**Important**
Internet Explorer 11 no longer supports using file server locations with your proxy configuration (.pac) files. To keep using your .pac files, you have to keep them on a web server and reference them using a URL, like *http://share/test.ins*.
+ - **Automatic proxy URL (.JS, .JVS, or .PAC file) box:** Type the location of your automatic proxy script.
**Important**
Internet Explorer 11 no longer supports using file server locations with your proxy configuration (.pac) files. To keep using your .pac files, you have to keep them on a web server and reference them using a URL, like `http://share/test.ins`.
If your branding changes aren't correctly deployed after running through this process, see [Auto configuration and auto proxy problems with Internet Explorer 11](auto-configuration-and-auto-proxy-problems-with-ie11.md).
diff --git a/browsers/internet-explorer/ie11-deploy-guide/index.md b/browsers/internet-explorer/ie11-deploy-guide/index.md
index b1b9d3ce0b..f26bdcd631 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/index.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/index.md
@@ -6,6 +6,7 @@ ms.prod: ie11
ms.assetid: bddc2d97-c38d-45c5-9588-1f5bbff2e9c3
title: Internet Explorer 11 (IE11) - Deployment Guide for IT Pros (Internet Explorer 11 for IT Pros)
ms.sitesec: library
+localizationpriority: low
---
diff --git a/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md b/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
index cf7ec51045..65baf63d4b 100644
--- a/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
+++ b/browsers/internet-explorer/ie11-ieak/auto-detection-dhcp-or-dns-servers-ieak11.md
@@ -33,11 +33,12 @@ DHCP has a higher priority than DNS for automatic configuration. If DHCP provide
 **To set up automatic detection for DHCP servers**
- Open the [DHCP Administrative Tool](https://go.microsoft.com/fwlink/p/?LinkId=302212), create a new option type, using the code number 252, and then associate it with the URL to your configuration file. For detailed instructions about how to do this, see [Create an option 252 entry in DHCP](https://go.microsoft.com/fwlink/p/?LinkId=294649).
-
**Examples:**
-http://www.microsoft.com/webproxy.pac
-http://marketing/config.ins
-http://123.4.567.8/account.pac
-For more detailed info about how to set up your DHCP server, see your server documentation.
+
+ **Examples:**
+ `http://www.microsoft.com/webproxy.pac`
+ `http://marketing/config.ins`
+ `http://123.4.567.8/account.pac`
+ For more detailed info about how to set up your DHCP server, see your server documentation.  **To set up automatic detection for DNS servers** diff --git a/browsers/internet-explorer/ie11-ieak/index.md b/browsers/internet-explorer/ie11-ieak/index.md index b0c1e0c9fe..00b9d78815 100644 --- a/browsers/internet-explorer/ie11-ieak/index.md +++ b/browsers/internet-explorer/ie11-ieak/index.md @@ -6,6 +6,7 @@ ms.prod: ie11 ms.assetid: 847bd7b4-d5dd-4e10-87b5-4d7d3a99bbac title: Internet Explorer Administration Kit 11 (IEAK 11) - Administrator's Guide (Internet Explorer Administration Kit 11 for IT Pros) ms.sitesec: library +localizationpriority: low --- diff --git a/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md b/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md index bc7d4bb78f..c758d7acbf 100644 --- a/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md +++ b/browsers/internet-explorer/ie11-ieak/proxy-settings-ieak11-wizard.md @@ -20,7 +20,7 @@ Using a proxy server lets you limit access to the Internet. You can also use the 1. Check the **Enable proxy settings** box if you want to use proxy servers for any of your services. 2. Type the address of the proxy server you want to use for your services into the **Address of proxy** box. In most cases, a single proxy server is used for all of your services.
-Proxy locations that don’t begin with a protocol (like, http:// or ftp://) are assumed to be a CERN-type HTTP proxy. For example, the entry *proxy* is treated the same as the entry *http://proxy*. +Proxy locations that don’t begin with a protocol (like, http:// or ftp://) are assumed to be a CERN-type HTTP proxy. For example, the entry *proxy* is treated the same as the entry `http://proxy`. 3. Type the port for each service. The default value is *80*. diff --git a/devices/surface-hub/create-a-device-account-using-office-365.md b/devices/surface-hub/create-a-device-account-using-office-365.md index de3aee64d1..a24d50ff5c 100644 --- a/devices/surface-hub/create-a-device-account-using-office-365.md +++ b/devices/surface-hub/create-a-device-account-using-office-365.md @@ -54,7 +54,7 @@ If you prefer to use a graphical user interface, you can create a device account  - From the list, uncheck **Skype for Business Online (plan 2)** (this license may vary depending on your organization), and click **SAVE**. + From the list, select **Skype for Business Online (Plan 2)**, and then click **SAVE**. The license may vary depending on your organization (for example, you might have Plan 2, or Plan 3). ### Create a mobile device mailbox (ActiveSync) policy from the Exchange Admin Center @@ -133,8 +133,7 @@ In order to run cmdlets used by these PowerShell scripts, the following must be 5. Finally, to connect to Exchange Online Services, run: ``` syntax - $exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri - "https://outlook.office365.com/powershell-liveid/" -Credential $cred -Authentication "Basic" –AllowRedirection + $exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri"https://outlook.office365.com/powershell-liveid/" -Credential $cred -Authentication "Basic" –AllowRedirection ```  diff --git a/devices/surface-hub/images/setupdeviceaccto365-07.png b/devices/surface-hub/images/setupdeviceaccto365-07.png index 4b4bebff94..ce0eb99af2 100644 Binary files a/devices/surface-hub/images/setupdeviceaccto365-07.png and b/devices/surface-hub/images/setupdeviceaccto365-07.png differ diff --git a/devices/surface-hub/images/wicd-screen02b.png b/devices/surface-hub/images/wicd-screen02b.png index 258ebfae82..6686186f8b 100644 Binary files a/devices/surface-hub/images/wicd-screen02b.png and b/devices/surface-hub/images/wicd-screen02b.png differ diff --git a/devices/surface-hub/index.md b/devices/surface-hub/index.md index 03268e3bb2..8c84d59605 100644 --- a/devices/surface-hub/index.md +++ b/devices/surface-hub/index.md @@ -36,14 +36,3 @@ Documents related to the Microsoft Surface Hub. - - - - - - - - - - - diff --git a/devices/surface-hub/intro-to-surface-hub.md b/devices/surface-hub/intro-to-surface-hub.md index ec1712c7a0..eb48a1fb78 100644 --- a/devices/surface-hub/intro-to-surface-hub.md +++ b/devices/surface-hub/intro-to-surface-hub.md @@ -15,143 +15,14 @@ localizationpriority: medium Microsoft Surface Hub is an all-in-one productivity device that is intended for brainstorming, collaboration, and presentations. In order to get the maximum benefit from Surface Hub, your organization’s infrastructure and the Surface Hub itself must be properly set up and integrated. This guide describes what needs to be done both before and during setup in order to help you optimize your use of the device. - -### Surface Hub features and interactions with other services - -The capabilities of your Surface Hub will depend on what other Microsoft products and technologies are available to it in your infrastructure. The products listed in the following table each support specific features in Surface Hub. - -
