deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' into jreeds-offline

Browse Source
This commit is contained in:
Jeff Reeds (Aquent LLC) 2020-06-02 11:14:11 -07:00
commit 15d5cc0a74
226 changed files with 5675 additions and 2175 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
.openpublishing.redirection.json
View File

@ -1352,6 +1352,11 @@
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-siem",
"redirect_document_id": false
},
{
"source_path": "windows/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection",
"redirect_document_id": true
@ -14387,11 +14392,6 @@
"redirect_document_id": true
},
{
"source_path": "windows/update/waas-wufb-intune.md",
"redirect_url": "https://docs.microsoft.com/windows/deployment/update/waas-wufb-intune",
"redirect_document_id": true
},
{
"source_path": "windows/manage/manage-settings-app-with-group-policy.md",
"redirect_url": "https://docs.microsoft.com/windows/client-management/manage-settings-app-with-group-policy",
"redirect_document_id": true
@ -14602,6 +14602,11 @@
"redirect_document_id": true
},
{
"source_path": "browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md",
"redirect_url": "https://docs.microsoft.com/internet-explorer/kb-support/ie-edge-faqs",
"redirect_document_id": false
},
{
"source_path": "windows/keep-secure/security-technologies.md",
"redirect_url": "https://docs.microsoft.com/windows/windows-10/index",
"redirect_document_id": true
@ -14647,9 +14652,9 @@
"redirect_document_id": true
},
{
"source_path": "windows/privacy/basic-level-windows-diagnostic-events-and-fields.md",
"redirect_url": "https://docs.microsoft.com/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1903",
"redirect_document_id": true
"source_path": "windows/privacy/basic-level-windows-diagnostic-events-and-fields.md",
"redirect_url": "https://docs.microsoft.com/windows/privacy/required-windows-diagnostic-events-and-fields-2004",
"redirect_document_id": true
},
{
"source_path": "windows/configuration/basic-level-windows-diagnostic-events-and-fields-1703.md",
@ -15952,6 +15957,11 @@
"redirect_document_id": true
},
{
"source_path": "devices/surface/using-the-sda-deployment-share.md",
"redirect_url": "https://docs.microsoft.com/surface/microsoft-surface-deployment-accelerator",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction",
"redirect_document_id": true

123
browsers/internet-explorer/kb-support/clear-ie-cache-from-command-line.md
View File

@ -1,123 +0,0 @@
---
title: Clear the Internet Explorer cache from a command line
description: Introduces command-line commands and a sample batch file for clearing the IE cache.
audience: ITPro
manager: msmets
author: ramakoni1
ms.author: ramakoni
ms.reviewer: ramakoni, DEV_Triage
ms.prod: internet-explorer
ms.technology:
ms.topic: kb-support
ms.custom: CI=111026
ms.localizationpriority: Normal
# localization_priority: medium
# ms.translationtype: MT
ms.date: 01/23/2020
---
# How to clear Internet Explorer cache by using the command line
This article outlines the procedure to clear the Internet Explorer cache by using the command line.
## Command line commands to clear browser cache
1. Delete history from the Low folder
`del /s /q C:\Users\\%username%\AppData\Local\Microsoft\Windows\History\low\* /ah`
2. Delete history
`RunDll32.exe InetCpl.cpl, ClearMyTracksByProcess 1`
3. Delete cookies
`RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2`
4. Delete temporary internet files
`RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8`
5. Delete form data
`RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16`
6. Delete stored passwords
`RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32`
7. Delete all
`RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255`
8. Delete files and settings stored by add-ons
`InetCpl.cpl,ClearMyTracksByProcess 4351`
If you upgraded from a previous version of Internet Explorer, you have to use the following commands to delete the files from older versions:
`RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9`
Command to reset Internet Explorer settings:
`Rundll32.exe inetcpl.cpl ResetIEtoDefaults`
## Sample batch file to clear Internet Explorer cache files
A sample batch file is available that you can use to clear Internet Explorer cache files and other items. You can download the file from [https://msdnshared.blob.core.windows.net/media/2017/09/ClearIE_Cache.zip](https://msdnshared.blob.core.windows.net/media/2017/09/ClearIE_Cache.zip).
The batch file offers the following options:
- Delete Non-trusted web History (low-level hidden cleanup)
- Delete History
- Delete Cookies
- Delete Temporary Internet Files
- Delete Form Data
- Delete Stored Passwords
- Delete All
- Delete All "Also delete files and settings stored by add-ons"
- Delete IE10 and IE9 Temporary Internet Files
- Resets IE Settings
- EXIT
**Contents of the batch file**
```dos
@echo off
# This sample script is not supported under any Microsoft standard support program or service.
# The sample script is provided AS IS without warranty of any kind. Microsoft further disclaims
# all implied warranties including, without limitation, any implied warranties of merchantability
# or of fitness for a particular purpose. The entire risk arising out of the use or performance of
# the sample scripts and documentation remains with you. In no event shall Microsoft, its authors,
# or anyone else involved in the creation, production, or delivery of the scripts be liable for any
# damages whatsoever (including, without limitation, damages for loss of business profits, business
# interruption, loss of business information, or other pecuniary loss) arising out of the use of or
# inability to use the sample scripts or documentation, even if Microsoft has been advised of the
# possibility of such damages
:home
cls
COLOR 00
echo Delete IE History
echo Please select the task you wish to run.
echo Pick one:
echo.
echo 1. Delete History
echo 2. Delete Cookies
echo 3. Delete Temporary Internet Files
echo 4. Delete Form Data
echo 5. Delete Stored Passwords
echo 6. Delete All
echo 7. Delete All "Also delete files and settings stored by add-ons"
echo 8. Delete IE10 and 9 Temporary Internet Files
echo 9. Reset IE Settings
echo 00. EXIT
:choice
Echo Hit a number [1-10] and press enter.
set /P CH=[1-10]
if "%CH%"=="1" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 1
if "%CH%"=="2" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2
if "%CH%"=="3" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8
if "%CH%"=="4" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16
if "%CH%"=="5" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32
if "%CH%"=="6" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255
if "%CH%"=="7" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351
if "%CH%"=="8" set x=RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 9
if "%CH%"=="9" set x=rundll32.exe inetcpl.cpl ResetIEtoDefaults
if "%CH%"=="00" goto quit
%x%
goto Home
:quit
```

10
devices/hololens/TOC.md
View File

@ -18,7 +18,7 @@
## [Getting around HoloLens (1st gen)](hololens1-basic-usage.md)
## [HoloLens (1st Gen) release notes](hololens1-release-notes.md)
# Deploy HoloLens and mixed-reality apps in commercial environments
# Deploy HoloLens and mixed reality apps in commercial environments
## [Commercial features](hololens-commercial-features.md)
## [Deploy HoloLens in a commercial environment](hololens-requirements.md)
## [Determine what licenses you need](hololens-licenses-requirements.md)
@ -29,13 +29,13 @@
## [Manage HoloLens updates](hololens-updates.md)
## [Enable Bitlocker device encryption for HoloLens](hololens-encryption.md)
# Navigating Windows Holographic
## [Start menu and mixed reality home](holographic-home.md)
## [Use your voice with HoloLens](hololens-cortana.md)
# Navigate the Windows Holographic environment
## [Use the Start menu and mixed reality home](holographic-home.md)
## [Use your voice to operate HoloLens](hololens-cortana.md)
## [Find, open, and save files](holographic-data.md)
## [Create mixed reality photos and videos](holographic-photos-and-videos.md)
# User management and access management
# Manage users and access
## [Manage user identity and sign-in for HoloLens](hololens-identity.md)
## [Share your HoloLens with multiple people](hololens-multiple-users.md)
## [Set up HoloLens as a kiosk](hololens-kiosk.md)

4
devices/hololens/holographic-home.md
View File

@ -1,5 +1,5 @@
---
title: Start menu and mixed reality home
title: Use the Start menu and mixed reality home
description: Navigate the mixed reality home in Windows Holographic.
ms.assetid: 742bc126-7996-4f3a-abb2-cf345dff730c
ms.date: 08/07/2019
@ -15,7 +15,7 @@ appliesto:
- HoloLens 2
---
# Start menu and mixed reality home
# Use the Start menu and mixed reality home
Just like the Windows PC experience starts with the desktop, Windows Holographic starts with mixed reality home. Using the Start menu you can open and place app windows, immersive app launchers, and 3D content in mixed reality home, and their placement in your physical space will be remembered.

8
devices/hololens/hololens-cortana.md
View File

@ -1,5 +1,5 @@
---
title: Use your voice with HoloLens
title: Use your voice to operate HoloLens
description: Cortana can help you do all kinds of things on your HoloLens
ms.assetid: fd96fb0e-6759-4dbe-be1f-58bedad66fed
ms.date: 03/10/2020
@ -17,7 +17,7 @@ appliesto:
- HoloLens 2
---
# Use your voice with HoloLens
# Use your voice to operate HoloLens
You can use your voice to do almost anything on HoloLens, such as taking a quick photo or opening an app. Many voice commands are built into HoloLens, while others are available through Cortana.
@ -34,14 +34,14 @@ Get around HoloLens faster with these basic commands. In order to use these, you
### General speech commands
Use these commands throughout Windows Mixed Reality to get around faster. Some commands use the gaze cursor, which you bring up by saying “select.”
Use these commands throughout Windows Mixed Reality to get around faster. Some commands use the gaze cursor, which you bring up by saying "select."
> [!NOTE]
> Hand rays are not supported on HoloLens (1st Gen).
| Say this | To do this |
| - | - |
| "Select" | Say "select" to bring up the gaze cursor. Then, turn your head to position the cursor on the thing you want to select, and say “select” again. |
| "Select" | Say "select" to bring up the gaze cursor. Then, turn your head to position the cursor on the thing you want to select, and say "select" again. |
|Open the Start menu | "Go to Start" |
|Close the Start menu | "Close" |
|Leave an immersive app | Say "Go to Start" to bring up the quick actions menu, then say "Mixed reality home." |

165
devices/hololens/hololens-diagnostic-logs.md
View File

@ -27,19 +27,20 @@ HoloLens users and administrators can choose from among four different methods t
- Feedback Hub app
- DiagnosticLog CSP
- Settings app
- Fallback diagnostics
> [!IMPORTANT]
> Device diagnostic logs contain personally identifiable information (PII), such as about what processes or applications the user starts during typical operations. When multiple users share a HoloLens device (for example, users sign in to the same device by using different Microsoft Azure Active Directory (AAD) accounts) the diagnostic logs may contain PII information that applies to multiple users. For more information, see [Microsoft Privacy statement](https://privacy.microsoft.com/privacystatement).
The following table compares the four collection methods. The method names link to more detailed information in the sections that follow the table.
The following table compares the three collection methods. The method names link to more detailed information in the sections that follow the table.
|Method |Prerequisites |Data locations |Data access and use |Data retention |
| --- | --- | --- | --- | --- |
|[Feedback Hub](#feedback-hub) |Network and internet connection<br /><br />Feedback Hub app<br /><br />Permission to upload files to the Microsoft cloud |Microsoft cloud<br /><br />HoloLens device (optional) |User requests assistance, agrees to the terms of use, and uploads the data<br /><br />Microsoft employees view the data, as consistent with the terms of use |Data in the cloud is retained for the period that is defined by Next Generation Privacy (NGP). Then the data is deleted automatically.<br /><br />Data on the device can be deleted at any time by a user who has **Device owner** or **Admin** permissions. |
|[Settings Troubleshooter](#settings-troubleshooter) |Settings app |HoloLens device<br /><br />Connected computer (optional) |The user stores the data, and only the user accesses the data (unless the user specifically shares the data with another user). |The data is retained until the user deletes it. |
|[Settings Troubleshooter](#settings-troubleshooter) |Settings app |HoloLens device<br /><br />Connected computer (optional) |The user stores the data, and only the user accesses the data (unless the user specifically shares the data with another user). |The data is retained until the user deletes it.* |
|[DiagnosticLog CSP](#diagnosticlog-csp) |Network connection<br /><br />MDM environment that supports the DiagnosticLog CSP |Administrator configures storage locations |In the managed environment, the user implicitly consents to administrator access to the data.<br /><br />Administrator configures access roles and permissions. | Administrator configures retention policy. |
|[Fallback diagnostics](#fallback-diagnostics) |Device configuration:<ul><li>Powered on and connected to computer</li><li>Power and Volume buttons functioning</li></ul> |HoloLens device<br /><br />Connected computer |The user stores the data, and only the user accesses the data (unless the user specifically shares the data with another user). |The data is retained until the user deletes it. |
- End-user is responsible for sharing the logs responsibly with someone else. These files are primarily useful when contacting customer service and support.
## Feedback Hub
@ -110,160 +111,4 @@ The IT administrator uses the DiagnosticLog CSP to configure the data storage, r
- The retention period for the diagnostic information.
- Permissions that control access to the diagnostic information.
## Fallback diagnostics
While device telemetry usually provides an initial understanding of a problem report, some issues require a broader and deeper understanding of the device state. When you (as a user or an administrator) investigate such issues, diagnostic logs that reside on the device are more useful than the basic device telemetry.
The fallback diagnostics process provides a way for you to gather diagnostic information if no other methods are available. Such scenarios include the following:
- The network or network-based resources (such as the Feedback Hub, MDM, and so on) are not available.
- The device is "stuck" or locked in a state in which usual troubleshooting capabilities (such as the Settings app) are not available. Such scenarios include the Out-of-Box-Experience (OOBE), kiosk mode, and a locked or "hung" user interface.
> [!IMPORTANT]
> - On HoloLens 2 devices, you can use fallback diagnostics under the following conditions only:
> - During the Out-of-the-Box-Experience (OOBE) and when you select **Send Full Diagnostics Data**.
> - If the environment's Group Policy enforces the **System\AllowTelemetry** policy value of **Full**.
> - On HoloLens (1st gen) devices, you can use fallback diagnostics on HoloLens version 17763.316 or a later version. This version is the version that the Windows Device Recovery Tool restores when it resets the device.
### How to use fallback diagnostics
Before you start the fallback diagnostics process, make sure of the following:
- The device is connected to a computer by using a USB cable.
- The device is powered on.
- The Power and Volume buttons on the device are functioning correctly.
To collect fallback diagnostic information, follow these steps:
1. On the device, press the Power and Volume Down buttons at the same time and then release them.
1. Wait for few seconds while the device collects the data.
### Data locations
The device stores the data locally. You can access that information from the connected desktop computer at the following location:
> This PC\\\<*HoloLens device name*>\\Internal Storage\\Documents
For more information about the files that the fallback diagnostics process collects, see [What diagnostics files does the fallback diagnostics process collect?](#what-diagnostics-files-does-the-fallback-diagnostics-process-collect).
### Data access, use, and retention
Because you store the data yourself, only you have access to the data. If you choose to share the data with another user, you implicitly grant permission for that user to access or store the data.
The data remains until you delete it.
### Frequently asked questions about fallback diagnostics on HoloLens
#### Does the device have to be enrolled with an MDM system?
No.
#### How can I use fallback diagnostics on HoloLens?
Before you start the fallback diagnostics process, make sure of the following:
- The device is connected to a computer by using a USB cable.
- The device is powered on.
- The Power and Volume buttons on the device are functioning correctly.
To collect fallback diagnostic information, follow these steps:
1. On the device, press the Power and Volume Down buttons at the same time and then release them.
1. Wait for few seconds while the device collects the data.
#### How would I know that data collection finished?
The fallback diagnostics process does not have a user interface. On HoloLens 2, when the process starts to collect data, it creates a file that is named HololensDiagnostics.temp. When the process finishes, it removes the file.
#### What diagnostics files does the fallback diagnostics process collect?
The fallback diagnostics process collects one or more .zip files, depending on the version of HoloLens. The following table lists each of the possible .zip files, and the applicable versions of HoloLens.
|File |Contents |HoloLens (1st gen) |HoloLens 2 10.0.18362+ |HoloLens 2 10.0.19041+ |
| --- | --- | --- | --- | --- |
|HololensDiagnostics.zip |Files&nbsp;for&nbsp;tracing sessions that ran on the device.<br /><br />Diagnostic information that's specific to Hololens. |✔️ |✔️ |✔️ |
|DeviceEnrollmentDiagnostics.zip |Information that's related to MDM, device enrollment, CSPs, and policies. | |✔️ |✔️ |
|AutoPilotDiagnostics.zip |Information that's related to autopilot and licensing.| | |✔️ |
|TPMDiagnostics.zip |Information that's related to the trusted platform module (TPM) on the device | | |✔️ |
> [!NOTE]
> Starting on May 2, 2019, the fallback diagnostics process collects EventLog*.etl files only if the signed-in user is the device owner. This is because these files may contain PII data. Such data is accessible to device owners only. This behavior matches the behavior of Windows desktop computers, where administrators have access to event log files but other users do not.
**Sample diagnostic content for HoloLens (1st gen)**
HololensDiagnostics.zip contains files such as the following:
- AuthLogon.etl
- EventLog-HupRe.etl.001
- FirstExperience.etl.001
- HetLog.etl
- HoloInput.etl.001
- HoloShell.etl.001
- WiFi.etl.001
**Sample diagnostic content for HoloLens 2 10.0.18362+**
HololensDiagnostics.zip contains files such as the following:
- EventLog-Application.etl.001*
- EventLog-System.etl.001*
- AuthLogon.etl
- EventLog-HupRe.etl.001
- FirstExperience.etl.001
- HetLog.etl
- HoloInput.etl.001
- HoloShell.etl.001
- WiFi.etl.001
- CSPsAndPolicies.etl.001
- RadioMgr.etl
- WiFiDriverIHVSession.etl
DeviceEnrollmentDiagnostics.zip contains files such as the following:
- MDMDiagHtmlReport.html
- MdmDiagLogMetadata.json
- MDMDiagReport.xml
- MdmDiagReport_RegistryDump.reg
- MdmLogCollectorFootPrint.txt
**Sample diagnostic content for HoloLens 2 10.0.19041+**
HololensDiagnostics.zip contains files such as the following:
- EventLog-Application.etl.001*
- EventLog-System.etl.001*
- AuthLogon.etl
- EventLog-HupRe.etl.001
- FirstExperience.etl.001
- HetLog.etl
- HoloInput.etl.001
- HoloShell.etl.001
- WiFi.etl.001
- CSPsAndPolicies.etl.001
- RadioMgr.etl
- WiFiDriverIHVSession.etl
- DisplayDiagnosticData.json
- HUP dumps
DeviceEnrollmentDiagnostics.zip contains files such as the following:
- MDMDiagHtmlReport.html
- MdmDiagLogMetadata.json
- MDMDiagReport.xml
- MdmDiagReport_RegistryDump.reg
- MdmLogCollectorFootPrint.txt
AutoPilotDiagnostics.zip contains files such as the following:
- DeviceHash_HoloLens-U5603.csv
- LicensingDiag.cab
- LicensingDiag_Output.txt
- TpmHliInfo_Output.txt
- DiagnosticLogCSP_Collector_DeviceEnrollment_\*.etl
- DiagnosticLogCSP_Collector_Autopilot_*.etl
TPMDiagnostics.zip contains files such as the following:
- CertReq_enrollaik_Output.txt
- CertUtil_tpminfo_Output.txt
- TPM\*.etl

