diff --git a/.openpublishing.publish.config.json b/.openpublishing.publish.config.json index 430506237d..7215ed2787 100644 --- a/.openpublishing.publish.config.json +++ b/.openpublishing.publish.config.json @@ -1,23 +1,6 @@ { "build_entry_point": "", "docsets_to_publish": [ - { - "docset_name": "bcs-VSTS", - "build_source_folder": "bcs", - "build_output_subfolder": "bcs-VSTS", - "locale": "en-us", - "monikers": [], - "open_to_public_contributors": false, - "type_mapping": { - "Conceptual": "Content", - "ManagedReference": "Content", - "RestApi": "Content" - }, - "build_entry_point": "docs", - "template_folder": "_themes", - "moniker_groups": [], - "version": 0 - }, { "docset_name": "education-VSTS", "build_source_folder": "education", diff --git a/bcs/TOC.md b/bcs/TOC.md deleted file mode 100644 index 1b161ed802..0000000000 --- a/bcs/TOC.md +++ /dev/null @@ -1,4 +0,0 @@ -# [Microsoft 365 Business documentation and resources](index.md) -# [Support]() -## [Microsoft 365 Business FAQ](support/microsoft-365-business-faqs.md) -## [Transition a Microsoft 365 Business CSP subscription](support/transition-csp-subscription.md) \ No newline at end of file diff --git a/bcs/breadcrumb/toc.yml b/bcs/breadcrumb/toc.yml deleted file mode 100644 index 6a29a6b202..0000000000 --- a/bcs/breadcrumb/toc.yml +++ /dev/null @@ -1,11 +0,0 @@ -- name: Docs - tocHref: / - topicHref: / - items: - - name: Microsoft 365 Business - tocHref: /microsoft-365-business/ - topicHref: /microsoft-365-business/index - items: - - name: Support - tocHref: /microsoft-365-business/support/ - topicHref: /microsoft-365-business/support/microsoft-365-business-faqs \ No newline at end of file diff --git a/bcs/docfx.json b/bcs/docfx.json deleted file mode 100644 index aa19bbfd9b..0000000000 --- a/bcs/docfx.json +++ /dev/null @@ -1,47 +0,0 @@ -{ - "build": { - "content": [ - { - "files": [ - "**/*.md", - "**/**.yml" - ], - "exclude": [ - "**/obj/**", - "**/includes/**", - "README.md", - "LICENSE", - "LICENSE-CODE", - "ThirdPartyNotices" - ] - } - ], - "resource": [ - { - "files": [ - "**/*.png", - "**/*.svg", - "**/*.jpg", - "**/*.json" - ], - "exclude": [ - "**/obj/**", - "**/includes/**" - ] - } - ], - "overwrite": [], - "externalReference": [], - "globalMetadata": { - "breadcrumb_path": "/microsoft-365-business/breadcrumb/toc.json", - "_op_documentIdPathDepotMapping": { - "./": { - "depot_name": "TechNet.bcs" - } - } - }, - "fileMetadata": {}, - "template": [], - "dest": "bcs" - } -} \ No newline at end of file diff --git a/bcs/images/bcs-information-product-help-office.svg b/bcs/images/bcs-information-product-help-office.svg deleted file mode 100644 index a748576afa..0000000000 --- a/bcs/images/bcs-information-product-help-office.svg +++ /dev/null @@ -1,94 +0,0 @@ - - - - - bcs-information-product-help-office - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-information-product-help-windows10.svg b/bcs/images/bcs-information-product-help-windows10.svg deleted file mode 100644 index f9c36f40be..0000000000 --- a/bcs/images/bcs-information-product-help-windows10.svg +++ /dev/null @@ -1,122 +0,0 @@ - - - - - bcs-information-product-help-windows10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-iw-devicesetup-move-files-2.svg b/bcs/images/bcs-iw-devicesetup-move-files-2.svg deleted file mode 100644 index 8eff6a423a..0000000000 --- a/bcs/images/bcs-iw-devicesetup-move-files-2.svg +++ /dev/null @@ -1,76 +0,0 @@ - - - - - bcs-partner-advanced-management-move-files-2 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-iw-devicesetup-setup-1.svg b/bcs/images/bcs-iw-devicesetup-setup-1.svg deleted file mode 100644 index 6011499c3a..0000000000 --- a/bcs/images/bcs-iw-devicesetup-setup-1.svg +++ /dev/null @@ -1,91 +0,0 @@ - - - - - bcs-partner-advanced-management-setup-1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management- add-group-5.svg b/bcs/images/bcs-partner-advanced-management- add-group-5.svg deleted file mode 100644 index 435e4bc752..0000000000 --- a/bcs/images/bcs-partner-advanced-management- add-group-5.svg +++ /dev/null @@ -1,69 +0,0 @@ - - - - - bcs-partner-advanced-management- add-group-5 - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management- billing-7.svg b/bcs/images/bcs-partner-advanced-management- billing-7.svg deleted file mode 100644 index 50af1d2262..0000000000 --- a/bcs/images/bcs-partner-advanced-management- billing-7.svg +++ /dev/null @@ -1,115 +0,0 @@ - - - - - bcs-partner-advanced-management- billing-7 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management- install-4.svg b/bcs/images/bcs-partner-advanced-management- install-4.svg deleted file mode 100644 index 24f2df79ca..0000000000 --- a/bcs/images/bcs-partner-advanced-management- install-4.svg +++ /dev/null @@ -1,62 +0,0 @@ - - - - - bcs-partner-advanced-management- install-4 - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management- management-4_placeholder.svg b/bcs/images/bcs-partner-advanced-management- management-4_placeholder.svg deleted file mode 100644 index 81370d6388..0000000000 --- a/bcs/images/bcs-partner-advanced-management- management-4_placeholder.svg +++ /dev/null @@ -1,39 +0,0 @@ - - - - - bcs-partner-advanced-management- management-4 - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management- reports-9.svg b/bcs/images/bcs-partner-advanced-management- reports-9.svg deleted file mode 100644 index f34b2f595e..0000000000 --- a/bcs/images/bcs-partner-advanced-management- reports-9.svg +++ /dev/null @@ -1,106 +0,0 @@ - - - - - bcs-partner-advanced-management- reports-9 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-add-domain-2.svg b/bcs/images/bcs-partner-advanced-management-add-domain-2.svg deleted file mode 100644 index 2fab39dd10..0000000000 --- a/bcs/images/bcs-partner-advanced-management-add-domain-2.svg +++ /dev/null @@ -1,75 +0,0 @@ - - - - - bcs-partner-advanced-management-add-domain- - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-add-user-1.svg b/bcs/images/bcs-partner-advanced-management-add-user-1.svg deleted file mode 100644 index 30bebd62f4..0000000000 --- a/bcs/images/bcs-partner-advanced-management-add-user-1.svg +++ /dev/null @@ -1,69 +0,0 @@ - - - - - bcs-partner-advanced-management-add-user-1 - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-auto-pilot-3.svg b/bcs/images/bcs-partner-advanced-management-auto-pilot-3.svg deleted file mode 100644 index bd992b7c7f..0000000000 --- a/bcs/images/bcs-partner-advanced-management-auto-pilot-3.svg +++ /dev/null @@ -1,88 +0,0 @@ - - - - - bcs-partner-advanced-management-auto-pilot-3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-faq-2.svg b/bcs/images/bcs-partner-advanced-management-faq-2.svg deleted file mode 100644 index a89de48058..0000000000 --- a/bcs/images/bcs-partner-advanced-management-faq-2.svg +++ /dev/null @@ -1,88 +0,0 @@ - - - - - bcs-partner-advanced-management-faq-2 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-find-partner-1.svg b/bcs/images/bcs-partner-advanced-management-find-partner-1.svg deleted file mode 100644 index ffae69af7c..0000000000 --- a/bcs/images/bcs-partner-advanced-management-find-partner-1.svg +++ /dev/null @@ -1,105 +0,0 @@ - - - - - bcs-partner-advanced-management-fid-oartner-1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-find-partner-2.svg b/bcs/images/bcs-partner-advanced-management-find-partner-2.svg deleted file mode 100644 index 221c47548e..0000000000 --- a/bcs/images/bcs-partner-advanced-management-find-partner-2.svg +++ /dev/null @@ -1,73 +0,0 @@ - - - - - bcs-partner-advanced-management-find-partner-2 - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-intune-1.svg b/bcs/images/bcs-partner-advanced-management-intune-1.svg deleted file mode 100644 index ba86b50274..0000000000 --- a/bcs/images/bcs-partner-advanced-management-intune-1.svg +++ /dev/null @@ -1,76 +0,0 @@ - - - - - bcs-partner-advanced-management-intune-1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-learn-about-1.svg b/bcs/images/bcs-partner-advanced-management-learn-about-1.svg deleted file mode 100644 index 5237e929eb..0000000000 --- a/bcs/images/bcs-partner-advanced-management-learn-about-1.svg +++ /dev/null @@ -1,70 +0,0 @@ - - - - - bcs-partner-advanced-management-learn-about-1 - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-password-3.svg b/bcs/images/bcs-partner-advanced-management-password-3.svg deleted file mode 100644 index f1f91ab410..0000000000 --- a/bcs/images/bcs-partner-advanced-management-password-3.svg +++ /dev/null @@ -1,56 +0,0 @@ - - - - - bcs-partner-advanced-management-password-3 - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-resources-6_placeholder.svg b/bcs/images/bcs-partner-advanced-management-resources-6_placeholder.svg deleted file mode 100644 index 1a4d5ad540..0000000000 --- a/bcs/images/bcs-partner-advanced-management-resources-6_placeholder.svg +++ /dev/null @@ -1,37 +0,0 @@ - - - - - bcs-partner-advanced-management-resources-6 - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-settings-8.svg b/bcs/images/bcs-partner-advanced-management-settings-8.svg deleted file mode 100644 index 5b556a7ce0..0000000000 --- a/bcs/images/bcs-partner-advanced-management-settings-8.svg +++ /dev/null @@ -1,85 +0,0 @@ - - - - - bcs-partner-advanced-management-settings-8 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-technical-support-4.svg b/bcs/images/bcs-partner-advanced-management-technical-support-4.svg deleted file mode 100644 index 00fe5333f8..0000000000 --- a/bcs/images/bcs-partner-advanced-management-technical-support-4.svg +++ /dev/null @@ -1,88 +0,0 @@ - - - - - bcs-partner-advanced-management-technical-support-4 - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-troubleshooting-3.svg b/bcs/images/bcs-partner-advanced-management-troubleshooting-3.svg deleted file mode 100644 index d70739d1c2..0000000000 --- a/bcs/images/bcs-partner-advanced-management-troubleshooting-3.svg +++ /dev/null @@ -1,78 +0,0 @@ - - - - - bcs-partner-advanced-management-troubleshooting-3 - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-windows10-2.svg b/bcs/images/bcs-partner-advanced-management-windows10-2.svg deleted file mode 100644 index dbfef70e2d..0000000000 --- a/bcs/images/bcs-partner-advanced-management-windows10-2.svg +++ /dev/null @@ -1,59 +0,0 @@ - - - - - bcs-partner-advanced-management-windows10-2 - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-advanced-management-windows10pc-3.svg b/bcs/images/bcs-partner-advanced-management-windows10pc-3.svg deleted file mode 100644 index 5e772085f1..0000000000 --- a/bcs/images/bcs-partner-advanced-management-windows10pc-3.svg +++ /dev/null @@ -1,96 +0,0 @@ - - - - - bcs-partner-advanced-management-windows10pc-3 - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-get-started-1.svg b/bcs/images/bcs-partner-get-started-1.svg deleted file mode 100644 index 3fda6d92c6..0000000000 --- a/bcs/images/bcs-partner-get-started-1.svg +++ /dev/null @@ -1,116 +0,0 @@ - - - - - bcs-partner-get-started-1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-identity-manager.svg b/bcs/images/bcs-partner-identity-manager.svg deleted file mode 100644 index c75db3c46f..0000000000 --- a/bcs/images/bcs-partner-identity-manager.svg +++ /dev/null @@ -1,91 +0,0 @@ - - - - - bcs-partner-identity-manager - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-install-2.svg b/bcs/images/bcs-partner-install-2.svg deleted file mode 100644 index e112e26bc1..0000000000 --- a/bcs/images/bcs-partner-install-2.svg +++ /dev/null @@ -1,90 +0,0 @@ - - - - - bcs-partner-install-2 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-office-migration-1.svg b/bcs/images/bcs-partner-office-migration-1.svg deleted file mode 100644 index 4d3078c578..0000000000 --- a/bcs/images/bcs-partner-office-migration-1.svg +++ /dev/null @@ -1,67 +0,0 @@ - - - - - bcs-partner-identitiy-integration-1 - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-policies-set-device-config-1.svg b/bcs/images/bcs-partner-policies-set-device-config-1.svg deleted file mode 100644 index 78c1851ca6..0000000000 --- a/bcs/images/bcs-partner-policies-set-device-config-1.svg +++ /dev/null @@ -1,85 +0,0 @@ - - - - - bcs-partner-policies-set-device-config-1 - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-policies-view-policies-2.svg b/bcs/images/bcs-partner-policies-view-policies-2.svg deleted file mode 100644 index a9864295ae..0000000000 --- a/bcs/images/bcs-partner-policies-view-policies-2.svg +++ /dev/null @@ -1,78 +0,0 @@ - - - - - bcs-partner-policies-view-policies-2 - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-prepare-office-1.svg b/bcs/images/bcs-partner-prepare-office-1.svg deleted file mode 100644 index 4a32ab1c8a..0000000000 --- a/bcs/images/bcs-partner-prepare-office-1.svg +++ /dev/null @@ -1,66 +0,0 @@ - - - - - bcs-partner-prepare-office-1 - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-remove-3.svg b/bcs/images/bcs-partner-remove-3.svg deleted file mode 100644 index c0391193d3..0000000000 --- a/bcs/images/bcs-partner-remove-3.svg +++ /dev/null @@ -1,150 +0,0 @@ - - - - - bcs-partner-remove-3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-reset-windows-4.svg b/bcs/images/bcs-partner-reset-windows-4.svg deleted file mode 100644 index a4edc0ec2e..0000000000 --- a/bcs/images/bcs-partner-reset-windows-4.svg +++ /dev/null @@ -1,85 +0,0 @@ - - - - - bcs-partner-reset-windows-4 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-partner-upgrade-2.svg b/bcs/images/bcs-partner-upgrade-2.svg deleted file mode 100644 index 6caf6e7678..0000000000 --- a/bcs/images/bcs-partner-upgrade-2.svg +++ /dev/null @@ -1,60 +0,0 @@ - - - - - bcs-partner-upgrade-2 - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-user-management-add-customer-1.svg b/bcs/images/bcs-user-management-add-customer-1.svg deleted file mode 100644 index ce7d0b8c16..0000000000 --- a/bcs/images/bcs-user-management-add-customer-1.svg +++ /dev/null @@ -1,99 +0,0 @@ - - - - - bcs-user-management-add-customer-1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/bcs-user-management-remove-customer-2.svg b/bcs/images/bcs-user-management-remove-customer-2.svg deleted file mode 100644 index d6e01e0d1e..0000000000 --- a/bcs/images/bcs-user-management-remove-customer-2.svg +++ /dev/null @@ -1,150 +0,0 @@ - - - - - bcs-user-management-remove-customer-2 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/icon_video.svg b/bcs/images/icon_video.svg deleted file mode 100644 index 76aebcbd5b..0000000000 --- a/bcs/images/icon_video.svg +++ /dev/null @@ -1,59 +0,0 @@ - - - - - 5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/partner-fastrack-3.svg b/bcs/images/partner-fastrack-3.svg deleted file mode 100644 index 6501c59e6f..0000000000 --- a/bcs/images/partner-fastrack-3.svg +++ /dev/null @@ -1,82 +0,0 @@ - - - - - ms365enterprise-partner-fastrack-3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/partner-news-2.svg b/bcs/images/partner-news-2.svg deleted file mode 100644 index 29eaeb8f09..0000000000 --- a/bcs/images/partner-news-2.svg +++ /dev/null @@ -1,123 +0,0 @@ - - - - - ms365enterprise-partner-news-2 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/images/partner-resource-training-1.svg b/bcs/images/partner-resource-training-1.svg deleted file mode 100644 index f76cf7ea96..0000000000 --- a/bcs/images/partner-resource-training-1.svg +++ /dev/null @@ -1,72 +0,0 @@ - - - - - ms365enterprise-partner-resource-training-1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/bcs/index.md b/bcs/index.md deleted file mode 100644 index 37096ad62b..0000000000 --- a/bcs/index.md +++ /dev/null @@ -1,2087 +0,0 @@ ---- -layout: HubPage -hide_bc: true -author: CelesteDG -ms.author: celested -keywords: Microsoft 365 Business, Microsoft 365, business, SMB, small to midsize business, Microsoft 365 Business documentation, docs, documentation, technical information -ms.topic: hub-page -ms.localizationpriority: high -audience: microsoft-business  -title: Microsoft 365 Business documentation and resources -description: Learn about the product documentation and resources available for Microsoft 365 Business partners, IT admins, information workers, and business owners. -ms.date: 11/01/2017 ---- -
