deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Acrolinx enhancement effort

Browse Source
This commit is contained in:
Siddarth Mandalika 2022-03-16 12:51:26 +05:30
parent d227079959
commit b65b89a1ea
5 changed files with 41 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
windows/client-management/mdm/policy-csp-admx-remoteassistance.md
View File

@ -63,13 +63,13 @@ manager: dansimp
<!--/Scope--> <!--/Scope-->
<!--Description--> <!--Description-->
This policy setting enables Remote Assistance invitations to be generated with improved encryption so that only computers running this version (or later versions) of the operating system can connect. This policy setting does not affect Remote Assistance connections that are initiated by instant messaging contacts or the unsolicited Offer Remote Assistance. This policy setting enables Remote Assistance invitations to be generated with improved encryption so that only computers running this version (or later versions) of the operating system can connect. This policy setting doesn't affect Remote Assistance connections that are initiated by instant messaging contacts or the unsolicited Offer Remote Assistance.
If you enable this policy setting, only computers running this version (or later versions) of the operating system can connect to this computer. If you enable this policy setting, only computers running this version (or later versions) of the operating system can connect to this computer.
If you disable this policy setting, computers running this version and a previous version of the operating system can connect to this computer. If you disable this policy setting, computers running this version and a previous version of the operating system can connect to this computer.
If you do not configure this policy setting, users can configure the setting in System Properties in the Control Panel. If you don't configure this policy setting, users can configure the setting in System Properties in the Control Panel.
<!--/Description--> <!--/Description-->
@ -133,7 +133,7 @@ If you enable this policy setting, bandwidth optimization occurs at the level sp
If you disable this policy setting, application-based settings are used. If you disable this policy setting, application-based settings are used.
If you do not configure this policy setting, application-based settings are used. If you don't configure this policy setting, application-based settings are used.
<!--/Description--> <!--/Description-->

18
windows/client-management/mdm/policy-csp-admx-rpc.md
View File

@ -75,7 +75,7 @@ Extended error information includes the local time that the error occurred, the
If you disable this policy setting, the RPC Runtime only generates a status code to indicate an error condition. If you disable this policy setting, the RPC Runtime only generates a status code to indicate an error condition.
If you do not configure this policy setting, it remains disabled. It will only generate a status code to indicate an error condition. If you don't configure this policy setting, it remains disabled. It will only generate a status code to indicate an error condition.
If you enable this policy setting, the RPC runtime will generate extended error information. If you enable this policy setting, the RPC runtime will generate extended error information.
@ -136,17 +136,17 @@ ADMX Info:
<!--Description--> <!--Description-->
This policy setting controls whether the RPC Runtime ignores delegation failures when delegation is requested. This policy setting controls whether the RPC Runtime ignores delegation failures when delegation is requested.
The constrained delegation model, introduced in Windows Server 2003, does not report that delegation was enabled on a security context when a client connects to a server. Callers of RPC and COM are encouraged to use the RPC_C_QOS_CAPABILITIES_IGNORE_DELEGATE_FAILURE flag, but some applications written for the traditional delegation model prior to Windows Server 2003 may not use this flag and will encounter RPC_S_SEC_PKG_ERROR when connecting to a server that uses constrained delegation. The constrained delegation model, introduced in Windows Server 2003, doesn't report that delegation was enabled on a security context when a client connects to a server. Callers of RPC and COM are encouraged to use the RPC_C_QOS_CAPABILITIES_IGNORE_DELEGATE_FAILURE flag, but some applications written for the traditional delegation model prior to Windows Server 2003 may not use this flag and will encounter RPC_S_SEC_PKG_ERROR when connecting to a server that uses constrained delegation.
If you disable this policy setting, the RPC Runtime will generate RPC_S_SEC_PKG_ERROR errors to applications that ask for delegation and connect to servers using constrained delegation. If you disable this policy setting, the RPC Runtime will generate RPC_S_SEC_PKG_ERROR errors to applications that ask for delegation and connect to servers using constrained delegation.
