status

openpublishbuild · openpublishbuild · commit 17b7b26ec360 · 2026-01-08T22:56:10.000Z
diff --git a/support/windows-client/group-policy/scenario-guide-gpo-to-map-network-drive-doesn-t-apply-as-expected.md b/support/windows-client/group-policy/scenario-guide-gpo-to-map-network-drive-doesn-t-apply-as-expected.md
@@ -132,16 +132,16 @@ In *\<Clientmachinename\>_\<Date_Time\>_GPPREF_User.txt*, we observe that the GP
 
 ```output
 yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] Entering ProcessGroupPolicyExDrives()
-yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] SOFTWARE\Policies\Microsoft\Windows\Group Policy\{5794DAFD-BE60-433f-88A2-1A31939AC01F}
+yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] SOFTWARE\Policies\Microsoft\Windows\Group Policy\{aaaabbbb-0000-cccc-1111-dddd2222eeee}
 ```
 
 The Group Policy Mapped Drives extension identified a GPO that's configured with this extension, and the name is **Mapped-Drive**:
 
 ```output
-yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] GPC : LDAP://CN=User,cn={6D6CECFD-C75A-43FA-8C32-0B5963E42C5B},cn=policies,cn=system,DC=contoso,DC=com
-yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] GPT : \\contoso.com\SysVol\contoso.com\Policies\{6D6CECFD-C75A-43FA-8C32-0B5963E42C5B}\User
+yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] GPC : LDAP://CN=User,cn={bbbbcccc-1111-dddd-2222-eeee3333ffff},cn=policies,cn=system,DC=contoso,DC=com
+yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] GPT : \\contoso.com\SysVol\contoso.com\Policies\{bbbbcccc-1111-dddd-2222-eeee3333ffff}\User
 yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] GPO Display Name : Mapped-Drive
-yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] GPO Name : {6D6CECFD-C75A-43FA-8C32-0B5963E42C5B}
+yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] GPO Name : {bbbbcccc-1111-dddd-2222-eeee3333ffff}
 ```
 
 We observe that drive Z is successfully mapped:
@@ -151,7 +151,7 @@ yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] Starting class <Drive> - Z:.
 yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] Policy is not flagged for removal.
 yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] Completed class <Drive> - Z:.
 yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] Completed class <Drives>.
-yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] EVENT : The user 'Z:' preference item in the 'Mapped-Drive {6D6CECFD-C75A-43FA-8C32-0B5963E42C5B}' Group Policy Object applied successfully.
+yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] EVENT : The user 'Z:' preference item in the 'Mapped-Drive {bbbbcccc-1111-dddd-2222-eeee3333ffff}' Group Policy Object applied successfully.
 yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] Completed class <Drive> - Z:.
 yyyy-mm-dd hh:mm::ss:sss [pid=0x3134,tid=0x4fc] Completed class <Drives>
 ```
diff --git a/support/windows-client/installing-updates-features-roles/windows-update-issues-troubleshooting.md b/support/windows-client/installing-updates-features-roles/windows-update-issues-troubleshooting.md
@@ -74,10 +74,10 @@ Checking the WindowsUpdate.log reveals the following error:
 ```output
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Agent           * START * Finding updates CallerId = Update;taskhostw  Id = 25
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Agent           Online = Yes; Interactive = No; AllowCachedResults = No; Ignore download priority = No
-YYYY/MM/DD HH:mm:ss:SSS PID  TID  Agent           ServiceID = {855E8A7C-ECB4-4CA3-B045-1DFA50104289} Third party service
+YYYY/MM/DD HH:mm:ss:SSS PID  TID  Agent           ServiceID = {aaaabbbb-0000-cccc-1111-dddd2222eeee} Third party service
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Agent           Search Scope = {Current User}
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Agent           Caller SID for Applicability: S-1-12-1-2933642503-1247987907-1399130510-4207851353
-YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            Got 855E8A7C-ECB4-4CA3-B045-1DFA50104289 redir Client/Server URL: https://fe3.delivery.mp.microsoft.com/ClientWebService/client.asmx""
+YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            Got aaaabbbb-0000-cccc-1111-dddd2222eeee redir Client/Server URL: https://fe3.delivery.mp.microsoft.com/ClientWebService/client.asmx""
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            Token Requested with 0 category IDs.
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            GetUserTickets: No user tickets found. Returning WU_E_NO_USERTOKEN.
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            *FAILED* [80070426] Method failed [AuthTicketHelper::GetDeviceTickets:570]
@@ -88,7 +88,7 @@ YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            *FAILED* [80070426] Method fai
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            *FAILED* [80070426] GetAgentTokenFromServer
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            *FAILED* [80070426] GetAgentToken
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            *FAILED* [80070426] EP:Call to GetEndpointToken
-YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            *FAILED* [80070426] Failed to obtain service 855E8A7C-ECB4-4CA3-B045-1DFA50104289 plugin Client/Server auth token of type 0x00000001
+YYYY/MM/DD HH:mm:ss:SSS PID  TID  Misc            *FAILED* [80070426] Failed to obtain service aaaabbbb-0000-cccc-1111-dddd2222eeee plugin Client/Server auth token of type 0x00000001
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  ProtocolTalker  *FAILED* [80070426] Method failed [CAgentProtocolTalkerContext::DetermineServiceEndpoint:377]
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  ProtocolTalker  *FAILED* [80070426] Initialization failed for Protocol Talker Context
 YYYY/MM/DD HH:mm:ss:SSS PID  TID  Agent           Exit code = 0x80070426
@@ -101,7 +101,7 @@ The 0x80070426 error code translates to:
 ERROR_SERVICE_NOT_ACTIVE - # The service has not been started.
 ```
 
-Microsoft Account Sign In Assistant (MSA or wlidsvc) is the service in question. The DCAT Flighting service (ServiceId: 855E8A7C-ECB4-4CA3-B045-1DFA50104289) relies on MSA to get the global device ID for the device. Without the MSA service running, the global device ID won't be generated and sent by the client and the search for feature updates never completes successfully.
+Microsoft Account Sign In Assistant (MSA or wlidsvc) is the service in question. The DCAT Flighting service (ServiceId: aaaabbbb-0000-cccc-1111-dddd2222eeee) relies on MSA to get the global device ID for the device. Without the MSA service running, the global device ID won't be generated and sent by the client and the search for feature updates never completes successfully.
 
 To resolve this issue, reset the MSA service to the default StartType of "manual."
 
diff --git a/support/windows-client/licensing-and-activation/activation-failures-not-genuine-notifications-volume-licensed-kms-client.md b/support/windows-client/licensing-and-activation/activation-failures-not-genuine-notifications-volume-licensed-kms-client.md
@@ -60,7 +60,7 @@ For Windows editions that experience activation and "not genuine" errors that ar
 
 |Event log|Event source|Event ID|Description|
 |---|---|---|---|
-|Application|Microsoft-Windows-Security-SPP|8209|Genuine state set to non-genuine (0x00000000) for application Id 55c92734-d682-4d71-983e-d6ec3f16059f|
+|Application|Microsoft-Windows-Security-SPP|8209|Genuine state set to non-genuine (0x00000000) for application Id 00001111-aaaa-2222-bbbb-3333cccc4444|
 |Application|Microsoft-Windows-Security-SPP|8208|Acquisition of genuine ticket failed (hr=0xC004C4A2) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f|
 |Application|Windows Activation Technologies|13|Genuine validation result: hrOffline = 0x00000000, hrOnline =0xC004C4A2|
 |Application|Microsoft-Windows-Security-SPP|8196|License Activation Scheduler (sppuinotify.dll) was not able to automatically activate. Error code:  0xC004F200:|
diff --git a/support/windows-client/windows-security/enforcing-bitlocker-policies-by-using-intune-known-issues.md b/support/windows-client/windows-security/enforcing-bitlocker-policies-by-using-intune-known-issues.md
@@ -243,7 +243,7 @@ The policy deployment fails and the failure generates the following events in Ev
 > Event:
 > Failed to backup BitLocker Drive Encryption recovery information for volume C: to your Microsoft Entra ID.
