From 4e85d8e867bb81efba39131e547e0167c325bd45 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Thu, 2 Dec 2021 18:11:37 +0530 Subject: [PATCH 1/8] added windows 10 latest links --- windows/client-management/troubleshoot-stop-errors.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/client-management/troubleshoot-stop-errors.md b/windows/client-management/troubleshoot-stop-errors.md index 13ad63c974..e5443eceaa 100644 --- a/windows/client-management/troubleshoot-stop-errors.md +++ b/windows/client-management/troubleshoot-stop-errors.md @@ -49,6 +49,9 @@ To troubleshoot Stop error messages, follow these general steps: 1. Make sure that you install the latest Windows updates, cumulative updates, and rollup updates. To verify the update status, refer to the appropriate update history for your system: + - [Windows 10, version 21H2](https://support.microsoft.com/topic/windows-10-update-history-857b8ccb-71e4-49e5-b3f6-7073197d98fb) + - [Windows 10, version 21H1](https://support.microsoft.com/topic/windows-10-update-history-1b6aac92-bf01-42b5-b158-f80c6d93eb11) + - [Windows 10, version 20H2](https://support.microsoft.com/topic/windows-10-update-history-7dd3071a-3906-fa2c-c342-f7f86728a6e3) - [Windows 10, version 2004](https://support.microsoft.com/help/4555932) - [Windows 10, version 1909](https://support.microsoft.com/help/4529964) - [Windows 10, version 1903](https://support.microsoft.com/help/4498140) From b7f8bd14cb5bface238c48f5bc7f482868368a3a Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 3 Dec 2021 08:39:46 +0530 Subject: [PATCH 2/8] added new link, removed error link as per user report #10170, so i added a new link after verification. --- windows/security/threat-protection/intelligence/phishing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md index 215acf8c29..731c3f630f 100644 --- a/windows/security/threat-protection/intelligence/phishing.md +++ b/windows/security/threat-protection/intelligence/phishing.md @@ -85,7 +85,7 @@ If you feel you've been a victim of a phishing attack: - Junk: junk@office365.microsoft.com - Phishing: phish@office365.microsoft.com - Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Submit spam, non-spam, and phishing scam messages to Microsoft for analysis](/office365/SecurityCompliance/submit-spam-non-spam-and-phishing-scam-messages-to-microsoft-for-analysis). + Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report spam messages and suspicious files to Microsoft for analysis](https://docs.microsoft.com/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-worldwide). - **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved. From 5f473ea32e65c277e01401f6ed0601fd2ce26a24 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 3 Dec 2021 08:56:15 +0530 Subject: [PATCH 3/8] added new links, added applies to section, as per user feedback #10172 , so i changed the correct path and added windows 10 november 20h2 admx templates link . added applies to section --- ...ows-10-device-automatically-using-group-policy.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index 3159c1869f..ea0adb68e5 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -14,6 +14,10 @@ ms.collection: highpri # Enroll a Windows 10 device automatically using Group Policy +**Applies to:** + +- Windows 10 + Starting in Windows 10, version 1709, you can use a Group Policy to trigger auto-enrollment to MDM for Active Directory (AD) domain-joined devices. The enrollment into Intune is triggered by a group policy created on your local AD and happens without any user interaction. This means you can automatically mass-enroll a large number of domain-joined corporate devices into Microsoft Intune. The enrollment process starts in the background once you sign in to the device with your Azure AD account. @@ -191,6 +195,9 @@ Requirements: - 21H1 --> [Administrative Templates (.admx) for Windows 10 May 2021 Update (21H1)](https://www.microsoft.com/download/details.aspx?id=103124) + - 21H2 --> [Administrative Templates (.admx) for Windows 10 November 2021 Update (21H2)](https://www.microsoft.com/download/103667) + + 2. Install the package on the Domain Controller. 3. Navigate, depending on the version to the folder: @@ -209,9 +216,11 @@ Requirements: - 21H1 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 May 2021 Update (21H1)** + - 21H2 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 November 2021 Update (21H2)** + 4. Rename the extracted Policy Definitions folder to **PolicyDefinitions**. -5. Copy PolicyDefinitions folder to **\\contoso.com\SYSVOL\contoso.com\policies\PolicyDefinitions**. +5. Copy PolicyDefinitions folder to **\\SYSVOL\contoso.com\policies\PolicyDefinitions**. If this folder does not exist, then be aware that you will be switching to a [central policy store](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra) for your entire domain. @@ -296,6 +305,7 @@ To collect Event Viewer logs: ### Useful Links +- [Windows 10 Administrative Templates for Windows 10 November 2021 Update 21H2](https://www.microsoft.com/download/103667) - [Windows 10 Administrative Templates for Windows 10 May 2021 Update 21H1](https://www.microsoft.com/download/details.aspx?id=103124) - [Windows 10 Administrative Templates for Windows 10 November 2019 Update 1909](https://www.microsoft.com/download/details.aspx?id=100591) - [Windows 10 Administrative Templates for Windows 10 May 2019 Update 1903](https://www.microsoft.com/download/details.aspx?id=58495) From fc6d93156f86519d9e34155cd03e3e42ae6fcfdb Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Fri, 3 Dec 2021 10:46:59 +0530 Subject: [PATCH 4/8] Update windows/security/threat-protection/intelligence/phishing.md Accepted Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/security/threat-protection/intelligence/phishing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md