If you do not configure this policy setting, it remains disabled and will generate RPC_S_SEC_PKG_ERROR errors to applications that ask for delegation and connect to servers using constrained delegation. If you don't configure this policy setting, it remains disabled and will generate RPC_S_SEC_PKG_ERROR errors to applications that ask for delegation and connect to servers using constrained delegation.
If you enable this policy setting, then: If you enable this policy setting, then:
- "Off" directs the RPC Runtime to generate RPC_S_SEC_PKG_ERROR if the client asks for delegation, but the created security context does not support delegation. - "Off" directs the RPC Runtime to generate RPC_S_SEC_PKG_ERROR if the client asks for delegation, but the created security context doesn't support delegation.
- "On" directs the RPC Runtime to accept security contexts that do not support delegation even if delegation was asked for. - "On" directs the RPC Runtime to accept security contexts that don't support delegation even if delegation was asked for.
> [!NOTE] > [!NOTE]
> This policy setting will not be applied until the system is rebooted. > This policy setting will not be applied until the system is rebooted.
@ -202,7 +202,7 @@ The minimum allowed value for this policy setting is 90 seconds. The maximum is
If you disable this policy setting, the idle connection timeout on the IIS server running the RPC HTTP proxy will be used. If you disable this policy setting, the idle connection timeout on the IIS server running the RPC HTTP proxy will be used.
If you do not configure this policy setting, it will remain disabled. The idle connection timeout on the IIS server running the RPC HTTP proxy will be used. If you don't configure this policy setting, it will remain disabled. The idle connection timeout on the IIS server running the RPC HTTP proxy will be used.
If you enable this policy setting, and the IIS server running the RPC HTTP proxy is configured with a lower idle connection timeout, the timeout on the IIS server is used. Otherwise, the provided timeout value is used. The timeout is given in seconds. If you enable this policy setting, and the IIS server running the RPC HTTP proxy is configured with a lower idle connection timeout, the timeout on the IIS server is used. Otherwise, the provided timeout value is used. The timeout is given in seconds.
@ -253,11 +253,11 @@ This policy setting determines whether the RPC Runtime maintains RPC state infor
If you disable this policy setting, the RPC runtime defaults to "Auto2" level. If you disable this policy setting, the RPC runtime defaults to "Auto2" level.
If you do not configure this policy setting, the RPC defaults to "Auto2" level. If you don't configure this policy setting, the RPC defaults to "Auto2" level.
If you enable this policy setting, you can use the drop-down box to determine which systems maintain RPC state information. If you enable this policy setting, you can use the drop-down box to determine which systems maintain RPC state information.
- "None" indicates that the system does not maintain any RPC state information. Note: Because the basic state information required for troubleshooting has a negligible effect on performance and uses only about 4K of memory, this setting is not recommended for most installations. - "None" indicates that the system doesn't maintain any RPC state information. Note: Because the basic state information required for troubleshooting has a negligible effect on performance and uses only about 4K of memory, this setting isn't recommended for most installations.
- "Auto1" directs RPC to maintain basic state information only if the computer has at least 64 MB of memory. - "Auto1" directs RPC to maintain basic state information only if the computer has at least 64 MB of memory.
@ -265,7 +265,7 @@ If you enable this policy setting, you can use the drop-down box to determine wh
- "Server" directs RPC to maintain basic state information on the computer, regardless of its capacity. - "Server" directs RPC to maintain basic state information on the computer, regardless of its capacity.
- "Full" directs RPC to maintain complete RPC state information on the system, regardless of its capacity. Because this level can degrade performance, it is recommended for use only while you are investigating an RPC problem. - "Full" directs RPC to maintain complete RPC state information on the system, regardless of its capacity. Because this level can degrade performance, it's recommended for use only while you're investigating an RPC problem.
> [!NOTE] > [!NOTE]
> To retrieve the RPC state information from a system that maintains it, you must use a debugging tool. > To retrieve the RPC state information from a system that maintains it, you must use a debugging tool.