| Scenario | -Requirement | -
|---|---|
One-touch meeting join, meetings calendar, and email (for example, sending whiteboards) |
-Device account with Microsoft Exchange 2013 or later, or Exchange Online and a network connection to where the account is hosted. |
-
Meetings using Skype for Business |
-Device account with Skype for Business (Lync Server 2013 or later) or Skype for Business Online, and a network connection so the account can be accessed. |
-
Web browsing through Microsoft Edge |
-Internet connectivity. |
-
Remote and multi-device management |
-Supported mobile device management (MDM) solutions (Microsoft Intune, System Center 2012 R2 Configuration Manager, or supported third-party solution). |
-
Group-based local management (directory of employees who can manage a device) |
-Active Directory or Azure Active Directory (Azure AD). |
-
Universal Windows app installation |
-Windows Imaging and Configuration Designer (ICD) or supported MDM solutions (Intune, Configuration Manager, or supported third-party solution). |
-
OS updates |
-Internet connectivity or Windows Server Update Services (WSUS). |
-
Device monitoring and health |
-Microsoft Operations Management Suite (OMS). |
-
| Dependency | -Purpose | -
|---|---|
Active Directory (if using an on-premises deployment) |
-The Surface Hub must be able to connect to the domain controller in order to validate the device account’s credentials, as well as to access information like the device account’s display name, alias, Exchange server, and Session Initiation Protocol (SIP) address. |
-
Microsoft Office 365 (if using an online deployment) |
-The Surface Hub must have Internet access in order to reach your Office 365 tenant. The device will connect to the Office 365 in order to validate the device account’s credentials, as well as to access information like the device account’s display name, alias, Exchange server, and SIP address. |
-
Device account |
-The device account is an Active Directory and/or Azure AD account that enables several key features for the Surface Hub. Learn more about device accounts in [Create and test a device account](create-and-test-a-device-account-surface-hub.md). |
-
Exchange and Exchange ActiveSync |
-The Surface Hub must be able to reach the device account’s Exchange servers. Exchange is used for enabling mail and calendar features, and also lets people who use the device send meeting requests to the Surface Hub, enabling one-touch meeting join. -ActiveSync is used to sync the device account’s calendar and mail to the Surface Hub. If the device cannot use ActiveSync, it will not show meetings on the welcome screen, and joining meetings and emailing whiteboards will not be enabled. |
-
Skype for Business |
-The Surface Hub must be able to reach the device account’s Skype for Business servers. Skype for Business is used for various conferencing features, like video calls, IM, and screen sharing. |
-
Certificate-based authentication |
-If certificate-based authentication is required to establish a connection with Exchange ActiveSync or Skype for Business, those certificates must be deployed to each Surface Hub. |
-
Dynamic IP |
-The Surface Hub cannot be configured to use a static IP. It must use DHCP to assign an IP address. Network or Internet access is required, depending on the configuration of your topology (on-premises or online respectively) in order to validate the device account. |
-
Proxy servers |
-If your topology requires a connection to a proxy server to reach Active Directory, Microsoft Online Services, or your Exchange or Skype for Business servers, then you can configure it during first run, or in Settings. |
-
Mobile device management (MDM) solution provider |
-If you want to manage devices remotely and by groups (apply settings or policies to multiple devices at a time), you must set up a MDM solution and enroll the device to that solution. |
-
Microsoft Operations Management Suite (OMS) |
-OMS is used to monitor Surface Hub devices. |
-
The Surface Hub's uses an Active Directory or Azure AD account (called a **device account**) to access Exchange and Skype for Business services. The Surface Hub must be able to connect to your Active Directory domain controller or to your Azure AD tenant in order to validate the device account’s credentials, as well as to access information like the device account’s display name, alias, Exchange server, and Session Initiation Protocol (SIP) address.
You can also domain join or Azure AD join your Surface Hub to allow a group of authorized users to configure settings on the Surface Hub. | +| Exchange (Exchange 2013 or later, or Exchange Online) and Exchange ActiveSync |Exchange is used for enabling mail and calendar features, and also lets people who use the device send meeting requests to the Surface Hub, enabling one-touch meeting join.
ActiveSync is used to sync the device account’s calendar and mail to the Surface Hub. If the device cannot use ActiveSync, it will not show meetings on the welcome screen, and joining meetings and emailing whiteboards will not be enabled. | +| Skype for Business (Lync Server 2013 or later, or Skype for Business Online) | Skype for Business is used for various conferencing features, like video calls, instant messaging, and screen sharing. | +| Mobile device management (MDM) solution (Microsoft Intune, System Center Configuration Manager, or supported third-party MDM provider) | If you want to apply settings and install apps remotely, and to multiple devices at a time, you must set up a MDM solution and enroll the device to that solution. See [Manage settings with an MDM provider](manage-settings-with-mdm-for-surface-hub.md) for details. | +| Microsoft Operations Managmement Suite (OMS) | OMS is used to monitor the health of Surface Hub devices. See [Monitor your Surface Hub](monitor-surface-hub.md) for details. | +| Network and Internet access |In order to function properly, the Surface Hub should have access to a wired or wireless network. Overall, a wired connection is preferred.
