From fa13a5ecc157776152081a1642d4b40bd1e2afbc Mon Sep 17 00:00:00 2001 From: Nimisha Satapathy Date: Tue, 1 Feb 2022 19:38:18 +0530 Subject: [PATCH 01/10] Updated --- .../mdm/policy-csp-admx-errorreporting.md | 4 ++-- .../windowsdefenderapplicationguard-csp.md | 20 +++++++++---------- ...system-components-to-microsoft-services.md | 2 +- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-admx-errorreporting.md b/windows/client-management/mdm/policy-csp-admx-errorreporting.md index 6d41a7d0d3..cb39601404 100644 --- a/windows/client-management/mdm/policy-csp-admx-errorreporting.md +++ b/windows/client-management/mdm/policy-csp-admx-errorreporting.md @@ -1068,7 +1068,7 @@ If this policy setting is disabled or not configured, then the consent level def ADMX Info: -- GP English name: *Configure Default consent* +- GP Friendly name: *Configure Default consent* - GP name: *WerDefaultConsent_1* - GP path: *Windows Components\Windows Error Reporting\Consent* - GP ADMX file name: *ErrorReporting.admx* @@ -1166,7 +1166,7 @@ If you disable or do not configure this policy setting, the Turn off Windows Err ADMX Info: -- GP English name: *Disable Windows Error Reporting* +- GP Friendly name: *Disable Windows Error Reporting* - GP name: *WerDisable_1* - GP path: *Windows Components\Windows Error Reporting* - GP ADMX file name: *ErrorReporting.admx* diff --git a/windows/client-management/mdm/windowsdefenderapplicationguard-csp.md b/windows/client-management/mdm/windowsdefenderapplicationguard-csp.md index cc5b2bff12..e489b9b6cd 100644 --- a/windows/client-management/mdm/windowsdefenderapplicationguard-csp.md +++ b/windows/client-management/mdm/windowsdefenderapplicationguard-csp.md @@ -67,7 +67,7 @@ The following list shows the supported values: ADMX Info: -- GP English name: *Configure Microsoft Defender Application Guard clipboard settings* +- GP Friendly name: *Configure Microsoft Defender Application Guard clipboard settings* - GP name: *AppHVSIClipboardFileType* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* @@ -91,7 +91,7 @@ The following list shows the supported values: ADMX Info: -- GP English name: *Configure Microsoft Defender Application Guard clipboard settings* +- GP Friendly name: *Configure Microsoft Defender Application Guard clipboard settings* - GP name: *AppHVSIClipboardSettings* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* @@ -124,7 +124,7 @@ The following list shows the supported values: ADMX Info: -- GP English name: *Configure Microsoft Defender Application Guard print settings* +- GP Friendly name: *Configure Microsoft Defender Application Guard print settings* - GP name: *AppHVSIPrintingSettings* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* @@ -146,7 +146,7 @@ The following list shows the supported values: ADMX Info: -- GP English name: *Prevent enterprise websites from loading non-enterprise content in Microsoft Edge and Internet Explorer* +- GP Friendly name: *Prevent enterprise websites from loading non-enterprise content in Microsoft Edge and Internet Explorer* - GP name: *BlockNonEnterpriseContent* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* @@ -165,7 +165,7 @@ The following list shows the supported values: ADMX Info: -- GP English name: *Allow data persistence for Microsoft Defender Application Guard* +- GP Friendly name: *Allow data persistence for Microsoft Defender Application Guard* - GP name: *AllowPersistence* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* @@ -189,7 +189,7 @@ The following list shows the supported values: ADMX Info: -- GP English name: *Allow hardware-accelerated rendering for Microsoft Defender Application Guard* +- GP Friendly name: *Allow hardware-accelerated rendering for Microsoft Defender Application Guard* - GP name: *AllowVirtualGPU* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* @@ -208,7 +208,7 @@ The following list shows the supported values: ADMX Info: -- GP English name: *Allow files to download and save to the host operating system from Microsoft Defender Application Guard* +- GP Friendly