48
windows/client-management/mdm/policy-csp-admx-scripts.md
View File

@ -93,11 +93,11 @@ manager: dansimp
<!--/Scope--> <!--/Scope-->
<!--Description--> <!--Description-->
This policy setting allows user logon scripts to run when the logon cross-forest, DNS suffixes are not configured, and NetBIOS or WINS is disabled. This policy setting affects all user accounts interactively logging on to the computer. This policy setting allows user logon scripts to run when the logon cross-forest, DNS suffixes aren't configured, and NetBIOS or WINS is disabled. This policy setting affects all user accounts interactively logging on to the computer.
If you enable this policy setting, user logon scripts run if NetBIOS or WINS is disabled during cross-forest logons without the DNS suffixes being configured. If you enable this policy setting, user logon scripts run if NetBIOS or WINS is disabled during cross-forest logons without the DNS suffixes being configured.
If you disable or do not configure this policy setting, user account cross-forest, interactive logging cannot run logon scripts if NetBIOS or WINS is disabled, and the DNS suffixes are not configured. If you disable or don't configure this policy setting, user account cross-forest, interactive logging can't run logon scripts if NetBIOS or WINS is disabled, and the DNS suffixes aren't configured.
<!--/Description--> <!--/Description-->
@ -141,15 +141,15 @@ ADMX Info:
<!--Description--> <!--Description-->
This policy setting determines how long the system waits for scripts applied by Group Policy to run. This policy setting determines how long the system waits for scripts applied by Group Policy to run.
This setting limits the total time allowed for all logon, logoff, startup, and shutdown scripts applied by Group Policy to finish running. If the scripts have not finished running when the specified time expires, the system stops script processing and records an error event. This setting limits the total time allowed for all logon, logoff, startup, and shutdown scripts applied by Group Policy to finish running. If the scripts haven't finished running when the specified time expires, the system stops script processing and records an error event.
If you enable this setting, then, in the Seconds box, you can type a number from 1 to 32,000 for the number of seconds you want the system to wait for the set of scripts to finish. To direct the system to wait until the scripts have finished, no matter how long they take, type 0. If you enable this setting, then, in the Seconds box, you can type a number from 1 to 32,000 for the number of seconds you want the system to wait for the set of scripts to finish. To direct the system to wait until the scripts have finished, no matter how long they take, type 0.
This interval is particularly important when other system tasks must wait while the scripts complete. By default, each startup script must complete before the next one runs. Also, you can use the "Run logon scripts synchronously" setting to direct the system to wait for the logon scripts to complete before loading the desktop. This interval is important when other system tasks must wait while the scripts complete. By default, each startup script must complete before the next one runs. Also, you can use the "Run logon scripts synchronously" setting to direct the system to wait for the logon scripts to complete before loading the desktop.
An excessively long interval can delay the system and inconvenience users. However, if the interval is too short, prerequisite tasks might not be done, and the system can appear to be ready prematurely. An excessively long interval can delay the system and inconvenience users. However, if the interval is too short, prerequisite tasks might not be done, and the system can appear to be ready prematurely.
If you disable or do not configure this setting the system lets the combined set of scripts run for up to 600 seconds (10 minutes). This is the default. If you disable or don't configure this setting, the system lets the combined set of scripts run for up to 600 seconds (10 minutes). This value is the default value.
<!--/Description--> <!--/Description-->
@ -262,11 +262,11 @@ ADMX Info:
<!--Description--> <!--Description-->
This policy setting hides the instructions in logon scripts written for Windows NT 4.0 and earlier. This policy setting hides the instructions in logon scripts written for Windows NT 4.0 and earlier.
Logon scripts are batch files of instructions that run when the user logs on. By default, Windows displays the instructions in logon scripts written for Windows NT 4.0 and earlier in a command window as they run, although it does not display logon scripts written for Windows. Logon scripts are batch files of instructions that run when the user logs on. By default, Windows displays the instructions in logon scripts written for Windows NT 4.0 and earlier in a command window as they run, although it doesn't display logon scripts written for Windows.