2
devices/hololens/hololens-enroll-mdm.md
View File

@ -41,7 +41,7 @@ When auto-enrollment is enabled, no additional manual enrollment is needed. When
1. Select **Enroll into device management** and enter your organizational account. You will be redirected to your organization's sign in page.
1. Upon successful authentication to the MDM server, a success message is shown.
Your device is now enrolled with your MDM server. The device will need to restart to acquire policies, certificates, and apps. The Settings app will now reflect that the device is enrolled in device management.
Your device is now enrolled with your MDM server. The Settings app will now reflect that the device is enrolled in device management.
## Unenroll HoloLens from Intune

4
devices/hololens/hololens-kiosk.md
View File

@ -98,7 +98,9 @@ If you use a Mobile Device Management (MDM) system or a provisioning package to
|Dynamics 365 Guides |Microsoft.Dynamics365.Guides\_8wekyb3d8bbwe\!MicrosoftGuides |
|Dynamics 365 Remote Assist |Microsoft.MicrosoftRemoteAssist\_8wekyb3d8bbwe\!Microsoft.RemoteAssist |
|Feedback&nbsp;Hub |Microsoft.WindowsFeedbackHub\_8wekyb3d8bbwe\!App |
|Mail |c5e2524a-ea46-4f67-841f-6a9465d9d515\_cw5n1h2txyewy\!App |
|File Explorer |c5e2524a-ea46-4f67-841f-6a9465d9d515_cw5n1h2txyewy!App |
|Mail |microsoft.windowscommunicationsapps_8wekyb3d8bbwe!microsoft.windowslive.mail |
|Microsoft Store |Microsoft.WindowsStore_8wekyb3d8bbwe!App |
|Miracast<sup>4</sup> |&nbsp; |
|Movies & TV |Microsoft.ZuneVideo\_8wekyb3d8bbwe\!Microsoft.ZuneVideo |
|OneDrive |microsoft.microsoftskydrive\_8wekyb3d8bbwe\!App |

10
devices/hololens/hololens-release-notes.md
View File

@ -132,7 +132,7 @@ Many Windows apps now support both dark and light modes, and HoloLens 2 customer
- 3D Viewer
- Movies & TV
![Dark mode windows tiled](images/hololens-darkmode-tiled-picture.jpg)
![Dark mode windows tiled](images/DarkMode.jpg)
### System voice commands
@ -142,9 +142,6 @@ You can now quickly access and use commands with your voice while using any app
The updated app integrates with Microsoft 365, currently in English (United States) only, to help you get more done across your devices. On HoloLens 2, Cortana will no longer support certain device-specific commands like adjusting the volume or restarting the device, which are now supported with the new system voice commands mentioned above. Learn more about the new Cortana app and its direction on our blog [here](https://blogs.windows.com/windowsexperience/2020/02/28/cortana-in-the-upcoming-windows-10-release-focused-on-your-productivity-with-enhanced-security-and-privacy/).
> [!NOTE]
> There's currently an issue we're investigating that requires you to launch the app after booting the device in order to use the "Hey Cortana" keyword activation, and if you updated from a 18362 build, you may see an app tile for the previous version of the Cortana app in Start that no longer works.
### Quality improvements and fixes
Improvements and Fixes also in the update:
@ -162,6 +159,11 @@ Improvements and Fixes also in the update:
- Added Share button in Feedback Hub so users can more easily share feedback.
- Fixed a bug where RoboRaid did not install correctly.
### Known issues
- We are investigating an issue surrounding the use of the zh-CN system language that prevents the voice commands for taking a mixed reality capture or displaying the device IP address from working.
- We're investigating an issue that requires you to launch the Cortana app after booting the device in order to use the "Hey Cortana" voice activation, and if you updated from a 18362 build, you may see a second app tile for the previous version of the Cortana app in Start that no longer works.
## Windows Holographic, version 1903 - May 2020 Update
- Build 18362.1061

23
devices/hololens/hololens2-autopilot.md
View File

@ -71,7 +71,7 @@ Review the "[Requirements](https://docs.microsoft.com/windows/deployment/windows
Before you start the OOBE and provisioning process, make sure that the HoloLens devices meet the following requirements:
- The devices are not already members of Azure AD, and are not enrolled in Intune (or another MDM system). The Autopilot self-deploying process completes these steps. To make sure that all the device-related information is cleaned up, check the **Devices** pages in both Azure AD and Intune.
- Every device can connect to the internet. You can use a wired or wireless connection.
- Every device can connect to the internet. You can "USB C to Ethernet" adapters for wired internet connectivity or "USB C to Wifi" adapters for wireless internet connectivity.
- Every device can connect to a computer by using a USB-C cable, and that computer has the following available:
- Advanced Recovery Companion (ARC)
- The latest Windows update: Windows 10, version 19041.1002.200107-0909 or a later version)
@ -185,24 +185,7 @@ The Enrollment Status Page (ESP) displays the status of the complete device conf
![ESP configuration](./images/hololens-ap-profile-settings.png)
### 8. Configure a custom configuration profile for HoloLens devices (known issue)
1. In [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com), select **Devices** > **Configuration profiles** > **Create profile**.
1. For **Platform**, specify **Windows 10 and later**, and for **Profile**, select **Custom**.
1. Select **Create**.
1. Enter a name for the profile, and then select **Settings** > **Configure**.
![Settings for the custom configuration profile.](./images/hololens-ap-profile-settings-oma.png)
1. Select **Add**, and then specify the following information:
- **Name**: SidecarPath
- **OMA-URI**: ./images/Device/Vendor/MSFT/EnrollmentStatusTracking/DevicePreparation/PolicyProviders/Sidecar/InstallationState
- **Data type**: Integer
- **Value**: 2
1. Select **OK** two times, and then select **Create** to create the profile.
1. After Intune creates the configuration profile, assign the configuration profile to the device group for the HoloLens devices.
### 9. Verify the profile status of the HoloLens devices
### 8. Verify the profile status of the HoloLens devices
1. In Microsoft Endpoint Manager Admin Center, select **Devices** > **Windows** > **Windows enrollment** > **Devices**.
1. Verify that the HoloLens devices are listed, and that their profile status is **Assigned**.
@ -234,7 +217,7 @@ At the end of OOBE, you can sign in to the device by using your user name and pa
## Known Issues
- The list of supported languages for Autopilot deployment profiles includes languages that HoloLens does not support. Select a language that [HoloLens supports](hololens2-language-support.md).
- You cannot install applications that use the device security context.
## Feedback

2
devices/hololens/hololens2-language-support.md
View File

@ -62,7 +62,7 @@ The setup process configures your HoloLens for a specific region and language. Y
If the supported language that you're looking for is not in the menu, follow these steps:
1. Under **Preferred languages**, select **Add a language**.
2. Locater and add the language.
2. Locate and add the language.
3. Select the **Windows display language** menu again, and then select the language that you added in the previous step.
### To change the keyboard layout

BIN
devices/hololens/images/DarkMode.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 104 KiB

BIN
devices/hololens/images/MicrosoftHoloLensRecovery.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

2
devices/hololens/index.md
View File

@ -53,7 +53,7 @@ appliesto:
| [HoloLens user management](hololens-multiple-users.md) | Multiple users can share a HoloLens device by using their Azure Active Directory accounts. |
| [HoloLens application access management](hololens-kiosk.md) | Manage application access for different user groups. |
| [Recover and troubleshoot HoloLens issues](https://support.microsoft.com/products/hololens) | Learn how to gather logs from HoloLens, recover a misbehaving device, or reset HoloLens when necessary. |
| [Contact Support](https://support.microsoft.com/supportforbusiness/productselection) | Create a new support request for the business support team. |
| [Contact Support](https://support.microsoft.com/supportforbusiness/productselection?sapid=e9391227-fa6d-927b-0fff-f96288631b8f) | Create a new support request for the business support team. |
| [More support options](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in the enterprise. |
## Related resources

28
devices/surface-hub/surface-hub-2s-account.md
View File

@ -1,6 +1,6 @@
---
title: "Create Surface Hub 2S device account"
description: "This page describes the procedure for creating the Surface Hub 2S device account."
title: Create Surface Hub 2S device account
description: This page describes the procedure for creating the Surface Hub 2S device account.
keywords: separate values with commas
ms.prod: surface-hub
ms.sitesec: library
@ -15,15 +15,18 @@ ms.localizationpriority: Medium
# Create Surface Hub 2S device account
Creating a Surface Hub device account (also known as a Room mailbox) allows Surface Hub 2S to receive, approve, or decline meeting requests and join meetings using Microsoft Teams or Skype for Business. Configure the device account during OOBE setup. If needed you can change it later (without going through OOBE setup).
Creating a Surface Hub device account (also known as a Room mailbox) allows Surface Hub 2S to receive, approve, or decline meeting requests and join meetings using either Microsoft Teams or Skype for Business. Configure the device account during Out-of-Box Experience (OOBE) setup. If needed, you can change it later (without going through OOBE setup).
Unlike standard Room mailboxes that remain disabled by default, you need to enable the Surface Hub 2S device account to sign on to Microsoft Teams and Skype for Business. Surface Hub 2S relies on Exchange ActiveSync, which requires an ActiveSync mailbox policy on the device account. Apply the default ActiveSync mailbox policy that comes with Exchange Online.
Create the account using the Microsoft 365 admin center or by using PowerShell. You can use Exchange Online PowerShell to configure specific features including:
Create the account by using the Microsoft 365 admin center or by using PowerShell. You can use Exchange Online PowerShell to configure specific features including:
- Calendar processing for every Surface Hub device account.
- Custom auto replies to scheduling requests.
- If the default ActiveSync mailbox policy has already been modified by someone else or another process, you will likely have to create and assign a new ActiveSync mailbox policy
- If the default ActiveSync mailbox policy has already been modified by someone else or by another process, you will likely have to create and assign a new ActiveSync mailbox policy.
> [!NOTE]
> The Surface Hub device account doesnt support third-party Federated Identity Providers (FIPs) and must be a standard Active Directory or Azure Active Directory account.
## Create account using Microsoft 365 admin center
@ -31,17 +34,17 @@ Create the account using the Microsoft 365 admin center or by using PowerShell.
2. Provide a name and email address for the device account. Leave remaining settings unchanged in the default state.
![Provide a name and email address](images/sh2-account2.png)
![Provide a name and email address](images/sh2-account2.png)
![Leave remaining settings unchanged in the default state](images/sh2-account3.png)
![Leave remaining settings unchanged in the default state](images/sh2-account3.png)
3. Set the password for the device account. To set the password, choose **Users** and then select **Active Users**. Now search for the newly created user to set the password. Ensure that you **do not** select the option **Make this user change their password when they first sign in.**
![Set the password for the device account](images/sh2-account4.png)
![Set the password for the device account](images/sh2-account4.png)
4. Assign the room with an Office 365 license. Its recommended to assign the Office 365 **Meeting Room** license, a new option that automatically enables the account for Skype for Business Online and Microsoft Teams.
![Assign Office 365 license](images/sh2-account5.png)
![Assign Office 365 license](images/sh2-account5.png)
### Finalize setup via PowerShell
@ -50,6 +53,7 @@ Create the account using the Microsoft 365 admin center or by using PowerShell.
- **Microsoft Teams and Skype for Business Calendar:** Set [**Calendar Auto processing**](https://docs.microsoft.com/surface-hub/surface-hub-2s-account?source=docs#set-calendar-auto-processing) for this account.
## Create account using PowerShell
Instead of using the Microsoft Admin Center portal, you can create the account using PowerShell.
### Connect to Exchange Online PowerShell
@ -59,13 +63,13 @@ $365Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri
$ImportResults = Import-PSSession $365Session
```
### Create a new Room Mailbox
### Create a new Room mailbox
```powershell
New-Mailbox -MicrosoftOnlineServicesID account@YourDomain.com -Alias SurfaceHub2S -Name SurfaceHub2S -Room -EnableRoomMailboxAccount $true -RoomMailboxPassword (ConvertTo-SecureString -String "<Enter Strong Password>" -AsPlainText -Force)
```
### Set Calendar Auto processing
### Set Calendar auto-processing
```powershell
Set-CalendarProcessing -Identity "account@YourDomain.com" -AutomateProcessing AutoAccept -AddOrganizerToSubject $false AllowConflicts $false DeleteComments $false -DeleteSubject $false -RemovePrivateProperty $false -AddAdditionalResponse $true -AdditionalResponse "This room is equipped with a Surface Hub"
@ -81,7 +85,7 @@ Set-MsolUserLicense -UserPrincipalName "account@YourDomain.com" -AddLicenses "co
## Connect to Skype for Business Online using PowerShell
### Install prerequisites
### Install pre-requisites
- [Visual C++ 2017 Redistributable](https://aka.ms/vs/15/release/vc_redist.x64.exe)
- [Skype for Business Online PowerShell Module](https://www.microsoft.com/download/confirmation.aspx?id=39366)

