deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 02:43:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'main' into reports-drivers-7539531

Browse Source
This commit is contained in:
Meghan Stewart
2023-02-13 15:57:28 -08:00
committed by GitHub
parent 855f52d7e1 1c6a9712fa
commit fc9b77f795
3 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/client-management/mdm/policy-csp-audit.md
View File

@ -836,7 +836,7 @@ Volume: Low.
<!-- AccountLogonLogoff_AuditSpecialLogon-Description-Begin -->
<!-- Description-Source-DDF -->
This policy setting allows you to audit events generated by special logons such as the following : The use of a special logon, which is a logon that has administrator-equivalent privileges and can be used to elevate a process to a higher level. A logon by a member of a Special Group. Special Groups enable you to audit events generated when a member of a certain group has logged on to your network. You can configure a list of group security identifiers (SIDs) in the registry. If any of those SIDs are added to a token during logon and the subcategory is enabled, an event is logged. For more information about this feature, see [article 947223 in the Microsoft Knowledge Base](<https://go.microsoft.com/fwlink/?LinkId=121697>).
This policy setting allows you to audit events generated by special logons such as the following: The use of a special logon, which is a logon that has administrator-equivalent privileges and can be used to elevate a process to a higher level. A logon by a member of a Special Group. Special Groups enable you to audit events generated when a member of a certain group has logged on to your network. You can configure a list of group security identifiers (SIDs) in the registry. If any of those SIDs are added to a token during logon and the subcategory is enabled, an event is logged. For more information about this feature, see [article 947223 in the Microsoft Knowledge Base](<https://go.microsoft.com/fwlink/?LinkId=121697>).
<!-- AccountLogonLogoff_AuditSpecialLogon-Description-End -->
<!-- AccountLogonLogoff_AuditSpecialLogon-Editable-Begin -->
@ -2774,7 +2774,7 @@ This policy setting allows you to audit events generated by attempts to access t
- If you do not configure this policy setting, no audit event is generated when an attempt to access a kernel object is made.
> [!NOTE]
> Only the System Access Control List (SACL) for SAM_SERVER can be modified. Volume High on domain controllers. For information about reducing the amount of events generated in this subcategory, see [article 841001 in the Microsoft Knowledge Base](https//go.microsoft.com/fwlink/?LinkId=121698).
> Only the System Access Control List (SACL) for SAM_SERVER can be modified. Volume High on domain controllers. For information about reducing the amount of events generated in this subcategory, see [article 841001 in the Microsoft Knowledge Base](https://go.microsoft.com/fwlink/?LinkId=121698).
<!-- ObjectAccess_AuditSAM-Description-End -->
<!-- ObjectAccess_AuditSAM-Editable-Begin -->

7
windows/deployment/windows-autopatch/operate/windows-autopatch-windows-feature-update-overview.md
View File

@ -71,7 +71,12 @@ Windows Autopatch uses Microsoft Intunes built-in solution, which uses config
Windows Autopatch provides a permanent pause of a Windows feature update deployment. The Windows Autopatch service automatically extends the 35-day pause limit (permanent pause) established by Microsoft Intune on your behalf. The deployment remains permanently paused until you decide to resume it.
## Pausing and resuming a release
## Release management
> [!NOTE]
> To access the Release management blade, you must have the correct [role-based access control](../deploy/windows-autopatch-register-devices.md#built-in-roles-required-for-device-registration).
### Pausing and resuming a release
> [!CAUTION]
> It's only recommended to use Windows Autopatch's end-user experience to pause and resume [Windows quality](../operate/windows-autopatch-windows-quality-update-overview.md#pausing-and-resuming-a-release) and [Windows feature updates](#pausing-and-resuming-a-release). If you need assistance with pausing and resuming updates, please [submit a support request](../operate/windows-autopatch-support-request.md).

3
windows/deployment/windows-autopatch/operate/windows-autopatch-windows-quality-update-overview.md
View File

@ -54,6 +54,9 @@ Windows Autopatch configures these policies differently across deployment rings
## Release management
> [!NOTE]
> To access the Release management blade, you must have the correct [role-based access control](../deploy/windows-autopatch-register-devices.md#built-in-roles-required-for-device-registration).
In the Release management blade, you can:
- Track the [Windows quality update schedule](#release-schedule) for devices in the [four deployment rings](windows-autopatch-update-management.md#windows-autopatch-deployment-rings).