From 93cddd6298ba17a98081154f5a85f4fe2ff8faff Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Fri, 21 Jul 2023 12:15:36 -0400
Subject: [PATCH 1/7] Changes for CloudDesktop CSP
---
.openpublishing.redirection.json | 7 +-
.../client-management/mdm/clouddesktop-csp.md | 148 ++++++++++++++++++
.../mdm/clouddesktop-ddf-file.md | 95 +++++++++++
.../mdm/policy-csp-cloudpc.md | 80 ----------
windows/client-management/mdm/toc.yml | 7 +-
5 files changed, 254 insertions(+), 83 deletions(-)
create mode 100644 windows/client-management/mdm/clouddesktop-csp.md
create mode 100644 windows/client-management/mdm/clouddesktop-ddf-file.md
delete mode 100644 windows/client-management/mdm/policy-csp-cloudpc.md
diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 5ec8592f63..ab4337caab 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -20785,6 +20785,11 @@
"redirect_url": "/windows/client-management/mdm/enterprisemodernappmanagement-csp#enterprisemodernappmanagement-xsd",
"redirect_document_id": false
},
+ {
+ "source_path": "windows/client-management/mdm/policy-csp-cloudpc.md",
+ "redirect_url": "/windows/client-management/mdm/clouddesktop-csp",
+ "redirect_document_id": false
+ },
{
"source_path": "education/windows/education-scenarios-store-for-business.md",
"redirect_url": "/windows/resources",
@@ -21934,7 +21939,7 @@
"source_path": "windows/deployment/update/update-compliance-schema-wudostatus.md",
"redirect_url": "/windows/deployment/update/wufb-reports-overview",
"redirect_document_id": false
- },
+ },
{
"source_path": "windows/deployment/update/update-compliance-schema-wudoaggregatedstatus.md",
"redirect_url": "/windows/deployment/update/wufb-reports-overview",
diff --git a/windows/client-management/mdm/clouddesktop-csp.md b/windows/client-management/mdm/clouddesktop-csp.md
new file mode 100644
index 0000000000..ff2a3b57e6
--- /dev/null
+++ b/windows/client-management/mdm/clouddesktop-csp.md
@@ -0,0 +1,148 @@
+---
+title: CloudDesktop CSP
+description: Learn more about the CloudDesktop CSP.
+author: vinaypamnani-msft
+manager: aaroncz
+ms.author: vinpa
+ms.date: 07/21/2023
+ms.localizationpriority: medium
+ms.prod: windows-client
+ms.technology: itpro-manage
+ms.topic: reference
+---
+
+
+
+
+# CloudDesktop CSP
+
+[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)]
+
+
+
+
+
+
+The following list shows the CloudDesktop configuration service provider nodes:
+
+- ./Device/Vendor/MSFT/CloudDesktop
+ - [EnableBootToCloudSharedPCMode](#enableboottocloudsharedpcmode)
+
+
+
+## EnableBootToCloudSharedPCMode
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
❌ Windows SE | ✅ Windows Insider Preview [10.0.22631.2050] |
+
+
+
+```Device
+./Device/Vendor/MSFT/CloudDesktop/EnableBootToCloudSharedPCMode
+```
+
+
+
+
+Setting this node to "true" configures boot to cloud for Shared PC mode. This mode enables users to seamlessly sign-in to a Cloud PC. For using this mode, users must install and configure a Cloud Provider application on their PC and must have a Cloud PC provisioned.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `bool` |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value | false |
+
+
+
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| false (Default) | Not configured. |
+| true | Boot to cloud Shared PC mode enabled. |
+
+
+
+
+
+
+
+
+
+
+## EnableBootToCloudSharedPCMode technical reference
+
+EnableBootToCloudSharedPCMode setting is used to configure **Boot to Cloud** feature for shared user mode. When you enable this setting, multiple policies are applied to achieve the intended behavior.
+
+> [!NOTE]
+> It is recommended not to set any of the policies enforced by this setting to different values, as these policies help provide a smooth UX experience for the **Boot to Cloud** feature for shared user mode.