If you enable this setting, Windows does not display logon scripts written for Windows NT 4.0 and earlier. If you enable this setting, Windows doesn't display logon scripts written for Windows NT 4.0 and earlier.
If you disable or do not configure this policy setting, Windows displays login scripts written for Windows NT 4.0 and earlier. If you disable or don't configure this policy setting, Windows displays login scripts written for Windows NT 4.0 and earlier.
Also, see the "Run Logon Scripts Visible" setting. Also, see the "Run Logon Scripts Visible" setting.
@ -312,11 +312,11 @@ ADMX Info:
<!--Description--> <!--Description-->
This policy setting displays the instructions in logoff scripts as they run. This policy setting displays the instructions in logoff scripts as they run.
Logoff scripts are batch files of instructions that run when the user logs off. By default, the system does not display the instructions in the logoff script. Logoff scripts are batch files of instructions that run when the user signs out. By default, the system doesn't display the instructions in the logoff script.
If you enable this policy setting, the system displays each instruction in the logoff script as it runs. The instructions appear in a command window. This policy setting is designed for advanced users. If you enable this policy setting, the system displays each instruction in the logoff script as it runs. The instructions appear in a command window. This policy setting is designed for advanced users.
If you disable or do not configure this policy setting, the instructions are suppressed. If you disable or don't configure this policy setting, the instructions are suppressed.
<!--/Description--> <!--/Description-->
@ -360,9 +360,9 @@ ADMX Info:
<!--Description--> <!--Description-->
This policy setting directs the system to wait for logon scripts to finish running before it starts the File Explorer interface program and creates the desktop. This policy setting directs the system to wait for logon scripts to finish running before it starts the File Explorer interface program and creates the desktop.
If you enable this policy setting, File Explorer does not start until the logon scripts have finished running. This policy setting ensures that logon script processing is complete before the user starts working, but it can delay the appearance of the desktop. If you enable this policy setting, File Explorer doesn't start until the logon scripts have finished running. This policy setting ensures that logon script processing is complete before the user starts working, but it can delay the appearance of the desktop.
If you disable or do not configure this policy setting, the logon scripts and File Explorer are not synchronized and can run simultaneously. If you disable or don't configure this policy setting, the logon scripts and File Explorer aren't synchronized and can run simultaneously.
This policy setting appears in the Computer Configuration and User Configuration folders. The policy setting set in Computer Configuration takes precedence over the policy setting set in User Configuration. This policy setting appears in the Computer Configuration and User Configuration folders. The policy setting set in Computer Configuration takes precedence over the policy setting set in User Configuration.
@ -408,9 +408,9 @@ ADMX Info:
<!--Description--> <!--Description-->
This policy setting directs the system to wait for logon scripts to finish running before it starts the File Explorer interface program and creates the desktop. This policy setting directs the system to wait for logon scripts to finish running before it starts the File Explorer interface program and creates the desktop.
If you enable this policy setting, File Explorer does not start until the logon scripts have finished running. This policy setting ensures that logon script processing is complete before the user starts working, but it can delay the appearance of the desktop. If you enable this policy setting, File Explorer doesn't start until the logon scripts have finished running. This policy setting ensures that logon script processing is complete before the user starts working, but it can delay the appearance of the desktop.
If you disable or do not configure this policy setting, the logon scripts and File Explorer are not synchronized and can run simultaneously. If you disable or don't configure this policy setting, the logon scripts and File Explorer aren't synchronized and can run simultaneously.
This policy setting appears in the Computer Configuration and User Configuration folders. The policy setting set in Computer Configuration takes precedence over the policy setting set in User Configuration. This policy setting appears in the Computer Configuration and User Configuration folders. The policy setting set in Computer Configuration takes precedence over the policy setting set in User Configuration.
@ -456,11 +456,11 @@ ADMX Info:
<!--Description--> <!--Description-->
This policy setting displays the instructions in logon scripts as they run. This policy setting displays the instructions in logon scripts as they run.