name: *Allow files to download and save to the host operating system from Microsoft Defender Application Guard* - GP name: *SaveFilesToHost* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* @@ -230,7 +230,7 @@ If you disable or don’t configure this setting, certificates are not shared wi ADMX Info: -- GP English name: *Allow Microsoft Defender Application Guard to use Root Certificate Authorities from the user's device* +- GP Friendly name: *Allow Microsoft Defender Application Guard to use Root Certificate Authorities from the user's device* - GP name: *CertificateThumbprints* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* @@ -259,7 +259,7 @@ The following list shows the supported values: ADMX Info: -- GP English name: *Allow camera and microphone access in Microsoft Defender Application Guard* +- GP Friendly name: *Allow camera and microphone access in Microsoft Defender Application Guard* - GP name: *AllowCameraMicrophoneRedirection* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* @@ -317,7 +317,7 @@ The following list shows the supported values: ADMX Info: -- GP English name: *Allow auditing events in Microsoft Defender Application Guard* +- GP Friendly name: *Allow auditing events in Microsoft Defender Application Guard* - GP name: *AuditApplicationGuard* - GP path: *Windows Components/Microsoft Defender Application Guard* - GP ADMX file name: *AppHVSI.admx* diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index d4c8f8e591..b6b7503543 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -1884,7 +1884,7 @@ Most restricted value is 0. ADMX Info: -- GP English name: Allow Clipboard synchronization across devices
+- GP Friendly name: Allow Clipboard synchronization across devices
- GP name: AllowCrossDeviceClipboard
- GP path: System/OS Policies
- GP ADMX file name: OSPolicy.admx
From 195524f81d81a994f543a9175862f2d973032703 Mon Sep 17 00:00:00 2001 From: ansonhsho Date: Thu, 3 Feb 2022 23:18:59 -0800 Subject: [PATCH 02/10] Update application list for Jan 2022 Update application list and change how we talk about versions --- education/windows/windows-11-se-overview.md | 42 ++++++++++++--------- 1 file changed, 25 insertions(+), 17 deletions(-) diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md index 32f5f7795d..474837edb2 100644 --- a/education/windows/windows-11-se-overview.md +++ b/education/windows/windows-11-se-overview.md @@ -38,24 +38,32 @@ Windows 11 SE is only available preinstalled on devices from OEMs. The OEM insta Windows 11 SE comes with some preinstalled apps. The following apps can also run on Windows 11 SE, and are deployed using the [Intune for Education portal](https://intuneeducation.portal.azure.com). For more information, see [Manage devices running Windows 11 SE](/intune-education/windows-11-se-overview). --- -| Application | Min version | Vendor | +| Application | Supported version | Vendor | | --- | --- | --- | -| Chrome | 95.0.4638.54 | Google | -| Dragon Assistant | 3.2.98.061 | Nuance Communications | -| Dragon Professional Individual | 15.00.100 | Nuance Communications | -| e-Speaking Voice and Speech recognition | 4.4.0.8 | e-speaking | -| Free NaturalReader | 16.1.2 | Natural Soft | -| Jaws for Windows | 2022.2109.84 ILM | Freedom Scientific | -| Kite Student Portal | 8.0.1 | Dynamic Learning Maps | -| NextUp Talker | 1.0.49 | NextUp Technologies, LLC. | -| NonVisual Desktop Access | 2021.2 | NV Access | -| Read and Write | 12.0.71 | Texthelp Systems Ltd. | -| SuperNova Magnifier & Screen Reader | 20.03 | Dolphin Computer Access | -| SuperNova Magnifier & Speech | 20.03 | Dolphin Computer Access | -| Text Aloud | 4.0.64 | Nextup.com | -| Zoom | 5.8.3 (1581) | Zoom Inc | -| Zoomtext Fusion by AiSquared | 2022.2109.10 | ORF Fusion | -| ZoomText Magnifier/Reader | 2022.2109.25ILM | AI Squared | +|Blub Digital Portoflio |0.0.7.0 |bulb | +|CA Secure Browser |14.0.0 |Cambium Development | +|Cisco Umbrella |3.0.110.0 |Cisco | +|Dragon Professional Individual |15.00.100 |Nuance Communications| +|DRC INSIGHT Online Assessments |12.0.0.0 |DRC | +|e-Speaking Voice and Speech recognition|4.4.0.8 |e-speaking | +|Free NaturalReader |16.1.2 |Natural Soft | +|GoGuardian |1.4.4 |GoGuardian | +|Google Chrome |97.0.4692.71 |Google | +|Jaws for Windows |2022.2112.24 ILM|Freedom Scientific | +|Kortext |2.3.418.0 |Kortext | +|LanSchool |9.1.0.46 |Stoneware | +|Lightspeed Smart Agent |1.9.1 |Lightspeed Systems | +|Mozilla Firefox |96.0.2 |Mozilla | +|NextUp Talker |1.0.49 |NextUp Technologies | +|NonVisual Desktop Access |2021.3.1 |NV Access | +|NWEA Secure Testing Browser |5.4.300.0 |NEWA | +|Proctorio |1 |Proctorio | +|Secure Browser |4.8.3.376 |Questar, Inc | +|Read&Write for Windows (US English) |12.0.60.0 |Texthelp Ltd. | +|Respondus Lockdown Browser |2.0.8.03 |Respondus | +|TestNav |1.10.2.0 |Pearson Education Inc| +|SecureBrowser |14.0.0 |Cambium Development | +|Zoom |5.9.1 (2581) |Zoom | --- From 329e4bcfa2775181b20657b4d35bda4913cf73df Mon Sep 17 00:00:00 2001 From: ansonhsho Date: Thu, 3 Feb 2022 23:44:59 -0800 Subject: [PATCH 03/10] Update windows-11-se-overview.md --- education/windows/windows-11-se-overview.md | 1 - 1 file changed, 1 deletion(-) diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md index 474837edb2..0351b9caf7 100644 --- a/education/windows/windows-11-se-overview.md +++ b/education/windows/windows-11-se-overview.md @@ -57,7 +57,6 @@ Windows 11 SE comes with some preinstalled apps. The following apps can also run |NextUp Talker |1.0.49 |NextUp Technologies | |NonVisual Desktop Access |2021.3.1 |NV Access | |NWEA Secure Testing Browser |5.4.300.0 |NEWA | -|Proctorio |1 |Proctorio | |Secure Browser |4.8.3.376 |Questar, Inc | |Read&Write for Windows (US English) |12.0.60.0 |Texthelp Ltd. | |Respondus Lockdown Browser |2.0.8.03 |Respondus | From 3fd6710157fbedd6fcb33f01938bbfec3d7ac5a0 Mon Sep 17 00:00:00 2001 From: GitHubPang <61439577+GitHubPang@users.noreply.github.com> Date: Mon, 7 Feb 2022 11:30:50 +0800 Subject: [PATCH 04/10] Fix typos --- windows/client-management/troubleshoot-tcpip-port-exhaust.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/client-management/troubleshoot-tcpip-port-exhaust.md b/windows/client-management/troubleshoot-tcpip-port-exhaust.md index 7cdbf400e9..8a5e47f439 100644 --- a/windows/client-management/troubleshoot-tcpip-port-exhaust.md +++ b/windows/client-management/troubleshoot-tcpip-port-exhaust.md @@ -24,7 +24,7 @@ There are two types of ports: Clients when connecting to an application or service will make use of an ephemeral port from its machine to connect to a well-known port defined for that application or service. A browser on a client machine will use an ephemeral port to connect to https://www.microsoft.com on port 443. -In a scenario where the same browser is creating a lot of connections to multiple website, for any new connection that the browser is attempting, an ephemeral port is used. After some time, you will notice that the connections will start to fail and one high possibility for this would be because the browser has used all the available ports to make connections outside and any new attempt to establish a connection will fail as there are no more ports available. When all the ports are on a machine are used, we term it as *port exhaustion*. +In a scenario where the same browser is creating a lot of connections to multiple website, for any new connection that the browser is attempting, an ephemeral port is used. After some time, you will notice that the connections will start to fail and one high possibility for this would be because the browser has used all the available ports to make connections outside and any new attempt to establish a connection will fail as there are no more ports available. When all the ports on a machine are used, we term it as *port exhaustion*. ## Default dynamic port range for TCP/IP @@ -95,7 +95,7 @@ If you suspect that the machine is in a state of port exhaustion: ![Screenshot of netstate command output.](images/tcp-ts-20.png) - After a graceful closure or an abrupt closure of a session, after a period of 4 