From f7641ff9e91f6538e93a508f983ca4f49f1c8602 Mon Sep 17 00:00:00 2001 From: Lachlan Picking Date: Mon, 14 Jan 2019 02:05:21 +1000 Subject: [PATCH] Fix syntax errors in dsacls examples Fixed problems raised in #2459 (Removed markdown from code blocks, restored missing `"`, replaced commas with semi-colons). --- .../hello-for-business/hello-features.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-features.md b/windows/security/identity-protection/hello-for-business/hello-features.md index d3128c154a..09530fefa8 100644 --- a/windows/security/identity-protection/hello-for-business/hello-features.md +++ b/windows/security/identity-protection/hello-for-business/hello-features.md @@ -202,9 +202,9 @@ Active Directory Domain Services uses AdminSDHolder to secure privileged users a Sign-in to a domain controller or management workstation with access equivalent to _domain administrator_. 1. Type the following command to add the **allow** read and write property permissions for msDS-KeyCredentialLink attribute for the **Key Admins** (or **KeyCredential Admins**) group on the AdminSDHolder object.
-```dsacls "CN=AdminSDHolder,CN=System,**DC=domain,DC=com**" /g "**[domainName\keyAdminGroup]**":RPWP,msDS-KeyCredentialLink```
+```dsacls "CN=AdminSDHolder,CN=System,DC=domain,DC=com" /g "[domainName\keyAdminGroup]":RPWP;msDS-KeyCredentialLink```
where **DC=domain,DC=com** is the LDAP path of your Active Directory domain and **domainName\keyAdminGroup]** is the NetBIOS name of your domain and the name of the group you use to give access to keys based on your deployment. For example:
-```dsacls "CN=AdminSDHolder,CN=System,DC=corp,DC=mstepdemo,DC=net /g "mstepdemo\Key Admins":RPWP,msDS-KeyCredentialLink``` +```dsacls "CN=AdminSDHolder,CN=System,DC=corp,DC=mstepdemo,DC=net" /g "mstepdemo\Key Admins":RPWP;msDS-KeyCredentialLink``` 2. To trigger security descriptor propagation, open **ldp.exe**. 3. Click **Connection** and select **Connect...** Next to **Server**, type the name of the domain controller that holds the PDC role for the domain. Next to **Port**, type **389** and click **OK**. 4. Click **Connection** and select **Bind...** Click **OK** to bind as the currently signed-in user. @@ -266,4 +266,4 @@ Users appreciate convenience of biometrics and administrators value the security - [Windows Hello and password changes](hello-and-password-changes.md) - [Windows Hello errors during PIN creation](hello-errors-during-pin-creation.md) - [Event ID 300 - Windows Hello successfully created](hello-event-300.md) -- [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md) \ No newline at end of file +- [Windows Hello biometrics in the enterprise](hello-biometrics-in-enterprise.md)