diff --git a/education/windows/suspcs/reference.md b/education/windows/suspcs/reference.md index 278344c047..3cec502ea5 100644 --- a/education/windows/suspcs/reference.md +++ b/education/windows/suspcs/reference.md @@ -1,8 +1,8 @@ --- title: Set up School PCs app technical reference overview -description: Describes the purpose of the Set up School PCs app for Windows 10 devices. +description: Describes the purpose of the Set up School PCs app for Windows devices. ms.topic: overview -ms.date: 01/16/2024 +ms.date: 10/29/2024 appliesto: - ✅ Windows 11 - ✅ Windows 10 @@ -12,12 +12,12 @@ appliesto: The **Set up School PCs** app helps you configure new Windows 10 PCs for school use. The app, which is available for Windows 10 version 1703 and later, configures and saves school-optimized settings, apps, and policies into a single provisioning package. You can then save the package to a USB drive and distribute it to your school PCs. -If your school uses Microsoft Entra ID or Office 365, the Set up +If your school uses Microsoft Entra ID or Microsoft 365, the Set up School PCs app will create a setup file. This file joins the PC to your Microsoft Entra tenant. The app also helps set up PCs for use with or without Internet connectivity. ## Join devices to Microsoft Entra ID -If your school uses Microsoft Entra ID or Office 365, the Set up School PCs app creates a setup file that joins your PC to your Microsoft Entra ID tenant. +If your school uses Microsoft Entra ID or Microsoft 365, the Set up School PCs app creates a setup file that joins your PC to your Microsoft Entra ID tenant. The app also helps set up PCs for use with or without Internet connectivity. diff --git a/windows/configuration/assigned-access/shell-launcher/quickstart-kiosk.md b/windows/configuration/assigned-access/shell-launcher/quickstart-kiosk.md index f217d88363..34a83bf4f3 100644 --- a/windows/configuration/assigned-access/shell-launcher/quickstart-kiosk.md +++ b/windows/configuration/assigned-access/shell-launcher/quickstart-kiosk.md @@ -2,7 +2,7 @@ title: "Quickstart: configure a kiosk experience with Shell Launcher" description: Learn how to configure a kiosk experience with Shell Launcher, using the Assigned Access configuration service provider (CSP), Microsoft Intune, PowerShell, or group policy (GPO). ms.topic: quickstart -ms.date: 02/05/2024 +ms.date: 10/29/2024 --- # Quickstart: configure a kiosk experience with Shell Launcher diff --git a/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md b/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md index b65c4701ea..fb561d216a 100644 --- a/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md +++ b/windows/deployment/windows-autopatch/deploy/windows-autopatch-device-registration-overview.md @@ -1,7 +1,7 @@ --- title: Device registration overview description: This article provides an overview on how to register devices in Autopatch. -ms.date: 09/16/2024 +ms.date: 10/30/2024 ms.service: windows-client ms.subservice: autopatch ms.topic: concept-article @@ -32,7 +32,7 @@ A role defines the set of permissions granted to users assigned to that role. Yo To be eligible for Windows Autopatch management, devices must meet a minimum set of required software-based prerequisites. For more information, see [Windows Autopatch prerequisites](../prepare/windows-autopatch-prerequisites.md). > [!IMPORTANT] -> Windows Autopatch supports registering [Windows 10 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/) devices that are being currently serviced by the [Windows LTSC](/windows/release-health/release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC. +> Windows Autopatch supports registering [Windows 10 and Windows 11 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/overview) devices that are being currently serviced by the [Windows 10 LTSC](/windows/release-health/release-information) or [Windows 11 LTSC](/windows/release-health/windows11-release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC. The Windows Autopatch device registration process is transparent for end-users because it doesn't require devices to be reset. diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-overview.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-overview.md index cd90f48781..3d2d33db5d 100644 --- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-overview.md +++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-feature-update-overview.md @@ -1,7 +1,7 @@ --- title: Windows feature updates overview description: This article explains how Windows feature updates are managed -ms.date: 09/16/2024 +ms.date: 10/30/2024 ms.service: windows-client ms.subservice: autopatch ms.topic: overview @@ -21,6 +21,9 @@ ms.collection: Windows Autopatch provides tools to assist with the controlled roll out of annual Windows feature updates. These policies provide tools to allow version targeting, phased releases, and even Windows 10 to Windows 11 update options. For more information about how to configure feature update profiles, see [Feature updates for Windows 10 and later policy in Intune](/mem/intune/protect/windows-10-feature-updates). +> [!IMPORTANT] +> Windows Autopatch supports registering [Windows 10 and Windows 11 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/overview) devices that are being currently serviced by the [Windows 10 LTSC](/windows/release-health/release-information) or [Windows 11 LTSC](/windows/release-health/windows11-release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC. + ## Multi-phase feature update Multi-phase feature update allows you to create customizable feature update deployments using multiple phases for your [existing Autopatch groups](../manage/windows-autopatch-manage-autopatch-groups.md). These phased releases can be tailored to meet your organizational unique needs. diff --git a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-overview.md b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-overview.md index f0a5de2a7a..656f94452c 100644 --- a/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-overview.md +++ b/windows/deployment/windows-autopatch/manage/windows-autopatch-windows-quality-update-overview.md @@ -1,7 +1,7 @@ --- title: Windows quality updates overview description: This article explains how Windows quality updates are managed -ms.date: 09/16/2024 +ms.date: 10/30/2024 ms.service: windows-client ms.subservice: autopatch ms.topic: conceptual @@ -54,7 +54,7 @@ The service level objective for each of these states is calculated as: > Targeted deployment ring refers to the deployment ring value of the device in question. If a device has a five day deferral with a two day deadline, and two day grace period, the SLO for the device would be calculated to `5 + 2 + 5 = 12`-day service level objective from the second Tuesday of the month. The five day reporting period is one established by Windows Autopatch to allow enough time for device check-in reporting and data evaluation within the service. > [!IMPORTANT] -> Windows Autopatch supports registering [Windows 10 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/) devices that are being currently serviced by the [Windows LTSC](/windows/release-health/release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC. +> Windows Autopatch supports registering [Windows 10 and Windows 11 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/overview) devices that are being currently serviced by the [Windows 10 LTSC](/windows/release-health/release-information) or [Windows 11 LTSC](/windows/release-health/windows11-release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC. ## Out of Band releases @@ -62,11 +62,11 @@ The service level objective for each of these states is calculated as: Windows Autopatch schedules and deploys required Out of Band (OOB) updates released outside of the normal schedule. -For the deployment rings that pass quality updates deferral date, the OOB release schedule is expedited and deployed on the same day. For the deployment rings that have deferral upcoming, OOBs are released as per the set deferral dates. +For the deployment rings that pass quality updates deferral date, the OOB release schedule is expedited and deployed on the same day. For the deployment rings that have deferral upcoming, OOBs are released as per the specified deferral dates. ## Pause and resume a release -The service-level pause is driven by the various software update deployment-related signals Windows Autopatch receives from Windows Update for Business, and several other product groups within Microsoft. +The service-level pause is driven by the various software update deployment-related signals. Windows Autopatch receives from Windows Update for Business, and several other product groups within Microsoft. If Windows Autopatch detects a significant issue with a release, we might decide to pause that release. diff --git a/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md b/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md index 74379f93b0..cf387f0042 100644 --- a/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md +++ b/windows/deployment/windows-autopatch/prepare/windows-autopatch-prerequisites.md @@ -1,7 +1,7 @@ --- title: Prerequisites description: This article details the prerequisites needed for Windows Autopatch -ms.date: 09/27/2024 +ms.date: 10/30/2024 ms.service: windows-client ms.subservice: autopatch ms.topic: concept-article @@ -139,8 +139,8 @@ The following Windows 10/11 editions, build version, and architecture are suppor Windows Autopatch service supports Windows client devices on the **General Availability Channel**. -> [!NOTE] -> Windows Autopatch supports registering [Windows 10 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/) devices that are being currently serviced by the [Windows LTSC](/windows/release-health/release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC. +> [!IMPORTANT] +> Windows Autopatch supports registering [Windows 10 and Windows 11 Long-Term Servicing Channel (LTSC)](/windows/whats-new/ltsc/overview) devices that are being currently serviced by the [Windows 10 LTSC](/windows/release-health/release-information) or [Windows 11 LTSC](/windows/release-health/windows11-release-information). The service only supports managing the [Windows quality updates](../operate/windows-autopatch-windows-quality-update-overview.md) workload for devices currently serviced by the LTSC. Windows Update for Business service and Windows Autopatch don't offer Windows feature updates for devices that are part of the LTSC. You must either use [LTSC media](https://www.microsoft.com/evalcenter/evaluate-windows-10-enterprise) or the [Configuration Manager Operating System Deployment capabilities to perform an in-place upgrade](/windows/deployment/deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager) for Windows devices that are part of the LTSC. ## Configuration Manager co-management requirements diff --git a/windows/security/identity-protection/passwordless-strategy/index.md b/windows/security/identity-protection/passwordless-strategy/index.md index b0887dd2fd..f409e96957 100644 --- a/windows/security/identity-protection/passwordless-strategy/index.md +++ b/windows/security/identity-protection/passwordless-strategy/index.md @@ -2,7 +2,7 @@ title: Passwordless strategy overview description: Learn about the passwordless strategy and how Windows security features help implementing it. ms.topic: concept-article -ms.date: 01/29/2024 +ms.date: 10/29/2024 --- # Passwordless strategy overview diff --git a/windows/security/identity-protection/passwordless-strategy/journey-step-1.md b/windows/security/identity-protection/passwordless-strategy/journey-step-1.md index 0708d80254..c986b45960 100644 --- a/windows/security/identity-protection/passwordless-strategy/journey-step-1.md +++ b/windows/security/identity-protection/passwordless-strategy/journey-step-1.md @@ -2,7 +2,7 @@ title: Deploy a passwordless replacement option description: Learn about how to deploy a passwordless replacement option, the first step of the Microsoft passwordless journey. ms.topic: concept-article -ms.date: 01/29/2024 +ms.date: 10/29/2024 --- # Deploy a passwordless replacement option diff --git a/windows/security/identity-protection/passwordless-strategy/journey-step-2.md b/windows/security/identity-protection/passwordless-strategy/journey-step-2.md index 52859b1022..28cf7fe1c5 100644 --- a/windows/security/identity-protection/passwordless-strategy/journey-step-2.md +++ b/windows/security/identity-protection/passwordless-strategy/journey-step-2.md @@ -2,7 +2,7 @@ title: Reduce the user-visible password surface area description: Learn about how to reduce the user-visible password surface area, the second step of the Microsoft passwordless journey. ms.topic: concept-article -ms.date: 01/29/2024 +ms.date: 10/29/2024 --- # Reduce the user-visible password surface area diff --git a/windows/security/identity-protection/passwordless-strategy/journey-step-3.md b/windows/security/identity-protection/passwordless-strategy/journey-step-3.md index b50cd4f910..9bc006a4e0 100644 --- a/windows/security/identity-protection/passwordless-strategy/journey-step-3.md +++ b/windows/security/identity-protection/passwordless-strategy/journey-step-3.md @@ -2,7 +2,7 @@ title: Transition into a passwordless deployment description: Learn about how to transition into a passwordless deployment, the third step of the Microsoft passwordless journey. ms.topic: concept-article -ms.date: 01/29/2024 +ms.date: 10/29/2024 --- # Transition into a passwordless deployment diff --git a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md index 583823e56f..27870ca1e3 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md +++ b/windows/security/identity-protection/smart-cards/smart-card-and-remote-desktop-services.md @@ -2,7 +2,7 @@ title: Smart Card and Remote Desktop Services description: This topic for the IT professional describes the behavior of Remote Desktop Services when you implement smart card sign-in. ms.topic: concept-article -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Smart Card and Remote Desktop Services diff --git a/windows/security/identity-protection/smart-cards/smart-card-architecture.md b/windows/security/identity-protection/smart-cards/smart-card-architecture.md index bd640b89fd..25f9e9f1ff 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-architecture.md +++ b/windows/security/identity-protection/smart-cards/smart-card-architecture.md @@ -1,8 +1,8 @@ --- -title: Smart Card Architecture +title: Smart Card Architecture description: This topic for the IT professional describes the system architecture that supports smart cards in the Windows operating system. ms.topic: reference-architecture -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Smart Card Architecture diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md index 770de019ca..37bd03c462 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md +++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-propagation-service.md @@ -1,8 +1,8 @@ --- -title: Certificate propagation service +title: Certificate propagation service description: Learn about the certificate propagation service (CertPropSvc), which is used in smart card implementation. ms.topic: concept-article -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Certificate propagation service @@ -19,7 +19,7 @@ The following figure shows the flow of the certificate propagation service. The 1. The arrow labeled **2** indicates the certification to the reader 1. The arrow labeled **3** indicates the access to the certificate store during the client session -![Certificate propagation service.](images/sc-image302.gif) + ![Certificate propagation service.](images/sc-image302.gif) 1. A signed-in user inserts a smart card 1. CertPropSvc is notified that a smart card was inserted diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md index 5b33c9f79c..b8d0bf055f 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md +++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md @@ -1,8 +1,8 @@ --- -title: Certificate Requirements and Enumeration +title: Certificate Requirements and Enumeration description: This topic for the IT professional and smart card developers describes how certificates are managed and used for smart card sign-in. ms.topic: concept-article -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Certificate Requirements and Enumeration @@ -71,7 +71,8 @@ Following are the steps that are performed during a smart card sign-in: 1. Winlogon presents the data from LogonUI to the LSA with the user information in LSALogonUser 1. LSA calls the Kerberos authentication package (Kerberos SSP) to create a Kerberos authentication service request (KRB_AS_REQ), which containing a preauthenticator (as specified in RFC 4556: [Public Key Cryptography for Initial Authentication in Kerberos (PKINIT)](http://www.ietf.org/rfc/rfc4556.txt)). - If the authentication is performed by using a certificate that uses a digital signature, the preauthentication data consists of the user's public certificate and the certificate that is digitally signed with the corresponding private key.\ + If the authentication is performed by using a certificate that uses a digital signature, the preauthentication data consists of the user's public certificate and the certificate that is digitally signed with the corresponding private key. + If the authentication is performed by using a certificate that uses key encipherment, the preauthentication data consists of the user's public certificate and the certificate that is encrypted with the corresponding private key. 1. To sign the request digitally (as per RFC 4556), a call is made to the corresponding CSP for a private key operation. Because the private key in this case is stored in a smart card, the smart card subsystem is called, and the necessary operation is completed. The result is sent back to the Kerberos security support provider (SSP). diff --git a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md index ce951db2a1..89fb2e4119 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md +++ b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md @@ -1,8 +1,8 @@ --- -title: Smart Card Troubleshooting +title: Smart Card Troubleshooting description: Describes the tools and services that smart card developers can use to help identify certificate issues with the smart card deployment. ms.topic: troubleshooting -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Smart Card Troubleshooting diff --git a/windows/security/identity-protection/smart-cards/smart-card-events.md b/windows/security/identity-protection/smart-cards/smart-card-events.md index 6aef6b3288..07f326ba4f 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-events.md +++ b/windows/security/identity-protection/smart-cards/smart-card-events.md @@ -1,8 +1,8 @@ --- -title: Smart card events +title: Smart card events description: Learn about smart card deployment and development events. ms.topic: troubleshooting -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Smart card events diff --git a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md index 79e5f674c9..b98266524f 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md +++ b/windows/security/identity-protection/smart-cards/smart-card-group-policy-and-registry-settings.md @@ -1,8 +1,8 @@ --- -title: Smart Card Group Policy and Registry Settings +title: Smart Card Group Policy and Registry Settings description: Discover the Group Policy, registry key, local security policy, and credential delegation policy settings that are available for configuring smart cards. ms.topic: reference -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Smart Card Group Policy and Registry Settings @@ -194,7 +194,7 @@ You can use this policy setting to configure which valid sign-in certificates ar > [!NOTE] > During the certificate renewal period, a user's smart card can have multiple valid sign-in certificates issued from the same certificate template, which