Logon scripts are batch files of instructions that run when the user logs on. By default, the system does not display the instructions in logon scripts. Logon scripts are batch files of instructions that run when the user logs on. By default, the system doesn't display the instructions in logon scripts.
If you enable this policy setting, the system displays each instruction in the logon script as it runs. The instructions appear in a command window. This policy setting is designed for advanced users. If you enable this policy setting, the system displays each instruction in the logon script as it runs. The instructions appear in a command window. This policy setting is designed for advanced users.
If you disable or do not configure this policy setting, the instructions are suppressed. If you disable or don't configure this policy setting, the instructions are suppressed.
<!--/Description--> <!--/Description-->
@ -504,11 +504,11 @@ ADMX Info:
<!--Description--> <!--Description-->
This policy setting displays the instructions in shutdown scripts as they run. This policy setting displays the instructions in shutdown scripts as they run.
Shutdown scripts are batch files of instructions that run when the user restarts the system or shuts it down. By default, the system does not display the instructions in the shutdown script. Shutdown scripts are batch files of instructions that run when the user restarts the system or shuts it down. By default, the system doesn't display the instructions in the shutdown script.
If you enable this policy setting, the system displays each instruction in the shutdown script as it runs. The instructions appear in a command window. If you enable this policy setting, the system displays each instruction in the shutdown script as it runs. The instructions appear in a command window.
If you disable or do not configure this policy setting, the instructions are suppressed. If you disable or don't configure this policy setting, the instructions are suppressed.
<!--/Description--> <!--/Description-->
@ -554,9 +554,9 @@ This policy setting lets the system run startup scripts simultaneously.
Startup scripts are batch files that run before the user is invited to log on. By default, the system waits for each startup script to complete before it runs the next startup script. Startup scripts are batch files that run before the user is invited to log on. By default, the system waits for each startup script to complete before it runs the next startup script.
If you enable this policy setting, the system does not coordinate the running of startup scripts. As a result, startup scripts can run simultaneously. If you enable this policy setting, the system doesn't coordinate the running of startup scripts. As a result, startup scripts can run simultaneously.
If you disable or do not configure this policy setting, a startup cannot run until the previous script is complete. If you disable or don't configure this policy setting, a startup can't run until the previous script is complete.
> [!NOTE] > [!NOTE]
> Starting with Windows Vista operating system, scripts that are configured to run asynchronously are no longer visible on startup, whether the "Run startup scripts visible" policy setting is enabled or not. > Starting with Windows Vista operating system, scripts that are configured to run asynchronously are no longer visible on startup, whether the "Run startup scripts visible" policy setting is enabled or not.
@ -603,11 +603,11 @@ ADMX Info:
<!--Description--> <!--Description-->
This policy setting displays the instructions in startup scripts as they run. This policy setting displays the instructions in startup scripts as they run.
Startup scripts are batch files of instructions that run before the user is invited to log on. By default, the system does not display the instructions in the startup script. Startup scripts are batch files of instructions that run before the user is invited to sign in. By default, the system doesn't display the instructions in the startup script.
If you enable this policy setting, the system displays each instruction in the startup script as it runs. Instructions appear in a command window. This policy setting is designed for advanced users. If you enable this policy setting, the system displays each instruction in the startup script as it runs. Instructions appear in a command window. This policy setting is designed for advanced users.
If you disable or do not configure this policy setting, the instructions are suppressed. If you disable or don't configure this policy setting, the instructions are suppressed.
> [!NOTE] > [!NOTE]
> Starting with Windows Vista operating system, scripts that are configured to run asynchronously are no longer visible on startup, whether this policy setting is enabled or not. > Starting with Windows Vista operating system, scripts that are configured to run asynchronously are no longer visible on startup, whether this policy setting is enabled or not.
@ -653,9 +653,9 @@ ADMX Info:
<!--/Scope--> <!--/Scope-->
<!--Description--> <!--Description-->
This policy setting determines whether Windows PowerShell scripts are run before non-Windows PowerShell scripts during user logon and logoff. By default, Windows PowerShell scripts run after non-Windows PowerShell scripts. This policy setting determines whether Windows PowerShell scripts are run before non-Windows PowerShell scripts during user sign in and sign out. By default, Windows PowerShell scripts run after non-Windows PowerShell scripts.