minutes (default), the port used the process or application would be released back to the available pool. During this 4 minutes, the TCP connection state will be TIME_WAIT state. In a situation where you suspect port exhaustion, an application or process will not be able to release all the ports that it has consumed and will remain in the TIME_WAIT state. + After a graceful closure or an abrupt closure of a session, after a period of 4 minutes (default), the port used by the process or application would be released back to the available pool. During this 4 minutes, the TCP connection state will be TIME_WAIT state. In a situation where you suspect port exhaustion, an application or process will not be able to release all the ports that it has consumed and will remain in the TIME_WAIT state. You may also see CLOSE_WAIT state connections in the same output, however CLOSE_WAIT state is a state when one side of the TCP peer has no more data to send (FIN sent) but is able to receive data from the other end. This state does not necessarily indicate port exhaustion. From abf491e3d81fc7899731b3872179398f21acab7c Mon Sep 17 00:00:00 2001 From: GitHubPang <61439577+GitHubPang@users.noreply.github.com> Date: Mon, 7 Feb 2022 16:46:46 +0800 Subject: [PATCH 05/10] Update windows/client-management/troubleshoot-tcpip-port-exhaust.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- windows/client-management/troubleshoot-tcpip-port-exhaust.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/troubleshoot-tcpip-port-exhaust.md b/windows/client-management/troubleshoot-tcpip-port-exhaust.md index 8a5e47f439..91707bb524 100644 --- a/windows/client-management/troubleshoot-tcpip-port-exhaust.md +++ b/windows/client-management/troubleshoot-tcpip-port-exhaust.md @@ -24,7 +24,7 @@ There are two types of ports: Clients when connecting to an application or service will make use of an ephemeral port from its machine to connect to a well-known port defined for that application or service. A browser on a client machine will use an ephemeral port to connect to https://www.microsoft.com on port 443. -In a scenario where the same browser is creating a lot of connections to multiple website, for any new connection that the browser is attempting, an ephemeral port is used. After some time, you will notice that the connections will start to fail and one high possibility for this would be because the browser has used all the available ports to make connections outside and any new attempt to establish a connection will fail as there are no more ports available. When all the ports on a machine are used, we term it as *port exhaustion*. +In a scenario where the same browser is creating a lot of connections to multiple websites, for any new connection that the browser is attempting, an ephemeral port is used. After some time, you will notice that the connections will start to fail and one high possibility for this would be because the browser has used all the available ports to make connections outside and any new attempt to establish a connection will fail as there are no more ports available. When all the ports on a machine are used, we term it as *port exhaustion*. ## Default dynamic port range for TCP/IP From 7ed625814f22503331819a84943d3de899bcd17d Mon Sep 17 00:00:00 2001 From: ansonhsho Date: Mon, 7 Feb 2022 08:34:41 -0800 Subject: [PATCH 06/10] Adding additional set of applications --- education/windows/windows-11-se-overview.