deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-23 22:33:41 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/MicrosoftDocs/windows-docs-pr into fr-dma-compliance-ui-update

Browse Source
This commit is contained in:
Frank Rojas
2024-03-27 11:54:31 -04:00
parent 16af8d2846 59d4486211
commit cf2933e938
27 changed files with 315 additions and 308 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
windows/client-management/manage-windows-copilot.md
View File

@ -3,7 +3,7 @@ title: Manage Copilot in Windows
description: Learn how to manage Copilot in Windows for commercial environments using MDM and group policy. Learn about the chat providers available to Copilot in Windows.
ms.topic: conceptual
ms.subservice: windows-copilot
ms.date: 02/09/2024
ms.date: 03/21/2024
ms.author: mstewart
author: mestew
appliesto:
@ -109,10 +109,12 @@ To verify that Copilot with commercial data protection is enabled for the user a
1. To verify that commercial data protection is enabled for the user, select the user's **Display name** to open the flyout menu.
1. In the flyout, select the **Licenses & apps** tab, then expand the **Apps** list.
1. Verify that **Copilot** is enabled for the user.
1. If you prefer to view a user's licenses from the [Azure portal](https://portal.azure.com), you'll find it under **Microsoft Entra ID** > **Users**. Select the user's name, then **Licenses**. Select a license that includes **Copilot**, and verify that it's listed as **On**.
> [!Note]
> If you previously disabled Copilot with commercial data protection (formerly Bing Chat Enterprise) using the URL, `https://aka.ms/TurnOffBCE`, see [Manage Copilot](/copilot/manage) for verifying that commercial data protection is enabled for your users.
1. If you prefer to view a user's licenses from the [Azure portal](https://portal.azure.com), you'll find it under **Microsoft Entra ID** > **Users**. Select the user's name, then **Licenses**. Select a license that includes **Copilot**, and verify that it's listed as **On**. If you previously disabled Copilot with commercial data protection (formerly Bing Chat Enterprise), see [Manage Copilot](/copilot/manage) for verifying that commercial data protection is enabled for your users.
1. Copilot with commercial data protection is used as the chat provider platform for users when the following conditions are met:
- Users have an eligible license, commercial data protection in Copilot is enabled, and the [Copilot in Windows user experience is enabled](#enable-the-copilot-in-windows-user-experience-for-windows-11-version-22h2-clients).
- Users are signed in with their Microsoft Entra ID (work accounts)
- Users can sign into Windows with their Microsoft Entra ID
- For Active Directory users on Windows 11, a Microsoft Entra ID in the Web Account Manager (WAM) authentication broker can be used. Entra IDs in Microsoft Edge profiles and Microsoft 365 Apps would both be in WAM. <!--8470699-->
The following sample PowerShell script connects to Microsoft Graph and lists which users that have Copilot with commercial data protection enabled and disabled:

12
windows/client-management/mdm/bitlocker-csp.md
View File

@ -16,13 +16,19 @@ ms.date: 01/18/2024
The BitLocker configuration service provider (CSP) is used by the enterprise to manage encryption of PCs and devices. This CSP was added in Windows 10, version 1703. Starting in Windows 10, version 1809, it's also supported in Windows 10 Pro.
> [!NOTE]
> To manage BitLocker through CSP except to enable and disable it using the `RequireDeviceEncryption` policy, one of the following licenses must be assigned to your users regardless of your management platform:
>
> - Settings are enforced only at the time encryption is started. Encryption isn't restarted with settings changes.
> - You must send all the settings together in a single SyncML to be effective.
> - Windows 10/11 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, and E5).
> - Windows 10/11 Enterprise A3 or A5 (included in Microsoft 365 A3 and A5).
A `Get` operation on any of the settings, except for `RequireDeviceEncryption` and `RequireStorageCardEncryption`, returns the setting configured by the admin.
For RequireDeviceEncryption and RequireStorageCardEncryption, the Get operation returns the actual status of enforcement to the admin, such as if Trusted Platform Module (TPM) protection is required and if encryption is required. And if the device has BitLocker enabled but with password protector, the status reported is 0. A Get operation on RequireDeviceEncryption doesn't verify that a minimum PIN length is enforced (SystemDrivesMinimumPINLength).
> [!NOTE]
>
> - Settings are enforced only at the time encryption is started. Encryption isn't restarted with settings changes.
> - You must send all the settings together in a single SyncML to be effective.