2
devices/surface-hub/surface-hub-security.md
View File

@ -5,7 +5,7 @@ keywords: separate values with commas
ms.prod: surface-hub
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
manager: laurawi
audience: Admin
ms.topic: article

2
devices/surface/TOC.md
View File

@ -38,12 +38,12 @@
### [Enable the Surface Laptop keyboard during MDT deployment](enable-surface-keyboard-for-windows-pe-deployment.md)
### [Upgrade Surface devices to Windows 10 with MDT](upgrade-surface-devices-to-windows-10-with-mdt.md)
### [Customize the OOBE for Surface deployments](customize-the-oobe-for-surface-deployments.md)
### [Using the Surface Deployment Accelerator deployment share](using-the-sda-deployment-share.md)
### [Surface System SKU reference](surface-system-sku-reference.md)
## Manage
### [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md)
### [Manage Surface driver updates in Configuration Manager](manage-surface-driver-updates-configuration-manager.md)
### [Optimize Wi-Fi connectivity for Surface devices](surface-wireless-connect.md)
### [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md)
### [Surface Dock Firmware Update](surface-dock-firmware-update.md)

2
devices/surface/advanced-uefi-security-features-for-surface-pro-3.md
View File

@ -11,7 +11,7 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
---

2
devices/surface/assettag.md
View File

@ -6,7 +6,7 @@ ms.mktglfcycl: manage
ms.localizationpriority: medium
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer: hachidan
manager: laurawi

2
devices/surface/change-history-for-surface.md
View File

@ -7,7 +7,7 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

2
devices/surface/considerations-for-surface-and-system-center-configuration-manager.md
View File

@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

2
devices/surface/customize-the-oobe-for-surface-deployments.md
View File

@ -11,7 +11,7 @@ ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.audience: itpro
---

2
devices/surface/deploy-surface-app-with-windows-store-for-business.md
View File

@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
ms.pagetype: surface, store
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

2
devices/surface/deploy-windows-10-to-surface-devices-with-mdt.md
View File

@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
ms.pagetype: surface
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

2
devices/surface/deploy.md
View File

@ -8,7 +8,7 @@ ms.sitesec: library
author: coveminer
ms.reviewer:
manager: laurawi
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

3
devices/surface/documentation/surface-system-sku-reference.md
View File

@ -5,7 +5,7 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
---
# Surface System SKU Reference
@ -26,6 +26,7 @@ System SKU is a variable (along with System Model and others) stored in System M
| Surface Book 2 15inch | Surface Book 2 | Surface_Book_1793 |
| Surface Go Consumer | Surface Go | Surface_Go_1824_Consumer |
| Surface Go Commercial | Surface Go | Surface_Go_1824_Commercial |
| Surface Go 2 | Surface Go 2 | Surface_Go_2_1927 |
| Surface Pro 6 Consumer | Surface Pro 6 | Surface_Pro_6_1796_Consumer |
| Surface Pro 6 Commercial | Surface Pro 6 | Surface_Pro_6_1796_Commercial |
| Surface Laptop 2 Consumer | Surface Laptop 2 | Surface_Laptop_2_1769_Consumer |

2
devices/surface/enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md
View File

@ -11,7 +11,7 @@ ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
---

2
devices/surface/enroll-and-configure-surface-devices-with-semm.md
View File

@ -7,7 +7,7 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

2
devices/surface/ethernet-adapters-and-surface-device-deployment.md
View File

@ -11,7 +11,7 @@ ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.audience: itpro
---

BIN
devices/surface/images/manage-surface-driver-updates-1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 29 KiB

BIN
devices/surface/images/manage-surface-driver-updates-2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.8 KiB

BIN
devices/surface/images/manage-surface-driver-updates-3.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 8.7 KiB

BIN
devices/surface/images/manage-surface-driver-updates-4.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 68 KiB

2
devices/surface/ltsb-for-surface.md
View File

@ -6,7 +6,7 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer:
manager: laurawi

2
devices/surface/maintain-optimal-power-settings-on-Surface-devices.md
View File

@ -5,7 +5,7 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer:
manager: laurawi

43
devices/surface/manage-surface-driver-and-firmware-updates.md
View File

@ -11,18 +11,18 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.audience: itpro
---
# Manage and deploy Surface driver and firmware updates
How you manage Surface driver and firmware updates varies depending on your environment and organizational requirements. On Surface devices, firmware is exposed to the operating system as a driver and is visible in Device Manager, enabling device firmware and drivers to be automatically updated using Windows Update or Windows Update for Business. Although this simplified approach may be feasible for startups and small or medium-sized businesses, larger organizations typically need IT admins to distribute updates internally. This may involve comprehensive planning, application compatibility testing, piloting and validating updates, before final approval and distribution across the network.
> [!NOTE]
> This article is intended for technical support agents and IT professionals and applies to Surface devices only. If you're looking for help to install Surface updates or firmware on a home device, see [Update Surface firmware and Windows 10](https://support.microsoft.com/help/4023505).
While enterprise-grade software distribution solutions continue to evolve, the business rationale for centrally managing updates remains the same: Maintain the security of Surface devices and keep them updated with the latest operating system and feature improvements. This is essential for sustaining a stable production environment and ensuring users aren't blocked from being productive. This article provides an overview of recommended tools and processes for larger organizations to accomplish these goals.
## Central update management in commercial environments
@ -32,18 +32,17 @@ Microsoft has streamlined tools for managing devices including driver and fi
### Manage updates with Configuration Manager and Intune
Microsoft Endpoint Configuration Manager allows you to synchronize and deploy Surface firmware and driver updates with the Configuration Manager client. Integration with Microsoft Intune lets you see all your managed, co-managed, and partner-managed devices in one place. This is the recommended solution for large organizations to manage Surface updates.
For detailed steps, see the following resources:
- [How to manage Surface driver updates in Configuration Manager.](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager)
- [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications).
- [How to manage Surface driver updates in Configuration Manager](https://docs.microsoft.com/surface/manage-surface-driver-updates-configuration-manager.md)
- [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications)
- [Endpoint Configuration Manager documentation](https://docs.microsoft.com/configmgr/)
### Manage updates with Microsoft Deployment Toolkit
Included in Endpoint Configuration Manager, the Microsoft Deployment Toolkit (MDT) contains optional deployment tools that you may wish to use depending on your environment. These include the Windows Assessment and Deployment Kit (Windows ADK), Windows System Image Manager (Windows SIM), Deployment Image Servicing and Management (DISM), and User State Migration Tool (USMT). You can download the latest version of MDT from the [Microsoft Deployment Toolkit download page](https://www.microsoft.com/download/details.aspx?id=54259).
For detailed steps, see the following resources:
- [Microsoft Deployment Toolkit documentation](https://docs.microsoft.com/configmgr/mdt/)
@ -54,7 +53,6 @@ Surface driver and firmware updates are packaged as Windows Installer (*.msi) fi
For instructions on how to deploy updates by using Endpoint Configuration Manager refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/configmgr/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt).
**WindowsPE and Surface firmware and drivers**
Endpoint Configuration Manager and MDT both use the Windows Preinstallation Environment (WindowsPE) during the deployment process. WindowsPE only supports a limited set of basic drivers such as those for network adapters and storage controllers. Drivers for Windows components that are not part of WindowsPE might produce errors. As a best practice, you can prevent such errors by configuring the deployment process to use only the required drivers during the WindowsPE phase.
@ -65,13 +63,12 @@ Starting in Endpoint Configuration Manager, you can synchronize and deploy Micro
## Supported devices
Downloadable .msi files are available for Surface devices from Surface Pro 2 and later. Information about .msi files for the newest Surface devices such as Surface Pro 7, Surface Pro X, and Surface Laptop 3 will be available from this page upon release.
Downloadable .msi files are available for Surface devices from Surface Pro 2 and later. Information about .msi files for the newest Surface devices such as Surface Pro 7, Surface Pro X, and Surface Laptop 3 will be available from this page upon release.
## Managing firmware with DFCI
With Device Firmware Configuration Interface (DFCI) profiles built into Intune (now available in [public preview](https://docs.microsoft.com/intune/configuration/device-firmware-configuration-interface-windows)), Surface UEFI management extends the modern management stack down to the UEFI hardware level. DFCI supports zero-touch provisioning, eliminates BIOS passwords, provides control of security settings including boot options and built-in peripherals, and lays the groundwork for advanced security scenarios in the future. For more information, see:
- [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide)
- [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
@ -93,7 +90,6 @@ Specific versions of Windows 10 have separate .msi files, each containing all re
- Management engine (ME)
- Unified extensible firmware interface (UEFI)
### Downloading .msi files
1. Browse to [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware) on the Microsoft Download Center.
@ -102,8 +98,7 @@ Specific versions of Windows 10 have separate .msi files, each containing all re
![Figure 1. Downloading Surface updates](images/fig1-downloads-msi.png)
*Figure 1. Downloading Surface updates*
### Surface .msi naming convention
Since August 2019, .msi files have used the following naming convention:
@ -120,14 +115,15 @@ This file name provides the following information:
- **Windows release:** Win10
- **Build:** 18362
- **Version:** 19.073.44195 This shows the date and time that the file was created, as follows:
- **Year:** 19 (2019)
- **Month and week:** 073 (third week of July)
- **Minute of the month:** 44195
- **Year:** 19 (2019)
- **Month and week:** 073 (third week of July)
- **Minute of the month:** 44195
- **Revision of version:** 0 (first release of this version)
### Legacy Surface .msi naming convention
Legacy .msi files (files built before August 2019) followed the same overall naming formula but used a different method to derive the version number.
****
**Example**
- SurfacePro6_Win10_16299_1900307_0.msi
@ -138,13 +134,11 @@ This file name provides the following information:
- **Windows release:** Win10
- **Build:** 16299
- **Version:** 1900307 This shows the date that the file was created and its position in the release sequence, as follows:
- **Year:** 19 (2019)
- **Number of release:** 003 (third release of the year)
- **Product version number:** 07 (Surface Pro 6 is officially the seventh version of Surface Pro)
- **Year:** 19 (2019)
- **Number of release:** 003 (third release of the year)
- **Product version number:** 07 (Surface Pro 6 is officially the seventh version of Surface Pro)
- **Revision of version:** 0 (first release of this version)
## Learn more
- [Download drivers and firmware for Surface](https://support.microsoft.com/help/4023482/surface-download-drivers-and-firmware)
@ -157,4 +151,3 @@ This file name provides the following information:
- [Intune management of Surface UEFI settings](https://docs.microsoft.com/surface/surface-manage-dfci-guide)
- [Ignite 2019: Announcing remote management of Surface UEFI settings from Intune](https://techcommunity.microsoft.com/t5/Surface-IT-Pro-Blog/Ignite-2019-Announcing-remote-management-of-Surface-UEFI/ba-p/978333).
- [Build deployment rings for Windows 10 updates](https://docs.microsoft.com/windows/deployment/update/waas-deployment-rings-windows-10-updates)

181
devices/surface/manage-surface-driver-updates-configuration-manager.md Normal file
View File