**Dynamic IP:** The Surface Hub cannot be configured to use a static IP. It must use DHCP to assign an IP address.
**Proxy servers:** If your topology requires a connection to a proxy server to reach Internet services, then you can configure it during first run, or in Settings. | + +Additionally, note that Surface Hub requires the following open ports: +- HTTPS: 443 +- HTTP: 80 + +Depending on your environment, access to additional ports may be needed: +- For online environments, see [Office 365 IP URLs and IP address ranges](https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US). +- For on-premises installations, see [Skype for Business Server: Ports and protocols for internal servers](https://technet.microsoft.com/library/gg398833.aspx). + +Microsoft collects telemetry to help improve your Surface Hub experience. Add these sites to your allow list: +- Telemetry client endpoint: `https://vortex.data.microsoft.com/` +- Telemetry settings endpoint: `https://settings.data.microsoft.com/` -In order to function properly, the Surface Hub must have access to a wired or wireless network that meets these requirements: +## Work with other admins -- Access to your Active Directory or Azure Active Directory (Azure AD) instance, as well as your Microsoft Exchange and Skype for Business servers -- Can receive an IP address using DHCP -- Open ports: - - HTTPS: 443 - - HTTP: 80 - -A wired connection is preferred. - -## Certificates +Surface Hub interacts with a few different products and services. Depending on the size of your organization, there could be multiple people supporting different products in your environment. You'll want to include people who manage Exchange, Active Directory (or Azure Active Directory), mobile device management (MDM), and network resources in your planning and prep for Surface Hub deployments. -Your Surface Hub may require certificates for ActiveSync, Skype for Business, network usage, or other authentication. To install certificates, you can either create a provisioning package (in order to install at first run, or after first run in Settings), or deploy them through a mobile device management (MDM) solution (after first run only). +## Create and verify device account -To install certificates using provisioning packages, see [Create provisioning packages](provisioning-packages-for-certificates-surface-hub.md). To install them using MDM, see the documentation for your MDM solution. +A device account is an Exchange resource account that Surface Hub uses to display its meeting calendar, join Skype for Business calls, and send email. See [Create and test a device account](create-and-test-a-device-account-surface-hub.md) for details. -## Create provisioning packages +After you've created your device account, there are a couple of ways to verify that it's setup correctly. +- Run Surface Hub device account validation PowerShell scripts. For more information, see [Surface Hub device account scripts](https://gallery.technet.microsoft.com/scriptcenter/Surface-Hub-device-account-6db77696) in Script Center, or [PowerShell scripts for Surface Hub](appendix-a-powershell-scripts-for-surface-hub.md) later in this guide. +- Use the account with the [Lync Windows Store app](https://www.microsoft.com/en-us/store/p/lync/9wzdncrfhvhm). If Lync signs in successfully, then the device account will most likely work with Skype for Business on Surface Hub. + +## Prepare for first-run program +There are a few more item to consider before you start the [first-run program](first-run-program-surface-hub.md). -Currently, Surface Hub can use provisioning packages only to install certificates and to install Universal Windows Platform (UWP) apps. See [Create provisioning packages](provisioning-packages-for-certificates-surface-hub.md) for details. +### Create provisioning packages (optional) +You can use provisioning packages to add certificates, customize settings and install apps. See [Create provisioning packages](provisioning-packages-for-certificates-surface-hub.md) for details. You can [install provisioning packages at first-run](first-run-program-surface-hub.md#first-page). -Customers will use provisioning packages to authenticate (for example, to Exchange or Skype for Business), or to sideload apps that don't come from the Windows Store or Windows Store for Business. +### Set up admin groups +Every Surface Hub can be configured locally using the Settings app on the device. To prevent unauthorized users from changing settings, the Settings app requires admin credentials to open the app. See [Admin group management](admin-group-management-for-surface-hub.md) for details on how admin groups are set up and managed. You will [set up admins for the device at first run](first-run-program-surface-hub.md#setup-admins). -## Know the Exchange server for your device account +### Review and complete Surface Hub setup worksheet (optional) +When you go through the first-run program for your Surface Hub, there's some information that you'll need to supply. The setup worksheet summarizes that info, and provides lists of environment-specific info that you'll need when you go through the first-run program. For more information, see [Setup worksheet](setup-worksheet-surface-hub.md). -You should know which Exchange server the device account will use for email and calendar services. The device will attempt to discover this automatically during first run, but if auto-discovery doesn't work, you may need to enter the server info manually. - -### Admin group management - -Every Surface Hub can be configured individually by opening the Settings app on the device. To prevent people who are not administrators from changing settings, the Settings app requires local administrator credentials to open the app and change settings. See [Admin group management](admin-group-management-for-surface-hub.md) for details on how admin groups are set up and managed. - -## Skype for Business - - -Certificates may be required in order to have the Surface Hub use Skype for Business. - -## Checklist for preparation - - -In order to ensure that your environment is ready for the Surface Hub, verify the items in the following list. - -1. The device account has been created. - - Test this by running: - - - Surface Hub device account validation PowerShell scripts - - Lync Windows app from the Windows Store (if Lync runs successfully, then Skype for Business will most likely run). - -2. Ensure that there is a working network/Internet connection for the device to connect to: - - - It must be able to receive an IP address using DHCP (Surface Hub cannot be configured with a static IP address) - - It must have these ports open: - - - HTTPS: 443 - - HTTP: 80 - - If your network runs through a proxy, you'll need the proxy address or script information as well. - -3. In order to improve your experience, we collect data. To collect data, we need these sites whitelisted: - - Telemetry client endpoint: https://vortex.data.microsoft.com/ - - Telemetry settings endpoint: https://settings.data.microsoft.com/ - -4. Choose the local admin method you want to set up during first run (see [Set up admins for this device](first-run-program-surface-hub.md#setup-admins)). Also, decide whether you'll be using MDM (see [Manage settings with an MDM provider](manage-settings-with-mdm-for-surface-hub.md)). -5. You've created provisioning packages, as needed. See [Create provisioning packages](provisioning-packages-for-certificates-surface-hub.md). -6. Have all necessary information available from the [Setup worksheet](setup-worksheet-surface-hub.md). - ## In this section -|
- Proxy script: http://contoso/proxy.pa + Proxy script:
The certificate generated by this script is not recommended for production environments. +>[!NOTE] +>You can use the following PowerShell script to create a self-signed certificate for use in proof-of-concept scenarios. + > To use this script, copy the following text into Notepad and save the file as a PowerShell script (.ps1). This script creates a certificate with a password of `12345678`. The certificate generated by this script is not recommended for production environments. ``` if (-not (Test-Path "Demo Certificate")) { New-Item -ItemType Directory -Force -Path "Demo Certificate" } @@ -160,4 +167,11 @@ $TestUefiV2 | Export-PfxCertificate -Password $pw -FilePath "Demo Certificate\Te For use with SEMM and Microsoft Surface UEFI Configurator, the certificate must be exported with the private key and with password protection. Microsoft Surface UEFI Configurator will prompt you to select the SEMM certificate file (.pfx) and certificate password when it is required. ->**Note**: For organizations that use an offline root in their PKI infrastructure, Microsoft Surface UEFI Configurator must be run in an environment connected to the root CA to authenticate the SEMM certificate. The packages generated by Microsoft Surface UEFI Configurator can be transferred as files and therefore can be transferred outside the offline network environment with removable storage, such as a USB stick. +>[!NOTE] +>For organizations that use an offline root in their PKI infrastructure, Microsoft Surface UEFI Configurator must be run in an environment connected to the root CA to authenticate the SEMM certificate. The packages generated by Microsoft Surface UEFI Configurator can be transferred as files and therefore can be transferred outside the offline network environment with removable storage, such as a USB stick. + +## Related topics + +[Enroll and configure Surface devices with SEMM](enroll-and-configure-surface-devices-with-semm.md) + +[Unenroll Surface devices from SEMM](unenroll-surface-devices-from-semm.md) \ No newline at end of file diff --git a/devices/surface/update.md b/devices/surface/update.md new file mode 100644 index 0000000000..3e00c77e71 --- /dev/null +++ b/devices/surface/update.md @@ -0,0 +1,38 @@ +--- +title: Surface firmware and driver updates (Surface) +description: Find out how to download and manage the latest firmware and driver updates for your Surface device. +ms.prod: w10 +ms.mktglfcycl: manage +ms.pagetype: surface, devices +ms.sitesec: library +author: heatherpoulsen +--- + +# Surface firmware and driver updates + +Find out how to download and manage the latest firmware and driver updates for your Surface device. + +## In this section + +| Topic | Description | +| --- | --- | +| [Download the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md)| Get a list of the available downloads for Surface devices and links to download the drivers and firmware for your device.| +| [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md)| Explore the available options to manage firmware and driver updates for Surface devices.| +| [Manage Surface Dock firmware updates](manage-surface-dock-firmware-updates.md)| Read about the different methods you can use to manage the process of Surface Dock firmware updates.| +| [Surface Dock Updater](surface-dock-updater.md)| Get a detailed walkthrough of Microsoft Surface Dock Updater.| + + +## Related topics + +[Surface TechCenter](https://technet.microsoft.com/windows/surface) + +[Surface for IT pros blog](http://blogs.technet.com/b/surface/) + + + + + + + + + diff --git a/devices/surface/using-the-sda-deployment-share.md b/devices/surface/using-the-sda-deployment-share.md new file mode 100644 index 0000000000..043150076c --- /dev/null +++ b/devices/surface/using-the-sda-deployment-share.md @@ -0,0 +1,163 @@ +--- +title: Using the Microsoft Surface Deployment Accelerator deployment share (Surface) +description: Explore the scenarios where you can use SDA to meet the deployment needs of your organization including Proof of Concept, pilot deployment, as well as import additional drivers and applications. +keywords: deploy, install, automate, deployment solution +ms.prod: w10 +ms.mktglfcycl: deploy +ms.pagetype: surface, devices +ms.sitesec: library +author: Scottmca +--- + +# Using the Microsoft Surface Deployment Accelerator deployment share + +With Microsoft Surface Deployment Accelerator (SDA), you can quickly and easily set up a deployment solution that is ready to deploy Windows to Surface devices. The prepared environment is built on powerful deployment technologies available from Microsoft, such as the [Microsoft Deployment Toolkit (MDT)](https://technet.microsoft.com/en-us/windows/dn475741), and is capable of immediately performing a deployment after configuration. See [Step-by-Step: Surface Deployment Accelerator](https://technet.microsoft.com/en-us/itpro/surface/step-by-step-surface-deployment-accelerator) for a comprehensive walkthrough of using the SDA wizard to set up a deployment share and perform a deployment. + +For more information about SDA and information on how to download SDA, see [Microsoft Surface Deployment Accelerator (SDA)](https://technet.microsoft.com/en-us/itpro/surface/microsoft-surface-deployment-accelerator). + +Using SDA provides these primary benefits: + +* With SDA, you can create a ready-to-deploy environment that can deploy to target devices as fast as your download speeds allow. The wizard experience enables you to check a few boxes and then the automated process builds your deployment environment for you. + +* With SDA, you prepare a deployment environment built on the industry leading deployment solution of MDT. With MDT you can scale from a relatively basic deployment of a few Surface devices to a solution capable of deploying to thousands of devices including all of the different makes and models in your organization and all of the applications required by each device and user. + +This article explores four scenarios where you can use SDA to meet the needs of your organization. See [Deploy Windows 10](https://technet.microsoft.com/en-us/itpro/windows/deploy/index) to explore the capabilities of MDT and the Windows deployment technologies available from Microsoft in greater detail. + +## Perform a Proof of Concept deployment + +One of the primary scenarios for use of SDA is as a Proof of Concept. A *Proof of Concept* (PoC) enables you to test or evaluate the capabilities of a solution or technology. A PoC is often used to illustrate the benefits of the solution or technology to decision makers. For example, if you want to recommend Surface devices as a replacement of older point of sale (POS) systems, you could perform a PoC to demonstrate how Surface devices provide superior computing power, flexibility, and connectivity when compared to alternate options. + +Using SDA to prepare a PoC of Surface devices enables you to very quickly prepare a demonstration of Surface device or devices, which gives you more time for customization or preparation. The flexibility of SDA even lets you import resources, like applications and drivers, from existing MDT deployment infrastructure. See the [Work with existing deployment shares](#work-with-existing-deployment-shares) section later in this article for more information. + +SDA is also an excellent PoC of the capabilities of MDT. SDA demonstrates just how quickly an MDT deployment environment can be prepared and made ready for deployment to devices. It also shows just how flexible and customizable the MDT solution can be, with support for Windows 10 and Windows 8.1, for Windows Store