can cause confusion about which certificate to select. This behavior can occur when a certificate is renewed and the old certificate has not expired yet. > -> If two certificates are issued from the same template with the same major version and they are for the same user (this is determined by their UPN), they are determined to be the same. +> If two certificates are issued from the same template with the same major version and they are for the same user (this is determined by their UPN), they are determined to be the same. When this policy setting is turned on, filtering occurs so that the user can select from only the most current valid certificates. diff --git a/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md b/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md index 6f23ce09a9..efe457fa47 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md +++ b/windows/security/identity-protection/smart-cards/smart-card-how-smart-card-sign-in-works-in-windows.md @@ -2,7 +2,7 @@ title: How Smart Card Sign-in Works in Windows description: This topic for IT professional provides links to resources about the implementation of smart card technologies in the Windows operating system. ms.topic: overview -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # How Smart Card Sign-in Works in Windows diff --git a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md index 65933d65a1..a675b89bb4 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md +++ b/windows/security/identity-protection/smart-cards/smart-card-removal-policy-service.md @@ -1,8 +1,8 @@ --- -title: Smart Card Removal Policy Service +title: Smart Card Removal Policy Service description: This topic for the IT professional describes the role of the removal policy service (ScPolicySvc) in smart card implementation. ms.topic: concept-article -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Smart Card Removal Policy Service diff --git a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md index ad2cd71fb9..b7d7ee8d10 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md +++ b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md @@ -1,8 +1,8 @@ --- -title: Smart Cards for Windows Service +title: Smart Cards for Windows Service description: This topic for the IT professional and smart card developers describes how the Smart Cards for Windows service manages readers and application interactions. ms.topic: concept-article -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Smart Cards for Windows Service diff --git a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md index f703ec1f9c..574d204ddd 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md +++ b/windows/security/identity-protection/smart-cards/smart-card-tools-and-settings.md @@ -1,8 +1,8 @@ --- -title: Smart Card Tools and Settings +title: Smart Card Tools and Settings description: This topic for the IT professional and smart card developer links to information about smart card debugging, settings, and events. ms.topic: get-started -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Smart Card Tools and Settings diff --git a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md index d615e2079c..18b8555a16 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md +++ b/windows/security/identity-protection/smart-cards/smart-card-windows-smart-card-technical-reference.md @@ -1,8 +1,8 @@ --- -title: Smart Card Technical Reference +title: Smart Card Technical Reference description: Learn about the Windows smart card infrastructure for physical smart cards, and how smart card-related components work in Windows. ms.topic: overview -ms.date: 01/16/2024 +ms.date: 10/29/2024 --- # Smart Card Technical Reference diff --git a/windows/security/operating-system-security/data-protection/bitlocker/includes/choose-how-bitlocker-protected-operating-system-drives-can-be-recovered.md b/windows/security/operating-system-security/data-protection/bitlocker/includes/choose-how-bitlocker-protected-operating-system-drives-can-be-recovered.md index 8cfee0617e..b0ff6c39b5 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/includes/choose-how-bitlocker-protected-operating-system-drives-can-be-recovered.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/includes/choose-how-bitlocker-protected-operating-system-drives-can-be-recovered.md @@ -17,6 +17,8 @@ This policy setting allows you to control how BitLocker-protected operating syst If this policy setting is disabled or not configured, the default recovery options are supported for BitLocker recovery. By default a DRA is allowed, the recovery options can be specified by the user including the recovery password and recovery key, and recovery information is not backed up to AD DS. +For Microsoft Entra hybrid joined devices, the BitLocker recovery password is backed up to both Active Directory and Entra ID. + | | Path | |--|--| | **CSP** | `./Device/Vendor/MSFT/BitLocker/`[SystemDrivesRecoveryOptions](/windows/client-management/mdm/bitlocker-csp#systemdrivesrecoveryoptions)|