deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-21 01:37:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merged PR 2650: 8/9 PM Publish

Browse Source
This commit is contained in:
Alma Jenks 2017-08-09 22:30:41 +00:00
commit b68808c10d
7 changed files with 21 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
devices/surface-hub/prepare-your-environment-for-surface-hub.md
View File

@ -68,9 +68,8 @@ Surface Hub interacts with a few different products and services. Depending on t
A device account is an Exchange resource account that Surface Hub uses to display its meeting calendar, join Skype for Business calls, send email, and (optionally) to authenticate to Exchange. See [Create and test a device account](create-and-test-a-device-account-surface-hub.md) for details.
After you've created your device account, there are a couple of ways to verify that it's setup correctly.
- Run Surface Hub device account validation PowerShell scripts. For more information, see [Surface Hub device account scripts](https://gallery.technet.microsoft.com/scriptcenter/Surface-Hub-device-account-6db77696) in Script Center, or [PowerShell scripts for Surface Hub](appendix-a-powershell-scripts-for-surface-hub.md) later in this guide.
- Use the account with the [Lync Microsoft Store app](https://www.microsoft.com/en-us/store/p/lync/9wzdncrfhvhm). If Lync signs in successfully, then the device account will most likely work with Skype for Business on Surface Hub.
After you've created your device account, to verify that it's setup correctly, run Surface Hub device account validation PowerShell scripts. For more information, see [Surface Hub device account scripts](https://gallery.technet.microsoft.com/scriptcenter/Surface-Hub-device-account-6db77696) in Script Center, or [PowerShell scripts for Surface Hub](appendix-a-powershell-scripts-for-surface-hub.md) later in this guide.
## Prepare for first-run program

20
windows/access-protection/credential-guard/credential-guard-known-issues.md
View File

@ -33,25 +33,13 @@ The following known issues have been fixed by servicing releases made available
- Windows 10 Version 1511: [KB4015219 (OS Build 10586.873)](https://support.microsoft.com/help/4015219)
- Windows 10 Version 1507: [KB4015221 (OS Build 10240.17354)](https://support.microsoft.com/help/4015221)
## Known issues involving third-party applications
The following issue affects the Java GSS API. See the following Oracle bug database article:
- [JDK-8161921: Windows 10 Credential Guard does not allow sharing of TGT with Java](http://bugs.java.com/bugdatabase/view_bug.do?bug_id=8161921)
When Credential Guard is enabled on Windows 10, the Java GSS API will not authenticate. This is expected behavior because Credential Guard blocks specific application authentication capabilities and will not provide the TGT session key to applications regardless of registry key settings. For further information see [Application requirements](https://docs.microsoft.com/windows/access-protection/credential-guard/credential-guard-requirements#application-requirements).
The following issue affects Cisco AnyConnect Secure Mobility Client:

6
windows/client-management/mdm/enterprisedataprotection-csp.md
View File

@ -7,7 +7,7 @@ ms.topic: article
ms.prod: w10
ms.technology: windows
author: nickbrower
ms.date: 06/19/2017
ms.date: 08/09/2017
---
# EnterpriseDataProtection CSP
@ -44,8 +44,8 @@ The following diagram shows the EnterpriseDataProtection CSP in tree format.
- 0 (default) Off / No protection (decrypts previously protected data).
- 1 Silent mode (encrypt and audit only).
- 2 Override mode (encrypt, prompt, and audit).
- 3 Block mode (encrypt, block, and audit).
- 2 Allow override mode (encrypt, prompt and allow overrides, and audit).
- 3 Hides overrides (encrypt, prompt but hide overrides, and audit).
<p style="margin-left: 20px">Supported operations are Add, Get, Replace and Delete. Value type is integer.

10
windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
View File

@ -1322,6 +1322,16 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
<td style="vertical-align:top">[CM\_CellularEntries CSP](cm-cellularentries-csp.md)</td>
<td style="vertical-align:top"><p>Updated the description of the PuposeGroups node to add the GUID for applications. This node is required instead of optional.</p>
</td></tr>
<tr class="odd">
<td style="vertical-align:top">[EnterpriseDataProtection CSP](enterprisedataprotection-csp.md)</td>
<td style="vertical-align:top"><p>Updated the Settings/EDPEnforcementLevel values to the following:</p>
<ul>
<li> 0 (default) Off / No protection (decrypts previously protected data).</li>
<li> 1 Silent mode (encrypt and audit only).</li>
<li> 2 Allow override mode (encrypt, prompt and allow overrides, and audit).</li>
<li> 3 Hides overrides (encrypt, prompt but hide overrides, and audit).</li>
</ul>
</td></tr>
<tr class="even">
<td style="vertical-align:top">[Policy CSP](policy-configuration-service-provider.md)</td>
<td style="vertical-align:top"><p>Added the following new policies for Windows 10, version 1709:</p>

2
windows/configuration/start-layout-xml-desktop.md
View File

@ -191,7 +191,7 @@ You can use the **start:DesktopApplicationTile** tag to pin a Windows desktop ap
To pin a Windows desktop application through this method, you must set the **DesktopApplicationID** attribute to the application user model ID that's associated with the corresponding app.
The following example shows how to pin the Internet Explorer Windows desktop application:
The following example shows how to pin the File Explorer Windows desktop application:
```XML
<start:DesktopApplicationTile

4
windows/configuration/windows-spotlight.md
View File

@ -67,10 +67,6 @@ Windows Spotlight is enabled by default. Windows 10 provides Group Policy and mo
In addition to the specific policy settings for Windows Spotlight, administrators can replace Windows Spotlight with a selected image using the Group Policy setting **Computer Configuration** &gt; **Administrative Templates** &gt; **Control Panel** &gt; **Personalization** &gt; **Force a specific default lock screen image**.
>[!WARNING]
> In Windows 10, version 1607, the **Force a specific default lock screen image** policy setting will prevent users from changing the lock screen image. This behavior will be corrected in a future release.
>
> In Windows 10, version 1703, the **Force a specific default lock screen image** policy setting applies only intermittently and may not produce expected results. This behavior will be corrected in a future release.
![lockscreen policy details](images/lockscreenpolicy.png)

2
windows/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection.md
View File

@ -80,7 +80,7 @@ For example: netsh winhttp set proxy 10.0.0.6:8080
## Enable access to Windows Defender ATP service URLs in the proxy server
If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that the following URLs are white-listed to permit communication with Windows Defender ATP service in port 80 and 443:
Primary Domain Controller | .Microsoft.com DNS record
Service location | .Microsoft.com DNS record
:---|:---
US |```*.blob.core.windows.net``` <br>```crl.microsoft.com```<br> ```us.vortex-win.data.microsoft.com```<br> ```winatp-gw-cus.microsoft.com``` <br> ```winatp-gw-eus.microsoft.com```
Europe |```*.blob.core.windows.net```<br>```crl.microsoft.com```<br> ```eu.vortex-win.data.microsoft.com```<br>```winatp-gw-neu.microsoft.com```<br> ```winatp-gw-weu.microsoft.com```<br>