and desktop applications, and several models of Surface devices. + +Some recommendations for a successful PoC with SDA are: + +* Keep your SDA deployment environment separate from your production network. This ensures optimal performance and reduces potential for conflicts during your PoC deployment. + +* Use a fresh and updated instance of Windows Server to house your SDA deployment share to maintain the simplicity and performance of the demonstration environment. + +* Test the deployment process before you demonstrate your PoC. This reduces the potential for unexpected situations and keeps the demonstration focused on the deployment process and Surface devices. + +* Use offline files with SDA to further reduce installation times. + +* For help with your PoC, contact [Surface Support](https://www.microsoft.com/surface/en-us/support/contact-us-business). + +## Perform a pilot deployment + +A pilot deployment differs from a PoC. Where a PoC is usually a closed demonstration that is performed prior to the deployment process in order to get approval for the use of certain technologies or solutions, a *pilot deployment* is performed during the deployment process as a limited scope deployment for testing and validation. The focus of a pilot deployment can be as narrow as only a handful of devices, or wide enough to include a significant portion of your organization. + +>[!NOTE] +>A pilot deployment should not replace the testing process that should be performed regularly in the lab as the deployment environment is built and developed. A deployment solution should be tested in virtual and physical environments as new applications and drivers are added and when task sequences are modified and before a pilot deployment is performed. + +For example, you are tasked with deploying Surface devices to mobile workers and you want to test the organization’s MDT deployment process by providing a small number of devices to executives. You can use SDA to create an isolated Surface deployment environment and then copy the task sequence, applications, and drivers needed from the production deployment share. This not only enables you to quickly create a Surface deployment, but it also minimizes the risk to the production deployment process used for other types of devices. + +For small organizations, the pilot deployment environment of SDA may suffice as a complete deployment solution. Even if you do not have an existing deployment environment, you can import drivers and applications (covered later in this article) to provide a complete deployment solution based on MDT. Even without previous knowledge of MDT or Windows deployment, you can follow the [Step-by-Step: Surface Deployment Accelerator](https://technet.microsoft.com/en-us/itpro/surface/step-by-step-surface-deployment-accelerator) article to get started with a deployment to Surface devices. + +## Import additional drivers + +The SDA deployment share includes all of the drivers needed for Surface devices. This includes the drivers for the components inside the Surface device, such as the wireless network adapter and the main chipset, as well as drivers for Surface accessories, such as the Surface Dock or Surface USB Ethernet adapters. The SDA deployment share does not, however, include drivers for third-party devices or peripherals. + +For example, you may intend to use your Surface device with a thermal printer, credit card reader, and barcode scanner as a POS terminal. In this scenario, the thermal printer, credit card reader, and barcode scanner will very likely require installation of drivers to operate properly. You could potentially download and install these drivers from Windows Update when each peripheral is connected, or you could install the driver package from the manufacturer manually on each Surface device, but the ideal solution is to have these drivers already present in Windows so that when the peripheral is connected, it will just work. + +Because SDA is built on MDT, adding the drivers to the SDA deployment share is easy and simple. + +>[!NOTE] +>The drivers must be in the Setup Information File (.inf) format. If the drivers for your device come as an executable file (.exe), they may need to be extracted or installed to procure the .inf file. Some device drivers come packaged with applications, for example an all-in-one printer bundled with scan software. These applications will need to be installed separately from the drivers. + +To import drivers for a peripheral device: + +1. Download the drivers for your device from the manufacturer web site. + +2. Open the MDT Deployment Workbench. + +3. Expand the **Deployment Shares** node and expand the SDA deployment share. + +4. Expand the **Out-of-Box Drivers** folder. + +5. Select the folder of the Surface model for which you would like to include this driver. + +6. Click **Import Drivers** to start the Import Drivers Wizard, as shown in Figure 1. + +  + + *Figure 1. Provide the location of your driver files* + +7. The Import Drivers Wizard presents a series of steps: + + - **Specify Directory** – Click **Browse** and navigate to the folder where you stored the drivers in Step 1. + - **Summary** – Review the specified configuration on this page before you click **Next** to begin the import process. + - **Progress** – While the drivers are imported, a progress bar is displayed on this page. + - **Confirmation** – When the import process completes, the success of the process is displayed on this page. Click **Finish** to complete the Import Drivers Wizard. + +8. Repeat Steps 5-7 for each Surface model on which you would like to include this driver. + +9. Close the Deployment Workbench. + +After the drivers are imported for the Surface model, the deployment task sequence will automatically select the drivers during the deployment process and include them in the Windows environment. When you connect your device, such as the barcode scanner in the example, Windows should automatically detect the device and you should be able to use it immediately. + +>[!NOTE] +>You can even import drivers for other computer makes and models to support other devices. See **Step 5: Prepare the drivers repository** in [Deploy a Windows 10 image using MDT 2013 Update 2](https://technet.microsoft.com/en-us/itpro/windows/deploy/deploy-a-windows-10-image-using-mdt) for more information about how to import drivers for other makes and models. + +## Import additional applications + +As with drivers, the SDA deployment share can be pre-configured with apps like the Surface App and Microsoft Office 365. You can also add applications to the SDA deployment share and configure them to be installed on your Surface devices during deployment of Windows. In the ideal scenario, your Surface devices deployed with the SDA deployment share will include all of the applications needed to be ready for your end users. + +In the previous example for including drivers for a POS system, you would also need to include POS software for processing transactions and recording the input from the barcode scanner and credit card reader. To import an application and prepare it for installation on your Surface devices during Windows deployment: + +1. Download the application installation files or locate the installation media for your application. + +2. Determine the command line instruction for silent installation, usually provided by the developer of the application. For Windows Installer files (.msi), see [Standard Installer Command-Line Options](https://msdn.microsoft.com/library/windows/desktop/aa372024) in the Windows Dev Center. + +3. Open the MDT Deployment Workbench. + +4. Expand