From 270aff93e29a8fa322638e9af089674428257785 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Fri, 6 Nov 2020 23:19:11 +0500
Subject: [PATCH 1/5] Instructional updates
As suggested, some of the information was missing and has been added.
Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/8567
---
.../exposed-apis-create-app-nativeapp.md | 20 +++++++++++++++----
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
index c93c7f464b..aa97239067 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
@@ -56,12 +56,24 @@ This page explains how to create an AAD application, get an access token to Micr
-3. In the registration from, enter the following information then select **Register**.
+3. When the **Register an application** page appears, enter your application's registration information:
- 
+ - **Name** - Enter a meaningful application name that will be displayed to users of the app.
+ - **Supported account types** - Select which accounts you would like your application to support.
- - **Name:** -Your application name-
- - **Application type:** Public client
+ | Supported account types | Description |
+ |-------------------------|-------------|
+ | **Accounts in this organizational directory only** | Select this option if you're building a line-of-business (LOB) application. This option is not available if you're not registering the application in a directory.
This option maps to Azure AD only single-tenant.
This is the default option unless you're registering the app outside of a directory. In cases where the app is registered outside of a directory, the default is Azure AD multi-tenant and personal Microsoft accounts. |
+ | **Accounts in any organizational directory** | Select this option if you would like to target all business and educational customers.
This option maps to an Azure AD only multi-tenant.
If you registered the app as Azure AD only single-tenant, you can update it to be Azure AD multi-tenant and back to single-tenant through the **Authentication** blade. |
+ | **Accounts in any organizational directory and personal Microsoft accounts** | Select this option to target the widest set of customers.
This option maps to Azure AD multi-tenant and personal Microsoft accounts.
If you registered the app as Azure AD multi-tenant and personal Microsoft accounts, you cannot change this in the UI. Instead, you must use the application manifest editor to change the supported account types. |
+
+ - **Redirect URI (optional)** - Select the type of app you're building, **Web** or **Public client (mobile & desktop)**, and then enter the redirect URI (or reply URL) for your application.
+ - For web applications, provide the base URL of your app. For example, `http://localhost:31544` might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
+ - For public client applications, provide the URI used by Azure AD to return token responses. Enter a value specific to your application, such as `myapp://auth`.
+
+ To see specific examples for web applications or native applications, check out our [quickstarts](/azure/active-directory/develop/#quickstarts).
+
+ When finished, select **Register**.
4. Allow your Application to access Microsoft Defender ATP and assign it 'Read alerts' permission:
From a8b5947f4d25f55c561de1421f76f0607035b88e Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Sat, 7 Nov 2020 19:49:06 +0500
Subject: [PATCH 2/5] Update exposed-apis-create-app-nativeapp.md
minor tweak.
---
.../microsoft-defender-atp/exposed-apis-create-app-nativeapp.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
index aa97239067..0767f473d0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
@@ -50,7 +50,7 @@ This page explains how to create an AAD application, get an access token to Micr
## Create an app
-1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role.
+1. Log on to [Azure](https://portal.azure.com) with user account that has **Global Administrator** role.
2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**.
From 58e7b8d5bb2d1c7569c9276f39f3d7140aad3948 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Mon, 9 Nov 2020 21:04:34 +0500
Subject: [PATCH 3/5] Update
windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
.../microsoft-defender-atp/exposed-apis-create-app-nativeapp.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
index 0767f473d0..f936483ccd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
@@ -50,7 +50,7 @@ This page explains how to create an AAD application, get an access token to Micr
## Create an app
-1. Log on to [Azure](https://portal.azure.com) with user account that has **Global Administrator** role.
+1. Log on to [Azure](https://portal.azure.com) with a user account that has the **Global Administrator** role.
2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**.
From 91b3e607050566f388d91047328a959114925e75 Mon Sep 17 00:00:00 2001
From: Tudor Dobrila
Date: Fri, 13 Nov 2020 11:00:24 -0800
Subject: [PATCH 4/5] Additional notes on Big Sur
---
.../threat-protection/microsoft-defender-atp/mac-exclusions.md | 3 +++
.../threat-protection/microsoft-defender-atp/mac-whatsnew.md | 3 +++
.../microsoft-defender-atp/microsoft-defender-atp-mac.md | 3 +++
3 files changed, 9 insertions(+)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
index 04b95ce93b..2e17fbc6fd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
@@ -58,6 +58,9 @@ Wildcard | Description | Example | Matches | Does not match
\* | Matches any number of any characters including none (note that when this wildcard is used inside a path it will substitute only one folder) | `/var/*/*.log` | `/var/log/system.log` | `/var/log/nested/system.log`
? | Matches any single character | `file?.log` | `file1.log`
`file2.log` | `file123.log`
+>[!NOTE]
+>The product attempts to resolve firmlinks when evaluating exclusions. Firmlink resolution does not work when the exclusion contains wildcards or the target file (on the `Data` volume) does not exist.
+
## How to configure the list of exclusions
### From the management console
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
index 719aa6fb32..b40f3ea88c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@@ -23,6 +23,9 @@ ms.topic: conceptual
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+> [!IMPORTANT]
+> On macOS 11 (Big Sur), Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on [this page](mac-sysext-policies.md).
+
> [!IMPORTANT]
> Extensive testing of MDE (Microsoft Defender for Endpoint) with new system extensions on macOS 11 (Big Sur) revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue. In the meantime, if you encounter such a kernel panic, please submit a feedback report to Apple through the Feedback Assistant app.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
index 0121869dec..44dd5225e9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
@@ -65,6 +65,9 @@ There are several methods and deployment tools that you can use to install and c
The three most recent major releases of macOS are supported.
+> [!IMPORTANT]
+> On macOS 11 (Big Sur), Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on [this page](mac-sysext-policies.md).
+
> [!IMPORTANT]
> Extensive testing of MDE (Microsoft Defender for Endpoint) with new system extensions on macOS 11 (Big Sur) revealed an intermittent issue that impacts macOS devices with specific graphic cards models. In rare cases on impacted macOS devices calls into macOS system extensions were seen resulting in kernel panic. Microsoft is actively working with Apple engineering to clarify profile of impacted devices and to address this macOS issue. In the meantime, if you encounter such a kernel panic, please submit a feedback report to Apple through the Feedback Assistant app.
From 03cb3db29569f61c3f44d14ceedd7bc0f20feb07 Mon Sep 17 00:00:00 2001
From: Tina Burden
Date: Fri, 13 Nov 2020 11:26:13 -0800
Subject: [PATCH 5/5] pencil edit
---
.../microsoft-defender-atp/exposed-apis-create-app-nativeapp.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
index f038690f96..fb00021426 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
@@ -73,7 +73,7 @@ This page explains how to create an AAD application, get an access token to Micr
To see specific examples for web applications or native applications, check out our [quickstarts](/azure/active-directory/develop/#quickstarts).
- When finished, select **Register**.
+ When finished, select **Register**.
4. Allow your Application to access Microsoft Defender for Endpoint and assign it 'Read alerts' permission: