From d52acf881fc3b4921ebd919608f325d5f9a24e1c Mon Sep 17 00:00:00 2001 From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com> Date: Tue, 22 Mar 2022 08:59:46 +0500 Subject: [PATCH 1/5] Update how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md --- ...-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md b/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md index 6298f7d90f..7404c39cfd 100644 --- a/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md +++ b/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md @@ -29,6 +29,9 @@ The credentials are placed in Credential Manager as a "\*Session" credential. A "\*Session" credential implies that it is valid for the current user session. The credentials are also cleaned up when the WiFi or VPN connection is disconnected. +> [!NOTE] +> In Windows 10 version 21h2 or newer, "\*Session" credential is not visible in Credential Manager. + For example, if someone using Microsoft Edge tries to access a domain resource, Microsoft Edge has the right Enterprise Authentication capability. This allows [WinInet](/windows/win32/wininet/wininet-reference) to release the credentials that it gets from the Credential Manager to the SSP that is requesting it. For more information about the Enterprise Authentication capability, see [App capability declarations](/windows/uwp/packaging/app-capability-declarations). @@ -93,4 +96,4 @@ Domain controllers must have appropriate KDC certificates for the client to trus Domain controllers must be using certificates based on the updated KDC certificate template Kerberos Authentication. This requires that all authenticating domain controllers run Windows Server 2016, or you'll need to enable strict KDC validation on domain controllers that run previous versions of Windows Server. -For more information, see [Enabling Strict KDC Validation in Windows Kerberos](https://www.microsoft.com/download/details.aspx?id=6382). \ No newline at end of file +For more information, see [Enabling Strict KDC Validation in Windows Kerberos](https://www.microsoft.com/download/details.aspx?id=6382). From 94220cb25b3b73cb8ae02204b84528c36104126a Mon Sep 17 00:00:00 2001 From: Grzegorz Tworek Date: Tue, 22 Mar 2022 12:27:21 +0100 Subject: [PATCH 2/5] Typo --- .../create-wdac-deny-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md index 8ff7c7eec6..8b9884dc96 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md @@ -26,7 +26,7 @@ In this article we explain: 1. File Rule Precedence Order 2. Adding Allow Rules -3. Singe Policy Considerations +3. Single Policy Considerations 4. Multiple Policy Considerations 5. Best Practices 6. Tutorial From 16b1dda187390223be99ea4cdd9b465972768314 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 22 Mar 2022 12:42:08 -0700 Subject: [PATCH 3/5] Update how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md --- ...-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md b/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md index 7404c39cfd..ee723db1ff 100644 --- a/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md +++ b/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md @@ -6,7 +6,7 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: dansimp -ms.date: 09/23/2021 +ms.date: 03/22/2022 ms.reviewer: manager: dansimp ms.author: dansimp From aa1bf1e5d21ae61f1f32b16e63a2ba7c133abe0b Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 22 Mar 2022 12:42:19 -0700 Subject: [PATCH 4/5] Update windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- ...-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md b/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md index ee723db1ff..f4e8cb2358 100644 --- a/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md +++ b/windows/security/identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md @@ -30,7 +30,7 @@ A "\*Session" credential implies that it is valid for the current user session. The credentials are also cleaned up when the WiFi or VPN connection is disconnected. > [!NOTE] -> In Windows 10 version 21h2 or newer, "\*Session" credential is not visible in Credential Manager. +> In Windows 10, version 21h2 and later, the "\*Session" credential is not visible in Credential Manager. For example, if someone using Microsoft Edge tries to access a domain resource, Microsoft Edge has the right Enterprise Authentication capability. This allows [WinInet](/windows/win32/wininet/wininet-reference) to release the credentials that it gets from the Credential Manager to the SSP that is requesting it. For more information about the Enterprise Authentication capability, see [App capability declarations](/windows/uwp/packaging/app-capability-declarations). From 16f4d4ac25885231e9498cff1c0ea16a2139a682 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 22 Mar 2022 12:43:14 -0700 Subject: [PATCH 5/5] Update create-wdac-deny-policy.md --- .../create-wdac-deny-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md index 8b9884dc96..3203610df6 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy.md @@ -14,7 +14,7 @@ author: jgeurten ms.reviewer: jsuther1974 ms.author: dansimp manager: dansimp -ms.date: 11/29/2021 +ms.date: 03/22/2022 ms.technology: windows-sec ---