the **Deployment Shares** node and expand the SDA deployment share. + +5. Expand the **Applications** folder. + +6. Click **New Application** to start the New Application Wizard, as shown in Figure 2. + +  + + *Figure 2: Provide the command to install your application* + +7. Follow the steps of the New Application Wizard: + + - **Application Type** – Click **Application with Source Files**, and then click **Next**. + - **Details** – Enter a name for the application in the **Application Name** field. Enter publisher, version, and language information in the **Publisher**, **Version**, and **Language** fields if desired. Click **Next**. + - **Source** – Click **Browse** to navigate to and select the folder with the application installation files procured in Step 1, and then click **Next**. + - **Destination** – Enter a name for the folder where the application files will be stored in the **Specify the Name of the Directory that Should Be Created** field or click **Next** to accept the default name. + - **Command Details** – Enter the silent command-line instruction, for example `setup.msi /quiet /norestart` + - **Summary** – Review the specified configuration on this page before you click **Next** to begin the import process. + - **Progress** – While the installation files are imported, a progress bar is displayed on this page. + - **Confirmation** – When the import process completes, the success of the process is displayed on this page. Click **Finish** to complete the New Application Wizard. + +8. Click the **Task Sequences** folder, right-click **1 - Deploy Microsoft Surface**, and then click **Properties**. + +9. Click the **Task Sequence** tab to view the steps that are included in the new task sequence. + +10. Select the **Windows Update (Pre-Application Installation)** step, and then click **Add**. + +11. Hover the mouse over **General** under the **Add** menu, and then click **Install Application**. This will add a new step after the selected step for the installation of a specific application as shown in Figure 3. + +  + + *Figure 3. A new Install Application step for Sample POS App* + +12. On the **Properties** tab of the new **Install Application** step, enter **Install - Sample POS App** in the **Name** field, where *Sample POS App* is the name of your app. + +13. Click **Install a Single Application**, and then click **Browse** to view available applications that have been imported into the deployment share. + +14. Select your app from the list of applications, and then click **OK**. + +15. Click **OK** to close the task sequence properties. + +16. Close the Deployment Workbench. + +## Work with existing deployment shares + +One of the many benefits of an MDT deployment share is the simplicity of how deployment resources are stored. The MDT deployment share is, at its core, just a standard network file share. All deployment resources, such as Windows images, application installation files, and drivers, are stored in a share that can be browsed with File Explorer, copied and pasted, and moved just like any other file share, provided that you have the necessary permissions. This makes working with deployment resources extremely easy. MDT even allows you to make it easier by allowing you to open multiple deployment shares from the Deployment Workbench and to transfer or copy resources between them. + +This ability gives SDA some extra capabilities when used in an environment with an existing MDT infrastructure. For example, if you install SDA on an isolated server to prepare a PoC and then log on to your production MDT deployment share from the Deployment Workbench on your SDA server, you can copy applications, drivers, task sequences, and other components into the SDA deployment share that is prepared with Surface apps and drivers. With this process, in a very short amount time, you can have a deployment environment ready to deploy your organization’s precise requirements to Surface devices. + +You can also use this capability in reverse. For example, you can copy the Surface drivers, deployment task sequences, and apps directly into a lab or testing environment following a successful PoC. Using these resources, you can immediately begin to integrate Surface deployment into your existing deployment infrastructure. diff --git a/education/windows/TOC.md b/education/windows/TOC.md index b88d81df41..2e31b14786 100644 --- a/education/windows/TOC.md +++ b/education/windows/TOC.md @@ -1,5 +1,4 @@ -# [Windows 10 for education](index.md) -## [Change history for Windows 10 for Education](change-history-edu.md) +# [Windows 10 for Education](index.md) ## [Windows 10 editions for education customers](windows-editions-for-education-customers.md) ## [Setup options for Windows 10](set-up-windows-10.md) ### [Use the Set up School PCs app ](use-set-up-school-pcs-app.md) @@ -10,11 +9,12 @@ ### [For teachers: get Minecraft Education Edition](teacher-get-minecraft.md) ### [For IT administrators: get Minecraft Education Edition](school-get-minecraft.md) ## [Take tests in Windows 10 ](take-tests-in-windows-10.md) -### [Set up Take a Test on a single PC ](take-a-test-single-pc.md) -### [Set up Take a Test on multiple PCs ](take-a-test-multiple-pcs.md) -### [Take a Test app technical reference ](take-a-test-app-technical.md) +### [Set up Take a Test on a single PC](take-a-test-single-pc.md) +### [Set up Take a Test on multiple PCs](take-a-test-multiple-pcs.md) +### [Create tests using Microsoft Forms](create-tests-using-microsoft-forms.md) +### [Take a Test app technical reference](take-a-test-app-technical.md) ## [Deployment recommendations for school IT administrators](edu-deployment-recommendations.md) ## [Deploy Windows 10 in a school](deploy-windows-10-in-a-school.md) ## [Deploy Windows 10 in a school district](deploy-windows-10-in-a-school-district.md) ## [Chromebook migration guide](chromebook-migration-guide.md) - +## [Change history for Windows 10 for Education](change-history-edu.md) diff --git a/education/windows/change-history-edu.md b/education/windows/change-history-edu.md index 0d1c19f506..f03105f10d 100644 --- a/education/windows/change-history-edu.md +++ b/education/windows/change-history-edu.md @@ -12,38 +12,39 @@ author: jdeckerMS This topic lists new and updated topics in the [Windows 10 for Education](index.md) documentation. +## September 2016 + +| New or changed topic | Description| +| --- | --- | +| [Create tests using Microsoft Forms](create-tests-using-microsoft-forms.md) | New. Learn how to use Microsoft Forms with the Take a Test app to prevent access to other computers or online resources while completing a test. | ## RELEASE: Windows 10, version 1607 -The topics in this library have been updated for Windows 10, version 1607 (also known as the Anniversary Update). The following new topics have been added: +The topics in this library have been updated for Windows 10, version 1607 (also known as the Anniversary Update). The following new topics have been added: - [Set up Windows 10](set-up-windows-10.md) - [Set up student PCs to join domain](set-up-students-pcs-to-join-domain.md) - [Provision student PCs with apps](set-up-students-pcs-with-apps.md) - [Deployment recommendations for school IT administrators](edu-deployment-recommendations.md) - ## July 2016 - | New or changed topic | Description| | --- | --- | -| [Windows 10 editions for education customers](windows-editions-for-education-customers.md) | New | -|[Deploy Windows 10 in a school district](deploy-windows-10-in-a-school-district.md)|New | - - +| [Windows 10 editions for education customers](windows-editions-for-education-customers.md) | New. Learn