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md index 0351b9caf7..0848e6c0c3 100644 --- a/education/windows/windows-11-se-overview.md +++ b/education/windows/windows-11-se-overview.md @@ -50,6 +50,7 @@ Windows 11 SE comes with some preinstalled apps. The following apps can also run |GoGuardian |1.4.4 |GoGuardian | |Google Chrome |97.0.4692.71 |Google | |Jaws for Windows |2022.2112.24 ILM|Freedom Scientific | +|Kite Student Portal | 8.0.1 | Dynamic Learning Maps| |Kortext |2.3.418.0 |Kortext | |LanSchool |9.1.0.46 |Stoneware | |Lightspeed Smart Agent |1.9.1 |Lightspeed Systems | @@ -57,13 +58,16 @@ Windows 11 SE comes with some preinstalled apps. The following apps can also run |NextUp Talker |1.0.49 |NextUp Technologies | |NonVisual Desktop Access |2021.3.1 |NV Access | |NWEA Secure Testing Browser |5.4.300.0 |NEWA | -|Secure Browser |4.8.3.376 |Questar, Inc | |Read&Write for Windows (US English) |12.0.60.0 |Texthelp Ltd. | +|Safe Exam Broswer |3.3.1 |Safe Exam Broswer | +|Secure Browser |4.8.3.376 |Questar, Inc | +|SuperNova Magnifier & Screen Reader | 20.03 | Dolphin Computer Access | +|SuperNova Magnifier & Speech | 20.03 | Dolphin Computer Access | |Respondus Lockdown Browser |2.0.8.03 |Respondus | |TestNav |1.10.2.0 |Pearson Education Inc| |SecureBrowser |14.0.0 |Cambium Development | |Zoom |5.9.1 (2581) |Zoom | - +|ZoomText Magnifier/Reader |2022.2109.25ILM | AI Squared | --- ### Enabled apps From cd9d3755f84ec3ed174432207c928f21577ed1cb Mon Sep 17 00:00:00 2001 From: Laura Newsad Date: Mon, 7 Feb 2022 11:53:31 -0500 Subject: [PATCH 07/10] Update windows-11-se-overview.md Fixed table formatting --- education/windows/windows-11-se-overview.md | 55 ++++++++++----------- 1 file changed, 27 insertions(+), 28 deletions(-) diff --git a/education/windows/windows-11-se-overview.md b/education/windows/windows-11-se-overview.md index 0848e6c0c3..e0d992618e 100644 --- a/education/windows/windows-11-se-overview.md +++ b/education/windows/windows-11-se-overview.md @@ -37,38 +37,37 @@ Windows 11 SE is only available preinstalled on devices from OEMs. The OEM insta Windows 11 SE comes with some preinstalled apps. The following apps can also run on Windows 11 SE, and are deployed using the [Intune for Education portal](https://intuneeducation.portal.azure.com). For more information, see [Manage devices running Windows 11 SE](/intune-education/windows-11-se-overview). ---- + | Application | Supported version | Vendor | | --- | --- | --- | -|Blub Digital Portoflio |0.0.7.0 |bulb | -|CA Secure Browser |14.0.0 |Cambium Development | -|Cisco Umbrella |3.0.110.0 |Cisco | +|Blub Digital Portoflio |0.0.7.0 |bulb| +|CA Secure Browser |14.0.0 |Cambium Development| +|Cisco Umbrella |3.0.110.0 |Cisco| |Dragon Professional Individual |15.00.100 |Nuance Communications| -|DRC INSIGHT Online Assessments |12.0.0.0 |DRC | -|e-Speaking Voice and Speech recognition|4.4.0.8 |e-speaking | -|Free NaturalReader |16.1.2 |Natural Soft | -|GoGuardian |1.4.4 |GoGuardian | -|Google Chrome |97.0.4692.71 |Google | -|Jaws for Windows |2022.2112.24 ILM|Freedom Scientific | -|Kite Student Portal | 8.0.1 | Dynamic Learning Maps| -|Kortext |2.3.418.0 |Kortext | -|LanSchool |9.1.0.46 |Stoneware | -|Lightspeed Smart Agent |1.9.1 |Lightspeed Systems | -|Mozilla Firefox |96.0.2 |Mozilla | -|NextUp Talker |1.0.49 |NextUp Technologies | -|NonVisual Desktop Access |2021.3.1 |NV Access | -|NWEA Secure Testing Browser |5.4.300.0 |NEWA | -|Read&Write for Windows (US English) |12.0.60.0 |Texthelp Ltd. | -|Safe Exam Broswer |3.3.1 |Safe Exam Broswer | -|Secure Browser |4.8.3.376 |Questar, Inc | -|SuperNova Magnifier & Screen Reader | 20.03 | Dolphin Computer Access | -|SuperNova Magnifier & Speech | 20.03 | Dolphin Computer Access | -|Respondus Lockdown Browser |2.0.8.03 |Respondus | +|DRC INSIGHT Online Assessments |12.0.0.0 |DRC| +|e-Speaking Voice and Speech recognition|4.4.0.8 |e-speaking| +|Free NaturalReader |16.1.2 |Natural Soft| +|GoGuardian |1.4.4 |GoGuardian| +|Google Chrome |97.0.4692.71 |Google| +|Jaws for Windows |2022.2112.24 ILM|Freedom Scientific| +|Kite Student Portal |8.0.1|Dynamic Learning Maps| +|Kortext |2.3.418.0 |Kortext| +|LanSchool |9.1.0.46 |Stoneware| +|Lightspeed Smart Agent |1.9.1 |Lightspeed Systems| +|Mozilla Firefox |96.0.2 |Mozilla| +|NextUp Talker |1.0.49 |NextUp Technologies| +|NonVisual Desktop Access |2021.3.1 |NV Access| +|NWEA Secure Testing Browser |5.4.300.0 |NEWA| +|Read&Write for Windows (US English) |12.0.60.0 |Texthelp Ltd.