+
+## MDM Policies
+
+When enabling this mode, these MDM policies are applied for the Device scope (all users):
+
+| Setting | Value | Value Description |
+|----------------------------------------------------------------------------------------------------------------------------|---------|-------------------------------------------------------------|
+| [WindowsLogon/OverrideShellProgram](policy-csp-windowslogon.md#overrideshellprogram) | 1 | Apply Lightweight Shell |
+| [ADMX_CredentialProviders/DefaultCredentialProvider](policy-csp-admx-credentialproviders.md#defaultcredentialprovider) | Enabled | Configures default credential provider to password provider |
+| [ADMX_Logon/DisableExplorerRunLegacy_2](policy-csp-admx-logon.md#disableexplorerrunlegacy_2) | Enabled | Do not process the computer legacy run list |
+| [TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode](policy-csp-textinput.md#enabletouchkeyboardautoinvokeindesktopmode) | 1 | When no keyboard is attached |
+
+## Group Policies
+
+When enabling this mode, these local group policies are configured for all users:
+
+| Policy setting | Status |
+|------------------------------------------------------------------------------------------------------------------------|---------------------------------------|
+| Security Settings/Local Policies/Security Options/User Account Control: Behavior of elevation prompt for standard user | Automatically deny elevation requests |
+| Security Settings/Local Policies/Security Options/Interactive logon: Don't display last signed-in | Enabled |
+| Control Panel/Personalization/Prevent enabling lock screen slide show | Enabled |
+| System/Logon/Block user from showing account details on sign-in | Enabled |
+| System/Logon/Enumerate local users on domain-joined computers | Disabled |
+| System/Logon/Hide entry points for Fast User Switching | Enabled |
+| System/Logon/Show first sign-in animation | Disabled |
+| System/Logon/Turn off app notifications on the lock screen | Enabled |
+| System/Logon/Turn off picture password sign-in | Enabled |
+| System/Logon/Turn on convenience PIN sign-in | Disabled |
+| Windows Components/App Package Deployment/Allow a Windows app to share application data between users | Enabled |
+| Windows Components/Biometrics/Allow the use of biometrics | Disabled |
+| Windows Components/Biometrics/Allow users to log on using biometrics | Disabled |
+| Windows Components/Biometrics/Allow domain users to log on using biometrics | Disabled |
+| Windows Components/File Explorer/Show lock in the user tile menu | Disabled |
+| Windows Components/File History/Turn off File History | Enabled |
+| Windows Components/OneDrive/Prevent the usage of OneDrive for file storage | Enabled |
+| Windows Components/Windows Hello for Business/Use biometrics | Disabled |
+| Windows Components/Windows Hello for Business/Use Windows Hello for Business | Disabled |
+| Windows Components/Windows Logon Options/Sign-in and lock last interactive user automatically after a restart | Disabled |
+| Windows Components/Microsoft Passport for Work | Disabled |
+| System/Ctrl+Alt+Del Options/Remove Task Manager | Enabled |
+| System/Ctrl+Alt+Del Options/Remove Change Password | Enabled |
+| Start Menu and Taskbar/Notifications/Turn off toast notifications | Enabled |
+| Start Menu and Taskbar/Notifications/Remove Notifications and Action Center | Enabled |
+| System/Logon/Do not process the legacy run list | Enabled |
+
+## Registry
+
+When enabling this mode, these registry changes made:
+
+| Registry setting | Status |
+|----------------------------------------------------------------------------------------------|--------|
+| Software\Policies\Microsoft\PassportForWork\Remote\Enabled (Phone sign-in/Use phone sign-in) | 0 |
+| Software\Policies\Microsoft\PassportForWork\Enabled (Use Microsoft Passport for Work) | 0 |
+
+
+
+
+## Related articles
+
+[Configuration service provider reference](configuration-service-provider-reference.md)
diff --git a/windows/client-management/mdm/clouddesktop-ddf-file.md b/windows/client-management/mdm/clouddesktop-ddf-file.md
new file mode 100644
index 0000000000..566e93bccc
--- /dev/null
+++ b/windows/client-management/mdm/clouddesktop-ddf-file.md
@@ -0,0 +1,95 @@
+---
+title: CloudDesktop DDF file
+description: View the XML file containing the device description framework (DDF) for the CloudDesktop configuration service provider.