about the two editions in Windows 10, version 1607 that's designed for the needs of K-12 institutions. | +|[Deploy Windows 10 in a school district](deploy-windows-10-in-a-school-district.md)|New. Learn how to deploy Windows 10 in a school district. Integrate the school environment with Office 365, AD DS, and Microsoft Azure AD, use SCCM, Intune, and Group Policy to manage devices. | ## June 2016 | New or changed topic | Description | |----------------------|-------------| -| [Get Minecraft Education Edition](get-minecraft-for-education.md) [For teachers: get Minecraft Education Edition](teacher-get-minecraft.md) [For IT administrators: get Minecraft Education Edition](school-get-minecraft.md) | New | +| [Get Minecraft Education Edition](get-minecraft-for-education.md) [For teachers: get Minecraft Education Edition](teacher-get-minecraft.md) [For IT administrators: get Minecraft Education Edition](school-get-minecraft.md) | New. Learn how to get and distribute Minecraft: Education Edition. | ## May 2016 | New or changed topic | Description | |----------------------|-------------| -| [Use the Set up School PCs app (Preview)](use-set-up-school-pcs-app.md) | New | -| [Set up School PCs app technical reference (Preview)](set-up-school-pcs-technical.md) | New | -| [Take tests in Windows 10 (Preview)](take-tests-in-windows-10.md) [Set up Take a Test on a single PC (Preview)](take-a-test-single-pc.md) [Set up Take a Test on multiple PCs (Preview)](take-a-test-multiple-pcs.md) [Take a Test app technical reference (Preview)](take-a-test-app-technical.md) | New | +| [Use the Set up School PCs app (Preview)](use-set-up-school-pcs-app.md) | New. Learn how the Set up School PCs app works and how to use it. | +| [Set up School PCs app technical reference (Preview)](set-up-school-pcs-technical.md) | New. Describes the changes that the Set up School PCs app makes to a PC. | +| [Take tests in Windows 10 (Preview)](take-tests-in-windows-10.md) [Set up Take a Test on a single PC (Preview)](take-a-test-single-pc.md) [Set up Take a Test on multiple PCs (Preview)](take-a-test-multiple-pcs.md) [Take a Test app technical reference (Preview)](take-a-test-app-technical.md) | New. Learn how to set up and use the Take a Test app. | | [Chromebook migration guide](chromebook-migration-guide.md) | Moved from [Windows 10 and Windows 10 Mobile](https://technet.microsoft.com/en-us/itpro/windows/plan/index) library, originally published in November 2015 | -| [Deploy Windows 10 in a school](deploy-windows-10-in-a-school.md) | Moved from [Windows 10 and Windows 10 Mobile](https://technet.microsoft.com/en-us/itpro/windows/plan/index) library, originally published in May 2016 | \ No newline at end of file +| [Deploy Windows 10 in a school](deploy-windows-10-in-a-school.md) | Moved from [Windows 10 and Windows 10 Mobile](https://technet.microsoft.com/en-us/itpro/windows/plan/index) library, originally published in May 2016 | diff --git a/education/windows/create-tests-using-microsoft-forms.md b/education/windows/create-tests-using-microsoft-forms.md new file mode 100644 index 0000000000..64a6208970 --- /dev/null +++ b/education/windows/create-tests-using-microsoft-forms.md @@ -0,0 +1,29 @@ +--- +title: Create tests using Microsoft Forms +description: Learn how to use Microsoft Forms with the Take a Test app to prevent access to other computers or online resources while completing a test. +keywords: school, Take a Test, Microsoft Forms +ms.prod: w10 +ms.mktglfcycl: plan +ms.sitesec: library +ms.pagetype: edu +author: CelesteDG +--- + +# Create tests using Microsoft Forms +**Applies to:** + +- Windows 10 + + +For schools that have an Office 365 Education subscription, teachers can use [Microsoft Forms](https://support.office.com/article/What-is-Microsoft-Forms-6b391205-523c-45d2-b53a-fc10b22017c8) to create a test and then require that students use the Take a Test app to block access to other computers or online resources while completing the test created through Microsoft Forms. + +To do this, teachers can select a check box to make it a secure test. Microsoft Forms will generate a link that you can use to embed into your OneNote or class website. When students are ready to take a test, they can click on the link to start the test. + +Microsoft Forms will perform checks to ensure students are taking the test in a locked down Take a Test session. If not, students are not permitted access to the assessment. + +[Learn how to block Internet access while students complete your form](https://support.office.com/article/6bd7e31d-5be0-47c9-a0dc-c0a74fc48959) + + +## Related topics + +[Take tests in Windows 10](take-tests-in-windows-10.md) diff --git a/education/windows/deploy-windows-10-in-a-school.md b/education/windows/deploy-windows-10-in-a-school.md index b819adf9a0..3f1dad3d00 100644 --- a/education/windows/deploy-windows-10-in-a-school.md +++ b/education/windows/deploy-windows-10-in-a-school.md @@ -565,7 +565,7 @@ After you create the Windows Store for Business portal, configure it by using th Now that you have created your Windows Store for Business portal, you’re ready to find, acquire, and distribute apps that you will add to your portal. You do this by using the Inventory page in Windows Store for Business. -**Note** Your educational institution can now use a credit card or purchase order to pay for apps in Windows Store for Business. +**Note** Your educational institution can now use a credit card to pay for apps in Windows Store for Business. You can deploy apps to individual users or make apps available to users through your private store. Deploying apps to individual users restricts the app to those specified users. Making apps available through your private store allows all your users. diff --git a/education/windows/index.md b/education/windows/index.md index 6e20c83aae..f8d54749bf 100644 --- a/education/windows/index.md +++ b/education/windows/index.md @@ -9,9 +9,11 @@ author: jdeckerMS --- # Windows 10 for Education -[Windows 10 Education](https://www.microsoft.com/en-us/education/products/windows/default.aspx) empowers staff, administrators, teachers and students to do great things. +[Windows 10 Education and Windows 10 Pro Education](https://www.microsoft.com/en-us/education/products/windows/default.aspx) empowers staff, administrators, teachers and students to do great things. -[Find out how to get Windows 10 Education for your school.](https://www.microsoft.com/en-us/education/buy-license/overview-of-how-to-buy/default.aspx?tabshow=schools) +[Find out how to get Windows 10 Education or Windows 10 Pro Education for your school](https://www.microsoft.com/en-us/education/buy-license/overview-of-how-to-buy/default.aspx?tabshow=schools) + +[Learn more about what features and functionality are supported in each Windows edition](https://www.microsoft.com/en-us/WindowsForBusiness/Compare) ## In this section @@ -28,5 +30,5 @@ author: jdeckerMS ## Related topics -- [Windows 10 and Windows 10 Mobile](https://technet.microsoft.com/itpro/windows/index) - [Try it out: virtual labs and how-to videos for Windows 10 Education](https://technet.microsoft.com/en-us/windows/dn610356) +- [Windows 10 and Windows 10 Mobile](https://technet.microsoft.com/itpro/windows/index) diff --git a/education/windows/set-up-school-pcs-technical.md b/education/windows/set-up-school-pcs-technical.md index 6fdf7e3da3..0eabc87c57 100644 --- a/education/windows/set-up-school-pcs-technical.md +++ b/education/windows/set-up-school-pcs-technical.md @@ -191,16 +191,6 @@ The **Set up School PCs** app produces a specialized provisioning package that m | ||||
| Turn off the advertising ID | Enabled |