<!-- BitLocker-Editable-End -->
<!-- BitLocker-Tree-Begin -->
@ -654,7 +660,7 @@ Sample value for this node to enable this policy is: `<enabled/>`
<!-- Add any examples for this policy here. Examples outside this section will get overwritten. -->
**Example**:
To disable this policy, use hte following SyncML:
To disable this policy, use the following SyncML:
```xml
<Replace>

23
windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
View File

@ -39,6 +39,10 @@ ms.date: 02/03/2023
- [DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#dosethourstolimitforegrounddownloadbandwidth) <sup>10</sup>
- [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#dosethourstolimitbackgrounddownloadbandwidth) <sup>10</sup>
- [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#dosethourstolimitbackgrounddownloadbandwidth) <sup>10</sup>
- [Device/{TenantId}/Policies/EnableWindowsHelloProvisioningForSecurityKeys](passportforwork-csp.md#devicetenantidpoliciesenablewindowshelloprovisioningforsecuritykeys) <sup>12</sup>
- [DeviceInstallation/AllowInstallationOfMatchingDeviceIDs](policy-csp-deviceinstallation.md#allowinstallationofmatchingdeviceids) <sup>12</sup>
- [DeviceInstallation/DeviceInstall_Removable_Deny](policy-csp-admx-deviceinstallation.md#deviceinstall_removable_deny) <sup>12</sup>
- [DeviceInstallation/EnableInstallationPolicyLayering](policy-csp-deviceinstallation.md#enableinstallationpolicylayering) <sup>12</sup>
- [DeviceLock/AllowIdleReturnWithoutPassword](policy-csp-devicelock.md#allowidlereturnwithoutpassword)
- [DeviceLock/AllowSimpleDevicePassword](policy-csp-devicelock.md#allowsimpledevicepassword)
- [DeviceLock/AlphanumericDevicePasswordRequired](policy-csp-devicelock.md#alphanumericdevicepasswordrequired)
@ -59,12 +63,18 @@ ms.date: 02/03/2023
- [MixedReality/ConfigureMovingPlatform](policy-csp-mixedreality.md#configuremovingplatform) <sup>*[Feb. 2022 Servicing release](/hololens/hololens-release-notes#windows-holographic-version-21h2---february-2022-update)</sup>
- [MixedReality/ConfigureNtpClient](./policy-csp-mixedreality.md#configurentpclient) <sup>12</sup>
- [MixedReality/DisallowNetworkConnectivityPassivePolling](./policy-csp-mixedreality.md#disallownetworkconnectivitypassivepolling) <sup>12</sup>
- [MixedReality/EnableStartMenuWristTap](./policy-csp-mixedreality.md#enablestartmenuwristtap)<sup>12</sup>
- [MixedReality/EnableStartMenuSingleHandGesture](./policy-csp-mixedreality.md#enablestartmenusinglehandgesture) <sup>12</sup>
- [MixedReality/EnableStartMenuVoiceCommand](./policy-csp-mixedreality.md#enablestartmenuvoicecommand) <sup>12</sup>
- [MixedReality/FallbackDiagnostics](./policy-csp-mixedreality.md#fallbackdiagnostics) <sup>9</sup>
- [MixedReality/ManualDownDirectionDisabled](policy-csp-mixedreality.md#manualdowndirectiondisabled) <sup>*[Feb. 2022 Servicing release](/hololens/hololens-release-notes#windows-holographic-version-21h2---february-2022-update)</sup>
- [MixedReality/MicrophoneDisabled](./policy-csp-mixedreality.md#microphonedisabled) <sup>9</sup>
- [MixedReality/NtpClientEnabled](./policy-csp-mixedreality.md#ntpclientenabled) <sup>12</sup>
- [MixedReality/PreferLogonAsOtherUser](./policy-csp-mixedreality.md#preferlogonasotheruser) <sup>12</sup>
- [MixedReality/SkipCalibrationDuringSetup](./policy-csp-mixedreality.md#skipcalibrationduringsetup) <sup>12</sup>
- [MixedReality/SkipTrainingDuringSetup](./policy-csp-mixedreality.md#skiptrainingduringsetup) <sup>12</sup>
- [MixedReality/RequireStartIconHold](./policy-csp-mixedreality.md#requirestarticonhold) <sup>12</sup>
- [MixedReality/RequireStartIconVisible](./policy-csp-mixedreality.md#requirestarticonvisible) <sup>12</sup>
- [MixedReality/VisitorAutoLogon](policy-csp-mixedreality.md#visitorautologon) <sup>10</sup>
- [MixedReality/VolumeButtonDisabled](./policy-csp-mixedreality.md#volumebuttondisabled) <sup>9</sup>
- [Power/DisplayOffTimeoutOnBattery](./policy-csp-power.md#displayofftimeoutonbattery) <sup>9, 14</sup>
@ -91,9 +101,9 @@ ms.date: 02/03/2023
- [Privacy/LetAppsAccessGazeInput_ForceDenyTheseApps](policy-csp-privacy.md#letappsaccessgazeinput_forcedenytheseapps) <sup>8</sup>