 >
-> TraceId: {cbac2b6f-1434-4faa-a9c3-597b17c1dfa3}
+> TraceId: {0000aaaa-11bb-cccc-dd22-eeeeee333333}
 > Error: Unknown HResult Error code: 0x80072f9a
 
 > Event ID:778
diff --git a/support/windows-server/active-directory/troubleshoot-ad-fs-sso-issue.md b/support/windows-server/active-directory/troubleshoot-ad-fs-sso-issue.md
@@ -418,7 +418,7 @@ Then, check the certificate configuration on WAP servers and the fallback bindin
   
   To support non-SNI cases, administrators may specify fallback bindings. Other than the standard federationservicename:443 binding, look for fallback bindings under the following application IDs:
   
-  - \{5d89a20c-beab-4389-9447-324788eb944a\}: This is the application ID for AD FS.
+  - \{00001111-aaaa-2222-bbbb-3333cccc4444\}: This is the application ID for AD FS.
   - \{f955c070-e044-456c-ac00-e9e4275b3f04\}: This is the application ID for Web Application Proxy.
   
   For example, if the SSL certificate is specified for a fallback binding like 0.0.0.0:443, make sure that the binding is updated accordingly when the SSL certificate gets updated.
@@ -884,12 +884,12 @@ Get the SSL certificate bindings for AD FS
 On the AD FS server, run the following command in Windows PowerShell:  
 `netsh http show sslcert`
 
-In the list of bindings returned, look for those with the Application ID of 5d89a20c-beab-4389-9447-324788eb944a. Here is an example of a healthy binding. Note the "Ctl Store Name" line.
+In the list of bindings returned, look for those with the Application ID of 00001111-aaaa-2222-bbbb-3333cccc4444. Here is an example of a healthy binding. Note the "Ctl Store Name" line.
 
 ```output
 Hostname:port : adfs.contoso.com:443
 Certificate Hash : 3638de9b03a488341dfe32fc3ae5c480ee687793
-Application ID : {5d89a20c-beab-4389-9447-324788eb944a}
+Application ID : {00001111-aaaa-2222-bbbb-3333cccc4444}
 Certificate Store Name : MY
 Verify Client Certificate Revocation : Enabled
 Verify Revocation Using Cached Client Certificate Only : Disabled
diff --git a/support/windows-server/software-defined-networking/troubleshoot-windows-server-software-defined-networking-stack.md b/support/windows-server/software-defined-networking/troubleshoot-windows-server-software-defined-networking-stack.md
@@ -236,11 +236,11 @@ HostId : **162cd2c8-08d4-4298-8cb4-10c2977e3cfe**
 Get-NetworkControllerServer -ConnectionUri $uri |where { $_.InstanceId -eq "162cd2c8-08d4-4298-8cb4-10c2977e3cfe"}
 
 Tags             :
-ResourceRef      : /servers/4c4c4544-0056-4a10-8059-b8c04f395931
+ResourceRef      : /servers/a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1
 InstanceId       : **162cd2c8-08d4-4298-8cb4-10c2977e3cfe**
 Etag             : W/"50f89b08-215c-495d-8505-0776baab9cb3"
 ResourceMetadata : Microsoft.Windows.NetworkController.ResourceMetadata
-ResourceId       : 4c4c4544-0056-4a10-8059-b8c04f395931
+ResourceId       : a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1
 Properties       : Microsoft.Windows.NetworkController.ServerProperties
 ```
 
diff --git a/support/windows-server/system-management-components/event-tracing-for-windows-simplified.md b/support/windows-server/system-management-components/event-tracing-for-windows-simplified.md
@@ -48,7 +48,7 @@ Classpnp Driver Tracing Provider {FA8DE7C4-ACDE-4443-9994-C4E2359A9EDB}
 Critical Section Trace Provider {3AC66736-CC59-4CFF-8115-8DF50E39816B}  
 Device Task Enumerator {0E9E7909-00AA-42CF-9502-2C490471E598}  
 Disk Class Driver Tracing Provider {945186BF-3DD6-4F3F-9C8E-9EDD3FC9D558}  
-Downlevel IPsec API {94335EB3-79EA-44D5-8EA9-306F49B3A041}
+Downlevel IPsec API {aaaabbbb-0000-cccc-1111-dddd2222eeee}
 
 Various utilities are available at the Microsoft Download Center in order to parse .etl files, for instance Network Monitor v3.4. However, the sample script below would not need an installation of any of those.
