deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #10196 from msarcletti/patch-7

Browse Source 
Update policy-csp-networklistmanager.md
This commit is contained in:
Denise Vangel-MSFT 2021-12-16 11:16:55 -08:00 committed by GitHub
commit e154b1e89d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
windows/client-management/mdm/policy-csp-networklistmanager.md
View File

@ -7,7 +7,7 @@ ms.prod: w10
ms.technology: windows
author: nimishasatapathy
ms.localizationpriority: medium
ms.date: 7/10/2021
ms.date: 12/16/2021
ms.reviewer:
manager: dansimp
---
@ -58,7 +58,15 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
This policy setting provides the list of URLs (separated by Unicode character 0xF000) to endpoints accessible only within an enterprise's network. If any of the URLs can be resolved over HTTPS, the network would be considered authenticated.
This policy setting provides the list of URLs (separated by Unicode character 0xF000) to endpoints accessible only within an enterprise's network. If any of the URLs can be resolved over HTTPS, the network would be considered authenticated.
When entering a list of TLS endpoints in Microsoft Endpoint Manager, you must follow this format, even in the UI:
```<![CDATA[https://nls.corp.contoso.com&#xF000;https://nls.corp.fabricam.com]]>```
- The HTTPS endpoint must not have any additional authentication checks, such as login or multifactor authentication.
- The HTTPS endpoint must be an internal address not accessible from outside the corporate network.
- The client must trust the server certificate, so the CA certificate that the HTTPS server certificate chains to must be present in the client machine's root certificate store.
- A certificate should not be a public certificate.
<hr/>
@ -91,7 +99,7 @@ This policy setting provides the list of URLs (separated by Unicode character 0x
<!--/Scope-->
<!--Description-->
This policy setting provides the string to be used to name the network authenticated against one of the endpoints listed in NetworkListManager/AllowedTlsAuthenticationEndpoints policy.
This policy setting provides the string to be used to name the network authenticated against one of the endpoints listed in NetworkListManager/AllowedTlsAuthenticationEndpoints policy. If this setting is used for Trusted Network Detection in an Always On VPN profile, it must be the DNS suffix configured in the TrustedNetworkDetection attribute.
<hr/>