- [Privacy/LetAppsAccessGazeInput_UserInControlOfTheseApps](policy-csp-privacy.md#letappsaccessgazeinput_userincontroloftheseapps) <sup>8</sup>
- [Privacy/LetAppsAccessLocation](policy-csp-privacy.md#letappsaccesslocation)
- [Privacy/LetAppsAccessLocation_ForceAllowTheseApps](/windows/client-management/mdm/policy-csp-privacy) <sup>12</sup>
- [Privacy/LetAppsAccessLocation_ForceDenyTheseApps](/windows/client-management/mdm/policy-csp-privacy) <sup>12</sup>
- [Privacy/LetAppsAccessLocation_UserInControlOfTheseApps](/windows/client-management/mdm/policy-csp-privacy) <sup>12</sup>
- [Privacy/LetAppsAccessLocation_ForceAllowTheseApps](policy-csp-privacy.md#letappsaccesslocation_forceallowtheseapps) <sup>12</sup>
- [Privacy/LetAppsAccessLocation_ForceDenyTheseApps](policy-csp-privacy.md#letappsaccesslocation_forcedenytheseapps) <sup>12</sup>
- [Privacy/LetAppsAccessLocation_UserInControlOfTheseApps](policy-csp-privacy.md#letappsaccesslocation_userincontroloftheseapps) <sup>12</sup>
- [Privacy/LetAppsAccessMicrophone](policy-csp-privacy.md#letappsaccessmicrophone)
- [Privacy/LetAppsAccessMicrophone_ForceAllowTheseApps](policy-csp-privacy.md#letappsaccessmicrophone_forceallowtheseapps) <sup>8</sup>
- [Privacy/LetAppsAccessMicrophone_ForceDenyTheseApps](policy-csp-privacy.md#letappsaccessmicrophone_forcedenytheseapps) <sup>8</sup>
@ -113,8 +123,8 @@ ms.date: 02/03/2023
- [System/AllowLocation](policy-csp-system.md#allowlocation)
- [System/AllowStorageCard](policy-csp-system.md#allowstoragecard)
- [System/AllowTelemetry](policy-csp-system.md#allowtelemetry)
- [System/ConfigureTelemetryOptInSettingsUx](/windows/client-management/mdm/policy-csp-system) <sup>12</sup>
- [System/DisableDeviceDelete](/windows/client-management/mdm/policy-csp-system) <sup>12</sup>
- [System/ConfigureTelemetryOptInSettingsUx](policy-csp-system.md#configuretelemetryoptinsettingsux) <sup>12</sup>
- [System/DisableDeviceDelete](policy-csp-system.md#disabledevicedelete) <sup>12</sup>
- [TimeLanguageSettings/ConfigureTimeZone](./policy-csp-timelanguagesettings.md#configuretimezone) <sup>9</sup>
- [Update/ActiveHoursEnd](./policy-csp-update.md#activehoursend) <sup>9</sup>
- [Update/ActiveHoursMaxRange](./policy-csp-update.md#activehoursmaxrange) <sup>9</sup>
@ -165,6 +175,3 @@ Footnotes:
[Policy CSP](policy-configuration-service-provider.md)
[Full HoloLens CSP Details](/windows/client-management/mdm/configuration-service-provider-support)

7
windows/client-management/mdm/policy-csp-windowslogon.md
View File

@ -389,6 +389,13 @@ This policy controls the configuration under which winlogon sends MPR notificati
<!-- EnableMPRNotifications-Editable-Begin -->
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
> [!NOTE]
> Starting in Windows Insiders build 25216, the behavior of EnableMPRNotifications policy was changed, and the Group Policy was updated with the following text:
>
> - **Friendly name**: Configure the transmission of the user's password in the content of MPR notifications sent by winlogon
> - **Description**: This policy controls whether the user's password is included in the content of MPR notifications sent by winlogon in the system.
> - If you disable this setting or do not configure it, winlogon sends MPR notifications with empty password fields of the user's authentication info.
> - If you enable this setting, winlogon sends MPR notifications containing the user's password in the authentication info.
<!-- EnableMPRNotifications-Editable-End -->
<!-- EnableMPRNotifications-DFProperties-Begin -->

2
windows/client-management/mdm/unifiedwritefilter-csp.md
View File

@ -19,7 +19,7 @@ The table below shows the applicability of Windows:
The UnifiedWriteFilter (UWF) configuration service provider enables the IT administrator to remotely manage the UWF to help protect physical storage media including any writable storage type.
> **Note**  The UnifiedWriteFilter CSP is only supported in Windows 10 Enterprise and Windows 10 Education.
> **Note**  The UnifiedWriteFilter CSP is only supported in Windows 10/11 Enterprise and Windows 10/11 Education.
The following example shows the UWF configuration service provider in tree format.
```