+author: vinaypamnani-msft
+manager: aaroncz
+ms.author: vinpa
+ms.date: 07/21/2023
+ms.localizationpriority: medium
+ms.prod: windows-client
+ms.technology: itpro-manage
+ms.topic: reference
+---
+
+
+
+# CloudDesktop DDF file
+
+The following XML file contains the device description framework (DDF) for the CloudDesktop configuration service provider.
+
+```xml
+
+]>
+
+ 1.2
+
+
+
+ CloudDesktop
+ ./Device/Vendor/MSFT
+
+
+
+
+ The CloudDesktop configuration service provider is used to configure various Cloud PC related scenarios.
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 22631.2050
+ 1.0
+ 0x4;0x30;0x31;0x7E;0x87;0x88;0x88*;0xA1;0xA2;0xA4;0xA5;0xB4;0xBC;0xBD;0xBF;
+
+
+
+ EnableBootToCloudSharedPCMode
+
+
+
+
+
+
+
+ false
+ Setting this node to "true" configures boot to cloud for Shared PC mode. This mode enables users to seamlessly sign-in to a Cloud PC. For using this mode, users must install and configure a Cloud Provider application on their PC and must have a Cloud PC provisioned.
+
+
+
+
+
+
+
+
+
+ Enable boot to cloud shared PC mode
+
+
+
+
+
+ false
+ Not configured
+
+
+ true
+ Boot to cloud Shared PC mode enabled
+
+
+
+
+
+
+```
+
+## Related articles
+
+[CloudDesktop configuration service provider reference](clouddesktop-csp.md)
diff --git a/windows/client-management/mdm/policy-csp-cloudpc.md b/windows/client-management/mdm/policy-csp-cloudpc.md
deleted file mode 100644
index dd52780e9a..0000000000
--- a/windows/client-management/mdm/policy-csp-cloudpc.md
+++ /dev/null
@@ -1,80 +0,0 @@
----
-title: CloudPC Policy CSP
-description: Learn more about the CloudPC Area in Policy CSP
-author: vinaypamnani-msft
-manager: aaroncz
-ms.author: vinpa
-ms.date: 12/27/2022
-ms.localizationpriority: medium
-ms.prod: windows-client
-ms.technology: itpro-manage
-ms.topic: reference
----
-
-
-
-
-# Policy CSP - CloudPC
-
-
-
-
-
-
-## CloudPCConfiguration
-
-
-| Scope | Editions | Applicable OS |
-|:--|:--|:--|
-| :heavy_check_mark: Device
:x: User | :x: Home
:heavy_check_mark: Pro
:heavy_check_mark: Enterprise
:heavy_check_mark: Education
:heavy_check_mark: Windows SE | :heavy_check_mark: Windows Insider Preview |
-
-
-
-```Device
-./Device/Vendor/MSFT/Policy/Config/CloudPC/CloudPCConfiguration
-```
-
-
-
-
-This policy is used by IT admin to set the configuration mode of cloud PC.
