|Yes|Yes|
-|**[BitLocker](/windows/security/information-protection/bitlocker/bitlocker-overview)**|Yes|Yes|Yes|Yes|
+|**[BitLocker enablement](/windows/security/information-protection/bitlocker/bitlocker-overview)**|Yes|Yes|Yes|Yes|
+|**[BitLocker management](/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises)**|Yes|Yes|Yes|Yes|
|**Bluetooth pairing and connection protection**|Yes|Yes|Yes|Yes|
|**[Common Criteria certifications](/windows/security/threat-protection/windows-platform-common-criteria)**|Yes|Yes|Yes|Yes|
|**[Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders)**|Yes|Yes|Yes|Yes|
diff --git a/includes/licensing/_licensing-requirements.md b/includes/licensing/_licensing-requirements.md
index a27829cbab..7f4033aa4b 100644
--- a/includes/licensing/_licensing-requirements.md
+++ b/includes/licensing/_licensing-requirements.md
@@ -13,7 +13,8 @@ ms.topic: include
|**[Assigned Access (kiosk mode)](/windows/configuration/kiosk-methods)**|Yes|Yes|Yes|Yes|Yes|
|**[Attack surface reduction (ASR)](/microsoft-365/security/defender-endpoint/overview-attack-surface-reduction)**|Yes|Yes|Yes|Yes|Yes|
|**[Azure AD join, Active Directory domain join, and Hybrid Azure AD join with single sign-on (SSO)](/azure/active-directory/devices/concept-azure-ad-join)**|Yes|Yes|Yes|Yes|Yes|
-|**[BitLocker](/windows/security/information-protection/bitlocker/bitlocker-overview)**|Yes|Yes|Yes|Yes|Yes|
+|**[BitLocker enablement](/windows/security/information-protection/bitlocker/bitlocker-overview)**|Yes|Yes|Yes|Yes|Yes|
+|**[BitLocker management](/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises)**|❌|Yes|Yes|Yes|Yes|
|**Bluetooth pairing and connection protection**|Yes|Yes|Yes|Yes|Yes|
|**[Common Criteria certifications](/windows/security/threat-protection/windows-platform-common-criteria)**|Yes|Yes|Yes|Yes|Yes|
|**[Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders)**|Yes|Yes|Yes|Yes|Yes|
diff --git a/includes/licensing/bitlocker.md b/includes/licensing/bitlocker-enablement.md
similarity index 86%
rename from includes/licensing/bitlocker.md
rename to includes/licensing/bitlocker-enablement.md
index cf1f80b079..4f0645fe52 100644
--- a/includes/licensing/bitlocker.md
+++ b/includes/licensing/bitlocker-enablement.md
@@ -7,13 +7,13 @@ ms.topic: include
## Windows edition and licensing requirements
-The following table lists the Windows editions that support BitLocker:
+The following table lists the Windows editions that support BitLocker enablement:
|Windows Pro|Windows Enterprise|Windows Pro Education/SE|Windows Education|
|:---:|:---:|:---:|:---:|
|Yes|Yes|Yes|Yes|
-BitLocker license entitlements are granted by the following licenses:
+BitLocker enablement license entitlements are granted by the following licenses:
|Windows Pro/Pro Education/SE|Windows Enterprise E3|Windows Enterprise E5|Windows Education A3|Windows Education A5|
|:---:|:---:|:---:|:---:|:---:|
diff --git a/includes/licensing/bitlocker-management.md b/includes/licensing/bitlocker-management.md
new file mode 100644
index 0000000000..ec1d957938
--- /dev/null
+++ b/includes/licensing/bitlocker-management.md
@@ -0,0 +1,22 @@
+---
+author: paolomatarazzo
+ms.author: paoloma
+ms.date: 05/04/2023
+ms.topic: include
+---
+
+## Windows edition and licensing requirements
+
+The following table lists the Windows editions that support BitLocker management:
+
+|Windows Pro|Windows Enterprise|Windows Pro Education/SE|Windows Education|
+|:---:|:---:|:---:|:---:|
+|Yes|Yes|Yes|Yes|
+
+BitLocker management license entitlements are granted by the following licenses:
+
+|Windows Pro/Pro Education/SE|Windows Enterprise E3|Windows Enterprise E5|Windows Education A3|Windows Education A5|
+|:---:|:---:|:---:|:---:|:---:|
+|Yes|Yes|Yes|Yes|Yes|
+
+For more information about Windows licensing, see [Windows licensing overview](/windows/whats-new/windows-licensing).
diff --git a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md
index 93dc998a8a..8f46db3e99 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises.md
@@ -1,6 +1,6 @@
---
-title: BitLocker Management Recommendations for Enterprises (Windows 10)
-description: Refer to relevant documentation, products, and services to learn about managing BitLocker for enterprises and see recommendations for different computers.