 
diff --git a/support/windows-server/system-management-components/identify-cause-of-wmi-shutdown.md b/support/windows-server/system-management-components/identify-cause-of-wmi-shutdown.md
@@ -150,7 +150,7 @@ After the reboot, follow these steps to conclude the investigation:
    User:          SYSTEM
    Computer:      <FQDN>
    Description:
-   CorrelationId = {6BE1F66D-CD17-0003-6718-E26B17CDDA01}; GroupOperationId = 11687; OperationId = 11698; Operation = Start IWbemServices::ExecMethod - root\cimv2 : Win32_OperatingSystem=@::Win32Shutdown; ClientMachine = <computer name>; User = <user>; ClientProcessId = 2712; NamespaceName = 133644697772514501
+   CorrelationId = {aaaa0000-bb11-2222-33cc-444444dddddd}; GroupOperationId = 11687; OperationId = 11698; Operation = Start IWbemServices::ExecMethod - root\cimv2 : Win32_OperatingSystem=@::Win32Shutdown; ClientMachine = <computer name>; User = <user>; ClientProcessId = 2712; NamespaceName = 133644697772514501
    ```
 
    Note the **ClientProcessId**.
diff --git a/support/windows-server/system-management-components/troubleshoot-wmi-high-cpu-issues.md b/support/windows-server/system-management-components/troubleshoot-wmi-high-cpu-issues.md
@@ -222,7 +222,7 @@ Here's one of the log entries from the WMI-Tracing CSV file saved:
 
 |Level|Date and time|Source|Event ID|Task category|Description|
 |-|-|-|-|-|-|
-|Information|05-05-23 14:48|Microsoft-Windows-WMI-Activity|11|None|CorrelationId = {345E5566-0000-0000-0000-68343241D901}; GroupOperationId = 30693; OperationId = 30694; Operation = Start IWbemServices::ExecQuery - root\cimv2 : select * from Win32_Product; ClientMachine = 21H2W10M; User = CONTOSO\\\<UserName>; ClientProcessId = 5484; NamespaceName = 133277000000783520|
+|Information|05-05-23 14:48|Microsoft-Windows-WMI-Activity|11|None|CorrelationId = {aaaa0000-bb11-2222-33cc-444444dddddd}; GroupOperationId = 30693; OperationId = 30694; Operation = Start IWbemServices::ExecQuery - root\cimv2 : select * from Win32_Product; ClientMachine = 21H2W10M; User = CONTOSO\\\<UserName>; ClientProcessId = 5484; NamespaceName = 133277000000783520|
 
 A similar event in XML format looks like:
 
@@ -246,7 +246,7 @@ A similar event in XML format looks like:
 </System> 
 <UserData> 
 <Operation_New xmlns="http://manifests.microsoft.com/win/2006/windows/WMI"> 
-<CorrelationId>{345E5566-0000-0000-0000-67343241D901}</CorrelationId> 
+<CorrelationId>{bbbb1111-cc22-3333-44dd-555555eeeeee}</CorrelationId> 
 <GroupOperationId>28089</GroupOperationId> 
 <OperationId>28090</OperationId> 
 <Operation>Start IWbemServices::ExecQuery - root\cimv2 : select * from Win32_Product</Operation> 
@@ -260,7 +260,7 @@ A similar event in XML format looks like:
 </Operation_New> 
 </UserData> 
 <RenderingInfo Culture="en-US"> 
-<Message>CorrelationId = {345E5566-0000-0000-0000-67343241D901}; GroupOperationId = 28089; OperationId = 28090; Operation = Start IWbemServices::ExecQuery - root\cimv2 : select * from Win32_Product; ClientMachine = 21H2W10M; User = CONTOSO\<UserName>; ClientProcessId = 5484; NamespaceName = 133277000000783520</Message> 