-
-
-
-
-
-
-
-**Description framework properties**:
-
-| Property name | Property value |
-|:--|:--|
-| Format | int |
-| Access Type | Add, Delete, Get, Replace |
-| Default Value | 0 |
-
-
-
-**Allowed values**:
-
-| Value | Description |
-|:--|:--|
-| 0 (Default) | Fast Switching Configuration. |
-| 1 | Boot to cloud PC Configuration. |
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related articles
-
-[Policy configuration service provider](policy-configuration-service-provider.md)
diff --git a/windows/client-management/mdm/toc.yml b/windows/client-management/mdm/toc.yml
index 337d5633e1..a909cac63a 100644
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@@ -384,8 +384,6 @@ items:
href: policy-csp-cellular.md
- name: CloudDesktop
href: policy-csp-clouddesktop.md
- - name: CloudPC
- href: policy-csp-cloudpc.md
- name: Connectivity
href: policy-csp-connectivity.md
- name: ControlPolicyConflict
@@ -631,6 +629,11 @@ items:
items:
- name: ClientCertificateInstall DDF file
href: clientcertificateinstall-ddf-file.md
+ - name: CloudDesktop
+ href: clouddesktop-csp.md
+ items:
+ - name: CloudDesktop DDF file
+ href: clouddesktop-ddf-file.md
- name: CM_CellularEntries
href: cm-cellularentries-csp.md
- name: CMPolicy
From 4d8ba6f13526e02f27ec60051fa1c9a1774144dd Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Fri, 21 Jul 2023 12:26:46 -0400
Subject: [PATCH 2/7] Change header level
---
windows/client-management/mdm/clouddesktop-csp.md | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/windows/client-management/mdm/clouddesktop-csp.md b/windows/client-management/mdm/clouddesktop-csp.md
index ff2a3b57e6..1c3b9604b3 100644
--- a/windows/client-management/mdm/clouddesktop-csp.md
+++ b/windows/client-management/mdm/clouddesktop-csp.md
@@ -87,7 +87,7 @@ EnableBootToCloudSharedPCMode setting is used to configure **Boot to Cloud** fea
> [!NOTE]
> It is recommended not to set any of the policies enforced by this setting to different values, as these policies help provide a smooth UX experience for the **Boot to Cloud** feature for shared user mode.
-## MDM Policies
+### MDM Policies
When enabling this mode, these MDM policies are applied for the Device scope (all users):
@@ -98,7 +98,7 @@ When enabling this mode, these MDM policies are applied for the Device scope (al
| [ADMX_Logon/DisableExplorerRunLegacy_2](policy-csp-admx-logon.md#disableexplorerrunlegacy_2) | Enabled | Do not process the computer legacy run list |
| [TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode](policy-csp-textinput.md#enabletouchkeyboardautoinvokeindesktopmode) | 1 | When no keyboard is attached |
-## Group Policies
+### Group Policies
When enabling this mode, these local group policies are configured for all users:
@@ -131,7 +131,7 @@ When enabling this mode, these local group policies are configured for all users
| Start Menu and Taskbar/Notifications/Remove Notifications and Action Center | Enabled |
| System/Logon/Do not process the legacy run list | Enabled |
-## Registry
+### Registry
When enabling this mode, these registry changes made:
From ee5cc6a8b65cd9c9df94ef17cf72c8328d7abe1c Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Fri, 21 Jul 2023 12:36:49 -0400
Subject: [PATCH 3/7] Acrolinx updates
---
windows/client-management/mdm/clouddesktop-csp.md | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/windows/client-management/mdm/clouddesktop-csp.md b/windows/client-management/mdm/clouddesktop-csp.md
index 1c3b9604b3..fe1d0e8244 100644
--- a/windows/client-management/mdm/clouddesktop-csp.md
+++ b/windows/client-management/mdm/clouddesktop-csp.md
