From 5b511104b196e7c7dba7576d0585bf57b390007b Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 12 Nov 2018 12:14:21 -0800 Subject: [PATCH 1/3] toc updates --- windows/security/threat-protection/TOC.md | 5 ----- .../threat-protection/windows-defender-atp/TOC.md | 10 ---------- 2 files changed, 15 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 52a4a8c499..ab27a7496a 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -269,11 +269,6 @@ ######## [Add or Remove machine tags](windows-defender-atp/add-or-remove-machine-tags-windows-defender-advanced-threat-protection-new.md) ######## [Find machines by IP](windows-defender-atp/find-machines-by-ip-windows-defender-advanced-threat-protection-new.md) -####### Machines Security States -######## [Get MachineSecurityStates collection](windows-defender-atp/get-machinesecuritystates-collection-windows-defender-advanced-threat-protection.md) -####### Machine Groups -######## [Get MachineGroups collection](windows-defender-atp/get-machinegroups-collection-windows-defender-advanced-threat-protection.md) - ####### [Machine Action](windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md) ######## [List MachineActions](windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection-new.md) diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md index 08e1ecbe5a..efe244b001 100644 --- a/windows/security/threat-protection/windows-defender-atp/TOC.md +++ b/windows/security/threat-protection/windows-defender-atp/TOC.md @@ -16,11 +16,6 @@ #### [Security operations dashboard](security-operations-dashboard-windows-defender-advanced-threat-protection.md) -#### [Incidents queue](incidents-queue.md) -##### [View and organize the Incidents queue](view-incidents-queue.md) -##### [Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md) -##### [Investigate incidents](investigate-incidents-windows-defender-advanced-threat-protection.md) - #### [Incidents queue](incidents-queue.md) ##### [View and organize the Incidents queue](view-incidents-queue.md) ##### [Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md) @@ -283,11 +278,6 @@ ####### [Run antivirus scan](run-av-scan-windows-defender-advanced-threat-protection-new.md) ####### [Offboard machine](offboard-machine-api-windows-defender-advanced-threat-protection-new.md) -###### Machines Security States -####### [Get MachineSecurityStates collection](get-machinesecuritystates-collection-windows-defender-advanced-threat-protection.md) -###### Machine Groups -####### [Get MachineGroups collection](get-machinegroups-collection-windows-defender-advanced-threat-protection.md) - ###### [User](user-windows-defender-advanced-threat-protection-new.md) ####### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection-new.md) From f2e5982f3511ef86e2852dd87360b7a3ca1ee8a5 Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Mon, 12 Nov 2018 15:27:53 -0500 Subject: [PATCH 2/3] typo: certficate -> certificate --- windows/configuration/wcd/wcd-devicemanagement.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/configuration/wcd/wcd-devicemanagement.md b/windows/configuration/wcd/wcd-devicemanagement.md index 70a65ed02e..b245647edf 100644 --- a/windows/configuration/wcd/wcd-devicemanagement.md +++ b/windows/configuration/wcd/wcd-devicemanagement.md @@ -50,7 +50,7 @@ Use to configure device management settings. | ProtocolVersion | Select between **1.1** and **1.2** for the OMA DM protocol version that the server supports | | **Role** | Select between **Enterprise** and **Mobile Operator** for the role mask that the DM session runs with when it communicates with the server | | **ServerID** | Enter the OMA DM server's unique identifier for the current OMA DM account | -| SSLClientCertSearchCriteria | Specify the client certificate search criteria, by subject attribute and certficate stores. For details, see [DMAcc configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/dmacc-csp). | +| SSLClientCertSearchCriteria | Specify the client certificate search criteria, by subject attribute and certificate stores. For details, see [DMAcc configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/dmacc-csp). | | UseHardwareDeviceID | Specify whether to use the hardware ID for the ./DevInfo/DevID parameter in the DM account to identify the device | | UseNonceResync | Specify whether the OMA DM client should use the nonce resynchronization procedure if the server trigger notification fails authentication | @@ -90,4 +90,4 @@ In **PROVURL**, enter the URL for a Trusted Provisioning Server (TPS). ## Related topics - [DMAcc configuration service provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/dmacc-csp) -- [PXLOGICAL CSP](https://docs.microsoft.com/windows/client-management/mdm/pxlogical-csp) \ No newline at end of file +- [PXLOGICAL CSP](https://docs.microsoft.com/windows/client-management/mdm/pxlogical-csp) From 104e40e1ca2e239c426cb4e52ebc4e1976b7dfcf Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Mon, 12 Nov 2018 21:27:25 +0000 Subject: [PATCH 3/3] Merged PR 12764: Clarificationi of AAD perms AAD perms --- windows/deployment/windows-autopilot/user-driven-hybrid.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/deployment/windows-autopilot/user-driven-hybrid.md b/windows/deployment/windows-autopilot/user-driven-hybrid.md index 88e4a87f15..a5fa678ff4 100644 --- a/windows/deployment/windows-autopilot/user-driven-hybrid.md +++ b/windows/deployment/windows-autopilot/user-driven-hybrid.md @@ -9,7 +9,7 @@ ms.sitesec: library ms.pagetype: deploy author: greg-lindsay ms.author: greg-lindsay -ms.date: 11/07/2018 +ms.date: 11/12/2018 --- @@ -23,7 +23,6 @@ Windows Autopilot requires that devices be Azure Active Directory joined. If you To perform a user-driven hybrid AAD joined deployment using Windows Autopilot: -- Users must be able to join devices to Azure Active Directory. - A Windows Autopilot profile for user-driven mode must be created and - **Hybrid Azure AD joined** must be specified as the selected option under **Join to Azure AD as** in the Autopilot profile. - If using Intune, a device group in Azure Active Directory must exist with the Windows Autopilot profile assigned to that group. @@ -32,6 +31,8 @@ To perform a user-driven hybrid AAD joined deployment using Windows Autopilot: - The Intune Connector for Active Directory must be installed. - Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf. +**AAD device join**: The hybrid AAD join process uses the system context to perform device AAD join, therefore it is not affected by user based AAD join permission settings. In addition, all users are enabled to join devices to AAD by default. + ## Step by step instructions See [Deploy hybrid Azure AD joined devices using Intune and Windows Autopilot](https://docs.microsoft.com/intune/windows-autopilot-hybrid).