-
- -
-
-

Microsoft 365 Business documentation and resources

- - - -
-
diff --git a/bcs/support/images/pc_customer_m365bpreview_suspend.png b/bcs/support/images/pc_customer_m365bpreview_suspend.png deleted file mode 100644 index 7017cf8105..0000000000 Binary files a/bcs/support/images/pc_customer_m365bpreview_suspend.png and /dev/null differ diff --git a/bcs/support/images/pc_customer_m365bpreview_suspend_confirm.png b/bcs/support/images/pc_customer_m365bpreview_suspend_confirm.png deleted file mode 100644 index f44337889b..0000000000 Binary files a/bcs/support/images/pc_customer_m365bpreview_suspend_confirm.png and /dev/null differ diff --git a/bcs/support/images/pc_customer_reviewnewsubscription.png b/bcs/support/images/pc_customer_reviewnewsubscription.png deleted file mode 100644 index 6f67c31383..0000000000 Binary files a/bcs/support/images/pc_customer_reviewnewsubscription.png and /dev/null differ diff --git a/bcs/support/images/pc_customer_subscriptions.PNG b/bcs/support/images/pc_customer_subscriptions.PNG deleted file mode 100644 index 77fba8ef8b..0000000000 Binary files a/bcs/support/images/pc_customer_subscriptions.PNG and /dev/null differ diff --git a/bcs/support/images/pc_customer_subscriptions_1.png b/bcs/support/images/pc_customer_subscriptions_1.png deleted file mode 100644 index fc27c2c26c..0000000000 Binary files a/bcs/support/images/pc_customer_subscriptions_1.png and /dev/null differ diff --git a/bcs/support/images/pc_customer_userslicenses_m365b_validate.png b/bcs/support/images/pc_customer_userslicenses_m365b_validate.png deleted file mode 100644 index 1af38b82af..0000000000 Binary files a/bcs/support/images/pc_customer_userslicenses_m365b_validate.png and /dev/null differ diff --git a/bcs/support/microsoft-365-business-faqs.md b/bcs/support/microsoft-365-business-faqs.md deleted file mode 100644 index 8dec00bbf8..0000000000 --- a/bcs/support/microsoft-365-business-faqs.md +++ /dev/null @@ -1,186 +0,0 @@ ---- -title: Microsoft 365 Business Frequently Asked Questions  -description: Find answers to the most frequently asked questions about Microsoft 365 Business, a new solution designed for small and midsize businesses (SMB).  -author: CelesteDG  -ms.author: celested  -ms.topic: article  -ms.prod: microsoft-365-business -ms.localizationpriority: high -audience: microsoft-business  -keywords: Microsoft 365 Business, Microsoft 365, SMB, FAQ, frequently asked questions, answers, business -ms.date: 11/02/2017 ---- - - -# Microsoft 365 Business Frequently Asked Questions - -## General - -### What is Microsoft 365 Business? -Microsoft 365 is an integrated solution that brings together best-in-class productivity tools, security and device management capabilities for small to medium-sized businesses. - -**A holistic set of business productivity and collaboration tools** -* Word, Excel, PowerPoint, Outlook, OneNote, Publisher, and Access -* Exchange, OneDrive, Skype for Business, Microsoft Teams, SharePoint -* Business apps from Office (Bookings, Outlook Customer Manager, MileIQ[1](#footnote1), Microsoft Listings[1](#footnote1), Microsoft Connections[1](#footnote1), Microsoft Invoicing[1](#footnote1)) - -**Enterprise-grade device management and security capabilities** -* App protection for Office mobile apps -* Device management for Windows 10 PCs -* Consistent security configuration across devices -* Protection of company data across devices -* Windows Defender, always-on and up-to-date - -**Simplified device deployment and user setup** -* Single admin console to setup and manage users and devices -* Auto-installation of Office apps on Windows 10 PCs -* Always up-to-date Office + Windows 10 -* Streamlined deployment of PCs with Windows AutoPilot - -### Who should consider adopting Microsoft 365 Business? -Microsoft 365 Business was built for small and medium-sized customers that have little to no IT resources on staff and want best-in-class productivity and collaboration capabilities of Office 365 together with device management and security solutions that safeguard business data. The Microsoft 365 Business customer is ready to move their IT operations to the cloud and is interested in maintaining a proactive stance to help protect data on both company and employee-owned devices. - -### How can I get Microsoft 365 Business for my business? -Microsoft 365 Business may be purchased through a Microsoft Partner or directly from Microsoft. In choosing whether to purchase directly from Microsoft or via a Microsoft Partner, you should consider your on-staff capability and desire to maintain an IT infrastructure. A Microsoft Partner can help you deploy and manage your IT infrastructure including Microsoft solutions. - -### How much does Microsoft 365 Business cost? -Microsoft 365 Business is offered at USD$20.00 user/month based on an _annual contract_ if purchased directly from Microsoft. When purchased through a Microsoft Partner, pricing can vary based on the services the partner provides and their pricing model for Microsoft 365 Business. There are no planned pricing discounts for government, education or non-profit organizations. - -### Is there a cap to how many Microsoft 365 Business seats a customer can have? -Microsoft 365 Business was designed for small to medium sized businesses with low to medium IT complexity requirements. Customers may purchase up to 300 Microsoft 365 Business licenses for their organization. Customers can mix and match cloud subscriptions; as a result, depending on their organization’s IT requirements, customers may add Microsoft 365 Enterprise licenses to the same account. - -When considering an environment consisting of multiple subscription types, customers should work with their trusted IT advisors to determine how best to manage and secure the various subscriptions as Microsoft 365 Business and Microsoft 365 Enterprise use different capabilities to secure and manage applications and data. - -### Can I combine Microsoft 365 Business with other Microsoft subscription offerings? -Yes, customers can combine their Microsoft 365 Business subscriptions with plans and add-ons from Azure, Dynamics 365, Enterprise Mobility + Security, and Office 365. - -### Is everyone in my business required to have a Microsoft 365 Business subscription? -No, not everyone needs a Microsoft 365 Business subscription, although the security and management benefits are available only to those users with devices managed with a Microsoft 365 Business subscription. - -Standardizing an IT environment serves to help reduce maintenance and security costs over time and is a state that businesses should strive to attain. However, we recognize that some small and medium size customers update their software primarily when they upgrade their hardware, over an extended period. Businesses can deploy Microsoft 365 Business to part of their organization, but for best protection of sensitive business data and consistent collaboration experiences, deployment to all users is recommended. - -### How can I know if the hardware and software I run today is compatible with Microsoft 365 Business? -If the hardware you run today runs Windows 7 Pro or later, it likely meets the minimum requirements for Microsoft 365 Business. Certain Windows 10 features such as Cortana, Windows Hello and multitouch require specific hardware that is only available on newer PCs. See the Windows 10 Pro system requirements for additional details. - -Existing desktop (Win32) application compatibility is strong in Windows 10, with most existing applications working without any changes. Customers and their trusted IT advisors should read the recommended application testing process for Windows 10 compatibility and review the Office system requirements to ensure a smooth transition to Microsoft 365 Business. - -### What is Windows 10 Business? -Windows 10 Business is a set of cloud-services and device management capabilities that complement Windows 10 Pro and enable the centralized management and security controls of Microsoft 365 Business. Windows 10 Business also comes with Windows AutoPilot, a service that streamlines the deployment of new Windows 10 PCs. If you have devices that are licensed for Windows 7, 8 and 8.1 Professional, Microsoft 365 Business provides an upgrade to Windows 10 Pro which is the prerequisite for deploying Windows 10 Business. - -### How does Microsoft 365 Business help support our Bring Your Own Device (BYOD) policy? -Many employees prefer to use their own mobile phones or tablets to access personal and work information rather than carrying multiple devices for each purpose. The use of personal devices for work, while commonplace, increases the risk that business information could end up in the wrong hands. Many competing mobile data protection solutions require users to switch to a specific mode on their device or use another complex mechanism that users may find intrusive and therefore avoid using. - -Microsoft 365 Business offers customers a simple but powerful means of enabling employees to use their personal devices for work while providing the business with the ability to prevent those devices from accessing, retaining and/or sharing business information. More specifically: -* **App Protection for Office mobile apps** helps protect Office data, including email, calendar, contacts, and documents on iOS and Android mobile devices, by enforcing policies such as automatically deleting business data after a prescribed amount of time of not connecting to the service, requiring that information is stored only to OneDrive for Business, requiring a PIN/fingerprint verification to access Office apps, and preventing company data from being copied from an Office app into personal apps. -* **Device Management for Windows 10 PCs** allows businesses to choose to set and enforce capabilities such as Windows Defender protection for malware, automatic updates, and turning off screens after a prescribed amount of time. In addition, lost or stolen Windows 10 devices can be completely wiped of business applications and data through the Admin center. - -### How does Microsoft 365 Business help protect PCs in my organization from malicious attacks? -PCs managed with Microsoft 365 Business are protected with Windows Defender, which is the No. 1 antivirus feature on Windows 10, protecting more computers against viruses, malware, spyware, and other threats than any other solution. With Microsoft 365 Business, businesses can ensure Windows Defender protection is running and always up to date on all their Windows 10 devices - -### What's the difference between Office 365 Business Premium, Microsoft 365 Business and Microsoft 365 Enterprise? -Microsoft has a variety of productivity and security management offerings that small to medium-sized customers may consider when upgrading their desktop and device infrastructure, each bringing increasingly powerful features and functionality. - -**Office 365 Business Premium** delivers best-in-class productivity with Office 365 apps and services but does not include the application protection and device management capabilities of Microsoft 365 Business. - -**Microsoft 365 Business** combines Office 365 apps and services with mobile application management and Windows 10 Pro to enable remote management and help protect devices against viruses and malware. It includes a simplified management console through which device and data policies may be administered. Many small to medium-sized businesses can be best served with Microsoft 365 Business, although those in highly regulated industries may require more advanced functionality provided by Microsoft 365 Enterprise plans (E3 and E5). - -**Microsoft 365 Enterprise** is a set of licensing plans that offer increased levels of mobility and security management over Microsoft 365 Business and are designed for enterprise customers and those customers that are required or regulated to provide the highest level of protection for their data. In addition, Microsoft 365 Business plans provide additional functionality including business intelligence and analytics tools. - -### Can I switch my Office 365 plan to Microsoft 365 Business? -Yes, customers may switch their plans from a qualifying Office 365 plan to Microsoft 365 Business. Depending on the customer’s current plan there may be a decrease or increase in monthly charges. - -### In what regions is Microsoft 365 Business available? -The Microsoft 365 Business will be available to all partners and customers where Office 365 is available. See the list of Office 365 international availability for languages, countries and regions. - -### Is there a Microsoft 365 Business trial I may use to evaluate the offer? -A Microsoft 365 Business trial will be available later this year both for direct customers and for CSPs. - -### What should customers and partners know before running Microsoft 365 Business within their organization? -Customers that wish to experience the complete capabilities of Microsoft 365 Business must be running Windows 7, 8.1 or 10 Pro[2](#footnote2) on their existing desktops. Customers who use on-premises Active Directory to enable login to PCs will switch devices over cloud identity and management as part of their deployment. Existing Windows 10 Pro PCs should be running Creators Update if they have not already done so. - -## Deployment - -### What should customers consider when planning a Microsoft 365 Business deployment? -The most direct path to a successful Microsoft 365 Business deployment is to engage with a Microsoft Partner. They have extensive training and experience with a wide variety of customer scenarios and are best equipped to understand your environment and needs. Customers that have experienced IT on staff can use the Microsoft 365 Business Getting Started to assist them in their Microsoft 365 Business deployment. - -### Does Microsoft 365 Business include the full capabilities of Microsoft Intune? -Microsoft 365 Business includes a robust set of mobile app management capabilities powered by Microsoft’s MDM solution (Microsoft Intune). These are a subset of features, specifically chosen to meet the needs of SMBs and organized to be easily managed via a simplified administration experience. If a company requires the full capabilities of Intune, they can purchase a qualifying plan separately. - -### Does