index 731c3f630f..c222df587b 100644 --- a/windows/security/threat-protection/intelligence/phishing.md +++ b/windows/security/threat-protection/intelligence/phishing.md @@ -85,7 +85,7 @@ If you feel you've been a victim of a phishing attack: - Junk: junk@office365.microsoft.com - Phishing: phish@office365.microsoft.com - Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report spam messages and suspicious files to Microsoft for analysis](https://docs.microsoft.com/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-worldwide). + Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-worldwide). - **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved. From a00c41191788f08b732a5df03194803a782bde40 Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Fri, 3 Dec 2021 21:19:13 +0500 Subject: [PATCH 5/8] Update change-the-tpm-owner-password.md --- .../information-protection/tpm/change-the-tpm-owner-password.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md index 143888e0fb..714b7ded12 100644 --- a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md +++ b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md @@ -30,7 +30,7 @@ This topic for the IT professional describes how to change the password or PIN f Starting with Windows 10, version 1607, or Windows 11, Windows will not retain the TPM owner password when provisioning the TPM. The password will be set to a random high entropy value and then discarded. > [!IMPORTANT] -> Although the TPM owner password is not retained starting with Windows 10, version 1607, or Windows 11, you can change a default registry key to retain it. However, we strongly recommend that you do not make this change. To retain the TPM owner password, set the registry key 'HKLM\\Software\\Policies\\Microsoft\\TPM' \[REG\_DWORD\] 'OSManagedAuthLevel' to 4. The default value for this key is 5, and unless it is changed to 4 before the TPM is provisioned, the owner password will not be saved. +> Although the TPM owner password is not retained starting with Windows 10, version 1607, or Windows 11, you can change a default registry key to retain it. However, we strongly recommend that you do not make this change. To retain the TPM owner password, set the registry key 'HKLM\\Software\\Policies\\Microsoft\\TPM' \[REG\_DWORD\] 'OSManagedAuthLevel' to 4. For Windows 10 versions newer than 1703 the default value for this key is 5. For TPM 2.0, a value of 5 means keep the lockout authorization. For TPM 1.2, it means discard the Full TPM owner authorization and retain only the Delegated authorization. Unless it is changed to 4 before the TPM is provisioned, the owner password will not be saved. Only one owner password exists for each TPM. The TPM owner password allows the ability to enable, disable, or clear the TPM without having physical access to the computer, for example, by using the command-line tools remotely. The TPM owner password also allows manipulation of the TPM dictionary attack logic. Taking ownership of the TPM is performed by Windows as part of the provisioning process on each boot. Ownership can change when you share the password or clear your ownership of the TPM so someone else can initialize it. From 7f4024717b9bfe563706ce3d41be332722414522 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Fri, 3 Dec 2021 08:33:06 -0800 Subject: [PATCH 6/8] Update change-the-tpm-owner-password.md --- .../information-protection/tpm/change-the-tpm-owner-password.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md index 714b7ded12..d499253cde 100644 --- a/windows/security/information-protection/tpm/change-the-tpm-owner-password.md +++ b/windows/security/information-protection/tpm/change-the-tpm-owner-password.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 11/30/2021 +ms.date: 12/03/2021 --- # Change the TPM owner password From 4e5b43dcb52cf00bea3b9a2e83a630f01d3f2127 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Fri, 3 Dec 2021 08:34:12 -0800 Subject: [PATCH 7/8] Update enroll-a-windows-10-device-automatically-using-group-policy.md --- ...roll-a-windows-10-device-automatically-using-group-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index ea0adb68e5..fee1282167 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: dansimp -ms.date: 10/14/2021 +ms.date: 12/03/2021 ms.reviewer: manager: dansimp ms.collection: highpri From be8c3c6abf206ef2d8af7d32101cb8b25490c856 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Fri, 3 Dec 2021 08:35:35 -0800 Subject: [PATCH 8/8] Update phishing.md --- windows/security/threat-protection/intelligence/phishing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md index c222df587b..36de3f06bf 100644 --- a/windows/security/threat-protection/intelligence/phishing.md +++ b/windows/security/threat-protection/intelligence/phishing.md @@ -85,7 +85,7 @@ If you feel you've been a victim of a phishing attack: - Junk: junk@office365.microsoft.com - Phishing: phish@office365.microsoft.com - Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft?view=o365-worldwide). + Drag and drop the junk or phishing message into the new message. This will save the junk or phishing message as an attachment in the new message. Don't copy and paste the content of the message or forward the message (we need the original message so we can inspect the message headers). For more information, see [Report messages and files to Microsoft](/microsoft-365/security/office-365-security/report-junk-email-messages-to-microsoft). - **Anti-Phishing Working Group**: phishing-report@us-cert.gov. The group uses reports generated from emails sent to fight phishing scams and hackers. ISPs, security vendors, financial institutions, and law enforcement agencies are involved.