+title: BitLocker management
+description: Refer to relevant documentation, products, and services to learn about managing BitLocker and see recommendations for different computers.
ms.prod: windows-client
ms.localizationpriority: medium
author: frankroj
@@ -12,12 +12,14 @@ ms.custom: bitlocker
ms.technology: itpro-security
---
-# BitLocker management for enterprises
+# BitLocker management
The ideal solution for BitLocker management is to eliminate the need for IT administrators to set management policies using tools or other mechanisms by having Windows perform tasks that are more practical to automate. This vision leverages modern hardware developments. The growth of TPM 2.0, secure boot, and other hardware improvements, for example, have helped to alleviate the support burden on help desks and a decrease in support-call volumes, yielding improved user satisfaction. Windows continues to be the focus for new features and improvements for built-in encryption management, such as automatically enabling encryption on devices that support Modern Standby beginning with Windows 8.1.
Though much Windows [BitLocker documentation](bitlocker-overview.md) has been published, customers frequently ask for recommendations and pointers to specific, task-oriented documentation that is both easy to digest and focused on how to deploy and manage BitLocker. This article links to relevant documentation, products, and services to help answer this and other related frequently asked questions, and also provides BitLocker recommendations for different types of computers.
+[!INCLUDE [bitlocker](../../../../includes/licensing/bitlocker-management.md)]
+
## Managing domain-joined computers and moving to cloud
Companies that image their own computers using Configuration Manager can use an existing task sequence to [pre-provision BitLocker](/configmgr/osd/understand/task-sequence-steps#BKMK_PreProvisionBitLocker) encryption while in Windows Preinstallation Environment (WinPE) and can then [enable protection](/configmgr/osd/understand/task-sequence-steps#BKMK_EnableBitLocker). These steps during an operating system deployment can help ensure that computers are encrypted from the start, even before users receive them. As part of the imaging process, a company could also decide to use Configuration Manager to pre-set any desired [BitLocker Group Policy](./bitlocker-group-policy-settings.md).
@@ -35,11 +37,6 @@ Starting with Windows 10 version 1703, the enablement of BitLocker can be trigge
For hardware that is compliant with Modern Standby and HSTI, when using either of these features, [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md#bitlocker-device-encryption) is automatically turned on whenever the user joins a device to Azure AD. Azure AD provides a portal where recovery keys are also backed up, so users can retrieve their own recovery key for self-service, if necessary. For older devices that aren't yet encrypted, beginning with Windows 10 version 1703, admins can use the [BitLocker CSP](/windows/client-management/mdm/bitlocker-csp/) to trigger encryption and store the recovery key in Azure AD. This process and feature is applicable to Azure Hybrid AD as well.
-> [!NOTE]
-> To manage Bitlocker via CSP (Configuration Service Provider), except to enable and disable it, regardless of your management platform, one of the following licenses must be assigned to your users:
-> - Windows 10/11 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, and E5).
-> - Windows 10/11 Education A3 or A5 (included in Microsoft 365 A3 and A5).
-
## Managing workplace-joined PCs and phones
For Windows PCs and Windows Phones that are enrolled using **Connect to work or school account**, BitLocker Device Encryption is managed over MDM, the same as devices joined to Azure AD.
diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview.md b/windows/security/information-protection/bitlocker/bitlocker-overview.md
index d6c02185e3..9f04e173a3 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-overview.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-overview.md
@@ -48,11 +48,7 @@ There are two additional tools in the Remote Server Administration Tools that ca
- **BitLocker Drive Encryption Tools**. BitLocker Drive Encryption Tools include the command-line tools, manage-bde and repair-bde, and the BitLocker cmdlets for Windows PowerShell. Both manage-bde and the BitLocker cmdlets can be used to perform any task that can be accomplished through the
BitLocker control panel, and they're appropriate to be used for automated deployments and other scripting scenarios. Repair-bde is provided for disaster recovery scenarios in which a BitLocker-protected drive can't be unlocked normally or by using the recovery console.
-## New and changed functionality
-
-To find out what's new in BitLocker for Windows, such as support for the XTS-AES encryption algorithm, see [What's new in Windows 10, versions 1507 and 1511 for IT Pros: BitLocker](/windows/whats-new/whats-new-windows-10-version-1507-and-1511#bitlocker).