Azure Active Directory P1 come with Microsoft 365 Business? -Microsoft 365 Business is built on technology from across Microsoft and while it shares some features with Azure Active Directory, it is not a full version. The security and management policies created in Microsoft 365 Business rely on some Azure functionality but does not include all features (e.g. selfservice features, conditional access features, and reporting). Customers may choose to purchase Azure Active Directory Premium as an add-on to Microsoft 365 Business. - -### Does Microsoft 365 Business allow customers to manage Macs? -The security and management capabilities of Microsoft 365 Business pertain to iOS and Android mobile and tablet devices, and Windows PCs. - -### What is Windows AutoPilot? -Windows AutoPilot is a service that streamlines the deployment of new Windows 10 PCs. This process can be done when the end-user logs on to Microsoft 365 Business for the first time—without IT ever touching the device—by leveraging centralized management controls of Microsoft 365 Business. You can also use Windows AutoPilot for existing PCs that are running Windows 10 Professional Creators Update (or later) and have been factory reset. Details about Windows AutoPilot can be found in this June blog post. - -## Compatibility - -### Can I add Office 365 add-ons to Microsoft 365 Business? -All the add-ons that can be added to Office 365 Business Premium can be added to Microsoft 365 Business. This means that you can purchase Advanced Threat Protection, Office 365 Cloud App Security, Advanced Compliance, Threat Intelligence, MyAnalytics, PowerBI Pro, and Audio Conferencing. - -### Can I add Phone System and Calling Plans to Microsoft 365 Business? -No, Phone System and Calling Plan are reserved for customers who have more advanced needs. Customers who require these capabilities should look at Microsoft 365 Enterprise offerings. - -### Can Microsoft 365 Business customers use Windows Defender Advanced Threat Protection? -No, customers that require Windows Defender Advanced Threat Protection need either Windows 10 Enterprise E5 or Microsoft 365 Enterprise E5. - -### Can I use Windows Information Protection with Microsoft 365 Business? -Yes, Windows Information Protection (WIP) is a feature of Windows 10 Pro and helps businesses prevent accidental leaks by restricting user and app access to business files based on policies you define. Your business data is protected no matter where it lives on your devices—without affecting your user experience. Microsoft 365 Business includes controls to ensure Windows Information Protection is properly configured and automatically deployed to end-user devices. - -### Can customers use Microsoft 365 Business with on-premises Active Directory? -To realize the full value of Windows 10, Windows 10 PCs need to be joined to Azure Active Directory. You may use Microsoft 365 Business with Windows 10 devices joined to on-premises Active Directory but it is not recommended because you won’t be able to enforce policies from the Microsoft 365 Business Admin console. - -### Can customers create hosted Windows 10 VMs with a Microsoft 365 Business subscription? -No, customers that require virtualization should purchase Windows 10 Enterprise or a Microsoft 365 Enterprise subscription. - -## Partner opportunity - -### Where can I learn more about the opportunities and benefits in becoming a Microsoft Partner? -IT service providers that are not already Microsoft partners can learn more about the Microsoft Cloud Solution Provider program at -[https://partners.office.com/microsoft365business](https://partners.office.com/microsoft365business). - -### Where can I learn how to sell Microsoft 365 Business? -Partners now selling Office 365 can use the same consultative selling methods to sell Microsoft 365 Business. In addition, we are introducing more resources and training for your sales team to understand the customers’ existing desktop environment, Active Directory reliance, mobility and security needs to effectively communicate the full value of Microsoft 365 Business in a way that is relevant to the customer. Find these resources on the Office Partner portal at [http://partners.office.com/microsoft365business](http://partners.office.com/microsoft365business). - -### How can Microsoft 365 Business help partners increase the profitability? -Microsoft 365 Business will help partners reduce costs through greater operational efficiencies and enhance revenue through the sale of additional services. The Forrester Research, Microsoft 365 Business Total Economic Impact (TEI) Study, June 2017 (https://partners.office.com/TEIBusiness), demonstrates that Microsoft 365 Business will have positive impact on partner profitability. - -In the TEI study partners reported that with Microsoft 365 Business they expect: - -- 20%-point increase in \[one-time\] deployment and advisory services revenue -- 10%-point increase in attach rate of managed services -- 8%-point increase in consulting and \[ongoing\] managed services profit margins (from lower costs) - -### What resources are available to partners to sell, deploy and support Microsoft 365 Business? -Microsoft provides a wide selection of resources for CSP partners to market, sell, and support Microsoft 365 Business. They can be found at -[https://partners.office.com/microsoft365business](https://partners.office.com/microsoft365business). - -### What up-sell opportunities does Microsoft 365 Business give partners? -Microsoft 365 Business allows partners to maintain their trusted advisor position with customers, by creating a solid and secure platform upon which to sell additional services and to upgrade existing products and services. Microsoft 365 Business provides an opportunity to have an upgrade discussion with customers now using Exchange Server, Exchange Online or Office 365 Business Essentials. Partners may also gain additional revenue from increased managed services and/or peruser support fees. - -With the new Windows AutoPilot feature included in Microsoft 365 Business, partners who have been reluctant to sell new Windows devices due to deployment logistics and costs will find this opportunity much more attractive. Customers who are confident in the security of their on-premise and mobile devices are also more likely to invest in additional services, such as Dynamics 365. - -### Should partners sell Microsoft 365 Business over other plans from Microsoft? -A Microsoft Cloud Solution Provider should always sell the plan that best suits its customer business needs and budget. For example, if a customer must comply with privacy and security regulations, a CSP may sell Microsoft 365 Business plus any add-ons that help the customer meet its requirements or may suggest the advanced security and management provided by Microsoft 365 Business E SKUs. - -### Some of my customers have devices that are not genuine; will Microsoft 365 Business make these devices genuine? -Microsoft 365 Business does not make an otherwise non-genuine version of Windows, genuine. Microsoft 365 Business does provide an upgrade benefit allowing those customers running genuine Windows 7, 8 or 8.1 Pro to upgrade to the most recent, genuine version of Windows 10 Pro. - -### What support is available to CSP partners for the Microsoft 365 Business Preview? -The same support channels available to CSP partners today (premier support and advanced support program) have been trained on Microsoft 365 Business and are ready to provide partners with support. - -### What is the GDPR and how does Microsoft 365 Business help customers with their compliance obligations? -The General Data Protection Regulation (GDPR) is a comprehensive new privacy law that gives residents of the European Union (EU) greater control over their “personal data” and requires organizations to maintain the integrity of that personal data. The GDPR requires organizations that control, or process personal data tied to EU residents to only use third-party data processors that meet the GDPR’s requirements for personal data processing. In March 2017, Microsoft made available contractual guarantees that provide these assurances. Customers that have questions about how Microsoft can help them meet their additional GDPR obligations should learn about the advanced compliance and security capabilities available as add-ons (e.g. Azure Information Protection) and in other Suites (e.g. Microsoft 365 Enterprise E5). To learn more, visit [www.microsoft.com/gdpr](https://www.microsoft.com/gdpr). - - - - -## Footnotes -**1** Available in US, UK, and Canada.
-**2** Devices running Windows 7 or 8.1 Pro are eligible for an upgrade to Windows 10 Pro within the Microsoft 365 Business preview. - - - - diff --git a/bcs/support/transition-csp-subscription.md b/bcs/support/transition-csp-subscription.md deleted file mode 100644 index 7c15aa33b6..0000000000 --- a/bcs/support/transition-csp-subscription.md +++ /dev/null @@ -1,103 +0,0 @@ ---- -title: Transition a Microsoft 365 Business CSP subscription  -description: Find out how you can transition a Microsoft 365 Business CSP subscription from preview to GA.  -author: CelesteDG  -ms.author: celested  -ms.topic: article  -ms.prod: microsoft-365-business -ms.localizationpriority: high -audience: microsoft-business  -keywords: Microsoft 365 Business, Microsoft 365, SMB, transition CSP subscription -ms.date: 11/01/2017 ---- - -# Transition a Microsoft 365 Business CSP subscription - -If you have a Microsoft 365 Business Preview CSP subscription, follow this guide to find out how you can transition your existing preview subscription to Microsoft 365 Business GA (general availability). - -**How to transition a preview subscription to GA** - -1. Log in to Partner Center. -2. From the dashboard, select **Customers**, and then find and select the company name. - - The subscriptions for the company will be listed. - - ![Customer's subscriptions in Partner Center](images/pc_customer_subscriptions_1.png) - -3. In the company's **Subscriptions** page, select **Add subscription**. -4. In the **New subscription** page, select **Small business** and then select **Microsoft 365 Business** from the list. -5. Add the number of licenses and then select **Next: Review** to review the subscription and then select **Submit**. - - ![Review the new subscription to Microsoft 365 Business](images/pc_customer_reviewnewsubscription.png) - - The **License-based subscriptions** will show **Microsoft 365 Business Preview** and **Microsoft 365 Business**. You'll need to suspend the Preview subscription next. - -6. Select **Microsoft 365 Business Preview**. -7. In the **Microsoft 365 Business Preview** page, select **Suspended** to suspend the Preview subscription. - - ![Suspend the Microsoft 365 Business Preview subscription](images/pc_customer_m365bpreview_suspend.png) - -8. Select **Submit** to confirm. - - In the **Subscriptions** page, confirm that the **Microsoft 365 Business Preview** status shows **Suspended**. - - ![Confirm the Preview subscription status is suspended](images/pc_customer_m365bpreview_suspend_confirm.png) - -9. Optionally, you can also validate the license agreement. To do this, follow these steps: - 1. Select **Users and licenses** from the company's **Subscriptions** page. - 2. From the **Users and licenses** page, select a user. - 3. In the user's page, check the **Assign licenses** section and confirm that it shows **Microsoft 365 Business**. - - ![Confirm the Microsoft 365 Business license is assigned to the user](images/pc_customer_userslicenses_m365b_validate.png) - -## Impact to customers and users during and after transition - -There is no impact to customers and users during transition and post transition. - -## Impact to customers who don't transition - -The following table summarizes the impact to customers who don't transition from a Microsoft 365 Business Preview subscription to a Microsoft 365 Business subscription. - -| | T-0 to T+30 | T+30 to T+60 | T+60 to T+120 | Beyond T+120 | -|-------|-----------------|--------------|---------------|---------------| -| **State** | In grace period | Expired | Disabled | Deprovisioned | -| **Service impacts** | -| **Microsoft 365 Business admin portal** | No impact to functionality | No impact to functionality | Can add/delete users, purchase subscriptions.
Cannot assign/revoke licenses. | Customer's subscription and all data is deleted. Admin can manage other paid subscriptions. | -| **Office apps** | No end user impact | No end user impact | Office enters reduced functionality mode.
Users can view files only. | Office enters reduced functionality mode.
Users can view files only. | -| **Cloud services (SharePoint Online, Exchange Online, Skype, Teams, and more)** | No end user impact | No end user impact | End users and admins have no access to data in the cloud. | Customer's subscription and all data are deleted. | -| **EM+S components** | No admin impact
No end user impact | No admin impact
No end user impact | Capability will cease to be enforced.
See [Mobile device impacts upon subscription expiration](#mobile-device-impacts-upon-subscription-expiration) and [Windows 10 PC impacts upon subscription expiration](#windows-10-pc-impacts-upon-subscription-expiration) for more info. | Capability will cease to be enforced.
See [Mobile device impacts upon subscription expiration](#mobile-device-impacts-upon-subscription-expiration) and [Windows 10 PC impacts upon subscription expiration](#windows-10-pc-impacts-upon-subscription-expiration) for more info. | -| **Windows 10 Business** | No admin impact
No end user impact | No admin impact
No end user impact | Capability will cease to be enforced.
See [Mobile device impacts upon subscription expiration](#mobile-device-impacts-upon-subscription-expiration) and [Windows 10 PC impacts upon subscription expiration](#windows-10-pc-impacts-upon-subscription-expiration) for more info. | Capability will cease to be enforced.
See [Mobile device impacts upon subscription expiration](#mobile-device-impacts-upon-subscription-expiration) and [Windows 10 PC impacts upon subscription expiration](#windows-10-pc-impacts-upon-subscription-expiration) for more info. | -| **Azure AD login to a Windows 10 PC** | No admin impact
No end user impact | No admin impact
No end user impact | No admin impact
No end user impact | Once the tenant is deleted, a user can log in with local credentials only. Re-image the device if there are no local credentials. | - -## Mobile device impacts upon subscription expiration - -The followint table summarizes the impact to the app management policies on mobile devices. - -| | Fully licensed experience | T+60 days post expiration | -|----------------------------|------------------------------------------------|------------------------------------| -| **Delete work files from an inactive device** | Work files are removed after selected days | Work files remain on the user's personal devices | -| **Force users to save all work files to OneDrive for Business** | Work files can only be saved to OneDrive for Business | Work files can be saved anywhere | -| **Encrypt work files** | Work files are encrypted | Work files are no longer encrypted.