| +|Safe Exam Broswer |3.3.1 |Safe Exam Broswer| +|Secure Browser |4.8.3.376 |Questar, Inc| +|SuperNova Magnifier & Screen Reader | 20.03 |Dolphin Computer Access| +|SuperNova Magnifier & Speech | 20.03 |Dolphin Computer Access| +|Respondus Lockdown Browser |2.0.8.03 |Respondus| |TestNav |1.10.2.0 |Pearson Education Inc| -|SecureBrowser |14.0.0 |Cambium Development | -|Zoom |5.9.1 (2581) |Zoom | -|ZoomText Magnifier/Reader |2022.2109.25ILM | AI Squared | ---- +|SecureBrowser |14.0.0 |Cambium Development| +|Zoom |5.9.1 (2581) |Zoom| +|ZoomText Magnifier/Reader |2022.2109.25ILM | AI Squared| ### Enabled apps From 23e53bf0889b1734578be1fd9c2703f532f0eb48 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 7 Feb 2022 16:17:12 -0800 Subject: [PATCH 08/10] Update troubleshoot-tcpip-port-exhaust.md --- windows/client-management/troubleshoot-tcpip-port-exhaust.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/troubleshoot-tcpip-port-exhaust.md b/windows/client-management/troubleshoot-tcpip-port-exhaust.md index 91707bb524..c101682206 100644 --- a/windows/client-management/troubleshoot-tcpip-port-exhaust.md +++ b/windows/client-management/troubleshoot-tcpip-port-exhaust.md @@ -7,7 +7,7 @@ ms.topic: troubleshooting author: dansimp ms.localizationpriority: medium ms.author: dansimp -ms.date: 12/06/2018 +ms.date: 02/07/2022 ms.reviewer: manager: dansimp ms.collection: highpri From cb0fc7c6440ef12d27994c987936c6171b2fd9b9 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 7 Feb 2022 16:20:04 -0800 Subject: [PATCH 09/10] Update troubleshoot-tcpip-port-exhaust.md --- .../troubleshoot-tcpip-port-exhaust.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/client-management/troubleshoot-tcpip-port-exhaust.md b/windows/client-management/troubleshoot-tcpip-port-exhaust.md index c101682206..fa586e616b 100644 --- a/windows/client-management/troubleshoot-tcpip-port-exhaust.md +++ b/windows/client-management/troubleshoot-tcpip-port-exhaust.md @@ -22,7 +22,7 @@ There are two types of ports: - *Ephemeral ports*, which are usually dynamic ports, are the set of ports that every machine by default will have them to make an outbound connection. - *Well-known ports* are the defined port for a particular application or service. For example, file server service is on port 445, HTTPS is 443, HTTP is 80, and RPC is 135. Custom application will also have their defined port numbers. -Clients when connecting to an application or service will make use of an ephemeral port from its machine to connect to a well-known port defined for that application or service. A browser on a client machine will use an ephemeral port to connect to https://www.microsoft.com on port 443. +When connecting to an application or service, client devices use an ephemeral port from the device to connect to a well-known port defined for that application or service. A browser on a client machine will use an ephemeral port to connect to `https://www.microsoft.com` on port 443. In a scenario where the same browser is creating a lot of connections to multiple websites, for any new connection that the browser is attempting, an ephemeral port is used. After some time, you will notice that the connections will start to fail and one high possibility for this would be because the browser has used all the available ports to make connections outside and any new attempt to establish a connection will fail as there are no more ports available. When all the ports on a machine are used, we term it as *port exhaustion*. @@ -97,14 +97,14 @@ If you suspect that the machine is in a state of port exhaustion: After a graceful closure or an abrupt closure of a session, after a period of 4 minutes (default), the port used by the process or application would be released back to the available pool. During this 4 minutes, the TCP connection state will be TIME_WAIT state. In a situation where you suspect port exhaustion, an application or process will not be able to release all the ports that it has consumed and will remain in the TIME_WAIT state. - You may also see CLOSE_WAIT state connections in the same output, however CLOSE_WAIT state is a state when one side of the TCP peer has no more data to send (FIN sent) but is