-
-[!INCLUDE [bitlocker](../../../../includes/licensing/bitlocker.md)]
+[!INCLUDE [bitlocker](../../../../includes/licensing/bitlocker-enablement.md)]
## System requirements
diff --git a/windows/security/operating-system-security/data-protection/toc.yml b/windows/security/operating-system-security/data-protection/toc.yml
index 56500215a0..89647a44e4 100644
--- a/windows/security/operating-system-security/data-protection/toc.yml
+++ b/windows/security/operating-system-security/data-protection/toc.yml
@@ -35,7 +35,7 @@ items:
href: ../../information-protection/bitlocker/bitlocker-basic-deployment.md
- name: Deploy BitLocker on Windows Server 2012 and later
href: ../../information-protection/bitlocker/bitlocker-how-to-deploy-on-windows-server.md
- - name: BitLocker management for enterprises
+ - name: BitLocker management
href: ../../information-protection/bitlocker/bitlocker-management-for-enterprises.md
- name: Enable Network Unlock with BitLocker
href: ../../information-protection/bitlocker/bitlocker-how-to-enable-network-unlock.md
diff --git a/windows/whats-new/windows-licensing.md b/windows/whats-new/windows-licensing.md
index 212d022557..1af9776fe0 100644
--- a/windows/whats-new/windows-licensing.md
+++ b/windows/whats-new/windows-licensing.md
@@ -199,7 +199,7 @@ To learn more about Windows 11 Enterprise E3 and E5 licensing, download the [Win
[MEM-3]: /mem/intune/protect/windows-update-compatibility-reports
[UP-1]: /universal-print/
[WIN-1]: /windows/security/identity-protection/credential-guard/credential-guard
-[WIN-2]: /windows/security/information-protection/bitlocker/bitlocker-overview
+[WIN-2]: /windows/security/information-protection/bitlocker/bitlocker-management-for-enterprises
[WIN-3]: /windows/security/information-protection/personal-data-encryption/overview-pde
[WIN-4]: /windows/client-management/mdm/policy-csp-experience
[WIN-5]: /windows/deployment/windows-10-subscription-activation
From 1a2af4a5c34ce07bb8458f4269f9f6cc1cec67ea Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 15 May 2023 15:48:14 -0400
Subject: [PATCH 5/9] table update
---
includes/licensing/bitlocker-management.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/includes/licensing/bitlocker-management.md b/includes/licensing/bitlocker-management.md
index ec1d957938..af3034bd8b 100644
--- a/includes/licensing/bitlocker-management.md
+++ b/includes/licensing/bitlocker-management.md
@@ -17,6 +17,6 @@ BitLocker management license entitlements are granted by the following licenses:
|Windows Pro/Pro Education/SE|Windows Enterprise E3|Windows Enterprise E5|Windows Education A3|Windows Education A5|
|:---:|:---:|:---:|:---:|:---:|
-|Yes|Yes|Yes|Yes|Yes|
+|No|Yes|Yes|Yes|Yes|
For more information about Windows licensing, see [Windows licensing overview](/windows/whats-new/windows-licensing).
From e0e5efed6d8f7a50ed1afc2f75a05884bd7263c2 Mon Sep 17 00:00:00 2001
From: msarcletti <56821677+msarcletti@users.noreply.github.com>
Date: Tue, 16 May 2023 17:15:20 +0200
Subject: [PATCH 6/9] Update vpnv2-csp.md
---
windows/client-management/mdm/vpnv2-csp.md | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/windows/client-management/mdm/vpnv2-csp.md b/windows/client-management/mdm/vpnv2-csp.md
index 191bbe2977..54e08d2b0f 100644
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@@ -2763,6 +2763,8 @@ Required for native profiles. Type of tunneling protocol used.
+> [!NOTE]
+> Using ProtocolList requires additional configuration of the NativeProfile/ProtocolList parameter.
@@ -2786,8 +2788,6 @@ Required for native profiles. Type of tunneling protocol used.
| SSTP | SSTP. |
| ProtocolList | ProtocolList. |
-> [!NOTE]
-> Using ProtocolList requires additional configuration of the NativeProfile/ProtocolList parameter.
@@ -9024,7 +9024,7 @@ Profile example
Sstp
- 1
+ 168
Eap
From 7d8344d4ade56ab516b48fbeec6afe859315d7e1 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 16 May 2023 12:41:00 -0400
Subject: [PATCH 7/9] Update vpnv2-csp.md
---
windows/client-management/mdm/vpnv2-csp.md | 31 ++++++++++------------
1 file changed, 14 insertions(+), 17 deletions(-)
diff --git a/windows/client-management/mdm/vpnv2-csp.md b/windows/client-management/mdm/vpnv2-csp.md
index 54e08d2b0f..26bfbe35e2 100644
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@@ -2764,7 +2764,7 @@ Required for native profiles. Type of tunneling protocol used.
> [!NOTE]
-> Using ProtocolList requires additional configuration of the NativeProfile/ProtocolList parameter.
+> Using NativeProtocolType the NativeProfile/ProtocolList node.
@@ -2896,7 +2896,7 @@ List of inbox VPN protocols in priority order. Up to 4 VPN protocols are support
> [!NOTE]
-> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
+> A separate entry is needed for every VPN protocol. For a sample format, see [Examples](#examples).