Security policies are removed and Office data on apps is removed. | -| **Require PIN or fingerprint to access Office apps** | Restricted access to apps | No app-level access restriction | -| **Reset PIN when login fails** | Restricted access to apps | No app-level access restriction | -| **Require users to sign in again after Office apps have been idle** | Sign-in required | No sign-in required to access apps | -| **Deny access to work files on jailbroken or rooted devices** | Work files cannot be accessed on jailbroken/rooted devices | Work files can be accessed on jailbroken/rooted devices | -| **Allow users to copy content from Office apps to Personal apps** | Copy/paste restricted to apps available as part of Microsoft 365 Business subscription | Copy/paste available to all apps | - -## Windows 10 PC impacts upon subscription expiration - -The following table summarizes the impact to the Windows 10 device configuration policies. - -| | Fully licensed experience | T+60 days post expiration | -|----------------------------|------------------------------------------------|------------------------------------| -| **Help protect PCs from threats using Windows Defender** | Turn on/off is outside of user control | User may turn on/off Windows Defender on the Windows 10 PC | -| **Help protect PCs from web-based threats in Microsoft Edge** | PC protection in Microsoft Edge | User may turn on/off PC protection in Microsoft Edge | -| **Turn off device screen when idle** | Admin defines screen timeout interval policy | Screen timeout can be configured by end user | -| **Allow users to download apps from Microsoft Store** | Admin defines if a user can download apps from Microsoft Store | User can download apps from Microsoft Store anytime | -| **Allow users to access Cortana** | Admin defines policy on user access to Cortana | User devices to turn on/off Cortana | -| **Allow users to receive tips and advertisements from Microsoft** | Admin defines policy on user receive tips and advertisements from Microsoft | User may turn on/off tips and advertisements from Microsoft | -| **Allow users to copy content from Office apps into personal apps** | Admin defines policy to keep Windows 10 devices up-to-date | Users can decide when to update Windows | - - - - diff --git a/microsoft-365/TOC.md b/microsoft-365/TOC.md deleted file mode 100644 index 06913f7aef..0000000000 --- a/microsoft-365/TOC.md +++ /dev/null @@ -1 +0,0 @@ -# [Index](index.md) \ No newline at end of file diff --git a/microsoft-365/images/M365-education.svg b/microsoft-365/images/M365-education.svg deleted file mode 100644 index 7f83629296..0000000000 --- a/microsoft-365/images/M365-education.svg +++ /dev/null @@ -1,171 +0,0 @@ - - - - - M365-education - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/microsoft-365/index.md b/microsoft-365/index.md deleted file mode 100644 index 9249c650ec..0000000000 --- a/microsoft-365/index.md +++ /dev/null @@ -1,90 +0,0 @@ ---- -layout: HubPage -hide_bc: true -author: CelesteDG -ms.author: celested -ms.topic: hub-page -keywords: Microsoft 365, Microsoft 365 documentation, Microsoft 365 for business, Microsoft 365 for enterprise, Microsoft 365 for education, enterprise, business, education, docs, documentation -title: Microsoft 365 Documentation -description: Find documentation and resources for Microsoft 365--a complete, intelligent solution, including Office 365, Windows 10, and Enterprise Mobility + Security, that empowers everyone to be creative and work together, securely. -ms.date: 09/25/2017 ---- -
-
-

Microsoft 365 Documentation

- -
-
\ No newline at end of file diff --git a/windows/client-management/mdm/policy-csp-applicationdefaults.md b/windows/client-management/mdm/policy-csp-applicationdefaults.md index 9016bca75e..2889bb4f2a 100644 --- a/windows/client-management/mdm/policy-csp-applicationdefaults.md +++ b/windows/client-management/mdm/policy-csp-applicationdefaults.md @@ -67,6 +67,8 @@ Added in Windows 10, version 1703. This policy allows an administrator to set de If policy is enabled and the client machine is Azure Active Directory joined, the associations assigned in SyncML will be processed and default associations will be applied. + + To create create the SyncML, follow these steps:
  1. Install a few apps and change your defaults.
    2. @@ -119,7 +121,7 @@ Here is the SyncMl example: ``` - +
    diff --git a/windows/client-management/mdm/policy-csp-applicationmanagement.md b/windows/client-management/mdm/policy-csp-applicationmanagement.md index a28201a263..1ca01c5a3f 100644 --- a/windows/client-management/mdm/policy-csp-applicationmanagement.md +++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md @@ -148,14 +148,17 @@ The following list shows the supported values: Specifies whether automatic update of apps from Microsoft Store are allowed. + +Most restricted value is 0. + + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. -Most restricted value is 0. - - +
    @@ -525,14 +528,17 @@ The following list shows the supported values: Allows disabling of the retail catalog and only enables the Private store. + +Most restricted value is 1. + + + The following list shows the supported values: - 0 (default) – Allow both public and Private store. - 1 – Only Private store is enabled. -Most restricted value is 1. - - +
    diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index 07b993c521..51ca199a31 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -237,13 +237,6 @@ Specifies whether autofill on websites is allowed. Most restricted value is 0. -To verify AllowAutofill is set to 0 (not allowed): - -1. Open Microsoft Edge. -2. In the upper-right corner of the browser, click **…**. -3. Click **Settings** in the drop down list, and select **View Advanced Settings**. -4. Verify the setting **Save form entries** is greyed out. - The following list shows the supported values: @@ -252,6 +245,15 @@ The following list shows the supported values: - 1 (default) – Allowed. + +To verify AllowAutofill is set to 0 (not allowed): + +1. Open Microsoft Edge. +2. In the upper-right corner of the browser, click **…**. +3. Click **Settings** in the drop down list, and select **View Advanced Settings**. +4. Verify the setting **Save form entries** is greyed out. + +
    @@ -354,13 +356,18 @@ The following list shows the supported values: Specifies whether cookies are allowed. + +Most restricted value is 0. + + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. -Most restricted value is 0. - + + To verify AllowCookies is set to 0 (not allowed): 1. Open Microsoft Edge or Microsoft Edge for Windows 10 Mobile. @@ -368,7 +375,7 @@ To verify AllowCookies is set to 0 (not allowed): 3. Click **Settings** in the drop down list, and select **View Advanced Settings**. 4. Verify the setting **Cookies** is greyed out. - +
    @@ -471,13 +478,6 @@ Specifies whether Do Not Track headers are allowed. Most restricted value is 1. -To verify AllowDoNotTrack is set to 0 (not allowed): - -1. Open Microsoft Edge or Microsoft Edge for Windows 10 Mobile. -2. In the upper-right corner of the browser, click **…**. -3. Click **Settings** in the drop down list, and select **View Advanced Settings**. -4. Verify the setting **Send Do Not Track requests** is greyed out. - The following list shows the supported values: @@ -486,6 +486,15 @@ The following list shows the supported values: - 1 – Allowed. + +To verify AllowDoNotTrack is set to 0 (not allowed): + +1. Open Microsoft Edge or Microsoft Edge for Windows 10 Mobile. +2. In the upper-right corner of the browser, click **…**. +3. Click **Settings** in the drop down list, and select **View Advanced Settings**. +4. Verify the setting **Send Do Not Track requests** is greyed out. + +
    @@ -793,13 +802,6 @@ Specifies whether saving and managing passwords locally on the device is allowed Most restricted value is 0. -To verify AllowPasswordManager is set to 0 (not allowed): - -1. Open Microsoft Edge or Microsoft Edge for Windows 10 Mobile. -2. In the upper-right corner of the browser, click **…**. -3. Click **Settings** in the drop down list, and select **View Advanced Settings**. -4. Verify the settings **Offer to save password** and **Manage my saved passwords** are greyed out. - The following list shows the supported values: @@ -808,6 +810,15 @@ The following list shows the supported values: - 1 (default) – Allowed. + +To verify AllowPasswordManager is set to 0 (not allowed): + +1. Open Microsoft Edge or Microsoft Edge for Windows 10 Mobile. +2. In the upper-right corner of the browser, click **…**. +3. Click **Settings** in the drop down list, and select **View Advanced Settings**. +4. Verify the settings **Offer to save password** and **Manage my saved passwords** are greyed out. + +
    @@ -853,13 +864,6 @@ Specifies whether pop-up blocker is allowed or enabled. Most restricted value is 1. -To verify AllowPopups is set to 0 (not allowed): - -1. Open Microsoft Edge. -2. In the upper-right corner of the browser, click **…**. -3. Click **Settings** in the drop down list, and select **View Advanced Settings**. -4. Verify the setting **Block pop-ups** is greyed out. - The following list shows the supported values: @@ -868,6 +872,15 @@ The following list shows the supported values: - 1 – Pop-up blocker is allowed or enabled. It means that pop-up browser windows are blocked. + +To verify AllowPopups is set to 0 (not allowed): + +1. Open Microsoft Edge. +2. In the upper-right corner of the browser, click **…**. +3. Click **Settings** in the drop down list, and select **View Advanced Settings**. +4. Verify the setting **Block pop-ups** is greyed out. + +
    @@ -1021,13 +1034,6 @@ Specifies whether Windows Defender SmartScreen is allowed. Most restricted value is 1. -To verify AllowSmartScreen is set to 0 (not allowed): - -1. Open Microsoft Edge or Microsoft Edge for Windows 10 Mobile. -2. In the upper-right corner of the browser, click **…**. -3. Click **Settings** in the drop down list, and select **View Advanced Settings**. -4. Verify the setting **Help protect me from malicious sites and download with SmartScreen Filter** is greyed out. - The following list shows the supported values: @@ -1036,6 +1042,15 @@ The following list shows the supported values: - 1 (default) – Allowed. + +To verify AllowSmartScreen is set to 0 (not allowed): + +1. Open Microsoft Edge or Microsoft Edge for Windows 10 Mobile. +2. In the upper-right corner of the browser, click **…**. +3. Click **Settings** in the drop down list, and select **View Advanced Settings**. +4. Verify the setting **Help protect me from malicious sites and download with SmartScreen Filter** is greyed out. + +
    @@ -1132,12 +1147,6 @@ Added in Windows 10, version 1703. Specifies whether to clear browsing data on e Most restricted value is 1. -To verify that browsing data is cleared on exit (ClearBrowsingDataOnExit is set to 1): - -1. Open Microsoft Edge and browse to websites. -2. Close the Microsoft Edge window. -3. Open Microsoft Edge and start typing the same URL in address bar. Verify that it does not auto-complete from history. - The following list shows the supported values: @@ -1146,6 +1155,14 @@ The following list shows the supported values: - 1 – Browsing data is cleared on exit. + +To verify that browsing data is cleared on exit (ClearBrowsingDataOnExit is set to 1): + +1. Open Microsoft Edge and browse to websites. +2. Close the Microsoft Edge window. +3. Open Microsoft Edge and start typing the same URL in address bar. Verify that it does not auto-complete from history. + +
    @@ -1197,14 +1214,17 @@ If this setting is not configured, the search engines used are the ones that are > [!IMPORTANT] > Due to Protected Settings (aka.ms/browserpolicy), this setting will apply only on domain-joined machines or when the device is MDM-enrolled.  + +Most restricted value is 0. + + + The following list shows the supported values: - 0 (default) – Additional search engines are not allowed. - 1 – Additional search engines are allowed. -Most restricted value is 0. - - +
    @@ -1364,12 +1384,14 @@ The following list shows the supported values:   Allows the user to specify an URL of an enterprise site list. + + The following list shows the supported values: - Not configured. The device checks for updates from Microsoft Update. - Set to a URL location of the enterprise site list. - +
    @@ -2061,14 +2083,17 @@ If this setting is not configured, the default search engine is set to the one s > [!IMPORTANT] > This setting can be used only with domain-joined or MDM-enrolled devices. For more information, see the Microsoft browser extension policy (aka.ms/browserpolicy). + +Most restricted value is 0. + + + The following list shows the supported values: - 0 (default) - The default search engine is set to the one specified in App settings. - 1 - Allows you to configure the default search engine for your employees. -Most restricted value is 0. - - +
    @@ -2174,14 +2199,6 @@ Added in Windows 10, version 1703. Specifies whether favorites are kept in sync > > Enabling this setting stops Microsoft Edge favorites from syncing between connected Windows 10 devices. -To verify that favorites are in synchronized between Internet Explorer and Microsoft Edge: - -
      -
    1. Open Internet Explorer and add some favorites. -
    2. Open Microsoft Edge, then select Hub > Favorites. -
    3. Verify that the favorites added to Internet Explorer show up in the favorites list in Microsoft Edge. -
    - The following list shows the supported values: @@ -2190,6 +2207,16 @@ The following list shows the supported values: - 1 – Synchronization is on. + +To verify that favorites are in synchronized between Internet Explorer and Microsoft Edge: + +
      +
    1. Open Internet Explorer and add some favorites. +
    2. Open Microsoft Edge, then select Hub > Favorites. +
    3. Verify that the favorites added to Internet Explorer show up in the favorites list in Microsoft Edge. +
    + +
    diff --git a/windows/client-management/mdm/policy-csp-cryptography.md b/windows/client-management/mdm/policy-csp-cryptography.md index e35c21d6ee..2957dd9d77 100644 --- a/windows/client-management/mdm/policy-csp-cryptography.md +++ b/windows/client-management/mdm/policy-csp-cryptography.md @@ -68,12 +68,14 @@ ms.date: 01/29/2018 Allows or disallows the Federal Information Processing Standard (FIPS) policy. + + The following list shows the supported values: - 0 (default) – Not allowed. - 1– Allowed. - +
    diff --git a/windows/client-management/mdm/policy-csp-defender.md b/windows/client-management/mdm/policy-csp-defender.md index 1324fc9bf1..bcd17f7911 100644 --- a/windows/client-management/mdm/policy-csp-defender.md +++ b/windows/client-management/mdm/policy-csp-defender.md @@ -171,12 +171,14 @@ ms.date: 01/29/2018 Allows or disallows scanning of archives. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -223,12 +225,14 @@ The following list shows the supported values:   Allows or disallows Windows Defender Behavior Monitoring functionality. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -275,12 +279,14 @@ The following list shows the supported values: To best protect your PC, Windows Defender will send information to Microsoft about any problems it finds. Microsoft will analyze that information, learn more about problems affecting you and other customers, and offer improved solutions. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -327,12 +333,14 @@ The following list shows the supported values: Allows or disallows scanning of email. + + The following list shows the supported values: - 0 (default) – Not allowed. - 1 – Allowed. - +
    @@ -379,12 +387,14 @@ The following list shows the supported values: Allows or disallows a full scan of mapped network drives. + + The following list shows the supported values: - 0 (default) – Not allowed. - 1 – Allowed. - +
    @@ -431,12 +441,14 @@ The following list shows the supported values: Allows or disallows a full scan of removable drives. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -483,12 +495,14 @@ The following list shows the supported values:   Allows or disallows Windows Defender IOAVP Protection functionality. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -535,12 +549,14 @@ The following list shows the supported values: Allows or disallows Windows Defender Intrusion Prevention functionality. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -587,12 +603,14 @@ The following list shows the supported values: Allows or disallows Windows Defender On Access Protection functionality. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -639,12 +657,14 @@ The following list shows the supported values: Allows or disallows Windows Defender Realtime Monitoring functionality. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -691,12 +711,14 @@ The following list shows the supported values:   Allows or disallows a scanning of network files. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -743,12 +765,14 @@ The following list shows the supported values: Allows or disallows Windows Defender Script Scanning functionality. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -795,12 +819,14 @@ The following list shows the supported values: Allows or disallows user access to the Windows Defender UI. If disallowed, all Windows Defender notifications will also be suppressed. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -947,11 +973,14 @@ Value type is string.   Represents the average CPU load factor for the Windows Defender scan (in percent). -Valid values: 0–100 The default value is 50. + +Valid values: 0–100 + +