@@ -89,18 +89,18 @@ EnableBootToCloudSharedPCMode setting is used to configure **Boot to Cloud** fea
### MDM Policies
-When enabling this mode, these MDM policies are applied for the Device scope (all users):
+When this mode is enabled, these MDM policies are applied for the Device scope (all users):
| Setting | Value | Value Description |
|----------------------------------------------------------------------------------------------------------------------------|---------|-------------------------------------------------------------|
| [WindowsLogon/OverrideShellProgram](policy-csp-windowslogon.md#overrideshellprogram) | 1 | Apply Lightweight Shell |
| [ADMX_CredentialProviders/DefaultCredentialProvider](policy-csp-admx-credentialproviders.md#defaultcredentialprovider) | Enabled | Configures default credential provider to password provider |
-| [ADMX_Logon/DisableExplorerRunLegacy_2](policy-csp-admx-logon.md#disableexplorerrunlegacy_2) | Enabled | Do not process the computer legacy run list |
+| [ADMX_Logon/DisableExplorerRunLegacy_2](policy-csp-admx-logon.md#disableexplorerrunlegacy_2) | Enabled | Don't process the computer legacy run list |
| [TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode](policy-csp-textinput.md#enabletouchkeyboardautoinvokeindesktopmode) | 1 | When no keyboard is attached |
### Group Policies
-When enabling this mode, these local group policies are configured for all users:
+When this mode is enabled, these local group policies are configured for all users:
| Policy setting | Status |
|------------------------------------------------------------------------------------------------------------------------|---------------------------------------|
@@ -133,7 +133,7 @@ When enabling this mode, these local group policies are configured for all users
### Registry
-When enabling this mode, these registry changes made:
+When this mode is enabled, these registry changes are performed:
| Registry setting | Status |
|----------------------------------------------------------------------------------------------|--------|
From d8a5e51372d140f776a6c26f9ef4f954bbf9ac2d Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 25 Jul 2023 11:31:49 -0400
Subject: [PATCH 4/7] CloudDesktop CSP updates
---
.../client-management/mdm/clouddesktop-csp.md | 9 +--
.../mdm/clouddesktop-ddf-file.md | 8 +--
.../mdm/policy-csp-clouddesktop.md | 65 ++++++++++++++++++-
3 files changed, 73 insertions(+), 9 deletions(-)
diff --git a/windows/client-management/mdm/clouddesktop-csp.md b/windows/client-management/mdm/clouddesktop-csp.md
index fe1d0e8244..cd7ba8c0a9 100644
--- a/windows/client-management/mdm/clouddesktop-csp.md
+++ b/windows/client-management/mdm/clouddesktop-csp.md
@@ -4,7 +4,7 @@ description: Learn more about the CloudDesktop CSP.
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
-ms.date: 07/21/2023
+ms.date: 07/25/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@@ -46,7 +46,7 @@ The following list shows the CloudDesktop configuration service provider nodes:
-Setting this node to "true" configures boot to cloud for Shared PC mode. This mode enables users to seamlessly sign-in to a Cloud PC. For using this mode, users must install and configure a Cloud Provider application on their PC and must have a Cloud PC provisioned.
+Setting this node to "true" configures boot to cloud for Shared PC mode. Boot to cloud mode enables users to seamlessly sign-in to a Cloud PC. Shared PC mode allows multiple users to sign-in on the device and use for shared purpose. For enabling boot to cloud shared pc feature, Cloud Provider application must be installed on the PC and the user must have a Cloud PC provisioned.