If you enable this policy setting, within each applicable Group Policy Object (GPO), PowerShell scripts are run before non-PowerShell scripts during user logon and logoff. If you enable this policy setting, within each applicable Group Policy Object (GPO), PowerShell scripts are run before non-PowerShell scripts during user sign in and sign out.
For example, assume the following scenario: For example, assume the following scenario:

4
windows/client-management/mdm/policy-csp-admx-sdiagschd.md
View File

@ -68,9 +68,9 @@ This policy determines whether scheduled diagnostics will run to proactively det
If you choose detection and troubleshooting only, Windows will periodically detect and troubleshoot problems. The user will be notified of the problem for interactive resolution. If you choose detection and troubleshooting only, Windows will periodically detect and troubleshoot problems. The user will be notified of the problem for interactive resolution.
If you choose detection, troubleshooting and resolution, Windows will resolve some of these problems silently without requiring user input. If you choose detection, troubleshooting and resolution, Windows will resolve some of these problems silently without requiring user input.
- If you disable this policy setting, Windows will not be able to detect, troubleshoot or resolve problems on a scheduled basis. - If you disable this policy setting, Windows won't be able to detect, troubleshoot or resolve problems on a scheduled basis.
If you do not configure this policy setting, local troubleshooting preferences will take precedence, as configured in the control panel. If no local troubleshooting preference is configured, scheduled diagnostics are enabled for detection, troubleshooting and resolution by default. No reboots or service restarts are required for this policy to take effect: changes take effect immediately. This policy setting will only take effect when the Task Scheduler service is in the running state. When the service is stopped or disabled, scheduled diagnostics will not be executed. The Task Scheduler service can be configured with the Services snap-in to the Microsoft Management Console. If you don't configure this policy setting, local troubleshooting preferences will take precedence, as configured in the control panel. If no local troubleshooting preference is configured, scheduled diagnostics are enabled for detection, troubleshooting and resolution by default. No reboots or service restarts are required for this policy to take effect: changes take effect immediately. This policy setting will only take effect when the Task Scheduler service is in the running state. When the service is stopped or disabled, scheduled diagnostics won't be executed. The Task Scheduler service can be configured with the Services snap-in to the Microsoft Management Console.
<!--/Description--> <!--/Description-->

6
windows/client-management/mdm/policy-csp-admx-securitycenter.md
View File

@ -60,11 +60,11 @@ manager: dansimp
<!--/Scope--> <!--/Scope-->
<!--Description--> <!--Description-->
This policy setting specifies whether Security Center is turned on or off for computers that are joined to an Active Directory domain. When Security Center is turned on, it monitors essential security settings and notifies the user when the computer might be at risk. The Security Center Control Panel category view also contains a status section, where the user can get recommendations to help increase the computer's security. When Security Center is not enabled on the domain, neither the notifications nor the Security Center status section are displayed. This policy setting specifies whether Security Center is turned on or off for computers that are joined to an Active Directory domain. When Security Center is turned on, it monitors essential security settings and notifies the user when the computer might be at risk. The Security Center Control Panel category view also contains a status section, where the user can get recommendations to help increase the computer's security. When Security Center isn't enabled on the domain, the notifications and the Security Center status section aren't displayed.
Note that Security Center can only be turned off for computers that are joined to a Windows domain. When a computer is not joined to a Windows domain, the policy setting will have no effect. Security Center can only be turned off for computers that are joined to a Windows domain. When a computer isn't joined to a Windows domain, the policy setting will have no effect.
If you do not configure this policy setting, the Security Center is turned off for domain members. If you don't configure this policy setting, the Security Center is turned off for domain members.
If you enable this policy setting, Security Center is turned on for all users. If you enable this policy setting, Security Center is turned on for all users.