    @@ -1206,11 +1235,14 @@ Added in Windows 10, version 1709. This policy settings allows adding user-speci   Time period (in days) that quarantine items will be stored on the system. -Valid values: 0–90 The default value is 0, which keeps items in quarantine, and does not automatically remove them. + +Valid values: 0–90 + +
    @@ -1518,13 +1550,15 @@ Each file type must be separated by a **|**. For example, "C:\\Example.exe|C:\\E Added in Windows 10, version 1607. Specifies the level of detection for potentially unwanted applications (PUAs). Windows Defender alerts you when potentially unwanted software is being downloaded or attempts to install itself on your computer. + + The following list shows the supported values: - 0 (default) – PUA Protection off. Windows Defender will not protect against potentially unwanted applications. - 1 – PUA Protection on. Detected items are blocked. They will show in history along with other threats. - 2 – Audit mode. Windows Defender will detect potentially unwanted applications, but take no action. You can review information about the applications Windows Defender would have taken action against by searching for events created by Windows Defender in the Event Viewer. - +
    @@ -1574,14 +1608,15 @@ Controls which sets of files should be monitored. > [!NOTE] > If **AllowOnAccessProtection** is not allowed, then this configuration can be used to monitor specific files. - + + The following list shows the supported values: - 0 (default) – Monitor all files (bi-directional). - 1 – Monitor incoming files. - 2 – Monitor outgoing files. - +
    @@ -1628,12 +1663,14 @@ The following list shows the supported values: Selects whether to perform a quick scan or full scan. + + The following list shows the supported values: - 1 (default) – Quick scan - 2 – Full scan - +
    @@ -1684,13 +1721,16 @@ Selects the time of day that the Windows Defender quick scan should run. > The scan type will depends on what scan type is selected in the **Defender/ScanParameter** setting.   -Valid values: 0–1380 For example, a value of 0=12:00AM, a value of 60=1:00AM, a value of 120=2:00, and so on, up to a value of 1380=11:00PM. The default value is 120 + +Valid values: 0–1380 + +
    @@ -1740,7 +1780,8 @@ Selects the day that the Windows Defender scan should run. > [!NOTE] > The scan type will depends on what scan type is selected in the **Defender/ScanParameter** setting. - + + The following list shows the supported values: - 0 (default) – Every day @@ -1753,7 +1794,7 @@ The following list shows the supported values: - 7 – Sunday - 8 – No scheduled scan - +
    @@ -1804,13 +1845,16 @@ Selects the time of day that the Windows Defender scan should run. > The scan type will depends on what scan type is selected in the **Defender/ScanParameter** setting. -Valid values: 0–1380. For example, a value of 0=12:00AM, a value of 60=1:00AM, a value of 120=2:00, and so on, up to a value of 1380=11:00PM. The default value is 120. + +Valid values: 0–1380. + +
    @@ -1857,13 +1901,16 @@ The default value is 120.   Specifies the interval (in hours) that will be used to check for signatures, so instead of using the ScheduleDay and ScheduleTime the check for new signatures will be set according to the interval. -Valid values: 0–24. A value of 0 means no check for new signatures, a value of 1 means to check every hour, a value of 2 means to check every two hours, and so on, up to a value of 24, which means to check every day. The default value is 8. + +Valid values: 0–24. + +
    @@ -1910,6 +1957,8 @@ The default value is 8.   Checks for the user consent level in Windows Defender to send data. If the required consent has already been granted, Windows Defender submits them. If not, (and if the user has specified never to ask), the UI is launched to ask for user consent (when **Defender/AllowCloudProtection** is allowed) before sending data. + + The following list shows the supported values: - 0 – Always prompt. @@ -1917,7 +1966,7 @@ The following list shows the supported values: - 2 – Never send. - 3 – Send all samples automatically. - +
    diff --git a/windows/client-management/mdm/policy-csp-devicelock.md b/windows/client-management/mdm/policy-csp-devicelock.md index 97297f2da1..3b169444ca 100644 --- a/windows/client-management/mdm/policy-csp-devicelock.md +++ b/windows/client-management/mdm/policy-csp-devicelock.md @@ -180,15 +180,18 @@ Specifies whether to show a user-configurable setting to control the screen time > This policy must be wrapped in an Atomic command. -The following list shows the supported values: - -- 0 (default) – Not allowed. -- 1 – Allowed. > [!IMPORTANT] > If this policy is set to 1 (Allowed), the value set by **DeviceLock/ScreenTimeOutWhileLocked** is ignored. To ensure enterprise control over the screen timeout, set this policy to 0 (Not allowed) and use **DeviceLock/ScreenTimeOutWhileLocked** to set the screen timeout period. + +The following list shows the supported values: + +- 0 (default) – Not allowed. +- 1 – Allowed. + +
    @@ -235,14 +238,17 @@ Specifies whether PINs or passwords such as "1111" or "1234" are allowed. For th > This policy must be wrapped in an Atomic command. + +For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). + + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. -For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). - - +
    @@ -291,11 +297,6 @@ Determines the type of PIN or password required. This policy only applies if the > Always use the Replace command instead of Add for this policy in Windows 10 for desktop editions (Home, Pro, Enterprise, and Education). -The following list shows the supported values: - -- 0 – Alphanumeric PIN or password required. -- 1 – Numeric PIN or password required. -- 2 (default) – Users can choose: Numeric PIN or password, or Alphanumeric PIN or password. > [!NOTE] > If **AlphanumericDevicePasswordRequired** is set to 1 or 2, then MinDevicePasswordLength = 0 and MinDevicePasswordComplexCharacters = 1. @@ -303,6 +304,14 @@ The following list shows the supported values: > If **AlphanumericDevicePasswordRequired** is set to 0, then MinDevicePasswordLength = 4 and MinDevicePasswordComplexCharacters = 2. + +The following list shows the supported values: + +- 0 – Alphanumeric PIN or password required. +- 1 – Numeric PIN or password required. +- 2 (default) – Users can choose: Numeric PIN or password, or Alphanumeric PIN or password. + +
    @@ -351,10 +360,6 @@ Specifies whether device lock is enabled. > Always use the Replace command instead of Add for this policy in Windows 10 for desktop editions.   -The following list shows the supported values: - -- 0 (default) – Enabled -- 1 – Disabled > [!IMPORTANT] > The **DevicePasswordEnabled** setting must be set to 0 (device password is enabled) for the following policy settings to take effect: @@ -391,6 +396,13 @@ The following list shows the supported values: > - MaxInactivityTimeDeviceLock + +The following list shows the supported values: + +- 0 (default) – Enabled +- 1 – Disabled + +
    @@ -437,16 +449,19 @@ Specifies when the password expires (in days). > This policy must be wrapped in an Atomic command. -The following list shows the supported values: - -- An integer X where 0 <= X <= 730. -- 0 (default) - Passwords do not expire. If all policy values = 0 then 0; otherwise, Min policy value is the most secure value. For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). + +The following list shows the supported values: + +- An integer X where 0 <= X <= 730. +- 0 (default) - Passwords do not expire. + +
    @@ -493,10 +508,6 @@ Specifies how many passwords can be stored in the history that can’t be used. > This policy must be wrapped in an Atomic command. -The following list shows the supported values: - -- An integer X where 0 <= X <= 50. -- 0 (default) The value includes the user's current password. This means that with a setting of 1 the user cannot reuse their current password when choosing a new password, while a setting of 5 means that a user cannot set their new password to their current password or any of their previous four passwords. @@ -505,6 +516,13 @@ Max policy value is the most restricted. For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). + +The following list shows the supported values: + +- An integer X where 0 <= X <= 50. +- 0 (default) + +
    @@ -656,16 +674,19 @@ This policy has different behaviors on the mobile device and desktop. Prior to reaching the failed attempts limit, the user is sent to the lock screen and warned that more failed attempts will lock their computer. When the user reaches the limit, the device automatically reboots and shows the BitLocker recovery page. This page prompts the user for the BitLocker recovery key. -The following list shows the supported values: - -- An integer X where 4 <= X <= 16 for desktop and 0 <= X <= 999 for mobile devices. -- 0 (default) - The device is never wiped after an incorrect PIN or password is entered. Most secure value is 0 if all policy values = 0; otherwise, Min policy value is the most secure value. For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). + +The following list shows the supported values: + +- An integer X where 4 <= X <= 16 for desktop and 0 <= X <= 999 for mobile devices. +- 0 (default) - The device is never wiped after an incorrect PIN or password is entered. + +
    @@ -712,14 +733,17 @@ Specifies the maximum amount of time (in minutes) allowed after the device is id > This policy must be wrapped in an Atomic command. + +For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). + + + The following list shows the supported values: - An integer X where 0 <= X <= 999. - 0 (default) - No timeout is defined. The default of "0" is Windows Phone 7.5 parity and is interpreted by as "No timeout is defined." -For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx). - - +
    @@ -765,13 +789,14 @@ Specifies the maximum amount of time (in minutes) allowed after the device is id > [!NOTE] > This policy must be wrapped in an Atomic command. - + + The following list shows the supported values: - An integer X where 0 <= X <= 999. - 0 (default) - No timeout is defined. The default of "0" is Windows Phone 7.5 parity and is interpreted by as "No timeout is defined." - +
    @@ -934,17 +959,20 @@ Specifies the minimum number or characters required in the PIN or password. > Always use the Replace command instead of Add for this policy in Windows 10 for desktop editions. -The following list shows the supported values: - -- An integer X where 4 <= X <= 16 for mobile devices and desktop. However, local accounts will always enforce a minimum password length of 6. -- Not enforced. -- The default value is 4 for mobile devices and desktop devices. Max policy value is the most restricted. For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](https://technet.microsoft.com/library/dn282287.aspx) and [KB article](https://support.office.com/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca). + +The following list shows the supported values: + +- An integer X where 4 <= X <= 16 for mobile devices and desktop. However, local accounts will always enforce a minimum password length of 6. +- Not enforced. +- The default value is 4 for mobile devices and desktop devices. + +
    diff --git a/windows/client-management/mdm/policy-csp-display.md b/windows/client-management/mdm/policy-csp-display.md index 395598e623..e2302d2679 100644 --- a/windows/client-management/mdm/policy-csp-display.md +++ b/windows/client-management/mdm/policy-csp-display.md @@ -76,12 +76,14 @@ If you disable or do not configure this policy setting, GDI DPI Scaling might st If GDI DPI Scaling is configured to both turn off and turn on an application, the application will be turned off. + + To validate on Desktop, do the following: 1. Configure the setting for an app which has GDI DPI scaling enabled via MDM or any other supported mechanisms. 2. Run the app and observe blurry text. - +
    @@ -132,12 +134,14 @@ If you disable or do not configure this policy setting, GDI DPI Scaling will not If GDI DPI Scaling is configured to both turn off and turn on an application, the application will be turned off. + + To validate on Desktop, do the following: 1. Configure the setting for an app which uses GDI. 2. Run the app and observe crisp text. - +
    diff --git a/windows/client-management/mdm/policy-csp-experience.md b/windows/client-management/mdm/policy-csp-experience.md index 08a7c01d46..9c346946d7 100644 --- a/windows/client-management/mdm/policy-csp-experience.md +++ b/windows/client-management/mdm/policy-csp-experience.md @@ -1080,13 +1080,15 @@ The following list shows the supported values: Allows IT admins to specify whether spotlight should be used on the user's lock screen. If your organization does not have an Enterprise spotlight content service, then this policy will behave the same as a setting of 1. + + The following list shows the supported values: - 0 – None. - 1 (default) – Windows spotlight enabled. - 2 – placeholder only for future extension. Using this value has no effect. - +
    @@ -1133,12 +1135,14 @@ If you enable this policy setting, users will no longer see feedback notificatio If you disable or do not configure this policy setting, users can control how often they receive feedback questions. + + The following list shows the supported values: - 0 (default) – Feedback notifications are not disabled. The actual state of feedback notifications on the device will then depend on what GP has configured or what the user has configured locally. - 1 – Feedback notifications are disabled. - +
    diff --git a/windows/client-management/mdm/policy-csp-exploitguard.md b/windows/client-management/mdm/policy-csp-exploitguard.md index 421c1c41e8..9f742bb32f 100644 --- a/windows/client-management/mdm/policy-csp-exploitguard.md +++ b/windows/client-management/mdm/policy-csp-exploitguard.md @@ -67,6 +67,8 @@ Enables the IT admin to push out a configuration representing the desired system The system settings require a reboot; the application settings do not require a reboot. + + Here is an example: ``` syntax @@ -92,7 +94,7 @@ Here is an example: ``` - +
    diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md index d142ceb56a..1207e03022 100644 --- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md +++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md @@ -293,13 +293,16 @@ Disabling the Administrator account can become a maintenance issue under certain Under Safe Mode boot, the disabled Administrator account will only be enabled if the machine is non-domain joined and there are no other local active administrator accounts. If the computer is domain joined the disabled administrator will not be enabled. Default: Disabled. -Valid values: -- 0 - local Administrator account is disabled -- 1 - local Administrator account is enabled Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - local Administrator account is disabled +- 1 - local Administrator account is enabled + +
    @@ -343,15 +346,18 @@ Value type is integer. Supported operations are Add, Get, Replace, and Delete. This security setting determines if the Guest account is enabled or disabled. Default: Disabled. -Valid values: -- 0 - local Guest account is disabled -- 1 - local Guest account is enabled Note: If the Guest account is disabled and the security option Network Access: Sharing and Security Model for local accounts is set to Guest Only, network logons, such as those performed by the Microsoft Network Server (SMB Service), will fail. Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - local Guest account is disabled +- 1 - local Guest account is enabled + +