able to receive data from the other end. This state does not necessarily indicate port exhaustion. + You might also see CLOSE_WAIT state connections in the same output; however, CLOSE_WAIT state is a state when one side of the TCP peer has no more data to send (FIN sent) but is able to receive data from the other end. This state does not necessarily indicate port exhaustion. - >[!Note] - >Having huge connections in TIME_WAIT state does not always indicate that the server is currently out of ports unless the first two points are verified. Having lot of TIME_WAIT connections does indicate that the process is creating lot of TCP connections and may eventually lead to port exhaustion. + > [!Note] + > Having huge connections in TIME_WAIT state does not always indicate that the server is currently out of ports unless the first two points are verified. Having lot of TIME_WAIT connections does indicate that the process is creating lot of TCP connections and may eventually lead to port exhaustion. > - >Netstat has been updated in Windows 10 with the addition of the **-Q** switch to show ports that have transitioned out of time wait as in the BOUND state. An update for Windows 8.1 and Windows Server 2012 R2 has been released that contains this functionality. The PowerShell cmdlet `Get-NetTCPConnection` in Windows 10 also shows these BOUND ports. + > Netstat has been updated in Windows 10 with the addition of the **-Q** switch to show ports that have transitioned out of time wait as in the BOUND state. An update for Windows 8.1 and Windows Server 2012 R2 has been released that contains this functionality. The PowerShell cmdlet `Get-NetTCPConnection` in Windows 10 also shows these BOUND ports. > - >Until 10/2016, netstat was inaccurate. Fixes for netstat, back-ported to 2012 R2, allowed Netstat.exe and Get-NetTcpConnection to correctly report TCP or UDP port usage in Windows Server 2012 R2. See [Windows Server 2012 R2: Ephemeral ports hotfixes](https://support.microsoft.com/help/3123245/update-improves-port-exhaustion-identification-in-windows-server-2012) to learn more. + > Until 10/2016, netstat was inaccurate. Fixes for netstat, back-ported to 2012 R2, allowed Netstat.exe and Get-NetTcpConnection to correctly report TCP or UDP port usage in Windows Server 2012 R2. See [Windows Server 2012 R2: Ephemeral ports hotfixes](https://support.microsoft.com/help/3123245/update-improves-port-exhaustion-identification-in-windows-server-2012) to learn more. 4. Open a command prompt in admin mode and run the below command From a3fcb160e20d856c36fda227d0d250bf49a76206 Mon Sep 17 00:00:00 2001 From: Diana Hanson Date: Tue, 8 Feb 2022 11:18:26 -0700 Subject: [PATCH 10/10] Update troubleshoot-tcpip-port-exhaust.md sync pr https://github.com/MicrosoftDocs/windows-docs-pr/pull/6269 fix acro typo --- windows/client-management/troubleshoot-tcpip-port-exhaust.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/troubleshoot-tcpip-port-exhaust.md b/windows/client-management/troubleshoot-tcpip-port-exhaust.md index fa586e616b..638044c3aa 100644 --- a/windows/client-management/troubleshoot-tcpip-port-exhaust.md +++ b/windows/client-management/troubleshoot-tcpip-port-exhaust.md @@ -164,7 +164,7 @@ Steps to use Process explorer: Finally, if the above methods did not help you isolate the process, we suggest you collect a complete memory dump of the machine in the issue state. The dump will tell you which process has the maximum handles. -As a workaround, rebooting the computer will get the it back in normal state and would help you resolve the issue for the time being. However, when a reboot is impractical, you can also consider increasing the number of ports on the machine using the below commands: +As a workaround, rebooting the computer will get it back in normal state and would help you resolve the issue for the time being. However, when a reboot is impractical, you can also consider increasing the number of ports on the machine using the below commands: ```console netsh int ipv4 set dynamicport tcp start=10000 num=1000