Merge pull request #3766 from MicrosoftDocs/main

padmagit77 · web-flow · commit 8a79664ec45e · 2025-05-14T17:01:47.000+05:30
[AutoPublish] main to live - 05/14 04:29 PDT | 05/14 16:59 IST
diff --git a/ATPDocs/deploy/remote-calls-sam.md b/ATPDocs/deploy/remote-calls-sam.md
@@ -8,7 +8,7 @@ ms.topic: how-to
 # Configure SAM-R to enable lateral movement path detection in Microsoft Defender for Identity
 
 > [!IMPORTANT]
-> Remote collection of local administrators' group members on endpoints (using SAM-R queries) feature in Microsoft Defender for Identity will be disabled by mid-May 2025.
+> Remote collection of local administrators' group members on endpoints (using SAM-R queries) feature in Microsoft Defender for Identity will be disabled by mid-May 2025. This change will happen automatically by the specified dates. No admin action is required. 
 > 
 
 Microsoft Defender for Identity mapping for [potential lateral movement paths](/defender-for-identity/understand-lateral-movement-paths) relies on queries that identify local admins on specific machines. These queries are performed with the SAM-R protocol, using the Defender for Identity [Directory Service account](directory-service-accounts.md) you configured.
diff --git a/ATPDocs/whats-new.md b/ATPDocs/whats-new.md
@@ -25,7 +25,7 @@ For updates about versions and features released six months ago or earlier, see
 ## May 2025
 
 ### Local administrators collection (using SAM-R queries) feature will be disabled
-Remote collection of local administrators' group members on endpoints (using SAM-R queries) feature in Microsoft Defender for Identity will be disabled by mid-May 2025. The details collected are used to build the potential lateral movement paths map. Alternative methods are currently being explored.
+Remote collection of local administrators' group members on endpoints (using SAM-R queries) feature in Microsoft Defender for Identity will be disabled by mid-May 2025. The details collected are used to build the potential lateral movement paths map. Alternative methods are currently being explored. This change will happen automatically by the specified dates. No admin action is required. 
 
 ### New Health Issue
 
diff --git a/CloudAppSecurityDocs/session-policy-aad.md b/CloudAppSecurityDocs/session-policy-aad.md
@@ -97,7 +97,6 @@ This procedure describes how to create a new session policy in Defender for Clou
 
     1. <a name="inspection"></a>In the **Apply to** area (Preview):
 
-        - Select whether to apply the policy to all files, or files in specified folders only
         - Select an inspection method to use, such as data classification services, or malware. For more information, see [Microsoft Data Classification Services integration](dcs-inspection.md).
         - Configure more detailed options for your policy, such as scenarios based on elements like fingerprints or trainable classifiers.
 

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@ ms.topic: how-to`
`8`	`8`	`# Configure SAM-R to enable lateral movement path detection in Microsoft Defender for Identity`
`9`	`9`
`10`	`10`	`> [!IMPORTANT]`
`11`		`-> Remote collection of local administrators' group members on endpoints (using SAM-R queries) feature in Microsoft Defender for Identity will be disabled by mid-May 2025.`
	`11`	`+> Remote collection of local administrators' group members on endpoints (using SAM-R queries) feature in Microsoft Defender for Identity will be disabled by mid-May 2025. This change will happen automatically by the specified dates. No admin action is required.`
`12`	`12`	`>`
`13`	`13`
`14`	`14`	`Microsoft Defender for Identity mapping for [potential lateral movement paths](/defender-for-identity/understand-lateral-movement-paths) relies on queries that identify local admins on specific machines. These queries are performed with the SAM-R protocol, using the Defender for Identity [Directory Service account](directory-service-accounts.md) you configured.`