    @@ -397,9 +403,6 @@ Accounts: Limit local account use of blank passwords to console logon only This security setting determines whether local accounts that are not password protected can be used to log on from locations other than the physical computer console. If enabled, local accounts that are not password protected will only be able to log on at the computer's keyboard. Default: Enabled. -Valid values: -- 0 - disabled - local accounts that are not password protected can be used to log on from locations other than the physical computer console -- 1 - enabled - local accounts that are not password protected will only be able to log on at the computer's keyboard Warning: @@ -412,6 +415,12 @@ It is possible for applications that use remote interactive logons to bypass thi Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - disabled - local accounts that are not password protected can be used to log on from locations other than the physical computer console +- 1 - enabled - local accounts that are not password protected will only be able to log on at the computer's keyboard + +
    @@ -1086,14 +1095,17 @@ In order to take advantage of this policy on domain controllers, all domain cont Interactive Logon:Display user information when the session is locked + +Value type is integer. Supported operations are Add, Get, Replace, and Delete. + + + Valid values: - 1 - User display name, domain and user names - 2 - User display name only - 3 - Do not display user information -Value type is integer. Supported operations are Add, Get, Replace, and Delete. - - +
    @@ -1142,13 +1154,16 @@ If this policy is enabled, the username will not be shown. If this policy is disabled, the username will be shown. Default: Disabled. -Valid values: -- 0 - disabled (username will be shown) -- 1 - enabled (username will not be shown) Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - disabled (username will be shown) +- 1 - enabled (username will not be shown) + +
    @@ -1198,13 +1213,16 @@ If this policy is enabled, the username will not be shown. If this policy is disabled, the username will be shown. Default: Disabled. -Valid values: -- 0 - disabled (username will be shown) -- 1 - enabled (username will not be shown) Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - disabled (username will be shown) +- 1 - enabled (username will not be shown) + +
    @@ -1255,13 +1273,16 @@ If this policy is disabled, any user is required to press CTRL+ALT+DEL before lo Default on domain-computers: Enabled: At least Windows 8/Disabled: Windows 7 or earlier. Default on stand-alone computers: Enabled. -Valid values: -- 0 - disabled -- 1 - enabled (a user is not required to press CTRL+ALT+DEL to log on) Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - disabled +- 1 - enabled (a user is not required to press CTRL+ALT+DEL to log on) + +
    @@ -1307,13 +1328,16 @@ Interactive logon: Machine inactivity limit. Windows notices inactivity of a logon session, and if the amount of inactive time exceeds the inactivity limit, then the screen saver will run, locking the session. Default: not enforced. -Valid values: -- 0 - disabled -- 1 - enabled (session will lock after amount of inactive time exceeds the inactivity limit) Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - disabled +- 1 - enabled (session will lock after amount of inactive time exceeds the inactivity limit) + +
    @@ -2203,13 +2227,16 @@ Network security: Allow PKU2U authentication requests to this computer to use on This policy will be turned off by default on domain joined machines. This would prevent online identities from authenticating to the domain joined machine. -Valid values: -- 0 - disabled -- 1 - enabled (allow PKU2U authentication requests to this computer to use online identities.) Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - disabled +- 1 - enabled (allow PKU2U authentication requests to this computer to use online identities.) + +
    @@ -2477,13 +2504,16 @@ Recovery console: Allow automatic administrative logon This security setting determines if the password for the Administrator account must be given before access to the system is granted. If this option is enabled, the Recovery Console does not require you to provide a password, and it automatically logs on to the system. Default: This policy is not defined and automatic administrative logon is not allowed. -Valid values: -- 0 - disabled -- 1 - enabled (allow automatic administrative logon) Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - disabled +- 1 - enabled (allow automatic administrative logon) + +
    @@ -2534,13 +2564,16 @@ When this policy is disabled, the option to shut down the computer does not appe Default on workstations: Enabled. Default on servers: Disabled. -Valid values: -- 0 - disabled -- 1 - enabled (allow system to be shut down without having to log on) Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - disabled +- 1 - enabled (allow system to be shut down without having to log on) + +
    @@ -2688,15 +2721,18 @@ This policy setting controls whether User Interface Accessibility (UIAccess or U Enabled: UIA programs, including Windows Remote Assistance, automatically disable the secure desktop for elevation prompts. If you do not disable the "User Account Control: Switch to the secure desktop when prompting for elevation" policy setting, the prompts appear on the interactive user's desktop instead of the secure desktop. Disabled: (Default) -Valid values: -- 0 - disabled -- 1 - enabled (allow UIAccess applications to prompt for elevation without using the secure desktop) The secure desktop can be disabled only by the user of the interactive desktop or by disabling the "User Account Control: Switch to the secure desktop when prompting for elevation" policy setting. Value type is integer. Supported operations are Add, Get, Replace, and Delete. + +Valid values: +- 0 - disabled +- 1 - enabled (allow UIAccess applications to prompt for elevation without using the secure desktop) + +
    diff --git a/windows/client-management/mdm/policy-csp-location.md b/windows/client-management/mdm/policy-csp-location.md index f5a62a9471..3d2a9f5773 100644 --- a/windows/client-management/mdm/policy-csp-location.md +++ b/windows/client-management/mdm/policy-csp-location.md @@ -68,17 +68,21 @@ Added in Windows 10, version 1703. Optional policy that allows for IT admin to > [!IMPORTANT] > This policy is not intended to ever be set, pushed, or refreshed more than one time after the first boot of the device because it is meant as initial configuration. Refreshing this policy might result in the Location Service's Device Switch changing state to something the user did not select, which is not an intended use for this policy. + + The following list shows the supported values: - 0 (default) – Disabled. - 1 – Enabled. + + To validate on Desktop, do the following: 1. Verify that Settings -> Privacy -> Location -> Location for this device is On/Off as expected. 2. Use Windows Maps Application (or similar) to see if a location can or cannot be obtained. - +
    diff --git a/windows/client-management/mdm/policy-csp-messaging.md b/windows/client-management/mdm/policy-csp-messaging.md index a10d85a033..743c206a04 100644 --- a/windows/client-management/mdm/policy-csp-messaging.md +++ b/windows/client-management/mdm/policy-csp-messaging.md @@ -74,12 +74,14 @@ ms.date: 01/29/2018 Added in Windows 10, version 1703. Enables or disables the MMS send/receive functionality on the device. For enterprises, this policy can be used to disable MMS on devices as part of the auditing or management requirement. + + The following list shows the supported values: - 0 - Disabled. - 1 (default) - Enabled. - +
    @@ -122,12 +124,14 @@ The following list shows the supported values: Added in Windows 10, version 1607. Enables text message back up and restore and Messaging Everywhere. This policy allows an organization to disable these features to avoid information being stored on servers outside of their control. + + The following list shows the supported values: - 0 - message sync is not allowed and cannot be changed by the user. - 1 - message sync is allowed. The user can change this setting. - +
    @@ -173,12 +177,14 @@ The following list shows the supported values: Added in Windows 10, version 1703. Enables or disables the RCS send/receive functionality on the device. For enterprises, this policy can be used to disable RCS on devices as part of the auditing or management requirement. + + The following list shows the supported values: - 0 - Disabled. - 1 (default) - Enabled. - +
    diff --git a/windows/client-management/mdm/policy-csp-privacy.md b/windows/client-management/mdm/policy-csp-privacy.md index 8ab600b9d8..5422f5440f 100644 --- a/windows/client-management/mdm/policy-csp-privacy.md +++ b/windows/client-management/mdm/policy-csp-privacy.md @@ -504,15 +504,18 @@ The following list shows the supported values: Added in Windows 10, version 1607. Specifies whether Windows apps can access account information. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -684,15 +687,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can access the calendar. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -864,15 +870,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can access call history. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -1044,15 +1053,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can access the camera. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -1224,15 +1236,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can access contacts. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -1404,15 +1419,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can access email. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -1584,15 +1602,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can access location. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -1764,15 +1785,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can read or send messages (text or MMS). + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -1944,15 +1968,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can access the microphone. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -2124,15 +2151,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can access motion data. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -2304,15 +2334,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can access notifications. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -2484,15 +2517,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can make phone calls. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -2664,15 +2700,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps have access to control radios. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -3016,15 +3055,18 @@ Added in Windows 10, version 1703. List of semi-colon delimited Package Family N Added in Windows 10, version 1607. Specifies whether Windows apps can access trusted devices. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -3196,15 +3238,18 @@ Added in Windows 10, version 1607. List of semi-colon delimited Package Family Added in Windows 10, version 1703. Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    @@ -3376,17 +3421,20 @@ Added in Windows 10, version 1703. List of semi-colon delimited Package Family Added in Windows 10, version 1703. Specifies whether Windows apps can run in the background. -The following list shows the supported values: - -- 0 – User in control (default). -- 1 – Force allow. -- 2 - Force deny. Most restricted value is 2. > [!WARNING] > Be careful when determining which apps should have their background activity disabled. Communication apps normally update tiles and notifications through background processes. Turning off background activity for these types of apps could cause text message, email, and voicemail notifications to not function. This could also cause background email syncing to not function properly. + +The following list shows the supported values: + +- 0 – User in control (default). +- 1 – Force allow. +- 2 - Force deny. + +
    @@ -3558,15 +3606,18 @@ Added in Windows 10, version 1703. List of semi-colon delimited Package Family Added in Windows 10, version 1607. Specifies whether Windows apps can sync with devices. + +Most restricted value is 2. + + + The following list shows the supported values: - 0 – User in control. - 1 – Force allow. - 2 - Force deny. -Most restricted value is 2. - - +
    diff --git a/windows/client-management/mdm/policy-csp-search.md b/windows/client-management/mdm/policy-csp-search.md index 6aac1d55e9..743ea8568e 100644 --- a/windows/client-management/mdm/policy-csp-search.md +++ b/windows/client-management/mdm/policy-csp-search.md @@ -106,12 +106,14 @@ ms.date: 01/29/2018 Added in Windows 10, version 1709. Allow search and Cortana to search cloud sources like OneDrive and SharePoint. This policy allows corporate administrators to control whether employees can turn off/on the search of these cloud sources. The default policy value is to allow employees access to the setting that controls search of cloud sources. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -332,14 +334,17 @@ This policy has been deprecated. Allows the use of diacritics. + +Most restricted value is 0. + + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. -Most restricted value is 0. - - +
    @@ -425,14 +430,17 @@ Allow Windows indexer. Value type is integer. Specifies whether to always use automatic language detection when indexing content and properties. + +Most restricted value is 0. + + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. -Most restricted value is 0. - - +
    @@ -475,12 +483,14 @@ Most restricted value is 0. If enabled, the search indexer backoff feature will be disabled. Indexing will continue at full speed even when system activity is high. If disabled, backoff logic will be used to throttle back indexing activity when system activity is high. Default is disabled. + + The following list shows the supported values: - 0 (default) – Disable. - 1 – Enable. - +
    @@ -527,12 +537,14 @@ If you enable this policy setting, locations on removable drives cannot be added If you disable or do not configure this policy setting, locations on removable drives can be added to libraries. In addition, locations on removable drives can be indexed. + + The following list shows the supported values: - 0 (default) – Disable. - 1 – Enable. - +
    @@ -634,12 +646,14 @@ Enable this policy if computers in your environment have extremely limited hard When this policy is disabled or not configured, Windows Desktop Search automatically manages your index size. + + The following list shows the supported values: - 0 – Disable. - 1 (default) – Enable. - +
    @@ -682,12 +696,14 @@ The following list shows the supported values: If enabled, clients will be unable to query this computer's index remotely. Thus, when they are browsing network shares that are stored on this computer, they will not search them using the index. If disabled, client search requests will use this computer's index.. + + The following list shows the supported values: - 0 – Disable. - 1 (default) – Enable. - +
    @@ -734,14 +750,17 @@ The following list shows the supported values: Specifies what level of safe search (filtering adult content) is required. + +Most restricted value is 0. + + + The following list shows the supported values: - 0 – Strict, highest filtering against adult content. - 1 (default) – Moderate filtering against adult content (valid search results will not be filtered). -Most restricted value is 0. - - +
    diff --git a/windows/client-management/mdm/policy-csp-security.md b/windows/client-management/mdm/policy-csp-security.md index 7ee5db3300..8d7edec458 100644 --- a/windows/client-management/mdm/policy-csp-security.md +++ b/windows/client-management/mdm/policy-csp-security.md @@ -147,12 +147,14 @@ The following list shows the supported values: Specifies whether to allow automatic device encryption during OOBE when the device is Azure AD joined. + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. - +
    @@ -468,12 +470,14 @@ Added in Windows 10, version 1607 to replace the deprecated policy **Security/A Specifies whether to allow automatic device encryption during OOBE when the device is Azure AD joined. + + The following list shows the supported values: - 0 (default) – Encryption enabled. - 1 – Encryption disabled. - +
    @@ -516,10 +520,6 @@ The following list shows the supported values: Allows enterprise to turn on internal storage encryption. -The following list shows the supported values: - -- 0 (default) – Encryption is not required. -- 1 – Encryption is required. Most restricted value is 1. @@ -527,6 +527,13 @@ Most restricted value is 1. > If encryption has been enabled, it cannot be turned off by using this policy. + +The following list shows the supported values: + +- 0 (default) – Encryption is not required. +- 1 – Encryption is required. + +