@ -0,0 +1,181 @@
---
title: Manage Surface driver updates in Configuration Manager
description: This article describes the available options to manage and deploy firmware and driver updates for Surface devices.
ms.assetid: b64879c4-37eb-4fcf-a000-e05cbb3d26ea
ms.reviewer:
author: v-miegge
manager: laurawi
keywords: Surface, Surface Pro 3, firmware, update, device, manage, deploy, driver, USB
ms.localizationpriority: medium
ms.prod: w10
ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: daclark
ms.topic: article
audience: itpro
---
# Manage Surface driver updates in Configuration Manager
## Summary
Starting in [Microsoft System Center Configuration Manager version 1710](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1710#software-updates), you can synchronize and deploy Microsoft Surface firmware and driver updates directly through the Configuration Manager client. The process resembles deploying regular updates. However, some additional configurations are required to get the Surface driver updates into your catalog.
## Prerequisites
To manage Surface driver updates, the following prerequisites must be met:
- You must use Configuration Manager version 1710 or a later version.
- All Software Update Points (SUPs) must run Windows Server 2016 or a later version. Otherwise, Configuration Manager ignores this setting and Surface drivers won't be synchronized.
> [!NOTE]
> If your environment doesnt meet the prerequisites, refer to the [alternative methods](https://support.microsoft.com/help/4098906/manage-surface-driver-updates-in-configuration-manager#1) to deploy Surface driver and firmware updates in the [FAQ](#frequently-asked-questions-faq) section.
## Useful log files
The following logs are especially useful when you manage Surface driver updates.
|Log name|Description|
|---|---|
|WCM.log|Records details about the software update point configuration and connections to the WSUS server for subscribed update categories, classifications, and languages.|
|WsyncMgr.log|Records details about the software updates sync process.|
These logs are located on the site server that manages the SUP, or on the SUP itself if it's installed directly on a site server.
For a complete list of Configuration Manager logs, see [Log files in System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/hierarchy/log-files).
## Enabling Surface driver updates management
To enable Surface driver updates management in Configuration Manager, follow these steps:
1. In the Configuration Manager console, go to **Administration** > **Overview** > **Site Configuration** > **Sites**.
1. Select the site that contains the top-level SUP server for your environment.
1. On the ribbon, select **Configure Site Components**, and then select **Software Update Point**. Or, right-click the site, and then select **Configure Site Components** > **Software Update Point**.
1. On the **Classifications** tab, select the **Include Microsoft Surface drivers and firmware updates** check box.
![Software Update Point Component Properties](images/manage-surface-driver-updates-1.png)
1. When you're prompted by the following warning message, select **OK**.
![Configuration Manager](images/manage-surface-driver-updates-2.png)
1. On the Products tab, select the products that you want to update, and then select **OK**.
Most drivers belong to the following product groups:
- Windows 10 and later version drivers
- Windows 10 and later Upgrade & Servicing Drivers
- Windows 10 Anniversary Update and Later Servicing Drivers
- Windows 10 Anniversary Update and Later Upgrade & Servicing Drivers
- Windows 10 Creators Update and Later Servicing Drivers
- Windows 10 Creators Update and Later Upgrade & Servicing Drivers
- Windows 10 Fall Creators Update and Later Servicing Drivers
- Windows 10 Fall Creators Update and Later Upgrade & Servicing Drivers
- Windows 10 S and Later Servicing Drivers
- Windows 10 S Version 1709 and Later Servicing Drivers for testing
- Windows 10 S Version 1709 and Later Upgrade & Servicing Drivers for testing
> [!NOTE]
> Most Surface drivers belong to multiple Windows 10 product groups. You may not have to select all the products that are listed here. To help reduce the number of products that populate your Update Catalog, we recommend that you select only the products that are required by your environment for synchronization.
## Verifying the configuration
To verify that the SUP is configured correctly, follow these steps:
1. Open WsyncMgr.log, and then look for the following entry:
```console
Surface Drivers can be supported in this hierarchy since all SUPs are on Windows Server 2016, WCM SCF property Sync Catalog Drivers is set.
Sync Catalog Drivers SCF value is set to : 1
```
If either of the following entries is logged in WsyncMgr.log, recheck step 4 in the previous section:
```console
Sync Surface Drivers option is not set
Sync Catalog Drivers SCF value is set to : 0
```
1. Open WCM.log, and then look for an entry that resembles the following:
![WCM.log settings](images/manage-surface-driver-updates-3.png)
This entry is an XML element that lists every product group and classification that's currently synchronized by your SUP server. For example, you might see an entry that resembles the following:
```xml
<Categories>
<Category Id="Product:05eebf61-148b-43cf-80da-1c99ab0b8699"><![CDATA[Windows 10 and later drivers]]></Category>
<Category Id="Product:06da2f0c-7937-4e28-b46c-a37317eade73"><![CDATA[Windows 10 Creators Update and Later Upgrade & Servicing Drivers]]></Category>
<Category Id="Product:c1006636-eab4-4b0b-b1b0-d50282c0377e"><![CDATA[Windows 10 S and Later Servicing Drivers]]></Category>
</Categories>
```
If you can't find the products that you selected in step 6 in the previous section, double-check whether the SUP settings are saved.
You can also wait until the next synchronization finishes, and then check whether the Surface driver and firmware updates are listed in Software Updates in the Configuration Manager console. For example, the console might display the following information:
![All Software Updates Search Results](images/manage-surface-driver-updates-4.png)
## Manual synchronization
If you don't want to wait until the next synchronization, follow these steps to start a synchronization:
1. In the Configuration Manager console, go to **Software Library** > **Overview** > **Software Updates** > **All Software Updates**.
1. On the ribbon, select **Synchronize Software Updates**. Or, right-click **All Software Update**, and then select **Synchronize Software Update**.
1. Monitor the synchronization progress by looking for the following entries in WsyncMgr.log:
```console
Surface Drivers can be supported in this hierarchy since all SUPs are on Windows Server 2016, WCM SCF property Sync Catalog Drivers is set.
sync: SMS synchronizing categories
sync: SMS synchronizing categories, processed 0 out of 311 items (0%)
sync: SMS synchronizing categories, processed 311 out of 311 items (100%)
sync: SMS synchronizing categories, processed 311 out of 311 items (100%)
sync: SMS synchronizing updates
Synchronizing update 7eaa0148-c42b-45fd-a1ab-012c82972de6 - Microsoft driver update for Surface Type Cover Integration
Synchronizing update 2dcb07f8-37ec-41ef-8cd5-030bf24dc1d8 - Surface driver update for Surface Pen Pairing
Synchronizing update 63067414-ae52-422b-b3d1-0382a4d6519a - Surface driver update for Surface UEFI
Synchronizing update 8e4e3a41-a784-4dd7-9a42-041f43ddb775 - Surface driver update for Surface Integration
Synchronizing update 7f8baee8-419f-47e2-918a-045a15a188e7 - Microsoft driver update for Surface DTX
Synchronizing update aed66e05-719b-48cd-a0e7-059e50f67fdc - Microsoft driver update for Surface Base Firmware Update
Synchronizing update 8ffe1526-6e66-43cc-86e3-05ad92a24e3a - Surface driver update for Surface UEFI
Synchronizing update 74102899-0a49-48cf-97e6-05bde18a27ff - Microsoft driver update for Surface UEFI
```
## Deploying Surface firmware and driver updates
You can deploy Surface firmware and driver updates in the same manner as you deploy other updates.
For more information about deployment, see [System Center 2012 Configuration ManagerPart7: Software Updates (Deploy)](https://blogs.technet.microsoft.com/elie/2012/05/25/system-center-2012-configuration-managerpart7-software-updates-deploy/).
## Frequently asked questions (FAQ)
**After I follow the steps in this article, my Surface drivers are still not synchronized. Why?**
If you synchronize from an upstream Windows Server Update Services (WSUS) server, instead of Microsoft Update, make sure that the upstream WSUS server is configured to support and synchronize Surface driver updates. All downstream servers are limited to updates that are present in the upstream WSUS server database.
There are more than 68,000 updates that are classified as drivers in WSUS. To prevent non-Surface related drivers from synchronizing to Configuration Manager, Microsoft filters driver synchronization against an allow list. After the new allow list is published and incorporated into Configuration Manager, the new drivers are added to the console following the next synchronization. Microsoft aims to get the Surface drivers added to the allow list each month in line with Patch Tuesday to make them available for synchronization to Configuration Manager.
If your Configuration Manager environment is offline, a new allow list is imported every time you import [servicing updates](https://docs.microsoft.com/mem/configmgr/core/servers/manage/use-the-service-connection-tool) to Configuration Manager. You will also have to import a [new WSUS catalog](https://docs.microsoft.com/mem/configmgr/sum/get-started/synchronize-software-updates-disconnected) that contains the drivers before the updates are displayed in the Configuration Manager console. Because a stand-alone WSUS environment contains more drivers than a Configuration Manager SUP, we recommend that you establish a Configuration Manager environment that has online capabilities, and that you configure it to synchronize Surface drivers. This provides a smaller WSUS export that closely resembles the offline environment.
If your Configuration Manager environment is online and able to detect new updates, you will receive updates to the list automatically. If you dont see the expected drivers, please review the WCM.log and WsyncMgr.log for any synchronization failures.
**My Configuration Manager environment is offline, can I manually import Surface drivers into WSUS?**
No. Even if the update is imported into WSUS, the update won't be imported into the Configuration Manager console for deployment if it isn't listed in the allow list. You must use the [Service Connection Tool](https://docs.microsoft.com/mem/configmgr/core/servers/manage/use-the-service-connection-tool) to import servicing updates to Configuration Manager to update the allow list.
**What alternative methods do I have to deploy Surface driver and firmware updates?**
For information about how to deploy Surface driver and firmware updates through alternative channels, see [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-driver-and-firmware-updates). If you want to download the .msi or .exe file, and then deploy through traditional software deployment channels, see [Keeping Surface Firmware Updated with Configuration Manager](https://docs.microsoft.com/archive/blogs/thejoncallahan/keeping-surface-firmware-updated-with-configuration-manager).
## Additional Information
For more information about Surface driver and firmware updates, see the following articles:
- [Download the latest firmware and drivers for Surface devices](https://docs.microsoft.com/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices)
- [Manage Surface driver and firmware updates](https://docs.microsoft.com/surface/manage-surface-pro-3-firmware-updates)
- [Considerations for Surface and System Center Configuration Manager](https://docs.microsoft.com/surface/considerations-for-surface-and-system-center-configuration-manager)

2
devices/surface/manage-surface-uefi-settings.md
View File

@ -8,7 +8,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: devices, surface
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer:
manager: laurawi

2
devices/surface/microsoft-surface-brightness-control.md
View File

@ -6,7 +6,7 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer: hachidan
manager: laurawi

2
devices/surface/support-solutions-surface.md
View File

@ -10,7 +10,7 @@ ms.mktglfcycl: support
ms.sitesec: library
ms.pagetype: surfacehub
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.date: 09/26/2019
ms.localizationpriority: medium

2
devices/surface/surface-book-quadro.md
View File

@ -6,7 +6,7 @@ ms.mktglfcycl: manage
ms.localizationpriority: medium
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.date: 5/06/2020
ms.reviewer: brrecord

2
devices/surface/surface-device-compatibility-with-windows-10-ltsc.md
View File

@ -7,7 +7,7 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

2
devices/surface/surface-diagnostic-toolkit-command-line.md
View File

@ -5,7 +5,7 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer: hachidan
manager: laurawi

2
devices/surface/surface-diagnostic-toolkit-desktop-mode.md
View File

@ -5,7 +5,7 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer: hachidan
manager: laurawi

2
devices/surface/surface-diagnostic-toolkit-for-business-intro.md
View File

@ -5,7 +5,7 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer: cottmca
manager: laurawi

20
devices/surface/surface-dock-whats-new.md
View File

@ -8,14 +8,14 @@ ms.sitesec: library
author: coveminer
ms.author: greglin
ms.topic: article
ms.date: 5/06/2020
ms.date: 5/29/2020
ms.reviewer: brrecord
manager: laurawi
audience: itpro
---
# Whats new in Surface Dock 2
Surface Dock 2, the next generation Surface dock, lets users connect external monitors and multiple peripherals to obtain a fully modernized desktop experience from a Surface device. Built to maximize efficiency at the office, in a flexible workspace, or at home, Surface Dock 2 features seven ports, including two front-facing USB-C ports, with 15 watts of fast charging power for phone and accessories. Surface Dock 2 is designed to simplify IT management, enabling admins to automate firmware updates using Windows Update or centralize updates with internal software distribution tools. An extended set of management tools will be released via Windows update upon commercial distribution.
Surface Dock 2, the next generation Surface dock, lets users connect external monitors and multiple peripherals to obtain a fully modernized desktop experience from a Surface device. Built to maximize efficiency at the office, in a flexible workspace, or at home, Surface Dock 2 features seven ports, including two front-facing USB-C ports, with 15 watts of fast charging power for phone and accessories. Surface Dock 2 is designed to simplify IT management, enabling admins to automate firmware updates using Windows Update or centralize updates with internal software distribution tools. Surface Enterprise Management Mode (SEMM) now enables IT admins to secure ports on Surface Dock 2. For more information, see [Secure Surface Dock 2 ports with Surface Enterprise Management Mode](https://techcommunity.microsoft.com/t5/surface-it-pro-blog/secure-surface-dock-2-ports-with-surface-enterprise-management/ba-p/1418999).
## General system requirements
@ -28,8 +28,7 @@ Surface Dock 2, the next generation Surface dock, lets users connect external mo
- Surface Book 2
- Surface Laptop 2
- Surface Go
- Surface Go with LTE Advanced
- Surface Studio 2
- Surface Go with LTE Advanced
- Surface Pro 7
- Surface Laptop 3
- Surface Book 3
@ -86,7 +85,7 @@ Surface Dock 2, the next generation Surface dock, lets users connect external mo
|Surflink|Yes|Yes|
|USB-A|2 front facing USB 3.1 Gen 1<br>2 rear facing USB 3.1 Gen 1|2 rear facing USB 3.2 Gen 2 (7.5W power)|
|Mini Display port|2 rear facing (DP1.2)|None|
|USB-C|None|2 front facing USB 3.2 Gen 2<br>[15W power]<br>2 rear facing USB 3.2 Gen 2 (DP1.4a)<br>[7.5W power]|
|USB-C|None|2 front facing USB 3.2 Gen 2<br>(15W power)<br>2 rear facing USB 3.2 Gen 2 (DP1.4a)<br>(7.5W power)|
|3.5 mm Audio in/out|Yes|Yes|
|Ethernet|Yes, 1 gigabit|Yes 1 gigabit|
|DC power in|Yes|Yes|
@ -99,20 +98,18 @@ Surface Dock 2, the next generation Surface dock, lets users connect external mo
|Wake-on-LAN from Connected Standby<sup>1</sup>|Yes|Yes|
|Wake-on-LAN from S4/S5 sleep modes|No|Yes|
|Network PXE boot|Yes|Yes|
|SEMM host access control|No|Coming in Windows Update<sup>2</sup>|
|SEMM port access control<sup>3</sup>|No|Coming in Windows Update|
|SEMM host access control|No|Yes
|SEMM port access control<sup>2</sup>|No|Yes|
|Servicing support|MSI|Windows Update or MSI|
||||
1. *Devices must be configured for Wake on LAN via Surface Enterprise Management Mode (SEMM) or Device Firmware Control Interface (DFCI) to wake from Hibernation or Power-Off states. Wake from Hibernation or Power-Off is supported on Surface Pro 7, Surface Laptop 3, Surface Pro X, Surface Book 3, and Surface Go 2. Software license required for some features. Sold separately.*
2. *Pending release via Windows Update.*
3. *Software license required for some features. Sold separately.*
2. *Software license required for some features. Sold separately.*
## Streamlined device management
Following the public announcement of Surface Dock 2, Surface will release streamlined management functionality via Windows Update enabling IT admins to utilize the following enterprise-grade features:
Surface has released streamlined management functionality via Windows Update enabling IT admins to utilize the following enterprise-grade features:
- **Frictionless updates**. Update your docks silently and automatically, with Windows Update or Microsoft Endpoint Configuration Manager, (formerly System Center Configuration Manager - SCCM) or other MSI deployment tools.
- **Wake from the network**. Manage and access corporate devices without depending on users to keep their devices powered on. Even when a docked device is in sleep, hibernation, or power off mode, your team can wake from the network for service and management, using Endpoint Configuration Manager or other enterprise management tools.
@ -120,5 +117,6 @@ Following the public announcement of Surface Dock 2, Surface will release stream
## Next steps
- [Secure Surface Dock 2 ports with Surface Enterprise Management Mode](https://techcommunity.microsoft.com/t5/surface-it-pro-blog/secure-surface-dock-2-ports-with-surface-enterprise-management/ba-p/1418999)
- [Surface Enterprise Management Mode](surface-enterprise-management-mode.md)
- [Best practice power settings for Surface devices](maintain-optimal-power-settings-on-Surface-devices.md)

25
devices/surface/surface-enterprise-management-mode.md
View File

@ -9,11 +9,11 @@ ms.sitesec: library
author: coveminer
ms.author: greglin
ms.topic: article
ms.reviewer: scottmca
ms.reviewer: hachidan
manager: laurawi
ms.localizationpriority: medium
audience: itpro
ms.date: 05/11/2020
ms.date: 05/26/2020
---
# Microsoft Surface Enterprise Management Mode
@ -228,14 +228,27 @@ create a reset package using PowerShell to reset SEMM.
## Version History
The latest version of SEMM released May 11, 2020 includes:
### Version 2.71.139.0
This version of SEMM adds support for Surface Dock 2 management features for Surface Book 3, Surface Laptop 3, and Surface Pro 7 including:
- Enabling audio (locking/unlocking), Ethernet and USB ports
- Ability to create dock packages for both authenticated and unauthenticated hosts
### Version 2.70.130.0
This version of SEMM includes:
- Support for Surface Go 2
- Support for Surface Book 3
- Bug fixes
### Version 2.59.
* Support to Surface Pro 7, Surface Pro X, and Surface Laptop 3 13.5" and 15" models with Intel processor. Note: Surface Laptop 3 15" AMD processor is not supported.
- Support to Wake on Power feature
### Version 2.59.139.0
* Support for Surface Pro 7, Surface Pro X, and Surface Laptop 3 13.5" and 15" models with Intel processor. Note: Surface Laptop 3 15" AMD processor is not supported.
- Support for Wake on Power feature
### Version 2.54.139.0
* Support to Surface Hub 2S

2
devices/surface/surface-manage-dfci-guide.md
View File

@ -6,7 +6,7 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.date: 11/13/2019
ms.reviewer: jesko

2
devices/surface/surface-pro-arm-app-management.md
View File

@ -6,7 +6,7 @@ ms.mktglfcycl: manage
ms.localizationpriority: high
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.date: 4/15/2020
ms.reviewer: jessko

2
devices/surface/surface-pro-arm-app-performance.md
View File

@ -6,7 +6,7 @@ ms.localizationpriority: medium
ms.mktglfcycl: manage
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.date: 10/03/2019
ms.reviewer: jessko

2
devices/surface/surface-system-sku-reference.md
View File

@ -7,7 +7,7 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.date: 03/09/2020
ms.reviewer:

2
devices/surface/surface-wireless-connect.md
View File

@ -7,7 +7,7 @@ ms.sitesec: library
author: coveminer
ms.audience: itpro
ms.localizationpriority: medium
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer: tokatz
manager: laurawi

2
devices/surface/unenroll-surface-devices-from-semm.md
View File

@ -7,7 +7,7 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices, security
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer:
manager: laurawi

2
devices/surface/upgrade-surface-devices-to-windows-10-with-mdt.md
View File

@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
ms.pagetype: surface
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro

2
devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md
View File

@ -7,7 +7,7 @@ ms.mktglfcycl: manage
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer:
manager: laurawi

172
devices/surface/using-the-sda-deployment-share.md
View File

@ -1,172 +0,0 @@
---
title: Using the Microsoft Surface Deployment Accelerator deployment share (Surface)
description: Explore the scenarios where you can use SDA to meet the deployment needs of your organization including Proof of Concept, pilot deployment, as well as import additional drivers and applications.
keywords: deploy, install, automate, deployment solution
ms.prod: w10
ms.mktglfcycl: deploy
ms.pagetype: surface, devices
ms.sitesec: library
author: coveminer
ms.author: v-jokai
ms.topic: article
ms.localizationpriority: medium
ms.audience: itpro
ms.reviewer:
manager: laurawi
---
# Using the Microsoft Surface Deployment Accelerator deployment share
With Microsoft Surface Deployment Accelerator (SDA), you can quickly and easily set up a deployment solution that is ready to deploy Windows to Surface devices. The prepared environment is built on powerful deployment technologies available from Microsoft, such as the [Microsoft Deployment Toolkit (MDT)](https://technet.microsoft.com/windows/dn475741), and is capable of immediately performing a deployment after configuration. See [Step-by-Step: Surface Deployment Accelerator](https://technet.microsoft.com/itpro/surface/step-by-step-surface-deployment-accelerator) for a comprehensive walkthrough of using the SDA wizard to set up a deployment share and perform a deployment.
For more information about SDA and information on how to download SDA, see [Microsoft Surface Deployment Accelerator (SDA)](https://technet.microsoft.com/itpro/surface/microsoft-surface-deployment-accelerator).
> [!NOTE]
> SDA is not supported on Surface Pro 7, Surface Pro X, and Surface Laptop 3. For more information refer to [Deploy Surface devices](deploy.md).
Using SDA provides these primary benefits:
* With SDA, you can create a ready-to-deploy environment that can deploy to target devices as fast as your download speeds allow. The wizard experience enables you to check a few boxes and then the automated process builds your deployment environment for you.
* With SDA, you prepare a deployment environment built on the industry leading deployment solution of MDT. With MDT you can scale from a relatively basic deployment of a few Surface devices to a solution capable of deploying to thousands of devices including all of the different makes and models in your organization and all of the applications required by each device and user.
This article explores four scenarios where you can use SDA to meet the needs of your organization. See [Deploy Windows 10](https://technet.microsoft.com/itpro/windows/deploy/index) to explore the capabilities of MDT and the Windows deployment technologies available from Microsoft in greater detail.
## Perform a Proof of Concept deployment
One of the primary scenarios for use of SDA is as a Proof of Concept. A *Proof of Concept* (PoC) enables you to test or evaluate the capabilities of a solution or technology. A PoC is often used to illustrate the benefits of the solution or technology to decision makers. For example, if you want to recommend Surface devices as a replacement of older point of sale (POS) systems, you could perform a PoC to demonstrate how Surface devices provide superior computing power, flexibility, and connectivity when compared to alternate options.
Using SDA to prepare a PoC of Surface devices enables you to very quickly prepare a demonstration of Surface device or devices, which gives you more time for customization or preparation. The flexibility of SDA even lets you import resources, like applications and drivers, from existing MDT deployment infrastructure. See the [Work with existing deployment shares](#work-with-existing-deployment-shares) section later in this article for more information.
SDA is also an excellent PoC of the capabilities of MDT. SDA demonstrates just how quickly an MDT deployment environment can be prepared and made ready for deployment to devices. It also shows just how flexible and customizable the MDT solution can be, with support for Windows 10 and Windows 8.1, for Microsoft Store and desktop applications, and several models of Surface devices.
Some recommendations for a successful PoC with SDA are:
* Keep your SDA deployment environment separate from your production network. This ensures optimal performance and reduces potential for conflicts during your PoC deployment.
* Use a fresh and updated instance of Windows Server to house your SDA deployment share to maintain the simplicity and performance of the demonstration environment.
* Test the deployment process before you demonstrate your PoC. This reduces the potential for unexpected situations and keeps the demonstration focused on the deployment process and Surface devices.
* Use offline files with SDA to further reduce installation times.
* For help with your PoC, contact [Surface Support](https://www.microsoft.com/surface/support/contact-us-business).
## Perform a pilot deployment
A pilot deployment differs from a PoC. Where a PoC is usually a closed demonstration that is performed prior to the deployment process in order to get approval for the use of certain technologies or solutions, a *pilot deployment* is performed during the deployment process as a limited scope deployment for testing and validation. The focus of a pilot deployment can be as narrow as only a handful of devices, or wide enough to include a significant portion of your organization.
>[!NOTE]
>A pilot deployment should not replace the testing process that should be performed regularly in the lab as the deployment environment is built and developed. A deployment solution should be tested in virtual and physical environments as new applications and drivers are added and when task sequences are modified and before a pilot deployment is performed.
For example, you are tasked with deploying Surface devices to mobile workers and you want to test the organizations MDT deployment process by providing a small number of devices to executives. You can use SDA to create an isolated Surface deployment environment and then copy the task sequence, applications, and drivers needed from the production deployment share. This not only enables you to quickly create a Surface deployment, but it also minimizes the risk to the production deployment process used for other types of devices.
For small organizations, the pilot deployment environment of SDA may suffice as a complete deployment solution. Even if you do not have an existing deployment environment, you can import drivers and applications (covered later in this article) to provide a complete deployment solution based on MDT. Even without previous knowledge of MDT or Windows deployment, you can follow the [Step-by-Step: Surface Deployment Accelerator](https://technet.microsoft.com/itpro/surface/step-by-step-surface-deployment-accelerator) article to get started with a deployment to Surface devices.
## Import additional drivers
The SDA deployment share includes all of the drivers needed for Surface devices. This includes the drivers for the components inside the Surface device, such as the wireless network adapter and the main chipset, as well as drivers for Surface accessories, such as the Surface Dock or Surface USB Ethernet adapters. The SDA deployment share does not, however, include drivers for third-party devices or peripherals.
For example, you may intend to use your Surface device with a thermal printer, credit card reader, and barcode scanner as a POS terminal. In this scenario, the thermal printer, credit card reader, and barcode scanner will very likely require installation of drivers to operate properly. You could potentially download and install these drivers from Windows Update when each peripheral is connected, or you could install the driver package from the manufacturer manually on each Surface device, but the ideal solution is to have these drivers already present in Windows so that when the peripheral is connected, it will just work.
Because SDA is built on MDT, adding the drivers to the SDA deployment share is easy and simple.
>[!NOTE]
>The drivers must be in the Setup Information File (.inf) format. If the drivers for your device come as an executable file (.exe), they may need to be extracted or installed to procure the .inf file. Some device drivers come packaged with applications, for example an all-in-one printer bundled with scan software. These applications will need to be installed separately from the drivers.
To import drivers for a peripheral device:
1. Download the drivers for your device from the manufacturer web site.
2. Open the MDT Deployment Workbench.
3. Expand the **Deployment Shares** node and expand the SDA deployment share.
4. Expand the **Out-of-Box Drivers** folder.
5. Select the folder of the Surface model for which you would like to include this driver.
6. Click **Import Drivers** to start the Import Drivers Wizard, as shown in Figure 1.
![Provide the location of your driver files](images/using-sda-driverfiles-fig1.png "Provide the location of your driver files")
*Figure 1. Provide the location of your driver files*
7. The Import Drivers Wizard presents a series of steps:
- **Specify Directory** Click **Browse** and navigate to the folder where you stored the drivers in Step 1.
- **Summary** Review the specified configuration on this page before you click **Next** to begin the import process.
- **Progress** While the drivers are imported, a progress bar is displayed on this page.
- **Confirmation** When the import process completes, the success of the process is displayed on this page. Click **Finish** to complete the Import Drivers Wizard.
8. Repeat Steps 5-7 for each Surface model on which you would like to include this driver.
9. Close the Deployment Workbench.
After the drivers are imported for the Surface model, the deployment task sequence will automatically select the drivers during the deployment process and include them in the Windows environment. When you connect your device, such as the barcode scanner in the example, Windows should automatically detect the device and you should be able to use it immediately.
>[!NOTE]
>You can even import drivers for other computer makes and models to support other devices. See **Step 5: Prepare the drivers repository** in [Deploy a Windows 10 image using MDT 2013 Update 2](https://technet.microsoft.com/itpro/windows/deploy/deploy-a-windows-10-image-using-mdt) for more information about how to import drivers for other makes and models.
## Import additional applications
As with drivers, the SDA deployment share can be pre-configured with apps like the Surface App and Microsoft Office 365. You can also add applications to the SDA deployment share and configure them to be installed on your Surface devices during deployment of Windows. In the ideal scenario, your Surface devices deployed with the SDA deployment share will include all of the applications needed to be ready for your end users.
In the previous example for including drivers for a POS system, you would also need to include POS software for processing transactions and recording the input from the barcode scanner and credit card reader. To import an application and prepare it for installation on your Surface devices during Windows deployment:
1. Download the application installation files or locate the installation media for your application.
2. Determine the command line instruction for silent installation, usually provided by the developer of the application. For Windows Installer files (.msi), see [Standard Installer Command-Line Options](https://msdn.microsoft.com/library/windows/desktop/aa372024) in the Windows Dev Center.
3. Open the MDT Deployment Workbench.
4. Expand the **Deployment Shares** node and expand the SDA deployment share.
5. Expand the **Applications** folder.
6. Click **New Application** to start the New Application Wizard, as shown in Figure 2.
![Provide the command to install your application](images/using-sda-installcommand-fig2.png "Provide the command to install your application")
*Figure 2: Provide the command to install your application*
7. Follow the steps of the New Application Wizard:
- **Application Type** Click **Application with Source Files**, and then click **Next**.
- **Details** Enter a name for the application in the **Application Name** field. Enter publisher, version, and language information in the **Publisher**, **Version**, and **Language** fields if desired. Click **Next**.
- **Source** Click **Browse** to navigate to and select the folder with the application installation files procured in Step 1, and then click **Next**.
- **Destination** Enter a name for the folder where the application files will be stored in the **Specify the Name of the Directory that Should Be Created** field or click **Next** to accept the default name.
- **Command Details** Enter the silent command-line instruction, for example `setup.msi /quiet /norestart`
- **Summary** Review the specified configuration on this page before you click **Next** to begin the import process.
- **Progress** While the installation files are imported, a progress bar is displayed on this page.
- **Confirmation** When the import process completes, the success of the process is displayed on this page. Click **Finish** to complete the New Application Wizard.
8. Click the **Task Sequences** folder, right-click **1 - Deploy Microsoft Surface**, and then click **Properties**.
9. Click the **Task Sequence** tab to view the steps that are included in the new task sequence.
10. Select the **Windows Update (Pre-Application Installation)** step, and then click **Add**.
11. Hover the mouse over **General** under the **Add** menu, and then click **Install Application**. This will add a new step after the selected step for the installation of a specific application as shown in Figure 3.
![A new Install Application step for Sample POS App](images/using-sda-newinstall-fig3.png "A new Install Application step for Sample POS App")
*Figure 3. A new Install Application step for Sample POS App*
12. On the **Properties** tab of the new **Install Application** step, enter **Install - Sample POS App** in the **Name** field, where *Sample POS App* is the name of your app.
13. Click **Install a Single Application**, and then click **Browse** to view available applications that have been imported into the deployment share.
14. Select your app from the list of applications, and then click **OK**.
15. Click **OK** to close the task sequence properties.
16. Close the Deployment Workbench.
## Work with existing deployment shares
One of the many benefits of an MDT deployment share is the simplicity of how deployment resources are stored. The MDT deployment share is, at its core, just a standard network file share. All deployment resources, such as Windows images, application installation files, and drivers, are stored in a share that can be browsed with File Explorer, copied and pasted, and moved just like any other file share, provided that you have the necessary permissions. This makes working with deployment resources extremely easy. MDT even allows you to make it easier by allowing you to open multiple deployment shares from the Deployment Workbench and to transfer or copy resources between them.
This ability gives SDA some extra capabilities when used in an environment with an existing MDT infrastructure. For example, if you install SDA on an isolated server to prepare a PoC and then log on to your production MDT deployment share from the Deployment Workbench on your SDA server, you can copy applications, drivers, task sequences, and other components into the SDA deployment share that is prepared with Surface apps and drivers. With this process, in a very short amount time, you can have a deployment environment ready to deploy your organizations precise requirements to Surface devices.
You can also use this capability in reverse. For example, you can copy the Surface drivers, deployment task sequences, and apps directly into a lab or testing environment following a successful PoC. Using these resources, you can immediately begin to integrate Surface deployment into your existing deployment infrastructure.