|||
| Admin Templates>Windows Components |
-||||
| Do not show Windows Tips | Enabled |
-|||
| Turn off Microsoft consumer experiences | Enabled |
-|||
| Microsoft Passport for Work | Disabled |
-|||
| Prevent the usage of OneDrive for file storage | Enabled |
-|||
| Admin Templates>Windows Components>Biometrics |
||||
| Allow the use of biometrics | Disabled |
@@ -209,6 +199,11 @@ The **Set up School PCs** app produces a specialized provisioning package that m
|||
| Allow domain users to log on using biometrics | Disabled |
|||
| Admin Templates>Windows Components>Cloud Content | ||||
| Do not show Windows Tips | Enabled |
+|||
| Turn off Microsoft consumer experiences | Enabled |
+|||
| Admin Templates>Windows Components>Data Collection and Preview Builds |
||||
| Toggle user control over Insider builds | Disabled |
@@ -235,10 +230,18 @@ The **Set up School PCs** app produces a specialized provisioning package that m
|||
| Configure corporate home pages | Enabled, about:blank |
|||
| Admin Templates > Windows Components > OneDrive |
+||||
| Prevent the usage of OneDrive for file storage | Enabled |
+|||
| Admin Templates > Windows Components > Search |
||||
| Allow Cortana | Disabled |
|||
| Admin Templates > Windows Components > Windows Hello for Business |
+||||
| Use Windows Hello for Business | Disabled |
+|||
| Windows Settings > Security Settings > Local Policies > Security Options |
||||
Accounts: Block Microsoft accounts **Note** Microsoft accounts can still be used in apps. | Enabled | |||
Windows 10 |
-Windows 10 |
+Windows Server 2016 or Windows 10 |
+Windows Server 2016 or Windows 10 |
Supported |
Supported |
||||
Windows Server 2012 R2, Windows Server 2012, Windows 8.1, or Windows 8 |
-Windows Server 2012 or Windows 8 |
+Windows Server 2012 R2, Windows Server 2012, or Windows 8.1 |
+Windows Server 2012 or Windows 8.1 |
Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1 |
Windows Server 2008 R2 or Windows 7 |
Windows Server 2008 R2 or Windows 7 |
-Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1 or Windows 8 |
+Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1 |
|
Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7 |
+Windows Server 2012, Windows Server 2008 R2, or Windows 7 |
Windows Server 2008 or Windows Vista with Service Pack 1 (SP1) |
-Supported, but cannot edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, Windows 8, or Windows 7 |
+Supported, but cannot edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, or Windows 7 |
Windows Server 2008 or Windows Vista with SP1 |
@@ -77,7 +77,7 @@ Table 1 lists the operating systems on which you can install AGPM 4.0 SP3, and
||||
Windows Server 2008 or Windows Vista with SP1 |
Windows Server 2008 or Windows Vista with SP1 |
-Supported, but cannot report or edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, Windows 8, or Windows 7 |
+Supported, but cannot report or edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, or Windows 7 |
|
Supported
Windows Server 2012 R2, Windows Server 2012, Windows 8.1, or Windows 8
Windows Server 2012 or Windows 8
Windows Server 2012 R2, Windows Server 2012, or Windows 8.1
Windows Server 2012 or Windows 8.1
Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1
Windows Server 2008 R2 or Windows 7
Windows Server 2008 R2 or Windows 7
Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1 or Windows 8
Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1
Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7
Windows Server 2012, Windows Server 2008 R2, or Windows 7
Windows Server 2008 or Windows Vista with Service Pack 1 (SP1)
Supported, but cannot edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, Windows 8, or Windows 7
Supported, but cannot edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, or Windows 7
Windows Server 2008 or Windows Vista with SP1
Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7
Windows Server 2012, Windows Server 2008 R2, or Windows 7
Not supported
Windows Server 2008 or Windows Vista with SP1
Windows Server 2008 or Windows Vista with SP1
Supported, but cannot report or edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, Windows 8, or Windows 7
Supported, but cannot report or edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, or Windows 7
Windows Server 2012 or Windows 8
Windows Server 2012 or Windows 8
Windows Server 2012
Windows Server 2012
Supported
Windows Server 2008 R2 or Windows 7
Windows Server 2008 R2 or Windows 7
Supported, but cannot edit policy settings or preference items that exist only in Windows 8
Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1
Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7
Windows Server 2012, Windows Server 2008 R2, or Windows 7
Windows Server 2008 or Windows Vista with SP1
Supported, but cannot edit policy settings or preference items that exist only in Windows Server 2008 R2, Windows 8, or Windows 7
Supported, but cannot edit policy settings or preference items that exist only in Windows Server 2008 R2, or Windows 7
Windows Server 2008 or Windows Vista with SP1
Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7
Windows Server 2012, Windows Server 2008 R2, or Windows 7
Supported
Windows Server 2008 or Windows Vista with SP1
Windows Server 2008 or Windows Vista with SP1
Supported, but cannot report or edit policy settings or preference items that exist only in Windows Server 2008 R2, Windows 8, or Windows 7
Supported, but cannot report or edit policy settings or preference items that exist only in Windows Server 2008 R2, or Windows 7
Windows 10
Windows Server 2016 or Windows 10
Windows 10
Supported
Supported
Windows Server 2012 R2, Windows Server 2012, Windows 8.1, or Windows 8
Windows Server 2012 or Windows 8
Windows Server 2012 R2, Windows Server 2012, or Windows 8.1
Windows Server 2012
Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1
Windows Server 2008 R2 or Windows 7
Windows Server 2008 R2 or Windows 7
Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1 or Windows 8
Supported, but cannot edit policy settings or preference items that exist only in Windows 8.1
Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7
Windows Server 2012, Windows Server 2008 R2, or Windows 7
Windows Server 2008 or Windows Vista with Service Pack 1 (SP1)
Supported, but cannot edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, Windows 8, or Windows 7
Supported, but cannot edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, or Windows 7
Windows Server 2008 or Windows Vista with SP1
Windows Server 2012, Windows Server 2008 R2, Windows 8, or Windows 7
Windows Server 2012, Windows Server 2008 R2, or Windows 7
Not supported
Windows Server 2008 or Windows Vista with SP1
Windows Server 2008 or Windows Vista with SP1
Supported, but cannot report or edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, Windows 8, or Windows 7
Supported, but cannot report or edit policy settings or preference items that exist only in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows 8.1, or Windows 7
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
64-bit
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
64-bit
Microsoft Windows Server 2012
64-bit
Microsoft Windows Server 2008 R2
SP1
64-bit
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
64-bit
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
64-bit
Microsoft Windows Server 2012
64-bit
Microsoft Windows Server 2008 R2
SP1
64-bit
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
64-bit
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
64-bit
Microsoft Windows Server 2012
64-bit
Microsoft Windows Server 2008 R2
SP1
64-bit