    @@ -569,12 +576,14 @@ Most restricted value is 1. Specifies whether provisioning packages must have a certificate signed by a device trusted authority. + + The following list shows the supported values: - 0 (default) – Not required. - 1 – Required. - +
    @@ -617,10 +626,6 @@ The following list shows the supported values: Specifies whether to retrieve and post TCG Boot logs, and get or cache an encrypted or signed Health Attestation Report from the Microsoft Health Attestation Service (HAS) when a device boots or reboots. -The following list shows the supported values: - -- 0 (default) – Not required. -- 1 – Required. Setting this policy to 1 (Required): @@ -634,6 +639,13 @@ Setting this policy to 1 (Required): Most restricted value is 1. + +The following list shows the supported values: + +- 0 (default) – Not required. +- 1 – Required. + +
    diff --git a/windows/client-management/mdm/policy-csp-settings.md b/windows/client-management/mdm/policy-csp-settings.md index f5a811c564..1ba96f10d0 100644 --- a/windows/client-management/mdm/policy-csp-settings.md +++ b/windows/client-management/mdm/policy-csp-settings.md @@ -728,6 +728,8 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure the default setting for showing additional calendars (besides the default calendar for the locale) in the taskbar clock and calendar flyout. In this version of Windows 10, supported additional calendars are: Simplified or Traditional Chinese lunar calendar. Turning on one of these calendars will display Chinese lunar dates below the default calendar for the locale. Select "Don't show additional calendars" to prevent showing other calendars besides the default calendar for the locale. + + The following list shows the supported values: - 0 (default) – User will be allowed to configure the setting. @@ -735,7 +737,7 @@ The following list shows the supported values: - 2 - Simplified Chinese (Lunar). - 3 - Traditional Chinese (Lunar). - +
    @@ -802,13 +804,15 @@ Example 2, specifies that the wifi page should not be shown: hide:wifi + + To validate on Desktop, do the following: 1. Open System Settings and verfiy that the About page is visible and accessible. 2. Configure the policy with the following string: "hide:about". 3. Open System Settings again and verify that the About page is no longer accessible. - +
    diff --git a/windows/client-management/mdm/policy-csp-start.md b/windows/client-management/mdm/policy-csp-start.md index fa95c2c0a3..eabc6aabe7 100644 --- a/windows/client-management/mdm/policy-csp-start.md +++ b/windows/client-management/mdm/policy-csp-start.md @@ -663,15 +663,18 @@ The following list shows the supported values: Forces the start screen size. + +If there is policy configuration conflict, the latest configuration request is applied to the device. + + + The following list shows the supported values: - 0 (default) – Do not force size of Start. - 1 – Force non-fullscreen size of Start. - 2 - Force a fullscreen size of Start. -If there is policy configuration conflict, the latest configuration request is applied to the device. - - +
    @@ -720,12 +723,6 @@ Allows IT Admins to configure Start by collapsing or removing the all apps list. > [!Note] > There were issues reported with the previous release of this policy and a fix was added in Windows 10, version 1709. -The following list shows the supported values: - -- 0 (default) – None. -- 1 – Hide all apps list. -- 2 - Hide all apps list, and Disable "Show app list in Start menu" in Settings app. -- 3 - Hide all apps list, remove all apps button, and Disable "Show app list in Start menu" in Settings app. To validate on Desktop, do the following: @@ -735,6 +732,15 @@ To validate on Desktop, do the following: - 2c - If set to '3': Verify that there is no way of opening the all apps list from Start, and that the Settings toggle is grayed out. + +The following list shows the supported values: + +- 0 (default) – None. +- 1 – Hide all apps list. +- 2 - Hide all apps list, and Disable "Show app list in Start menu" in Settings app. +- 3 - Hide all apps list, remove all apps button, and Disable "Show app list in Start menu" in Settings app. + +
    @@ -777,11 +783,6 @@ To validate on Desktop, do the following: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding "Change account settings" from appearing in the user tile. -To validate on Desktop, do the following: - -1. Enable policy. -2. Open Start, click on the user tile, and verify that "Change account settings" is not available. - The following list shows the supported values: @@ -790,6 +791,13 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Open Start, click on the user tile, and verify that "Change account settings" is not available. + +
    @@ -835,6 +843,15 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding most used apps. + + +The following list shows the supported values: + +- 0 (default) – False (do not hide). +- 1 - True (hide). + + + To validate on Desktop, do the following: 1. Enable "Show most used apps" in the Settings app. @@ -844,14 +861,7 @@ To validate on Desktop, do the following: 5. Check that "Show most used apps" Settings toggle is grayed out. 6. Check that most used apps do not appear in Start. - - -The following list shows the supported values: - -- 0 (default) – False (do not hide). -- 1 - True (hide). - - +
    @@ -894,10 +904,6 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding "Hibernate" from appearing in the Power button. -To validate on Laptop, do the following: - -1. Enable policy. -2. Open Start, click on the Power button, and verify "Hibernate" is not available. > [!NOTE] > This policy can only be verified on laptops as "Hibernate" does not appear on regular PC's. @@ -910,6 +916,13 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Laptop, do the following: + +1. Enable policy. +2. Open Start, click on the Power button, and verify "Hibernate" is not available. + +
    @@ -952,11 +965,6 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding "Lock" from appearing in the user tile. -To validate on Desktop, do the following: - -1. Enable policy. -2. Open Start, click on the user tile, and verify "Lock" is not available. - The following list shows the supported values: @@ -965,6 +973,13 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Open Start, click on the user tile, and verify "Lock" is not available. + +
    @@ -1055,11 +1070,6 @@ Value type is integer. Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding the Power button from appearing. -To validate on Desktop, do the following: - -1. Enable policy. -2. Open Start, and verify the power button is not available. - The following list shows the supported values: @@ -1068,6 +1078,13 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Open Start, and verify the power button is not available. + +
    @@ -1113,6 +1130,15 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding recently opened items in the jumplists from appearing. + + +The following list shows the supported values: + +- 0 (default) – False (do not hide). +- 1 - True (hide). + + + To validate on Desktop, do the following: 1. Enable "Show recently opened items in Jump Lists on Start of the taskbar" in Settings. @@ -1125,14 +1151,7 @@ To validate on Desktop, do the following: 8. Repeat Step 2. 9. Right Click pinned photos app and verify that there is no jumplist of recent items. - - -The following list shows the supported values: - -- 0 (default) – False (do not hide). -- 1 - True (hide). - - +
    @@ -1178,6 +1197,15 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding recently added apps. + + +The following list shows the supported values: + +- 0 (default) – False (do not hide). +- 1 - True (hide). + + + To validate on Desktop, do the following: 1. Enable "Show recently added apps" in the Settings app. @@ -1187,14 +1215,7 @@ To validate on Desktop, do the following: 5. Check that "Show recently added apps" Settings toggle is grayed out. 6. Check that recently added apps do not appear in Start. - - -The following list shows the supported values: - -- 0 (default) – False (do not hide). -- 1 - True (hide). - - +
    @@ -1237,11 +1258,6 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding "Restart" and "Update and restart" from appearing in the Power button. -To validate on Desktop, do the following: - -1. Enable policy. -2. Open Start, click on the Power button, and verify "Restart" and "Update and restart" are not available. - The following list shows the supported values: @@ -1250,6 +1266,13 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Open Start, click on the Power button, and verify "Restart" and "Update and restart" are not available. + +
    @@ -1292,11 +1315,6 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding "Shut down" and "Update and shut down" from appearing in the Power button. -To validate on Desktop, do the following: - -1. Enable policy. -2. Open Start, click on the Power button, and verify "Shut down" and "Update and shut down" are not available. - The following list shows the supported values: @@ -1305,6 +1323,13 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Open Start, click on the Power button, and verify "Shut down" and "Update and shut down" are not available. + +
    @@ -1347,11 +1372,6 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding "Sign out" from appearing in the user tile. -To validate on Desktop, do the following: - -1. Enable policy. -2. Open Start, click on the user tile, and verify "Sign out" is not available. - The following list shows the supported values: @@ -1360,6 +1380,13 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Open Start, click on the user tile, and verify "Sign out" is not available. + +
    @@ -1402,11 +1429,6 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding "Sleep" from appearing in the Power button. -To validate on Desktop, do the following: - -1. Enable policy. -2. Open Start, click on the Power button, and verify that "Sleep" is not available. - The following list shows the supported values: @@ -1415,6 +1437,13 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Open Start, click on the Power button, and verify that "Sleep" is not available. + +
    @@ -1457,11 +1486,6 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding "Switch account" from appearing in the user tile. -To validate on Desktop, do the following: - -1. Enable policy. -2. Open Start, click on the user tile, and verify that "Switch account" is not available. - The following list shows the supported values: @@ -1470,6 +1494,13 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Open Start, click on the user tile, and verify that "Switch account" is not available. + +
    @@ -1515,12 +1546,6 @@ The following list shows the supported values: Added in Windows 10, version 1703. Allows IT Admins to configure Start by hiding the user tile. -To validate on Desktop, do the following: - -1. Enable policy. -2. Log off. -3. Log in, and verify that the user tile is gone from Start. - The following list shows the supported values: @@ -1529,6 +1554,14 @@ The following list shows the supported values: - 1 - True (hide). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Log off. +3. Log in, and verify that the user tile is gone from Start. + +
    @@ -1579,6 +1612,8 @@ Added in Windows 10, version 1703. This policy imports Edge assets (e.g. .png/. The value set for this policy is an XML string containing Edge assets. For an example XML string, see [Add image for secondary Microsoft Edge tiles](https://docs.microsoft.com/en-us/windows/configuration/start-secondary-tiles). + + To validate on Desktop, do the following: 1. Set policy with an XML for Edge assets. @@ -1586,7 +1621,7 @@ To validate on Desktop, do the following: 3. Sign out/in. 4. Verify that all Edge assets defined in XML show up in %LOCALAPPDATA%\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\LocalState path. - +
    @@ -1629,14 +1664,6 @@ To validate on Desktop, do the following: Added in Windows 10, version 1703. Allows IT Admins to configure the taskbar by disabling pinning and unpinning apps on the taskbar. -To validate on Desktop, do the following: - -1. Enable policy. -2. Right click on a program pinned to taskbar. -3. Verify that "Unpin from taskbar" menu does not show. -4. Open Start and right click on one of the app list icons. -5. Verify that More->Pin to taskbar menu does not show. - The following list shows the supported values: @@ -1645,6 +1672,16 @@ The following list shows the supported values: - 1 - True (pinning disabled). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Right click on a program pinned to taskbar. +3. Verify that "Unpin from taskbar" menu does not show. +4. Open Start and right click on one of the app list icons. +5. Verify that More->Pin to taskbar menu does not show. + +
    diff --git a/windows/client-management/mdm/policy-csp-storage.md b/windows/client-management/mdm/policy-csp-storage.md index 62c833ad36..b7bc8809d4 100644 --- a/windows/client-management/mdm/policy-csp-storage.md +++ b/windows/client-management/mdm/policy-csp-storage.md @@ -69,14 +69,17 @@ ms.date: 01/29/2018 Added in Windows 10, version 1709. Allows disk health model updates. + +Value type is integer. + + + The following list shows the supported values: - 0 - Do not allow - 1 (default) - Allow -Value type is integer. - - +
    diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md index e8c1f500f6..f7c6e8a3f8 100644 --- a/windows/client-management/mdm/policy-csp-system.md +++ b/windows/client-management/mdm/policy-csp-system.md @@ -115,13 +115,15 @@ This policy setting determines whether users can access the Insider build contro If you enable or do not configure this policy setting, users can download and install Windows preview software on their devices. If you disable this policy setting, the item "Get Insider builds" will be unavailable. + + The following list shows the supported values: - 0 – Not allowed. The item "Get Insider builds" is unavailable, users are unable to make their devices available for preview software. - 1 – Allowed. Users can make their devices available for downloading and installing preview software. - 2 (default) – Not configured. Users can make their devices available for downloading and installing preview software. - +
    @@ -219,15 +221,18 @@ The following list shows the supported values: This policy setting determines the level that Microsoft can experiment with the product to study user preferences or device behavior. + +Most restricted value is 0. + + + The following list shows the supported values: - 0 – Disabled. - 1 (default) – Permits Microsoft to configure device settings only. - 2 – Allows Microsoft to conduct full experimentations. -Most restricted value is 0. - - +
    @@ -333,11 +338,6 @@ To verify if System/AllowFontProviders is set to true: Specifies whether to allow app access to the Location service. -The following list shows the supported values: - -- 0 – Force Location Off. All Location Privacy settings are toggled off and greyed out. Users cannot change the settings, and no apps are allowed access to the Location service, including Cortana and Search. -- 1 (default) – Location service is allowed. The user has control and can change Location Privacy settings on or off. -- 2 – Force Location On. All Location Privacy settings are toggled on and greyed out. Users cannot change the settings and all consent permissions will be automatically suppressed. Most restricted value is 0. @@ -348,6 +348,14 @@ When switching the policy back from 0 (Force Location Off) or 2 (Force Location For example, an app's original Location setting is Off. The administrator then sets the **AllowLocation** policy to 2 (Force Location On.) The Location service starts working for that app, overriding the original setting. Later, if the administrator switches the **AllowLocation** policy back to 1 (User Control), the app will revert to using its original setting of Off. + +The following list shows the supported values: + +- 0 – Force Location Off. All Location Privacy settings are toggled off and greyed out. Users cannot change the settings, and no apps are allowed access to the Location service, including Cortana and Search. +- 1 (default) – Location service is allowed. The user has control and can change Location Privacy settings on or off. +- 2 – Force Location On. All Location Privacy settings are toggled on and greyed out. Users cannot change the settings and all consent permissions will be automatically suppressed. + +
