deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 02:43:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'refs/remotes/origin/master' into jdvpn

Browse Source
This commit is contained in:
jdeckerMS
2016-09-30 13:42:38 -07:00
parent 20b7a2128d 06e7f60eaf
commit e8aa7f0632
8 changed files with 17 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
windows/deploy/change-history-for-deploy-windows-10.md
View File

@ -15,6 +15,9 @@ This topic lists new and updated topics in the [Deploy Windows 10](index.md) doc
| New or changed topic | Description |
|----------------------|-------------|
| [Windows 10 Enterprise E3 in CSP Overview](windows-10-enterprise-e3-overview.md) | New |
| [Get started with Upgrade Analytics](upgrade-analytics-get-started.md) | Updated with prerequisites for site discovery |
| [Resolve application and driver issues](upgrade-analytics-resolve-issues.md) | Updated with app status info for Ready For Windows |
| [Review site discovery](upgrade-analytics-review-site-discovery.md) | New |
## RELEASE: Windows 10, version 1607

3
windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md
View File

@ -92,9 +92,10 @@ By default MDT stores the log files locally on the client. In order to capture a
1. On MDT01, log on as **CONTOSO\\Administrator**.
2. Create and share the **E:\\Logs** folder by running the following commands in an elevated Windows PowerShell prompt:
``` syntax
New-Item -Path E:\Logs -ItemType directory
New-SmbShare ?Name Logs$ ?Path E:\Logs -ChangeAccess EVERYONE
New-SmbShare -Name Logs$ -Path E:\Logs -ChangeAccess EVERYONE
icacls E:\Logs /grant '"MDT_BA":(OI)(CI)(M)'
```

2
windows/keep-secure/change-history-for-keep-windows-10-secure.md
View File

@ -20,7 +20,7 @@ This topic lists new and updated topics in the [Keep Windows 10 secure](index.md
|[Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-wip-policy-using-intune.md) |Updated the networking table to clarify details around Enterprise Cloud Resources and Enterprise Proxy Servers. |
|[Create and deploy a Windows Information Protection (WIP) policy using System Center Configuration Manager](create-wip-policy-using-sccm.md) |Updated the networking table to clarify details around Enterprise Cloud Resources and Enterprise Proxy Servers. |
| [Implement Windows Hello for Business in your organization](implement-microsoft-passport-in-your-organization.md) | Clarified how convenience PIN works in Windows 10, version 1607, on domain-joined PCs |
| [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md) | Corrected certreq ezxample and added a new Windows PowerShell example for creating a self-signed certficate |
| [BitLocker: How to enable Network Unlock](bitlocker-how-to-enable-network-unlock.md) | Corrected certreq example and added a new Windows PowerShell example for creating a self-signed certificate |
## August 2016
|New or changed topic | Description |

8
windows/keep-secure/remote-credential-guard.md
View File

@ -35,7 +35,6 @@ The Remote Desktop client and server must meet the following requirements in ord
- They must be running at least Windows 10, version 1607 or Windows Server 2016.
- The Remote Desktop classic Windows app is required. The Remote Desktop Universal Windows Platform app doesn't support Remote Credential Guard.
## Enable Remote Credential Guard
You must enable Remote Credential Guard on the target device by using the registry.
@ -60,12 +59,13 @@ You can use Remote Credential Guard on the client device by setting a Group Poli
1. From the Group Policy Management Console, go to **Computer Configuration** -> **Administrative Templates** -> **System** -> **Credentials Delegation**.
2. Double-click **Restrict delegation of credentials to remote servers**.
3. In the **Use the following restricted mode** box:
- If you want to require either [Restricted Admin mode](http://social.technet.microsoft.com/wiki/contents/articles/32905.how-to-enable-restricted-admin-mode-for-remote-desktop.aspx) or Remote Credential Guard, choose **Require Remote Credential Guard**. In this configuration, Remote Credential Guard is preferred, but it will use Restricted Admin mode (if supported) when Remote Credential Guard cannot be used.
3. Under **Use the following restricted mode**:
- If you want to require either [Restricted Admin mode](http://social.technet.microsoft.com/wiki/contents/articles/32905.how-to-enable-restricted-admin-mode-for-remote-desktop.aspx) or Remote Credential Guard, choose **Prefer Remote Credential Guard**. In this configuration, Remote Credential Guard is preferred, but it will use Restricted Admin mode (if supported) when Remote Credential Guard cannot be used.
> **Note:** Neither Remote Credential Guard nor Restricted Admin mode will send credentials in clear text to the Remote Desktop server.
- If you want to allow Remote Credential Guard, choose **Prefer Remote Credential Guard**.
- If you want to require Remote Credential Guard, choose **Require Remote Credential Guard**. With this setting, a Remote Desktop connection will succeed only if the remote computer meets the [Hardware and software requirements](#hardware-and-software-requirements) listed earlier in this topic.
4. Click **OK**.
![Remote Credential Guard Group Policy](images/remote-credential-guard-gp.png)

4
windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
View File

@ -270,11 +270,11 @@ Fonts that are included in Windows but that are not stored on the local device c
If you're running Windows 10, version 1607 or Windows Server 2016, disable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Network** > **Fonts** > **Enable Font Providers**.
If you're running Windows 10, version 1507 or Windows 10, version 1511, create a REG\_DWORD registry setting called **DisableFontProviders** in **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\FontCache\\Parameters**, with a value of 1.
> [!NOTE]
> After you apply this policy, you must restart the device for it to take effect.
If you're running Windows 10, version 1507 or Windows 10, version 1511, create a REG\_DWORD registry setting called **DisableFontProviders** in **HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Services\\FontCache\\Parameters**, with a value of 1.
### <a href="" id="bkmk-previewbuilds"></a>6. Insider Preview builds

2
windows/manage/mandatory-user-profile.md
View File

@ -18,7 +18,7 @@ author: jdeckerMS
> [!NOTE]
> When a mandatory profile is applied to a PC running Windows 10, version 1511, some features such as Universal Windows Platform (UWP) apps, the Start menu, Cortana, and Search, will not work correctly. This will be fixed in a future update.
A mandatory user profile is a roaming user profile that has been pre-configured by an administrators to specify settings for users. Settings commonly defined in a mandatory profile include (but are not limited to): icons that appear on the desktop, desktop backgrounds, user preferences in Control Panel, printer selections, and more. Configuration changes made during a user's session that are normally saved to a roaming user profile are not saved when a mandatory user profile is assigned.
A mandatory user profile is a roaming user profile that has been pre-configured by an administrator to specify settings for users. Settings commonly defined in a mandatory profile include (but are not limited to): icons that appear on the desktop, desktop backgrounds, user preferences in Control Panel, printer selections, and more. Configuration changes made during a user's session that are normally saved to a roaming user profile are not saved when a mandatory user profile is assigned.
Mandatory user profiles are useful when standardization is important, such as on a kiosk device or in educational settings. Only system administrators can make changes to mandatory user profiles.

2
windows/whats-new/whats-new-windows-10-version-1507-and-1511.md
View File

@ -197,7 +197,7 @@ Event ID 6416 has been added to track when an external device is detected throug
The following sections describe the new and changed functionality in the TPM for Windows 10:
- [Device health attestation](#bkmk-dha)
- [Microsoft Passport](microsoft-passport.md) support
- [Device Guard](device-guard-overview.md) support
- [Device Guard](../keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies.md) support
- [Credential Guard](../keep-secure/credential-guard.md) support
### <a href="" id="bkmk-dha"></a>Device health attestation