2
devices/surface/wake-on-lan-for-surface-devices.md
View File

@ -8,7 +8,7 @@ ms.pagetype: surface, devices
ms.sitesec: library
ms.localizationpriority: medium
author: coveminer
ms.author: v-jokai
ms.author: greglin
ms.topic: article
ms.reviewer: scottmca
manager: laurawi

1
mdop/appv-v5/how-to-revert-extension-points-from-an-app-v-50-package-to-an-app-v-46-package-for-a-specific-user.md
View File

@ -4,7 +4,6 @@ title: How to Revert Extension Points From an App-V 5.0 Package to an App-V 4.6
description: How to Revert Extension Points From an App-V 5.0 Package to an App-V 4.6 Package for a Specific User
ms.assetid: f1d2ab1f-0831-4976-b49f-169511d3382a
author: dansimp
ms.assetid: f1d2ab1f-0831-4976-b49f-169511d3382a
ms.pagetype: mdop, appcompat, virtualization
ms.mktglfcycl: deploy
ms.sitesec: library

1
mdop/appv-v5/how-to-use-an-app-v-46-sp1-application-from-an-app-v-50-application.md
View File

@ -4,7 +4,6 @@ title: How to Use an App-V 4.6 Application From an App-V 5.0 Application
description: How to Use an App-V 4.6 Application From an App-V 5.0 Application
ms.assetid: 4e78cb32-9c8b-478e-ae8b-c474a7e42487
author: msfttracyp
ms.assetid: 4e78cb32-9c8b-478e-ae8b-c474a7e42487
ms.pagetype: mdop, appcompat, virtualization
ms.mktglfcycl: deploy
ms.sitesec: library

6
mdop/mbam-v1/evaluating-mbam-10.md
View File

@ -55,21 +55,21 @@ Even when you set up a non-production instance of MBAM to evaluate in a lab envi
<td align="left"><p></p>
<p>Prepare your computing environment for the MBAM installation. To do so, you must enable the Transparent Data Encryption (TDE) on the SQL Server instances that will host MBAM databases. To enable TDE in your lab environment, you can create a .sql file to run against the master database that is hosted on the instance of the SQL Server that MBAM will use.</p>
<div class="alert">
<strong>Note</strong><br/><p>You can use the following example to create a .sql file for your lab environment to quickly enable TDE on the SQL Server instance that will host the MBAM databases. These SQL Server commands will enable TDE by using a locally signed SQL Server certificate. Make sure to back up the TDE certificate and its associated encryption key to the example local backup path of <em>C:\Backup&lt;/em&gt;. The TDE certificate and key are required when recover the database or move the certificate and key to another server that has TDE encryption in place.</p>
<strong>Note</strong><br/><p>You can use the following example to create a .sql file for your lab environment to quickly enable TDE on the SQL Server instance that will host the MBAM databases. These SQL Server commands will enable TDE by using a locally signed SQL Server certificate. Make sure to back up the TDE certificate and its associated encryption key to the example local backup path of <em>C:\Backup</em>. The TDE certificate and key are required when recover the database or move the certificate and key to another server that has TDE encryption in place.</p>
</div>
<div>
</div>
<pre class="syntax" space="preserve"><code>USE master;
GO
CREATE MASTER KEY ENCRYPTION BY PASSWORD = &amp;amp;#39;P@55w0rd&#39;;
CREATE MASTER KEY ENCRYPTION BY PASSWORD = &#39;P@55w0rd&#39;;
GO
CREATE CERTIFICATE tdeCert WITH SUBJECT = &#39;TDE Certificate&#39;;
GO
BACKUP CERTIFICATE tdeCert TO FILE = &#39;C:\Backup\TDECertificate.cer&#39;
WITH PRIVATE KEY (
FILE = &#39;C:\Backup\TDECertificateKey.pvk&#39;,
ENCRYPTION BY PASSWORD = &amp;amp;#39;P@55w0rd&#39;);
ENCRYPTION BY PASSWORD = &#39;P@55w0rd&#39;);
GO</code></pre></td>
<td align="left"><p><a href="mbam-10-deployment-prerequisites.md" data-raw-source="[MBAM 1.0 Deployment Prerequisites](mbam-10-deployment-prerequisites.md)">MBAM 1.0 Deployment Prerequisites</a></p>
<p><a href="https://go.microsoft.com/fwlink/?LinkId=269703" data-raw-source="[Database Encryption in SQL Server 2008 Enterprise Edition](https://go.microsoft.com/fwlink/?LinkId=269703)">Database Encryption in SQL Server 2008 Enterprise Edition</a></p></td>

3
mdop/mbam-v25/apply-hotfix-for-mbam-25-sp1.md
View File

@ -11,8 +11,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.prod: w10
ms.date: 8/30/2018
ms.author: pashort
author: shortpatti
ms.author: dansimp
---
# Applying hotfixes on MBAM 2.5 SP1

1
mdop/mbam-v25/deploy-mbam.md
View File

@ -8,7 +8,6 @@ ms.author: delhan
ms.sitesec: library
ms.prod: w10
ms.date: 09/16/2019
manager: dcscontentpm
---
# Deploying MBAM 2.5 in a standalone configuration

1
mdop/mbam-v25/troubleshooting-mbam-installation.md
View File

@ -8,7 +8,6 @@ ms.author: delhan
ms.sitesec: library
ms.prod: w10
ms.date: 09/16/2019
manager: dcscontentpm
---
# Troubleshooting MBAM 2.5 installation problems

3
mdop/mbam-v25/upgrade-mbam2.5-sp1.md
View File

@ -2,11 +2,10 @@
title: Upgrading from MBAM 2.5 to MBAM 2.5 SP1 Servicing Release Update
author: dansimp
ms.author: ksharma
manager:
manager: miaposto
audience: ITPro
ms.topic: article
ms.prod: w10
manager: miaposto
ms.localizationpriority: Normal
---

3
smb/cloud-mode-business-setup.md
View File

@ -2,7 +2,7 @@
title: Deploy and manage a full cloud IT solution for your business
description: Learn how to set up a cloud infrastructure for your business, acquire devices and apps, and configure and deploy policies to your devices.
keywords: smb, full cloud IT solution, small to medium business, deploy, setup, manage, Windows, Intune, Office 365
ms.prod:
ms.prod: w10
ms.technology:
ms.author: eravena
audience: itpro
@ -13,6 +13,7 @@ author: eavena
ms.reviewer:
manager: dansimp
ms.localizationpriority: medium
ms.topic: conceptual
---
# Get started: Deploy and manage a full cloud IT solution for your business

7
smb/index.md
View File

@ -2,16 +2,17 @@
title: Windows 10 for small to midsize businesses
description: Microsoft products and devices to transform and grow your businessLearn how to use Windows 10 for your small to midsize business.
keywords: Windows 10, SMB, small business, midsize business, business
ms.prod:
ms.prod: w10
ms.technology:
ms.topic: article
ms.author: celested
ms.author: dansimp
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: smb
author: CelesteDG
author: dansimp
ms.localizationpriority: medium
manager: dansimp
audience: itpro
---
# Windows 10 for SMB

1
store-for-business/microsoft-store-for-business-education-powershell-module.md
View File

@ -9,7 +9,6 @@ author: TrudyHa
ms.author: TrudyHa
ms.topic: conceptual
ms.localizationpriority: medium
ms.author:
ms.date: 10/22/2017
ms.reviewer:
manager: dansimp

4
windows/application-management/manage-windows-mixed-reality.md
View File

@ -13,7 +13,7 @@ ms.author: dansimp
ms.topic: article
---
# Enable or block Windows Mixed Reality apps in the enterprise
# Enable or block Windows Mixed Reality apps in enterprises
**Applies to**
@ -33,7 +33,7 @@ Organizations that use Windows Server Update Services (WSUS) must take action to
2. Windows Mixed Reality Feature on Demand (FOD) is downloaded from Windows Update. If access to Windows Update is blocked, you must manually install the Windows Mixed Reality FOD.
a. Download the FOD .cab file for [Windows 10, version 1903 and 1909](https://software-download.microsoft.com/download/pr/Microsoft-Windows-Holographic-Desktop-FOD-Package-31bf3856ad364e35-amd64.cab), [Windows 10, version 1809](https://software-download.microsoft.com/download/pr/microsoft-windows-holographic-desktop-fod-package31bf3856ad364e35amd64_1.cab), [Windows 10, version 1803](https://download.microsoft.com/download/9/9/3/9934B163-FA01-4108-A38A-851B4ACD1244/Microsoft-Windows-Holographic-Desktop-FOD-Package~31bf3856ad364e35~amd64~~.cab), or [Windows 10, version 1709](https://download.microsoft.com/download/6/F/8/6F816172-AC7D-4F45-B967-D573FB450CB7/Microsoft-Windows-Holographic-Desktop-FOD-Package.cab).
a. Download the FOD .cab file for [Windows 10, version 20H1](https://software-download.microsoft.com/download/pr/Microsoft-Windows-Holographic-Desktop-FOD-Package~31bf3856ad364e35~amd64~~.cab), [Windows 10, version 1903 and 1909](https://software-download.microsoft.com/download/pr/Microsoft-Windows-Holographic-Desktop-FOD-Package-31bf3856ad364e35-amd64.cab), [Windows 10, version 1809](https://software-download.microsoft.com/download/pr/microsoft-windows-holographic-desktop-fod-package31bf3856ad364e35amd64_1.cab), [Windows 10, version 1803](https://download.microsoft.com/download/9/9/3/9934B163-FA01-4108-A38A-851B4ACD1244/Microsoft-Windows-Holographic-Desktop-FOD-Package~31bf3856ad364e35~amd64~~.cab), or [Windows 10, version 1709](https://download.microsoft.com/download/6/F/8/6F816172-AC7D-4F45-B967-D573FB450CB7/Microsoft-Windows-Holographic-Desktop-FOD-Package.cab).
>[!NOTE]
>You must download the FOD .cab file that matches your operating system version.

8
windows/client-management/administrative-tools-in-windows-10.md
View File

@ -29,7 +29,7 @@ The tools in the folder might vary depending on which edition of Windows you are
![Screenshot of folder of admin tools](images/admin-tools-folder.png)
These tools were included in previous versions of Windows and the associated documentation for each tool should help you use these tools in Windows 10. The following list links to documentation for each tool.
These tools were included in previous versions of Windows and the associated documentation for each tool should help you use these tools in Windows 10. The following list provides links to documentation for each tool. The tools are located within the folder C:\Windows\System32\ or its subfolders.
@ -43,6 +43,8 @@ These tools were included in previous versions of Windows and the associated doc
- [ODBC Data Sources]( https://go.microsoft.com/fwlink/p/?LinkId=708494)
- [Performance Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708495)
- [Print Management](https://go.microsoft.com/fwlink/p/?LinkId=708496)
- [Recovery Drive](https://support.microsoft.com/help/4026852/windows-create-a-recovery-drive)
- [Registry Editor](https://docs.microsoft.com/windows/win32/sysinfo/registry)
- [Resource Monitor](https://go.microsoft.com/fwlink/p/?LinkId=708497)
- [Services](https://go.microsoft.com/fwlink/p/?LinkId=708498)
- [System Configuration](https://go.microsoft.com/fwlink/p/?LinkId=708499)
@ -60,7 +62,3 @@ These tools were included in previous versions of Windows and the associated doc

4
windows/client-management/determine-appropriate-page-file-size.md
View File

@ -8,8 +8,8 @@ author: Deland-Han
ms.localizationpriority: medium
ms.author: delhan
ms.date: 8/28/2019
ms.reviewer:
manager: dcscontentpm
ms.reviewer: dcscontentpm
manager: dansimp
---
# How to determine the appropriate page file size for 64-bit versions of Windows

4
windows/client-management/introduction-page-file.md
View File

@ -7,8 +7,8 @@ ms.topic: troubleshooting
author: Deland-Han
ms.localizationpriority: medium
ms.author: delhan
ms.reviewer: greglin
manager: dcscontentpm
ms.reviewer: dcscontentpm
manager: dansimp
---
# Introduction to page files

2
windows/client-management/mdm/accounts-csp.md
View File

@ -40,7 +40,7 @@ Available naming macros:
Supported operation is Add.
> [!Note]
> For desktop PCs on the next major release of Windows 10 or later, use the **Ext/Microsoft/DNSComputerName** node in [DevDetail CSP](devdetail-csp.md).
> For desktop PCs on Windows 10, version 2004 or later, use the **Ext/Microsoft/DNSComputerName** node in [DevDetail CSP](devdetail-csp.md).
<a href="" id="users"></a>**Users**
Interior node for the user account information.

2
windows/client-management/mdm/configuration-service-provider-reference.md
View File

@ -2808,4 +2808,4 @@ The following list shows the CSPs supported in HoloLens devices:
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
- 7 - Added in Windows 10, version 1909.
- 8 - Added in the next major release of Windows 10.
- 8 - Added in Windows 10, version 2004.

5
windows/client-management/mdm/devdetail-csp.md
View File

@ -14,9 +14,6 @@ ms.date: 03/27/2020
# DevDetail CSP
> [!WARNING]
> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
The DevDetail configuration service provider handles the management object which provides device-specific parameters to the OMA DM server. These device parameters are not sent from the client to the server automatically, but can be queried by servers using OMA DM commands.
> [!NOTE]
@ -135,7 +132,7 @@ Value type is string.
Supported operations are Get and Replace.
<a href="" id="ext-microsoft-dnscomputername "></a>**Ext/Microsoft/DNSComputerName**
Added in the next major release of Windows 10. This node specifies the DNS computer name for a device. The server must explicitly reboot the device for this value to take effect. A couple of macros can be embedded within the value for dynamic substitution. Using any of these macros will limit the new name to 63 characters. This node replaces the **Domain/ComputerName** node in [Accounts CSP](accounts-csp.md).
Added in Windows 10, version 2004. This node specifies the DNS computer name for a device. The server must explicitly reboot the device for this value to take effect. A couple of macros can be embedded within the value for dynamic substitution. Using any of these macros will limit the new name to 63 characters. This node replaces the **Domain/ComputerName** node in [Accounts CSP](accounts-csp.md).
The following are the available naming macros:

71
windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md
View File

@ -37,7 +37,7 @@ The auto-enrollment relies on the presence of an MDM service and the Azure Activ
When the auto-enrollment Group Policy is enabled, a task is created in the background that initiates the MDM enrollment. The task will use the existing MDM service configuration from the Azure Active Directory information of the user. If multi-factor authentication is required, the user will get a prompt to complete the authentication. Once the enrollment is configured, the user can check the status in the Settings page.
In Windows 10, version 1709, when the same policy is configured in GP and MDM, the GP policy wins (GP policy takes precedence over MDM). Since Windows 10, version 1803, a new setting allows you to change the policy conflict winner to MDM. For additional information, see [Windows 10 Group Policy vs. Intune MDM Policy who wins?](https://blogs.technet.microsoft.com/cbernier/2018/04/02/windows-10-group-policy-vs-intune-mdm-policy-who-wins/).
In Windows 10, version 1709 or later, when the same policy is configured in GP and MDM, the GP policy wins (GP policy takes precedence over MDM). Since Windows 10, version 1803, a new setting allows you to change the policy conflict winner to MDM. For additional information, see [Windows 10 Group Policy vs. Intune MDM Policy who wins?](https://blogs.technet.microsoft.com/cbernier/2018/04/02/windows-10-group-policy-vs-intune-mdm-policy-who-wins/)
For this policy to work, you must verify that the MDM service provider allows the GP triggered MDM enrollment for domain joined devices.
@ -52,9 +52,10 @@ The following steps demonstrate required settings using the Intune service:
![Auto-enrollment activation verification](images/auto-enrollment-activation-verification.png)
> [!IMPORTANT]
> For BYOD devices, the MAM user scope takes precedence if both MAM user scope and MDM user scope (automatic MDM enrollment) are enabled for all users (or the same groups of users). The device will use Windows Information Protection (WIP) Policies (if you configured them) rather than being MDM enrolled.
> For corporate devices, the MDM user scope takes precedence if both scopes are enabled. The devices get MDM enrolled.
> [!IMPORTANT]
> For BYOD devices, the MAM user scope takes precedence if both MAM user scope and MDM user scope (automatic MDM enrollment) are enabled for all users (or the same groups of users). The device will use Windows Information Protection (WIP) Policies (if you configured them) rather than being MDM enrolled.
>
> For corporate devices, the MDM user scope takes precedence if both scopes are enabled. The devices get MDM enrolled.
3. Verify that the device OS version is Windows 10, version 1709 or later.
4. Auto-enrollment into Intune via Group Policy is valid only for devices which are hybrid Azure AD joined. This means that the device must be joined into both local Active Directory and Azure Active Directory. To verify that the device is hybrid Azure AD joined, run `dsregcmd /status` from the command line.
@ -93,7 +94,7 @@ You may contact your domain administrators to verify if the group policy has bee
This procedure is only for illustration purposes to show how the new auto-enrollment policy works. It is not recommended for the production environment in the enterprise. For bulk deployment, you should use the [Group Policy Management Console process](#configure-the-auto-enrollment-for-a-group-of-devices).
Requirements:
- AD-joined PC running Windows 10, version 1709
- AD-joined PC running Windows 10, version 1709 or later
- Enterprise has MDM service already configured
- Enterprise AD must be registered with Azure AD
@ -109,27 +110,27 @@ Requirements:
![MDM policies](images/autoenrollment-mdm-policies.png)
4. Double-click **Enable Automatic MDM enrollment using default Azure AD credentials**.
4. Double-click **Enable automatic MDM enrollment using default Azure AD credentials** (previously called **Auto MDM Enrollment with AAD Token** in Windows 10, version 1709). For ADMX files in Windows 10, version 1903 and later, select **User Credential** (support for Device Credential is coming) as the Selected Credential Type to use. User Credential enrolls Windows 10, version 1709 and later once an Intune licensed user logs into the device. Device Credential will enroll the device and then assign a user later, once support for this is available.
![MDM autoenrollment policy](images/autoenrollment-policy.png)
5. Click **Enable**, then click **OK**.
> [!NOTE]
> In Windows 10, version 1903, the MDM.admx file was updated to include an option to select which credential is used to enroll the device. **Device Credential** is a new option that will only have an effect on clients that have installed Windows 10, version 1903 or later.
The default behavior for older releases is to revert to **User Credential**.
> [!NOTE]
> In Windows 10, version 1903, the MDM.admx file was updated to include an option to select which credential is used to enroll the device. **Device Credential** is a new option that will only have an effect on clients that have installed Windows 10, version 1903 or later.
> The default behavior for older releases is to revert to **User Credential**.
When a group policy refresh occurs on the client, a task is created and scheduled to run every 5 minutes for the duration of one day. The task is called " Schedule created by enrollment client for automatically enrolling in MDM from AAD."
When a group policy refresh occurs on the client, a task is created and scheduled to run every 5 minutes for the duration of one day. The task is called " Schedule created by enrollment client for automatically enrolling in MDM from AAD."
To see the scheduled task, launch the [Task Scheduler app](#task-scheduler-app).
To see the scheduled task, launch the [Task Scheduler app](#task-scheduler-app).
If two-factor authentication is required, you will be prompted to complete the process. Here is an example screenshot.
If two-factor authentication is required, you will be prompted to complete the process. Here is an example screenshot.
![Two-factor authentication notification](images/autoenrollment-2-factor-auth.png)
![Two-factor authentication notification](images/autoenrollment-2-factor-auth.png)
> [!Tip]
> You can avoid this behavior by using Conditional Access Policies in Azure AD.
Learn more by reading [What is Conditional Access?](https://docs.microsoft.com/azure/active-directory/conditional-access/overview).
> [!Tip]
> You can avoid this behavior by using Conditional Access Policies in Azure AD.
Learn more by reading [What is Conditional Access?](https://docs.microsoft.com/azure/active-directory/conditional-access/overview).
6. To verify successful enrollment to MDM , click **Start > Settings > Accounts > Access work or school**, then select your domain account.
@ -159,27 +160,28 @@ Learn more by reading [What is Conditional Access?](https://docs.microsoft.com/a
## Configure the auto-enrollment for a group of devices
Requirements:
- AD-joined PC running Windows 10, version 1709
- AD-joined PC running Windows 10, version 1709 or later
- Enterprise has MDM service already configured (with Intune or a third party service provider)
- Enterprise AD must be integrated with Azure AD.
- Ensure that PCs belong to same computer group.
> [!IMPORTANT]
> If you do not see the policy, it may be because you dont have the ADMX for Windows 10, version 1803, version 1809, or version 1903 installed. To fix the issue, follow these steps (Note: the latest MDM.admx is backwards compatible):
> 1. Download:
> 1803 -->[Administrative Templates (.admx) for Windows 10 April 2018 Update (1803)](https://www.microsoft.com/download/details.aspx?id=56880) or
> 1809 --> [Administrative Templates for Windows 10 October 2018 Update (1809)](https://www.microsoft.com/download/details.aspx?id=57576) or
> 1903 --> [Administrative Templates (.admx) for Windows 10 May 2019 Update (1903)](https://www.microsoft.com/download/details.aspx?id=58495&WT.mc_id=rss_alldownloads_all)
> 2. Install the package on the Domain Controller.
> 3. Navigate, depending on the version to the folder:
> 1803 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803) v2**, or
> 1809 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2018 Update (1809) v2**, or
> 1903 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 May 2019 Update (1903) v3**
> 4. Rename the extracted Policy Definitions folder to **PolicyDefinitions**.
> 5. Copy PolicyDefinitions folder to **C:\Windows\SYSVOL\domain\Policies**.
> (If this folder does not exist, then be aware that you will be switching to a [central policy store](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra) for your entire domain).
> 6. Restart the Domain Controller for the policy to be available.
> This procedure will work for any future version as well.
[!IMPORTANT]
If you do not see the policy, it may be because you dont have the ADMX for Windows 10, version 1803, version 1809, or version 1903 installed. To fix the issue, follow these steps (Note: the latest MDM.admx is backwards compatible):
1. Download:
1803 -->[Administrative Templates (.admx) for Windows 10 April 2018 Update (1803)](https://www.microsoft.com/download/details.aspx?id=56880) or
1809 --> [Administrative Templates for Windows 10 October 2018 Update (1809)](https://www.microsoft.com/download/details.aspx?id=57576) or
1903 --> [Administrative Templates (.admx) for Windows 10 May 2019 Update (1903)](https://www.microsoft.com/download/details.aspx?id=58495&WT.mc_id=rss_alldownloads_all)
2. Install the package on the Domain Controller.
3. Navigate, depending on the version to the folder:
1803 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803) v2**, or
1809 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 October 2018 Update (1809) v2**, or
1903 --> **C:\Program Files (x86)\Microsoft Group Policy\Windows 10 May 2019 Update (1903) v3**
4. Rename the extracted Policy Definitions folder to **PolicyDefinitions**.
5. Copy PolicyDefinitions folder to **C:\Windows\SYSVOL\domain\Policies**.
(If this folder does not exist, then be aware that you will be switching to a [central policy store](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra) for your entire domain).
6. Restart the Domain Controller for the policy to be available.
This procedure will work for any future version as well.
1. Create a Group Policy Object (GPO) and enable the Group Policy **Computer Configuration** > **Policies** > **Administrative Templates** > **Windows Components** > **MDM** > **Enable automatic MDM enrollment using default Azure AD credentials**.
2. Create a Security Group for the PCs.
@ -187,7 +189,6 @@ Requirements:
4. Filter using Security Groups.
## Troubleshoot auto-enrollment of devices
Investigate the log file if you have issues even after performing all the mandatory verification steps. The first log file to investigate is the event log on the target Windows 10 device.
To collect Event Viewer logs:
@ -241,10 +242,10 @@ To collect Event Viewer logs:
- [Link a Group Policy Object](https://technet.microsoft.com/library/cc732979(v=ws.11).aspx)
- [Filter Using Security Groups](https://technet.microsoft.com/library/cc752992(v=ws.11).aspx)
- [Enforce a Group Policy Object Link](https://technet.microsoft.com/library/cc753909(v=ws.11).aspx)
- [Group Policy Central Store](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra)
### Useful Links
- [Windows 10 Administrative Templates for Windows 10 November 2019 Update 1909](https://www.microsoft.com/download/details.aspx?id=100591)
- [Windows 10 Administrative Templates for Windows 10 May 2019 Update 1903](https://www.microsoft.com/download/details.aspx?id=58495)
- [Windows 10 Administrative Templates for Windows 10 October 2018 Update 1809](https://www.microsoft.com/download/details.aspx?id=57576)
- [Windows 10 Administrative Templates for Windows 10 April 2018 Update 1803](https://www.microsoft.com/download/details.aspx?id=56880)

4
windows/client-management/mdm/enterprisemodernappmanagement-csp.md
View File

@ -14,9 +14,6 @@ ms.date: 09/27/2019
# EnterpriseModernAppManagement CSP
> [!WARNING]
> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
The EnterpriseModernAppManagement configuration service provider (CSP) is used for the provisioning and reporting of modern enterprise apps. For details about how to use this CSP to for reporting apps inventory, installation and removal of apps for users, provisioning apps to devices, and managing app licenses, see [Enterprise app management](enterprise-app-management.md).
> [!Note]
@ -329,6 +326,7 @@ Required. The value is 0 or 1 that indicates if the app is provisioned on the de
Supported operation is Get.
<a href="" id="----packagefamilyname-packagefullname-isstub"></a>**.../*PackageFamilyName*/*PackageFullName*/IsStub**
Added in Windows 10, version 2004.
Required. This node is used to identify whether the package is a stub package. A stub package is a version of the package with minimal functionality that will reduce the size of the app.
The value is 1 if the package is a stub package and 0 (zero) for all other cases. Value type is int.

2
windows/client-management/mdm/esim-enterprise-management.md
View File

@ -8,7 +8,7 @@ ms.sitesec: library
author: dansimp
ms.localizationpriority: medium
ms.author: dansimp
ms.topic:
ms.topic: conceptual
---
# How Mobile Device Management Providers support eSIM Management on Windows

BIN
windows/client-management/mdm/images/provisioning-csp-devdetail-dm.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 61 KiB

After

Width:  |  Height:  |  Size: 61 KiB

BIN
windows/client-management/mdm/images/provisioning-csp-enterprisemodernappmanagement.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 244 KiB

After

Width:  |  Height:  |  Size: 243 KiB

BIN
windows/client-management/mdm/images/provisioning-csp-supl-dmandcp.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 92 KiB

After

Width:  |  Height:  |  Size: 90 KiB

48
windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
View File

@ -24,6 +24,7 @@ This topic provides information about what's new and breaking changes in Windows
For details about Microsoft mobile device management protocols for Windows 10 see [\[MS-MDM\]: Mobile Device Management Protocol](https://go.microsoft.com/fwlink/p/?LinkId=619346) and [\[MS-MDE2\]: Mobile Device Enrollment Protocol Version 2]( https://go.microsoft.com/fwlink/p/?LinkId=619347).
- **Whats new in MDM for Windows 10 versions**
- [Whats new in MDM for Windows 10, version 2004](#whats-new-in-mdm-for-windows-10-version-2004)
- [Whats new in MDM for Windows 10, version 1909](#whats-new-in-mdm-for-windows-10-version-1909)
- [Whats new in MDM for Windows 10, version 1903](#whats-new-in-mdm-for-windows-10-version-1903)
- [Whats new in MDM for Windows 10, version 1809](#whats-new-in-mdm-for-windows-10-version-1809)
@ -58,6 +59,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
- [What is dmwappushsvc?](#what-is-dmwappushsvc)
- **Change history in MDM documentation**
- [May 2020](#may-2020)
- [February 2020](#february-2020)
- [January 2020](#january-2020)
- [November 2019](#november-2019)
@ -87,6 +89,45 @@ For details about Microsoft mobile device management protocols for Windows 10 s
- [September 2017](#september-2017)
- [August 2017](#august-2017)
## Whats new in MDM for Windows 10, version 2004
<table class="mx-tdBreakAll">
<colgroup>
<col width="25%" />
<col width="75%" />
</colgroup>
<thead>
<tr class="header">
<th>New or updated topic</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td style="vertical-align:top"><a href="policy-configuration-service-provider.md" data-raw-source="[Policy CSP](policy-configuration-service-provider.md)">Policy CSP</a></td>
<td style="vertical-align:top"><p>Added the following new policies in Windows 10, version 2004:</p>
<ul>
<li><a href="policy-csp-applicationmanagement.md#applicationmanagement-blocknonadminuserinstall" data-raw-source="[ApplicationManagement/BlockNonAdminUserInstall](policy-csp-applicationmanagement.md#applicationmanagement-blocknonadminuserinstall)">ApplicationManagement/BlockNonAdminUserInstall</a></li>
<li><a href="policy-csp-bluetooth.md#bluetooth-setminimumencryptionkeysize" data-raw-source="[Bluetooth/SetMinimumEncryptionKeySize](policy-csp-bluetooth.md#bluetooth-setminimumencryptionkeysize)">Bluetooth/SetMinimumEncryptionKeySize</a></li>
<li><a href="policy-csp-education.md#education-allowgraphingcalculator" data-raw-source="[Education/AllowGraphingCalculator](policy-csp-education.md#education-allowgraphingcalculator)">Education/AllowGraphingCalculator</a></li>
<li><a href="policy-csp-textinput.md#textinput-configurejapaneseimeversion" data-raw-source="[TextInput/ConfigureJapaneseIMEVersion](policy-csp-textinput.md#textinput-configurejapaneseimeversion)">TextInput/ConfigureJapaneseIMEVersion</a></li>
<li><a href="policy-csp-textinput.md#textinput-configuresimplifiedchineseimeversion" data-raw-source="[TextInput/ConfigureSimplifiedChineseIMEVersion](policy-csp-textinput.md#textinput-configuresimplifiedchineseimeversion)">TextInput/ConfigureSimplifiedChineseIMEVersion</a></li>
<li><a href="policy-csp-textinput.md#textinput-configuretraditionalchineseimeversion" data-raw-source="[TextInput/ConfigureTraditionalChineseIMEVersion](policy-csp-textinput.md#textinput-configuretraditionalchineseimeversion)">TextInput/ConfigureTraditionalChineseIMEVersion</a></li>
</td></tr>
<tr>
<td style="vertical-align:top"><a href="devdetail-csp.md" data-raw-source="[DevDetail CSP](devdetail-csp.md)">DevDetail CSP</a></td>
<td style="vertical-align:top"><p>Added the following new node:<br>Ext/Microsoft/DNSComputerName</p>
</td></tr>
<tr>
<td style="vertical-align:top"><a href="enterprisemodernappmanagement-csp.md" data-raw-source="[EnterpriseModernAppManagement CSP](enterprisemodernappmanagement-csp.md)">EnterpriseModernAppManagement CSP</a></td>
<td style="vertical-align:top"><p>Added the following new node:<br>IsStub</p>
</td></tr>
<tr>
<td style="vertical-align:top"><a href="supl-csp.md" data-raw-source="[SUPL CSP](supl-csp.md)">SUPL CSP</a></td>
<td style="vertical-align:top"><p>Added the following new node:<br>FullVersion</p>
</td></tr>
</tbody>
</table>
## Whats new in MDM for Windows 10, version 1909
<table class="mx-tdBreakAll">
<colgroup>
@ -1940,6 +1981,13 @@ How do I turn if off? | The service can be stopped from the "Services" console o
## Change history in MDM documentation
### May 2020
|New or updated topic | Description|
|--- | ---|
|[BitLocker CSP](bitlocker-csp.md)|Added the bitmask table for the Status/DeviceEncryptionStatus node.|
|[Policy CSP - RestrictedGroups](policy-csp-restrictedgroups.md)| Updated the topic with additional details. Added policy timeline table.
### February 2020
|New or updated topic | Description|
|--- | ---|

16
windows/client-management/mdm/policy-csp-applicationmanagement.md
View File

@ -14,10 +14,6 @@ manager: dansimp
# Policy CSP - ApplicationManagement
> [!WARNING]
> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
<hr/>
<!--Policies-->
@ -436,15 +432,15 @@ Most restricted value: 0
</tr>
<tr>
<td>Business</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>7</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>7</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>7</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
</table>
@ -462,7 +458,7 @@ Most restricted value: 0
<!--/Scope-->
<!--Description-->
Added in the next major release of Windows 10.
Added in Windows 10, version 2004.
Manages non-administrator users' ability to install Windows app packages.
@ -1112,7 +1108,7 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
- 7 - Added in the next major release of Windows 10.
- 7 - Added in Windows 10, version 1909.
- 8 - Added in Windows 10, version 2004.
<!--/Policies-->

18
windows/client-management/mdm/policy-csp-bluetooth.md
View File

@ -14,9 +14,6 @@ manager: dansimp
# Policy CSP - Bluetooth
> [!WARNING]
> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
<hr/>
<!--Policies-->
@ -412,19 +409,19 @@ The default value is an empty string. For more information, see [ServicesAllowed
</tr>
<tr>
<td>Pro</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>7</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>7</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>7</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>7</sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
</table>
@ -441,8 +438,7 @@ The default value is an empty string. For more information, see [ServicesAllowed
<!--/Scope-->
<!--Description-->
Added in the next major release of Windows 10.
There are multiple levels of encryption strength when pairing Bluetooth devices. This policy helps prevent weaker devices cryptographically being used in high security environments.
Added in Windows 10, version 2004. There are multiple levels of encryption strength when pairing Bluetooth devices. This policy helps prevent weaker devices cryptographically being used in high security environments.
<!--/Description-->
<!--SupportedValues-->
@ -470,8 +466,8 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
- 7 - Added in the next major release of Windows 10.
- 7 - Added in Windows 10, version 1909.
- 8 - Added in Windows 10, version 2004.
<!--/Policies-->
<hr/>