    @@ -721,12 +729,6 @@ Added in Windows 10, version 1703. Allows IT Admins to prevent apps and features If you disable or do not configure this policy setting, apps and features can work with OneDrive file storage. -To validate on Desktop, do the following: - -1. Enable policy. -2. Restart machine. -3. Verify that OneDrive.exe is not running in Task Manager. - The following list shows the supported values: @@ -735,6 +737,14 @@ The following list shows the supported values: - 1 – True (sync disabled). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Restart machine. +3. Verify that OneDrive.exe is not running in Task Manager. + +
    diff --git a/windows/client-management/mdm/policy-csp-textinput.md b/windows/client-management/mdm/policy-csp-textinput.md index 7b2956f975..e712a54e76 100644 --- a/windows/client-management/mdm/policy-csp-textinput.md +++ b/windows/client-management/mdm/policy-csp-textinput.md @@ -278,14 +278,17 @@ The following list shows the supported values: Allows the Japanese IME surrogate pair characters. + +Most restricted value is 0. + + + The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. -Most restricted value is 0. - - +
    @@ -501,12 +504,6 @@ Added in Windows 10, version 1703. Specifies whether text prediction is enabled Most restricted value is 0. -To validate that text prediction is disabled on Windows 10 for desktop, do the following: - -1. Search for and launch the on-screen keyboard. Verify that text prediction is disabled by typing some text. Text prediction on the keyboard will be disabled even if the “Use Text Prediction” setting is enabled from the options button. -2. Launch the input panel/touch keyboard by touching a text input field or launching it from the taskbar. Verify that text prediction is disabled by typing some text. Text prediction on the keyboard will be disabled even if the “Show text suggestions as I type” setting is enabled in the Settings app. -3. Launch the handwriting tool from the touch keyboard. Verify that text prediction is disabled when you write using the tool. - The following list shows the supported values: @@ -515,6 +512,14 @@ The following list shows the supported values: - 1 (default) – Enabled. + +To validate that text prediction is disabled on Windows 10 for desktop, do the following: + +1. Search for and launch the on-screen keyboard. Verify that text prediction is disabled by typing some text. Text prediction on the keyboard will be disabled even if the “Use Text Prediction” setting is enabled from the options button. +2. Launch the input panel/touch keyboard by touching a text input field or launching it from the taskbar. Verify that text prediction is disabled by typing some text. Text prediction on the keyboard will be disabled even if the “Show text suggestions as I type” setting is enabled in the Settings app. +3. Launch the handwriting tool from the touch keyboard. Verify that text prediction is disabled when you write using the tool. + +
    @@ -684,12 +689,14 @@ The following list shows the supported values: Allows the users to restrict character code range of conversion by setting the character filter. + + The following list shows the supported values: - 0 (default) – No characters are filtered. - 1 – All characters except JIS0208 are filtered. - +
    @@ -736,12 +743,14 @@ The following list shows the supported values: Allows the users to restrict character code range of conversion by setting the character filter. + + The following list shows the supported values: - 0 (default) – No characters are filtered. - 1 – All characters except JIS0208 and EUDC are filtered. - +
    @@ -788,12 +797,14 @@ The following list shows the supported values: Allows the users to restrict character code range of conversion by setting the character filter. + + The following list shows the supported values: - 0 (default) – No characters are filtered. - 1 – All characters except ShiftJIS are filtered. - +
    diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md index d6e49b9bb0..3eac735f1d 100644 --- a/windows/client-management/mdm/policy-csp-update.md +++ b/windows/client-management/mdm/policy-csp-update.md @@ -357,6 +357,15 @@ Enables the IT admin to manage automatic update behavior to scan, download, and Supported operations are Get and Replace. + +> [!IMPORTANT] +> This option should be used only for systems under regulatory compliance, as you will not get security updates as well. +  + +If the policy is not configured, end-users get the default behavior (Auto install and restart). + + + The following list shows the supported values: - 0 – Notify the user before downloading the update. This policy is used by the enterprise who wants to enable the end-users to manage data usage. With this option users are notified when there are updates that apply to the device and are ready for download. Users can download and install the updates from the Windows Update control panel. @@ -366,13 +375,7 @@ The following list shows the supported values: - 4 – Auto install and restart without end-user control. Updates are downloaded automatically on non-metered networks and installed during "Automatic Maintenance" when the device is not in use and is not running on battery power. If automatic maintenance is unable to install updates for two days, Windows Update will install updates right away. If a restart is required, then the device is automatically restarted when the device is not actively being used. This setting option also sets the end-user control panel to read-only. - 5 – Turn off automatic updates. -> [!IMPORTANT] -> This option should be used only for systems under regulatory compliance, as you will not get security updates as well. -  - -If the policy is not configured, end-users get the default behavior (Auto install and restart). - - +
    @@ -469,12 +472,14 @@ The following list shows the supported values: Added in Windows 10, version 1607. Allows the IT admin to manage whether to scan for app updates from Microsoft Update. + + The following list shows the supported values: - 0 – Not allowed or not configured. - 1 – Allowed. Accepts updates received through Microsoft Update. - +
    @@ -724,12 +729,14 @@ Supported values are 15, 30, 60, 120, and 240 (minutes). Added in Windows 10, version 1703. Allows the IT Admin to specify the method by which the auto-restart required notification is dismissed. + + The following list shows the supported values: - 1 (default) – Auto Dismissal. - 2 – User Dismissal. - +
    @@ -1388,12 +1395,14 @@ The default value is 7 days. Added in Windows 10, version 1607. Allows IT Admins to exclude Windows Update (WU) drivers during updates. + + The following list shows the supported values: - 0 (default) – Allow Windows Update drivers. - 1 – Exclude Windows Update drivers. - +
    @@ -1439,12 +1448,14 @@ Added in the April service release of Windows 10, version 1607. Allows Windows U > [!NOTE] > This setting should only be used in combination with an alternate download URL and configured to use ISV file cache. This setting is used when the intranet update service does not provide download URLs in the update metadata for files which are available on the alternate download server. + + The following list shows the supported values: - 0 (default) – Disabled. - 1 – Enabled. - +
    @@ -1556,10 +1567,6 @@ Added in Windows 10, version 1703. Specifies whether to ignore the MO download > Setting this policy might cause devices to incur costs from MO operators. -To validate this policy: - -1. Enable the policy and ensure the device is on a cellular network. -2. Run the scheduled task on phone to check for OS updates in the background. For example, on a mobile device, run the following commands in TShell: - `exec-device schtasks.exe -arguments ""/run /tn """"\Microsoft\Windows\WindowsUpdate\AUScheduledInstall"""" /I""` 3. Verify that any downloads that are above the download size limit will complete without being paused. @@ -1572,6 +1579,13 @@ The following list shows the supported values: - 1 – Ignore MO download limit (allow unlimited downloading) for OS updates. + +To validate this policy: + +1. Enable the policy and ensure the device is on a cellular network. +2. Run the scheduled task on phone to check for OS updates in the background. For example, on a mobile device, run the following commands in TShell: + +
    @@ -1614,13 +1628,15 @@ The following list shows the supported values: Added in Windows 10, version 1709. Used to manage Windows 10 Insider Preview builds. Value type is integer. + + The following list shows the supported values: - 0 - Disable Preview builds - 1 - Disable Preview builds once the next release is public - 2 - Enable Preview builds - +
    @@ -1667,16 +1683,19 @@ The following list shows the supported values: Allows IT Admins to pause updates and upgrades for up to 5 weeks. Paused deferrals will be reset after 5 weeks. -The following list shows the supported values: - -- 0 (default) – Deferrals are not paused. -- 1 – Deferrals are paused. If the "Specify intranet Microsoft update service location" policy is enabled, then the "Defer upgrades by", "Defer updates by" and "Pause Updates and Upgrades" settings have no effect. If the "Allow Telemetry" policy is enabled and the Options value is set to 0, then the "Defer upgrades by", "Defer updates by" and "Pause Updates and Upgrades" settings have no effect. + +The following list shows the supported values: + +- 0 (default) – Deferrals are not paused. +- 1 – Deferrals are paused. + +
    @@ -1722,12 +1741,14 @@ Since this policy is not blocked, you will not get a failure message when you us Added in Windows 10, version 1607. Allows IT Admins to pause Feature Updates for up to 60 days. + + The following list shows the supported values: - 0 (default) – Feature Updates are not paused. - 1 – Feature Updates are paused for 60 days or until value set to back to 0, whichever is sooner. - +
    @@ -1815,12 +1836,14 @@ Value type is string. Supported operations are Add, Get, Delete, and Replace. Added in Windows 10, version 1607. Allows IT Admins to pause Quality Updates. + + The following list shows the supported values: - 0 (default) – Quality Updates are not paused. - 1 – Quality Updates are paused for 35 days or until value set back to 0, whichever is sooner. - +
    @@ -1923,12 +1946,14 @@ This policy is deprecated. Use [Update/RequireUpdateApproval](#update-requireupd Allows the IT admin to set a device to Semi-Annual Channel train. + + The following list shows the supported values: - 0 (default) – User gets upgrades from Semi-Annual Channel (Targeted). - 1 – User gets upgrades from Semi-Annual Channel. - +
    @@ -1977,12 +2002,14 @@ Allows the IT admin to restrict the updates that are installed on a device to on Supported operations are Get and Replace. + + The following list shows the supported values: - 0 – Not configured. The device installs all applicable updates. - 1 – The device only installs updates that are both applicable and on the Approved Updates list. Set this policy to 1 if IT wants to control the deployment of updates on devices, such as when testing is required prior to deployment. - +
    @@ -2131,6 +2158,8 @@ The data type is a integer. Supported operations are Add, Delete, Get, and Replace. + + The following list shows the supported values: - 0 (default) – Every day @@ -2142,7 +2171,7 @@ The following list shows the supported values: - 6 – Friday - 7 – Saturday - +
    @@ -2475,12 +2504,14 @@ The default value is 3. Added in Windows 10, version 1703. Allows the IT Admin to disable auto-restart notifications for update installations. + + The following list shows the supported values: - 0 (default) – Enabled - 1 – Disabled - +
    @@ -2523,12 +2554,14 @@ The following list shows the supported values: Added in Windows 10, version 1703. For devices in a cart, this policy skips all restart checks to ensure that the reboot will happen at ScheduledInstallTime. + + The following list shows the supported values: - 0 - not configured - 1 - configured - +
    @@ -2576,11 +2609,15 @@ Allows the device to check for updates from a WSUS server instead of Microsoft U Supported operations are Get and Replace. + + The following list shows the supported values: - Not configured. The device checks for updates from Microsoft Update. - Set to a URL, such as `http://abcd-srv:8530`. The device checks for updates from the WSUS server at the specified URL. + + Example ``` syntax @@ -2599,7 +2636,7 @@ Example ``` - +
    diff --git a/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md b/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md index 78fb5ed4b9..a7f22fe4fc 100644 --- a/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md +++ b/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md @@ -166,12 +166,14 @@ Value type is string. Supported operations are Add, Get, Replace and Delete. Added in Windows 10, next major release. Use this policy setting to specify if to display the Account protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area. + + Valid values: - 0 - (Disable) The users can see the display of the Account protection area in Windows Defender Security Center. - 1 - (Enable) The users cannot see the display of the Account protection area in Windows Defender Security Center. - +
    @@ -266,12 +268,14 @@ The following list shows the supported values: Added in Windows 10, next major release. Use this policy setting if you want to disable the display of the Device security area in the Windows Defender Security Center. If you disable or do not configure this setting, Windows defender Security Center will display this area. + + Valid values: - 0 - (Disable) The users can see the display of the Device security area in Windows Defender Security Center. - 1 - (Enable) The users cannot see the display of the Device secuirty area in Windows Defender Security Center. - +
    @@ -830,12 +834,14 @@ The following list shows the supported values: Added in Windows 10, next major update. Use this policy setting to hide the Ransomware data recovery area in Windows Defender Security Center. + + Valid values: - 0 - (Disable or not configured) The Ransomware data recovery area will be visible. - 1 - (Enable) The Ransomware data recovery area is hidden. - +
    @@ -878,12 +884,14 @@ Valid values: Added in Windows 10, next major update. Use this policy to hide the Secure boot area in the Windows Defender Security Center. + + Valid values: - 0 - (Disable or not configured) The Secure boot area is displayed. - 1 - (Enable) The Secure boot area is hidden. - +
    @@ -926,12 +934,14 @@ Valid values: Added in Windows 10, next major update. Use this policy to hide the Security processor (TPM) troubleshooting area in the Windows Defender Security Center. + + Valid values: - 0 - (Disable or not configured) The Security processor (TPM) troubleshooting area is displayed. - 1 - (Enable) The Security processor (TPM) troubleshooting area is hidden. - +
    diff --git a/windows/client-management/mdm/policy-csp-windowsinkworkspace.md b/windows/client-management/mdm/policy-csp-windowsinkworkspace.md index eda04ac82d..69290e276b 100644 --- a/windows/client-management/mdm/policy-csp-windowsinkworkspace.md +++ b/windows/client-management/mdm/policy-csp-windowsinkworkspace.md @@ -118,13 +118,15 @@ The following list shows the supported values: Added in Windows 10, version 1607. Specifies whether to allow the user to access the ink workspace. + + Value type is int. The following list shows the supported values: - 0 - access to ink workspace is disabled. The feature is turned off. - 1 - ink workspace is enabled (feature is turned on), but the user cannot access it above the lock screen. - 2 (default) - ink workspace is enabled (feature is turned on), and the user is allowed to use it above the lock screen. - +
    diff --git a/windows/client-management/mdm/policy-csp-windowslogon.md b/windows/client-management/mdm/policy-csp-windowslogon.md index e0a364f38a..9679d7b3a3 100644 --- a/windows/client-management/mdm/policy-csp-windowslogon.md +++ b/windows/client-management/mdm/policy-csp-windowslogon.md @@ -195,11 +195,6 @@ ADMX Info: Added in Windows 10, version 1703. This policy setting allows you to hide the Switch account button on the sign-in screen, Start, and the Task Manager. If you enable this policy setting, the Switch account button is hidden from the user who is attempting to sign-in or is signed in to the computer that has this policy applied. If you disable or do not configure this policy setting, the Switch account button is accessible to the user in the three locations. -To validate on Desktop, do the following: - -1. Enable policy. -2. Verify that the Switch account button in Start is hidden. - The following list shows the supported values: @@ -208,6 +203,13 @@ The following list shows the supported values: - 1 - Enabled (hidden). + +To validate on Desktop, do the following: + +1. Enable policy. +2. Verify that the Switch account button in Start is hidden. + +