deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Acrolinx score improvement effort

Browse Source
This commit is contained in:
Siddarth Mandalika 2022-01-17 11:36:05 +05:30
parent 48f678b7cd
commit eafb51f24a
3 changed files with 31 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
windows/client-management/includes/provision-favorites-shortdesc.md
View File

@ -3,9 +3,17 @@ author: dansimp
ms.author: dansimp ms.author: dansimp
ms.date: 10/02/2018 ms.date: 10/02/2018
ms.reviewer: ms.reviewer:
audience: itpro manager: dansimp audience: itpro
manager: dansimp
ms.prod: edge ms.prod: edge
ms.topic: include ms.topic: include
--- ---
By default, users can customize the Favorites list in Microsoft Edge. With this policy though, you provision a standard list of favorites, which can include folders, to appear in the Favorites list in addition to the users favorites. Edge. Once you provision the Favorites list, users cannot customize it, such as adding folders for organizing, and adding or removing any of the favorites configured. By default, you can customize the Favorites list in the Microsoft Edge browser. Whatever you customize becomes the standard list.
> [!NOTE]
> The standard list of favorites can include folders.
The favorites that you add also become part of this standard list.
Once your customized Favorites list appears in the Microsoft Edge browser, you cannot customize it again, such as adding folders for organizing, and adding or removing any of the favorites configured.

2
windows/client-management/introduction-page-file.md
View File

@ -35,7 +35,7 @@ For example, the following Windows servers require page files:
- Certificate servers - Certificate servers
- ADAM/LDS servers - ADAM/LDS servers
This is because the algorithm of the database cache for Extensible Storage Engine (ESENT, or ESE for Microsoft Exchange Server) depends on the "\Memory\Transition Pages RePurposed/sec" performance monitor counter. A page file is required to make sure that the database cache can release memory if other services or applications request memory. This requirement is because the algorithm of the database cache for Extensible Storage Engine (ESENT, or ESE for Microsoft Exchange Server) depends on the "\Memory\Transition Pages RePurposed/sec" performance monitor counter. A page file is required to ensure that the database cache can release memory if other services or applications request memory.
For Windows Server 2012 Hyper-V and Windows Server 2012 R2 Hyper-V, the page file of the management OS (commonly called the host OS) should be left at the default of setting of "System Managed". For Windows Server 2012 Hyper-V and Windows Server 2012 R2 Hyper-V, the page file of the management OS (commonly called the host OS) should be left at the default of setting of "System Managed".

21
windows/client-management/mdm/disconnecting-from-mdm-unenrollment.md
View File