@@ -69,7 +69,7 @@ Setting this node to "true" configures boot to cloud for Shared PC mode. This mo
| Value | Description |
|:--|:--|
| false (Default) | Not configured. |
-| true | Boot to cloud Shared PC mode enabled. |
+| true | Boot to cloud shared pc mode enabled. |
@@ -93,9 +93,10 @@ When this mode is enabled, these MDM policies are applied for the Device scope (
| Setting | Value | Value Description |
|----------------------------------------------------------------------------------------------------------------------------|---------|-------------------------------------------------------------|
+| [CloudDesktop/BootToCloudMode](policy-csp-clouddesktop.md#boottocloudmode) | 1 | Enable Boot to Cloud Desktop |
| [WindowsLogon/OverrideShellProgram](policy-csp-windowslogon.md#overrideshellprogram) | 1 | Apply Lightweight Shell |
| [ADMX_CredentialProviders/DefaultCredentialProvider](policy-csp-admx-credentialproviders.md#defaultcredentialprovider) | Enabled | Configures default credential provider to password provider |
-| [ADMX_Logon/DisableExplorerRunLegacy_2](policy-csp-admx-logon.md#disableexplorerrunlegacy_2) | Enabled | Don't process the computer legacy run list |
+| [ADMX_Logon/DisableExplorerRunLegacy_2](policy-csp-admx-logon.md#disableexplorerrunlegacy_2) | Enabled | Don't process the computer legacy run list |
| [TextInput/EnableTouchKeyboardAutoInvokeInDesktopMode](policy-csp-textinput.md#enabletouchkeyboardautoinvokeindesktopmode) | 1 | When no keyboard is attached |
### Group Policies
diff --git a/windows/client-management/mdm/clouddesktop-ddf-file.md b/windows/client-management/mdm/clouddesktop-ddf-file.md
index 566e93bccc..d2884cb925 100644
--- a/windows/client-management/mdm/clouddesktop-ddf-file.md
+++ b/windows/client-management/mdm/clouddesktop-ddf-file.md
@@ -4,7 +4,7 @@ description: View the XML file containing the device description framework (DDF)
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
-ms.date: 07/21/2023
+ms.date: 07/25/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@@ -31,7 +31,7 @@ The following XML file contains the device description framework (DDF) for the C
- The CloudDesktop configuration service provider is used to configure various Cloud PC related scenarios.
+ The CloudDesktop configuration service provider is used to configure different Cloud PC related scenarios.
@@ -60,7 +60,7 @@ The following XML file contains the device description framework (DDF) for the C
false
- Setting this node to "true" configures boot to cloud for Shared PC mode. This mode enables users to seamlessly sign-in to a Cloud PC. For using this mode, users must install and configure a Cloud Provider application on their PC and must have a Cloud PC provisioned.
+ Setting this node to "true" configures boot to cloud for Shared PC mode. Boot to cloud mode enables users to seamlessly sign-in to a Cloud PC. Shared PC mode allows multiple users to sign-in on the device and use for shared purpose. For enabling boot to cloud shared pc feature, Cloud Provider application must be installed on the PC and the user must have a Cloud PC provisioned.
@@ -81,7 +81,7 @@ The following XML file contains the device description framework (DDF) for the C
true
- Boot to cloud Shared PC mode enabled
+ Boot to cloud shared pc mode enabled
diff --git a/windows/client-management/mdm/policy-csp-clouddesktop.md b/windows/client-management/mdm/policy-csp-clouddesktop.md
index 0eecfa5c99..feb431dbee 100644
--- a/windows/client-management/mdm/policy-csp-clouddesktop.md
+++ b/windows/client-management/mdm/policy-csp-clouddesktop.md
@@ -4,7 +4,7 @@ description: Learn more about the CloudDesktop Area in Policy CSP.
author: vinaypamnani-msft
manager: aaroncz
ms.author: vinpa
-ms.date: 05/10/2023
+ms.date: 07/25/2023
ms.localizationpriority: medium
ms.prod: windows-client
ms.technology: itpro-manage
@@ -71,6 +71,69 @@ This policy allows the user to configure the boot to cloud mode. Boot to Cloud m
+
+## SetMaxConnectionTimeout
+
+
+| Scope | Editions | Applicable OS |
+|:--|:--|:--|
+| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
❌ Windows SE | ✅ Windows Insider Preview [10.0.22631.2050] |
+
+
+
+```Device
+./Device/Vendor/MSFT/Policy/Config/CloudDesktop/SetMaxConnectionTimeout
+```
+
+
+
+
+IT admins can use this policy to set the max connection timeout. The connection timeout decides the max wait time for connecting to Cloud PC after sign in. The default max value is 5 min. For best user experience, it's recommended to continue with the default timeout of 5 min. Update only if it takes more than 5 min to connect to the Cloud PC in your organization.
