From 7e621dd7f9fa4472482b53300680c1bfed8be106 Mon Sep 17 00:00:00 2001
From: matt-call <49792205+matt-call@users.noreply.github.com>
Date: Tue, 28 Apr 2020 14:52:59 -0400
Subject: [PATCH 1/8] Update remotewipe-csp.md
More Fixes
---
windows/client-management/mdm/remotewipe-csp.md | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/windows/client-management/mdm/remotewipe-csp.md b/windows/client-management/mdm/remotewipe-csp.md
index bdf604d6d8..3ee8a2cd21 100644
--- a/windows/client-management/mdm/remotewipe-csp.md
+++ b/windows/client-management/mdm/remotewipe-csp.md
@@ -48,16 +48,16 @@ Supported operation is Exec.
Added in Windows 10, version 1709. Exec on this node will perform a remote reset on the device and persist user accounts and data. The return status code shows whether the device accepted the Exec command.
**AutomaticRedeployment**
-Added in Windows 10, next major update. Node for the Autopilot Reset operation.
+Added in Windows 10, version 1809. Node for the Autopilot Reset operation.
**AutomaticRedeployment/doAutomaticRedeployment**
-Added in Windows 10, next major update. Exec on this node triggers Autopilot Reset operation. This works like PC Reset, similar to other existing nodes in this RemoteWipe CSP, except that it keeps the device enrolled in Azure AD and MDM, keeps Wi-Fi profiles, and a few other settings like region, language, keyboard.
+Added in Windows 10, version 1809. Exec on this node triggers Autopilot Reset operation. This works like PC Reset, similar to other existing nodes in this RemoteWipe CSP, except that it keeps the device enrolled in Azure AD and MDM, keeps Wi-Fi profiles, and a few other settings like region, language, keyboard.
**AutomaticRedeployment/LastError**
-Added in Windows 10, next major update. Error value, if any, associated with Autopilot Reset operation (typically an HRESULT).
+Added in Windows 10, version 1809. Error value, if any, associated with Autopilot Reset operation (typically an HRESULT).
**AutomaticRedeployment/Status**
-Added in Windows 10, next major update. Status value indicating current state of an Autopilot Reset operation.
+Added in Windows 10, version 1809. Status value indicating current state of an Autopilot Reset operation.
Supported values:
From 2dc9a5aa3a1ba414e490fd48038ac5be9112d553 Mon Sep 17 00:00:00 2001
From: Ikko Ashimine
Date: Thu, 30 Apr 2020 00:25:14 +0900
Subject: [PATCH 2/8] Fix typo
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Micosoft→Microsoft
---
windows/client-management/mdm/get-offline-license.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/client-management/mdm/get-offline-license.md b/windows/client-management/mdm/get-offline-license.md
index 772d402b87..87699a8b11 100644
--- a/windows/client-management/mdm/get-offline-license.md
+++ b/windows/client-management/mdm/get-offline-license.md
@@ -1,6 +1,6 @@
---
title: Get offline license
-description: The Get offline license operation retrieves the offline license information of a product from the Micosoft Store for Business.
+description: The Get offline license operation retrieves the offline license information of a product from the Microsoft Store for Business.
ms.assetid: 08DAD813-CF4D-42D6-A783-994A03AEE051
ms.reviewer:
manager: dansimp
@@ -14,7 +14,7 @@ ms.date: 09/18/2017
# Get offline license
-The **Get offline license** operation retrieves the offline license information of a product from the Micosoft Store for Business.
+The **Get offline license** operation retrieves the offline license information of a product from the Microsoft Store for Business.
## Request
From 16bdaab95b3e49591ef6e1134982aca3a188b725 Mon Sep 17 00:00:00 2001
From: Hiroshi Yoshioka <40815708+hyoshioka0128@users.noreply.github.com>
Date: Thu, 30 Apr 2020 23:25:25 +0900
Subject: [PATCH 3/8] =?UTF-8?q?Typo=20"***Removable=20=EF=BD=9E=20Hub=20**?=
=?UTF-8?q?*"=E2=86=92"***Removable=20=EF=BD=9E=20Hub***"?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
https://docs.microsoft.com/en-us/surface-hub/surface-hub-technical-84
---
devices/surface-hub/surface-hub-technical-84.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/devices/surface-hub/surface-hub-technical-84.md b/devices/surface-hub/surface-hub-technical-84.md
index 1c08da5a6b..837883da14 100644
--- a/devices/surface-hub/surface-hub-technical-84.md
+++ b/devices/surface-hub/surface-hub-technical-84.md
@@ -134,7 +134,7 @@ RJ11, bottom I/O |  | Connects to room control systems.
---
-***Removable lifting handles on 84” Surface Hub ***
+***Removable lifting handles on 84” Surface Hub***
@@ -142,7 +142,7 @@ RJ11, bottom I/O |  | Connects to room control systems.
---
-***Wall mount threads on back of 84” Surface Hub ***
+***Wall mount threads on back of 84” Surface Hub***
From d186d71cc084c8df0e3fb989a58da658dff9a74b Mon Sep 17 00:00:00 2001
From: KimLiauw <64710446+KimLiauw@users.noreply.github.com>
Date: Sat, 2 May 2020 14:44:01 -0700
Subject: [PATCH 4/8] Update respond-machine-alerts.md
---
.../microsoft-defender-atp/respond-machine-alerts.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
index 6a3f13571d..a6b23d0ed7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
@@ -97,7 +97,7 @@ The package contains the following folders:
|:---|:---------|
|Autoruns | Contains a set of files that each represent the content of the registry of a known auto start entry point (ASEP) to help identify attacker’s persistency on the machine. NOTE: If the registry key is not found, the file will contain the following message: “ERROR: The system was unable to find the specified registry key or value.” |
|Installed programs | This .CSV file contains the list of installed programs that can help identify what is currently installed on the machine. For more information, see [Win32_Product class](https://go.microsoft.com/fwlink/?linkid=841509). |
-|Network connections | This folder contains a set of data points related to the connectivity information which can help in identifying connectivity to suspicious URLs, attacker’s command and control (C&C) infrastructure, any lateral movement, or remote connections. - ActiveNetConnections.txt – Displays protocol statistics and current TCP/IP network connections. Provides the ability to look for suspicious connectivity made by a process. - Arp.txt – Displays the current address resolution protocol (ARP) cache tables for all interfaces. ARP cache can reveal additional hosts on a network that have been compromised or suspicious systems on the network that night have been used to run an internal attack. - DnsCache.txt - Displays the contents of the DNS client resolver cache, which includes both entries preloaded from the local Hosts file and any recently obtained resource records for name queries resolved by the computer. This can help in identifying suspicious connections. - IpConfig.txt – Displays the full TCP/IP configuration for all adapters. Adapters can represent physical interfaces, such as installed network adapters, or logical interfaces, such as dial-up connections. - FirewassExecutionLog.txt and pfirewall.log |
+|Network connections | This folder contains a set of data points related to the connectivity information which can help in identifying connectivity to suspicious URLs, attacker’s command and control (C&C) infrastructure, any lateral movement, or remote connections. - ActiveNetConnections.txt – Displays protocol statistics and current TCP/IP network connections. Provides the ability to look for suspicious connectivity made by a process. - Arp.txt – Displays the current address resolution protocol (ARP) cache tables for all interfaces. ARP cache can reveal additional hosts on a network that have been compromised or suspicious systems on the network that night have been used to run an internal attack. - DnsCache.txt - Displays the contents of the DNS client resolver cache, which includes both entries preloaded from the local Hosts file and any recently obtained resource records for name queries resolved by the computer. This can help in identifying suspicious connections. - IpConfig.txt – Displays the full TCP/IP configuration for all adapters. Adapters can represent physical interfaces, such as installed network adapters, or logical interfaces, such as dial-up connections. - FirewallExecutionLog.txt and pfirewall.log |
| Prefetch files| Windows Prefetch files are designed to speed up the application startup process. It can be used to track all the files recently used in the system and find traces for applications that might have been deleted but can still be found in the prefetch file list. - Prefetch folder – Contains a copy of the prefetch files from `%SystemRoot%\Prefetch`. NOTE: It is suggested to download a prefetch file viewer to view the prefetch files. - PrefetchFilesList.txt – Contains the list of all the copied files which can be used to track if there were any copy failures to the prefetch folder. |
| Processes| Contains a .CSV file listing the running processes which provides the ability to identify current processes running on the machine. This can be useful when identifying a suspicious process and its state. |
| Scheduled tasks| Contains a .CSV file listing the scheduled tasks which can be used to identify routines performed automatically on a chosen machine to look for suspicious code which was set to run automatically. |
From 0ea9f9b33bd60e7ac68ca080945fed01e153bdad Mon Sep 17 00:00:00 2001
From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com>
Date: Sun, 3 May 2020 13:56:51 +0530
Subject: [PATCH 5/8] replaced entires to entries
as per the user report #6622, I replaced **entires** to **entries** in row line no 116
---
.../client-management/troubleshoot-inaccessible-boot-device.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/client-management/troubleshoot-inaccessible-boot-device.md b/windows/client-management/troubleshoot-inaccessible-boot-device.md
index 3acffc551f..924b563043 100644
--- a/windows/client-management/troubleshoot-inaccessible-boot-device.md
+++ b/windows/client-management/troubleshoot-inaccessible-boot-device.md
@@ -113,7 +113,7 @@ To verify the BCD entries:
2. In the **Windows Boot Loader** that has the **{default}** identifier, make sure that **device** , **path** , **osdevice,** and **systemroot** point to the correct device or partition, winload file, OS partition or device, and OS folder.