@@ -2936,7 +2936,7 @@ List of inbox VPN protocols in priority order. Up to 4 VPN protocols are support
> [!NOTE]
-> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
+> A separate entry is needed for every VPN protocol. For a sample format, see [Examples](#examples).
@@ -2977,7 +2977,7 @@ Inbox VPN protocols type.
> [!NOTE]
-> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
+> A separate entry is needed for every VPN protocol. For a sample format, see [Examples](#examples).
@@ -3023,13 +3023,12 @@ Inbox VPN protocols type.
-Default 168, max 500000, min 0
+Default 168, max 500000.
-RetryTimeInHours specifies the length of time Windows will try to use the last succesful protocol first when making a new connection.
-Setting this to 0 disables remembering the last successful protocol.
+RetryTimeInHours specifies the length of time Windows tries to use the last succesful protocol when making a new connection. Setting this value to 0 disables remembering the last successful protocol.
@@ -6999,6 +6998,8 @@ Required for native profiles. Type of tunneling protocol used.
+> [!NOTE]
+> Using NativeProtocolType requires additional configuration of the NativeProfile/ProtocolList parameter.
@@ -7021,9 +7022,6 @@ Required for native profiles. Type of tunneling protocol used.
| Automatic | Automatic. |
| SSTP | SSTP. |
| ProtocolList | ProtocolList. |
-
-> [!NOTE]
-> Using ProtocolList requires additional configuration of the NativeProfile/ProtocolList parameter.
@@ -7126,13 +7124,13 @@ True: Plumb traffic selectors as routes onto VPN interface, False: Do not plumb
-List of inbox VPN protocols in priority order. Up to 4 VPN protocols are supported.
+List of inbox VPN protocols in priority order.
> [!NOTE]
-> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
+> Up to 4 VPN protocols are supported. A separate entry is needed for every VPN protocol. For a sample format, see [Examples](#examples).
@@ -7172,7 +7170,7 @@ List of inbox VPN protocols in priority order. Up to 4 VPN protocols are support
> [!NOTE]
-> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
+> A separate entry is needed for every VPN protocol. For a sample format, see [Examples](#examples).
@@ -7213,7 +7211,7 @@ Inbox VPN protocols type.
> [!NOTE]
-> A separate entry is needed for every VPN protocol. Please see the examples section for the format.
+> A separate entry is needed for every VPN protocol. For a sample format, see [Examples](#examples).
@@ -7259,13 +7257,12 @@ Inbox VPN protocols type.
-Default 168, max 500000, min 0
+Default 168, max 500000.
-RetryTimeInHours specifies the length of time Windows will try to use the last succesful protocol first when making a new connection.
-Setting this to 0 disables remembering the last successful protocol.
+RetryTimeInHours specifies the length of time Windows tries to use the last succesful protocol when making a new connection. Setting this value to 0 disables remembering the last successful protocol.
From dae9769c4f4f981270d3ff3ceb71b389278ba6d7 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 16 May 2023 12:42:55 -0400
Subject: [PATCH 8/9] Update vpnv2-csp.md
---
windows/client-management/mdm/vpnv2-csp.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/client-management/mdm/vpnv2-csp.md b/windows/client-management/mdm/vpnv2-csp.md
index 26bfbe35e2..3a4374ad36 100644
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@@ -2764,7 +2764,7 @@ Required for native profiles. Type of tunneling protocol used.
> [!NOTE]
-> Using NativeProtocolType the NativeProfile/ProtocolList node.
+> Using NativeProtocolType requires additional configuration of the NativeProfile/ProtocolList parameter.
From 5676cc0e475c8f9e038229899246d4c8de60b930 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 16 May 2023 12:44:51 -0400
Subject: [PATCH 9/9] Update vpnv2-csp.md
---
windows/client-management/mdm/vpnv2-csp.md | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/windows/client-management/mdm/vpnv2-csp.md b/windows/client-management/mdm/vpnv2-csp.md
index 3a4374ad36..842a59643a 100644
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@@ -2787,7 +2787,6 @@ Required for native profiles. Type of tunneling protocol used.
| Automatic | Automatic. |
| SSTP | SSTP. |
| ProtocolList | ProtocolList. |
-
@@ -2890,13 +2889,13 @@ True: Plumb traffic selectors as routes onto VPN interface, False: Do not plumb
-List of inbox VPN protocols in priority order. Up to 4 VPN protocols are supported.
+List of inbox VPN protocols in priority order.
> [!NOTE]
-> A separate entry is needed for every VPN protocol. For a sample format, see [Examples](#examples).
+> Up to 4 VPN protocols are supported. A separate entry is needed for every VPN protocol. For a sample format, see [Examples](#examples).