+
+
+
+
+
+
+
+**Description framework properties**:
+
+| Property name | Property value |
+|:--|:--|
+| Format | `int` |
+| Access Type | Add, Delete, Get, Replace |
+| Default Value | 5 |
+
+
+
+**Allowed values**:
+
+| Value | Description |
+|:--|:--|
+| 5 (Default) | 5 min. |
+| 6 | 6 min. |
+| 7 | 7 min. |
+| 8 | 8 min. |
+| 9 | 9 min. |
+| 10 | 10 min. |
+| 11 | 11 min. |
+| 12 | 12 min. |
+| 13 | 13 min. |
+| 14 | 14 min. |
+| 15 | 15 min. |
+| 16 | 16 min. |
+| 17 | 17 min. |
+| 18 | 18 min. |
+| 19 | 19 min. |
+| 20 | 20 min. |
+
+
+
+
+
+
+
+
From 3698d16dcaecdba0aadcbf66440436fc583d34b4 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Wed, 26 Jul 2023 17:00:11 +0200
Subject: [PATCH 5/7] Moved LSA protection TOC
---
windows/security/identity-protection/toc.yml | 2 ++
.../virus-and-threat-protection/toc.yml | 2 --
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/security/identity-protection/toc.yml b/windows/security/identity-protection/toc.yml
index f1d265b8cb..1bd3cfbaef 100644
--- a/windows/security/identity-protection/toc.yml
+++ b/windows/security/identity-protection/toc.yml
@@ -43,6 +43,8 @@ items:
href: ../threat-protection/security-policy-settings/security-policy-settings.md
- name: Advanced credential protection
items:
+ - name: Configuring LSA Protection
+ href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection
- name: Windows Defender Credential Guard
href: credential-guard/toc.yml
- name: Windows Defender Remote Credential Guard
diff --git a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
index db2e521fff..9082efb2be 100644
--- a/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
+++ b/windows/security/operating-system-security/virus-and-threat-protection/toc.yml
@@ -1,8 +1,6 @@
items:
- name: Microsoft Defender Antivirus 🔗
href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
- - name: Configuring LSA Protection
- href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection
preserveContext: true
- name: Attack surface reduction (ASR) 🔗
href: /microsoft-365/security/defender-endpoint/attack-surface-reduction
From df3fbb82abcd564769517d69f3f7c87ef6c73844 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Wed, 26 Jul 2023 17:23:15 +0200
Subject: [PATCH 6/7] Added config lock to TOC
---
windows/security/hardware-security/toc.yml | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/windows/security/hardware-security/toc.yml b/windows/security/hardware-security/toc.yml
index a51e1df964..9af8ea3961 100644
--- a/windows/security/hardware-security/toc.yml
+++ b/windows/security/hardware-security/toc.yml
@@ -48,7 +48,9 @@ items:
href: https://techcommunity.microsoft.com/t5/windows-os-platform-blog/understanding-hardware-enforced-stack-protection/ba-p/1247815
- name: Secured-core PC 🔗
href: /windows-hardware/design/device-experiences/oem-highly-secure-11
+ - name: Secured-core PC configuration lock
+ href: /windows/client-management/config-lock 🔗
- name: Kernel Direct Memory Access (DMA) protection
href: kernel-dma-protection-for-thunderbolt.md
- name: System Guard Secure Launch
- href: system-guard-secure-launch-and-smm-protection.md
+ href: system-guard-secure-launch-and-smm-protection.md
\ No newline at end of file
From 34a631d36a5d682a88eaed31e40c1ed7958e8a3c Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Wed, 26 Jul 2023 17:25:31 +0200
Subject: [PATCH 7/7] renamed data protection --> encryption + data
---
windows/security/operating-system-security/toc.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system-security/toc.yml b/windows/security/operating-system-security/toc.yml
index 8df8195bdd..641a049390 100644
--- a/windows/security/operating-system-security/toc.yml
+++ b/windows/security/operating-system-security/toc.yml
@@ -7,7 +7,7 @@ items:
href: virus-and-threat-protection/toc.yml
- name: Network security
href: network-security/toc.yml
-- name: Data protection
+- name: Encryption and data protection
href: data-protection/toc.yml
- name: Device management
href: device-management/toc.yml
\ No newline at end of file