>[!NOTE]
- >If the computer is UEFI-based, the **bootmgr** and **winload** entires under **{default}** will contain an **.efi** extension.
+ >If the computer is UEFI-based, the **bootmgr** and **winload** entries under **{default}** will contain an **.efi** extension.
From 0e1c418708aa2ce76fd56eba06224e577b010753 Mon Sep 17 00:00:00 2001
From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com>
Date: Mon, 4 May 2020 09:49:38 +0530
Subject: [PATCH 6/8] Update
windows/client-management/troubleshoot-inaccessible-boot-device.md
Accepted
Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
.../client-management/troubleshoot-inaccessible-boot-device.md | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/windows/client-management/troubleshoot-inaccessible-boot-device.md b/windows/client-management/troubleshoot-inaccessible-boot-device.md
index 924b563043..d249b8c5f8 100644
--- a/windows/client-management/troubleshoot-inaccessible-boot-device.md
+++ b/windows/client-management/troubleshoot-inaccessible-boot-device.md
@@ -113,7 +113,7 @@ To verify the BCD entries:
2. In the **Windows Boot Loader** that has the **{default}** identifier, make sure that **device** , **path** , **osdevice,** and **systemroot** point to the correct device or partition, winload file, OS partition or device, and OS folder.
>[!NOTE]
- >If the computer is UEFI-based, the **bootmgr** and **winload** entries under **{default}** will contain an **.efi** extension.
+ > If the computer is UEFI-based, the **bootmgr** and **winload** entries under **{default}** will contain an **.efi** extension.
@@ -279,4 +279,3 @@ The reason that these entries may affect us is because there may be an entry in
* `sfc /scannow /offbootdir=OsDrive:\ /offwindir=OsDrive:\Windows`
-
From 2e73989c6ed11e1579ab593c3ac829c1133e1283 Mon Sep 17 00:00:00 2001
From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com>
Date: Mon, 4 May 2020 09:49:55 +0530
Subject: [PATCH 7/8] Update
windows/client-management/troubleshoot-inaccessible-boot-device.md
Accepted
Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
---
.../client-management/troubleshoot-inaccessible-boot-device.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/client-management/troubleshoot-inaccessible-boot-device.md b/windows/client-management/troubleshoot-inaccessible-boot-device.md
index d249b8c5f8..5556b97262 100644
--- a/windows/client-management/troubleshoot-inaccessible-boot-device.md
+++ b/windows/client-management/troubleshoot-inaccessible-boot-device.md
@@ -112,7 +112,7 @@ To verify the BCD entries:
2. In the **Windows Boot Loader** that has the **{default}** identifier, make sure that **device** , **path** , **osdevice,** and **systemroot** point to the correct device or partition, winload file, OS partition or device, and OS folder.
- >[!NOTE]
+ > [!NOTE]
> If the computer is UEFI-based, the **bootmgr** and **winload** entries under **{default}** will contain an **.efi** extension.
From dd69478c24b3e1e37ea62c0c7e2573111d465cb2 Mon Sep 17 00:00:00 2001
From: VLG17 <41186174+VLG17@users.noreply.github.com>
Date: Mon, 4 May 2020 19:20:37 +0300
Subject: [PATCH 8/8] add info about 0x8024043D
https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6344
---
windows/deployment/update/windows-update-error-reference.md | 1 +
1 file changed, 1 insertion(+)
diff --git a/windows/deployment/update/windows-update-error-reference.md b/windows/deployment/update/windows-update-error-reference.md
index b8d84e3075..b83dd307b0 100644
--- a/windows/deployment/update/windows-update-error-reference.md
+++ b/windows/deployment/update/windows-update-error-reference.md
@@ -45,6 +45,7 @@ This section lists the error codes for Microsoft Windows Update.
| 0x80243FFD | `WU_E_NON_UI_MODE` | Unable to show UI when in non-UI mode; WU client UI modules may not be installed. |
| 0x80243FFE | `WU_E_WUCLTUI_UNSUPPORTED_VERSION` | Unsupported version of WU client UI exported functions. |
| 0x80243FFF | `WU_E_AUCLIENT_UNEXPECTED` | There was a user interface error not covered by another `WU_E_AUCLIENT_*` error code. |
+| 0x8024043D | `WU_E_SERVICEPROP_NOTAVAIL` | The requested service property is not available. |
## Inventory errors