+<Message>CorrelationId = {bbbb1111-cc22-3333-44dd-555555eeeeee}; GroupOperationId = 28089; OperationId = 28090; Operation = Start IWbemServices::ExecQuery - root\cimv2 : select * from Win32_Product; ClientMachine = 21H2W10M; User = CONTOSO\<UserName>; ClientProcessId = 5484; NamespaceName = 133277000000783520</Message> 
 <Level>Information</Level> 
 <Task/> 
 <Opcode>Info</Opcode> 
@@ -356,9 +356,9 @@ With the filter showing only the lines or operations that include "Win32_NTLogEv
 
 |Level|Source|Event ID|Description|
 |-|-|-|-|
-|Information|Microsoft-Windows-WMI-Activity|11|CorrelationId = {345E5566-0000-0000-0000-68343241D901}; GroupOperationId = 30641; OperationId = 30642; Operation = Start IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NTLogEvent; ClientMachine = 21H2W10M; User = CONTOSO\\\<UserName>; ClientProcessId = 5484; NamespaceName = 133277000000783520|
+|Information|Microsoft-Windows-WMI-Activity|11|CorrelationId = {aaaa0000-bb11-2222-33cc-444444dddddd}; GroupOperationId = 30641; OperationId = 30642; Operation = Start IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NTLogEvent; ClientMachine = 21H2W10M; User = CONTOSO\\\<UserName>; ClientProcessId = 5484; NamespaceName = 133277000000783520|
 |Information|Microsoft-Windows-WMI-Activity|12|ProviderInfo for GroupOperationId = 30641; Operation = Provider::CreateInstanceEnum - MS_NT_EVENTLOG_PROVIDER : Win32_NTLogEvent; HostID = 556; ProviderName = MS_NT_EVENTLOG_PROVIDER; ProviderGuid = {FD4F53E0-65DC-11d1-AB64-00C04FD9159E}; Path = %systemroot%\system32\wbem\ntevt.dll|
-|Information|Microsoft-Windows-WMI-Activity|11|CorrelationId = {345E5566-0000-0000-0000-68343241D901}; GroupOperationId = 30697; OperationId = 30698; Operation = Start IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NTLogEvent; ClientMachine = 21H2W10M; User = CONTOSO\\\<UserName>; ClientProcessId = 5484; NamespaceName = 133277000000783520|
+|Information|Microsoft-Windows-WMI-Activity|11|CorrelationId = {aaaa0000-bb11-2222-33cc-444444dddddd}; GroupOperationId = 30697; OperationId = 30698; Operation = Start IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NTLogEvent; ClientMachine = 21H2W10M; User = CONTOSO\\\<UserName>; ClientProcessId = 5484; NamespaceName = 133277000000783520|
 |Information|Microsoft-Windows-WMI-Activity|12|ProviderInfo for GroupOperationId = 30697; Operation = Provider::CreateInstanceEnum - MS_NT_EVENTLOG_PROVIDER : Win32_NTLogEvent; HostID = 556; ProviderName = MS_NT_EVENTLOG_PROVIDER; ProviderGuid = {FD4F53E0-65DC-11d1-AB64-00C04FD9159E}; Path = %systemroot%\system32\wbem\ntevt.dll|
 
 From the above operations, you can get the following additional information:

Original file line number	Diff line number	Diff line change
`@@ -243,7 +243,7 @@ The policy deployment fails and the failure generates the following events in Ev`
`243`	`243`	`> Event:`
`244`	`244`	`> Failed to backup BitLocker Drive Encryption recovery information for volume C: to your Microsoft Entra ID.`
`245`	`245`	`>`
`246`		`-> TraceId: {cbac2b6f-1434-4faa-a9c3-597b17c1dfa3}`
	`246`	`+> TraceId: {0000aaaa-11bb-cccc-dd22-eeeeee333333}`
`247`	`247`	`> Error: Unknown HResult Error code: 0x80072f9a`
`248`	`248`
`249`	`249`	`> Event ID:778`