@ -1,6 +1,6 @@
--- ---
title: Disconnecting from the management infrastructure (unenrollment) title: Disconnecting from the management infrastructure (unenrollment)
description: Disconnecting may be initiated either locally by the user from the phone or remotely by the IT admin using management server. description: Disconnecting is initiated either locally by the user using a phone or remotely by the IT admin using management server.
MS-HAID: MS-HAID:
- 'p\_phdevicemgmt.disconnecting\_from\_the\_management\_infrastructure\_\_unenrollment\_' - 'p\_phdevicemgmt.disconnecting\_from\_the\_management\_infrastructure\_\_unenrollment\_'
- 'p\_phDeviceMgmt.disconnecting\_from\_mdm\_unenrollment' - 'p\_phDeviceMgmt.disconnecting\_from\_mdm\_unenrollment'
@ -18,15 +18,16 @@ ms.date: 06/26/2017
# Disconnecting from the management infrastructure (unenrollment) # Disconnecting from the management infrastructure (unenrollment)
Disconnecting may be initiated either locally by the user from the phone or remotely by the IT admin using management server. User-initiated disconnection is performed much like the initial connection, and it is initiated from the same location in the Setting Control Panel as creating the workplace account. Users may choose to disconnect for any number of reasons, including leaving the company or getting a new device and no longer needing access to their LOB apps on the old device. When an administrator initiates a disconnection, the enrollment client performs the disconnection during its next regular maintenance session. Administrators may choose to disconnect a users device after theyve left the company or because the device is regularly failing to comply with the organizations security settings policy. The Disconnecting process is done either locally by the user who uses a phone or remotely by the IT administrator using management server. The user-initiated disconnection process is similar to the initial connection, wherein its initiation is from the same location in the Setting Control Panel as creating the workplace account.
The users choose to disconnect for any number of reasons, such as the ones described below: leaving the company or getting a new device or not needing access to their LOB apps on the old device, anymore. When an IT administrator initiates a disconnection, the enrollment client performs the disconnection during the next regular maintenance session. Administrators choose to disconnect users' device after theyve left the company or because the device is regularly failing to comply with the organizations security settings policy.
During disconnection, the client does the following: During disconnection, the client executes the following tasks:
- Removes the enterprise application token that allowed installing and running LOB apps. Any business applications associated with this enterprise token are removed as well. - Removes the enterprise application token that allowed installing and running LOB apps. Any business applications associated with this enterprise token are removed as well.
- Removes certificates that are configured by MDM server. - Removes certificates that are configured by MDM server.
- Ceases enforcement of the settings policies that the management infrastructure has applied. - Ceases enforcement of the settings policies applied by the management infrastructure.
- Removes the device management client configuration and other setting configuration added by MDM server, including the scheduled maintenance task. The client remains dormant unless the user reconnects it to the management infrastructure. - Removes the device management client configuration and other setting configuration added by MDM server, including the scheduled maintenance task. The client remains dormant unless the user reconnects it to the management infrastructure.
- Reports successful initiated disassociation to the management infrastructure if the admin initiated the process. Note that in Windows, user-initiated disassociation is reported to the server as a best effort. - Reports successfully initiated disassociation to the management infrastructure if the admin initiated the process. In Windows, a user-initiated disassociation is reported to the server as a best effort.
## In this topic ## In this topic
@ -40,7 +41,7 @@ During disconnection, the client does the following:
## User-initiated disconnection ## User-initiated disconnection
In Windows, after the user confirms the account deletion command and before the account is deleted, the MDM client will send a notification to the MDM server notifying that the server the account will be removed. This is a best effort action as no retry is built-in to ensure the notification is successfully sent to the device. In Windows, after the user confirms the account deletion command and before the account is deleted, the MDM client will notify to the MDM server that the account will be removed. This is a best-effort action as no retry is built-in to ensure the notification is successfully sent to the device.
This action utilizes the OMA DM generic alert 1226 function to send a user an MDM unenrollment user alert to the MDM server after the device accepts the user unenrollment request, but before it deletes any enterprise data. The server should set the expectation that unenrollment may succeed or fail, and the server can check whether the device is unenrolled by either checking whether the device calls back at scheduled time or by sending a push notification to the device to see whether it responds back. If the server plans to send a push notification, it should allow for some delay to give the device the time to complete the unenrollment work. This action utilizes the OMA DM generic alert 1226 function to send a user an MDM unenrollment user alert to the MDM server after the device accepts the user unenrollment request, but before it deletes any enterprise data. The server should set the expectation that unenrollment may succeed or fail, and the server can check whether the device is unenrolled by either checking whether the device calls back at scheduled time or by sending a push notification to the device to see whether it responds back. If the server plans to send a push notification, it should allow for some delay to give the device the time to complete the unenrollment work.
@ -126,7 +127,7 @@ When the server initiates disconnection, all undergoing sessions for the enrollm
If the user is enrolled into MDM using an Azure Active Directory (AAD Join or by adding a Microsoft work account), the MDM account will show up under the Work Access page. However, the **Disconnect** button is greyed out and not accessible. Users can remove that MDM account by removing the AAD association to the device. If the user is enrolled into MDM using an Azure Active Directory (AAD Join or by adding a Microsoft work account), the MDM account will show up under the Work Access page. However, the **Disconnect** button is greyed out and not accessible. Users can remove that MDM account by removing the AAD association to the device.
You can only use the Work Access page to unenroll under the following conditions: You can only use the Work Access page to un-enroll under the following conditions:
- Enrollment was done using bulk enrollment. - Enrollment was done using bulk enrollment.
- Enrollment was created using the Work Access page. - Enrollment was created using the Work Access page.
@ -135,11 +136,11 @@ You can only use the Work Access page to unenroll under the following conditions
<a href="" id="dataloss"></a> <a href="" id="dataloss"></a>
## Unenrollment from Azure Active Directory Join ## Unenrollment from Azure Active Directory Join
When a user is enrolled into MDM through Azure Active Directory Join and then disconnects the enrollment, there is no warning that the user will lose Windows Information Protection (WIP) data. The disconnection message does not indicate the loss of WIP data. When a user is enrolled into MDM through Azure Active Directory Join and later, the enrollment disconnects, there is no warning that the user will lose Windows Information Protection (WIP) data. The disconnection message does not indicate the loss of WIP data.
![aadj unenerollment.](images/azure-ad-unenrollment.png) ![aadj unenerollment.](images/azure-ad-unenrollment.png)
When a device is enrolled into MDM through Azure Active Directory Join and then remotely unenrolled, the device may get into a state where it must be re-imaged. When devices are remotely unenrolled from MDM, the AAD association is also removed. This safeguard is in place to avoid leaving the corporated devices in unmanaged state. At the time a device is enrolled into MDM through Azure Active Directory Join and then remotely unenrolled, the device may get into a state where it must be reimaged. When devices are remotely unenrolled from MDM, the Azure Active Directory association is also removed. This safeguard is in place to avoid leaving the corporated devices in unmanaged state.
Before remotely unenrolling corporate devices, you must ensure that there is at least one admin user on the device that is not part of the Azure tenant, otherwise the device will not have any admin user after the operation. Before remotely unenrolling corporate devices, you must ensure that there is at least one admin user on the device that is not part of the Azure tenant, otherwise the device will not have any admin user after the operation.
@ -148,7 +149,7 @@ In mobile devices, remote unenrollment for Azure Active Directory Joined devices
<a href="" id="it-admin-requested-disconnection"></a> <a href="" id="it-admin-requested-disconnection"></a>
## IT adminrequested disconnection ## IT adminrequested disconnection
The server requests an enterprise management disconnection request by issuing an Exec OMA DM SyncML XML command to the device using the DMClient configuration service providers Unenroll node during the next client-initiated DM session. The Data tag inside the Exec command should be the value of the provisioned DM server ProviderID. For more information, see the Enterprise-specific DM client configuration topic. The server requests an enterprise management disconnection by issuing an Exec OMA DM SyncML XML command to the device, using the DMClient configuration service providers Unenroll node during the next client-initiated DM session. The Data tag inside the Exec command should be the value of the provisioned DM server ProviderID. For more information, see the Enterprise-specific DMClient configuration topic.
When the disconnection is completed, the user is notified that the device has been disconnected from enterprise management. When the disconnection is completed, the user is notified that the device has been disconnected from enterprise management.