6
windows/client-management/mdm/policy-csp-browser.md
View File

@ -17,11 +17,6 @@ ms.localizationpriority: medium
> [!NOTE]
> You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/).
<hr/>
> [!NOTE]
> You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/).
<!--Policies-->
## Browser policies
@ -4310,4 +4305,3 @@ Footnotes:
- 6 - Added in Windows 10, version 1903.
<!--/Policies-->

14
windows/client-management/mdm/policy-csp-education.md
View File

@ -52,23 +52,23 @@ manager: dansimp
</tr>
<tr>
<td>Home</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Pro</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
</table>
@ -85,7 +85,7 @@ manager: dansimp
<!--/Scope-->
<!--Description-->
Added in next major release of Windows 10. This policy setting allows you to control whether graphing functionality is available in the Windows Calculator app. If you disable this policy setting, graphing functionality will not be accessible in the Windows Calculator app. If you enable or don't configure this policy setting, you will be able to access graphing functionality.
Added in Windows 10, version 2004. This policy setting allows you to control whether graphing functionality is available in the Windows Calculator app. If you disable this policy setting, graphing functionality will not be accessible in the Windows Calculator app. If you enable or don't configure this policy setting, you will be able to access graphing functionality.
<!--/Description-->
<!--ADMXMapped-->
ADMX Info:
@ -283,6 +283,8 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
- 7 - Added in Windows 10, version 1909.
- 8 - Added in Windows 10, version 2004.
<!--/Policies-->

6
windows/client-management/mdm/policy-csp-restrictedgroups.md
View File

@ -155,7 +155,7 @@ where:
### Policy timeline
The behavior of this policy setting differs in different Windows 10 versions. For Windows 10, version 1809 through version 1909, you can use name in `<accessgroup dec>` and SID in `<member name>`. For the latest release of Windows 10, you can use name or SID for both the elements, as described in this topic.
The behavior of this policy setting differs in different Windows 10 versions. For Windows 10, version 1809 through version 1909, you can use name in `<accessgroup dec>` and SID in `<member name>`. For Windows 10, version 2004, you can use name or SID for both the elements, as described in this topic.
The following table describes how this policy setting behaves in different Windows 10 versions:
@ -163,7 +163,7 @@ The following table describes how this policy setting behaves in different Windo
| ------------------ | --------------- |
|Windows 10, version 1803 | Added this policy setting. <br> XML accepts group and member only by name. <br> Supports configuring the administrators group using the group name. <br> Expects member name to be in the account name format. |
| Windows 10, version 1809 <br> Windows 10, version 1903 <br> Windows 10, version 1909 | Supports configuring any local group. <br> `<accessgroup desc>` accepts only name. <br> `<member name>` accepts a name or an SID. <br> This is useful when you want to ensure a certain local group always has a well-known SID as member. |
| The latest release of Windows 10 | Behaves as described in this topic. <br> Accepts name or SID for group and members and translates as appropriate. |
| Windows 10, version 2004 | Behaves as described in this topic. <br> Accepts name or SID for group and members and translates as appropriate. |
<!--/Validation-->
@ -178,5 +178,7 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
- 7 - Added in Windows 10, version 1909.
- 8 - Added in Windows 10, version 2004.
<!--/Policies-->

32
windows/client-management/mdm/policy-csp-textinput.md
View File

@ -815,19 +815,19 @@ This setting supports a range of values between 0 and 1.
</tr>
<tr>
<td>Pro</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
</table>
@ -848,7 +848,7 @@ This setting supports a range of values between 0 and 1.
> - The policy is only enforced in Windows 10 for desktop.
> - This policy requires reboot to take effect.
Added in next major release of Windows 10. Allows IT admins to configure Microsoft Japanese IME version in the desktop.
Added in Windows 10, version 2004. Allows IT admins to configure Microsoft Japanese IME version in the desktop.
<!--/Description-->
<!--SupportedValues-->
@ -878,19 +878,19 @@ The following list shows the supported values:
</tr>
<tr>
<td>Pro</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
</table>
@ -911,7 +911,7 @@ The following list shows the supported values:
> - This policy is enforced only in Windows 10 for desktop.
> - This policy requires reboot to take effect.
Added in next major release of Windows 10. Allows IT admins to configure Microsoft Simplified Chinese IME version in the desktop.
Added in Windows 10, version 2004. Allows IT admins to configure Microsoft Simplified Chinese IME version in the desktop.
<!--/Description-->
<!--SupportedValues-->
@ -941,19 +941,19 @@ The following list shows the supported values:
</tr>
<tr>
<td>Pro</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Business</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Enterprise</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
<tr>
<td>Education</td>
<td><img src="images/checkmark.png" alt="check mark" /><sup></sup></td>
<td><img src="images/checkmark.png" alt="check mark" /><sup>8</sup></td>
</tr>
</table>
@ -974,7 +974,7 @@ The following list shows the supported values:
> - This policy is enforced only in Windows 10 for desktop.
> - This policy requires reboot to take effect.
Added in next major release of Windows 10. Allows IT admins to configure Microsoft Traditional Chinese IME version in the desktop.
Added in Windows 10, version 2004. Allows IT admins to configure Microsoft Traditional Chinese IME version in the desktop.
<!--/Description-->
<!--SupportedValues-->
@ -1718,6 +1718,8 @@ Footnotes:
- 4 - Added in Windows 10, version 1803.
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
- 7 - Added in Windows 10, version 1909.
- 8 - Added in Windows 10, version 2004.
<!--/Policies-->

2
windows/client-management/mdm/policy-csps-supported-by-hololens2.md
View File

@ -104,7 +104,7 @@ Footnotes:
- 5 - Added in Windows 10, version 1809.
- 6 - Added in Windows 10, version 1903.
- 7 - Added in Windows 10, version 1909.
- 8 - Added in the next major release of Windows 10.
- 8 - Added in Windows 10, version 2004.
## Related topics

5
windows/client-management/mdm/supl-csp.md
View File

@ -14,9 +14,6 @@ ms.date: 09/12/2019
# SUPL CSP
> [!WARNING]
> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
The SUPL configuration service provider is used to configure the location client, as shown in the following table:
<table>
@ -89,7 +86,7 @@ For OMA DM, if the format for this node is incorrect the entry will be ignored a
Optional. Determines the major version of the SUPL protocol to use. For SUPL 1.0.0, set this value to 1. For SUPL 2.0.0, set this value to 2. The default is 1. Refer to FullVersion to define the minor version and the service indicator.
<a href="" id="fullversion"></a>**FullVersion**
Added in the next major release of Windows 10. Optional. Determines the full version (X.Y.Z where X, Y, and Z are the major version, the minor version, and the service indicator, respectively) of the SUPL protocol to use. The default is 1.0.0. If FullVersion is defined, Version field is ignored.
Added in Windows 10, version 2004. Optional. Determines the full version (X.Y.Z where X, Y, and Z are the major version, the minor version, and the service indicator, respectively) of the SUPL protocol to use. The default is 1.0.0. If FullVersion is defined, Version field is ignored.
<a href="" id="mccmncpairs"></a>**MCCMNCPairs**
Required. List all of the MCC and MNC pairs owned by the mobile operator. This list is used to verify that the UICC matches the network and SUPL can be used. When the UICC and network do not match, the device uses the default location service and does not use SUPL.

2
windows/client-management/mdm/understanding-admx-backed-policies.md
View File

@ -260,7 +260,7 @@ Note that the data payload of the SyncML needs to be encoded so that it does not
The **LocURI** for the above GP policy is:
`.\Device\Vendor\MSFT\Policy\Config\AppVirtualization\PublishingAllowServer2`
`./Device/Vendor/MSFT/Policy/Config/AppVirtualization/PublishingAllowServer2`
To construct SyncML for your area/policy using the samples below, you need to update the **data id** and the **value** in the `<Data>` section of the SyncML. The items prefixed with an '&' character are the escape characters needed and can be retained as shown.

28
windows/client-management/new-policies-for-windows-10.md
View File

@ -25,6 +25,33 @@ ms.topic: reference
Windows 10 includes the following new policies for management. [Download the complete set of Administrative Template (.admx) files for Windows 10](https://www.microsoft.com/download/100591).
## New Group Policy settings in Windows 10, version 1903
The following Group Policy settings were added in Windows 10, version 1903:
**System**
- System\Service Control Manager Settings\Security Settings\Enable svchost.exe mitigation options
- System\Storage Sense\Allow Storage Sense
- System\Storage Sense\Allow Storage Sense Temporary Files cleanup
- System\Storage Sense\Configure Storage Sense
- System\Storage Sense\Configure Storage Sense Cloud content dehydration threshold
- System\Storage Sense\Configure Storage Sense Recycle Bin cleanup threshold
- System\Storage Sense\Configure Storage Sense Downloads cleanup threshold
- System\Troubleshooting and Diagnostics\Microsoft Support Diagnostic Tool\Troubleshooting:Allow users to access recommended troubleshooting for known problems
**Windows Components**
- Windows Components\App Privacy\Let Windows apps activate with voice
- Windows Components\App Privacy\Let Windows apps activate with voice while the system is locked
- Windows Components\Data Collection and Preview Builds\Allow commercial data pipeline
- Windows Components\Data Collection and Preview Builds\Configure collection of browsing data for Desktop Analytics
- Windows Components\Data Collection and Preview Builds\Configure diagnostic data upload endpoint for Desktop Analytics
- Windows Components\Delivery Optimization\Delay background download Cache Server fallback (in seconds)
- Windows Components\Delivery Optimization\Delay Foreground download Cache Server fallback (in seconds)
- Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment\Use WDDM graphics display driver for Remote Desktop Connections
- Windows Components\Windows Logon Options\Configure the mode of automatically signing in and locking last interactive user after a restart or cold boot
## New Group Policy settings in Windows 10, version 1809
@ -496,4 +523,3 @@ No new [Exchange ActiveSync policies](https://go.microsoft.com/fwlink/p/?LinkId=

4
windows/client-management/system-failure-recovery-options.md
View File

@ -8,8 +8,8 @@ author: Deland-Han
ms.localizationpriority: medium
ms.author: delhan
ms.date: 8/22/2019
ms.reviewer:
manager: dcscontentpm
ms.reviewer: dcscontentpm
manager: dansimp
---
# Configure system failure and recovery options in Windows

16
windows/configuration/TOC.md
View File

@ -2,7 +2,7 @@
## [Accessibility information for IT Pros](windows-10-accessibility-for-ITPros.md)
## [Configure access to Microsoft Store](stop-employees-from-using-microsoft-store.md)
## [Configure Cortana in Windows 10](cortana-at-work/cortana-at-work-overview.md)
## [Set up and test Cortana in Windows 10, version 2004 and later](cortana-at-work/set-up-and-test-cortana-in-windows-10)
## [Set up and test Cortana in Windows 10, version 2004 and later](cortana-at-work/set-up-and-test-cortana-in-windows-10.md)
## [Testing scenarios using Cortana in your business or organization](cortana-at-work/cortana-at-work-testing-scenarios.md)
### [Test scenario 1 - Sign into Azure AD, enable the wake word, and try a voice query](cortana-at-work/cortana-at-work-scenario-1.md)
### [Test scenario 2 - Perform a Bing search with Cortana](cortana-at-work/cortana-at-work-scenario-2.md)
@ -13,13 +13,13 @@
## [Send feedback about Cortana back to Microsoft](cortana-at-work/cortana-at-work-feedback.md)
## [Set up and test Cortana in Windows 10, versions 1909 and earlier, with Microsoft 365 in your organization](cortana-at-work/cortana-at-work-o365.md)
## [Testing scenarios using Cortana in your business or organization](cortana-at-work/cortana-at-work-testing-scenarios.md)
### [Test scenario 1 - Sign into Azure AD, enable the wake word, and try a voice query](cortana-at-work/test-scenario-1)
### [Test scenario 2 - Perform a quick search with Cortana at work](cortana-at-work/test-scenario-2)
### [Test scenario 3 - Set a reminder for a specific location using Cortana at work](cortana-at-work/test-scenario-3)
### [Test scenario 4 - Use Cortana at work to find your upcoming meetings](cortana-at-work/test-scenario-4)
### [Test scenario 5 - Use Cortana to send email to a co-worker](cortana-at-work/test-scenario-5)
### [Test scenario 6 - Review a reminder suggested by Cortana based on what youve promised in email](cortana-at-work/test-scenario-6)
### [Test scenario 7 - Use Cortana and Windows Information Protection (WIP) to help protect your organizations data on a device](cortana-at-work/cortana-at-work-scenario-7)
### [Test scenario 1 - Sign into Azure AD, enable the wake word, and try a voice query](cortana-at-work/test-scenario-1.md)
### [Test scenario 2 - Perform a quick search with Cortana at work](cortana-at-work/test-scenario-2.md)
### [Test scenario 3 - Set a reminder for a specific location using Cortana at work](cortana-at-work/test-scenario-3.md)
### [Test scenario 4 - Use Cortana at work to find your upcoming meetings](cortana-at-work/test-scenario-4.md)
### [Test scenario 5 - Use Cortana to send email to a co-worker](cortana-at-work/test-scenario-5.md)
### [Test scenario 6 - Review a reminder suggested by Cortana based on what youve promised in email](cortana-at-work/test-scenario-6.md)
### [Test scenario 7 - Use Cortana and Windows Information Protection (WIP) to help protect your organizations data on a device](cortana-at-work/cortana-at-work-scenario-7.md)
## [Set up and test custom voice commands in Cortana for your organization](cortana-at-work/cortana-at-work-voice-commands.md)
## [Use Group Policy and mobile device management (MDM) settings to configure Cortana in your organization](cortana-at-work/cortana-at-work-policy-settings.md)
## [Set up a shared or guest PC with Windows 10](set-up-shared-or-guest-pc.md)

4
windows/configuration/cortana-at-work/cortana-at-work-feedback.md
View File

@ -16,10 +16,10 @@ manager: dansimp
To provide feedback on an individual request or response, select the item in the conversation history and then select **Give feedback**. This opens the Feedback Hub application where you can provide more information to help diagnose reported issues.
:::image type="content" source="../../../images/screenshot11.png" alt-text="Screenshot: Send feedback page":::
:::image type="content" source="../screenshot1.png" alt-text="Screenshot: Send feedback page":::
To provide feedback about the application in general, go to the **Settings** menu by selecting the three dots in the top left of the application, and select **Feedback**. This opens the Feedback Hub where more information on the issue can be provided.
:::image type="content" source="../../../images/screenshot12.png" alt-text="Screenshot: Select Feedback to go to the Feedback Hub":::
:::image type="content" source="../screenshot12.png" alt-text="Screenshot: Select Feedback to go to the Feedback Hub":::
In order for enterprise users to provide feedback, admins must unblock the Feedback Hub in the [Azure portal](https://portal.azure.com/). Go to the **Enterprise applications section** and enable **Users can allow apps to access their data**.

4
windows/configuration/cortana-at-work/cortana-at-work-o365.md
View File

@ -33,7 +33,7 @@ There are a few things to be aware of before you start using Cortana in Windows
- **Troubleshooting tips.** If you run into issues, check out these [troubleshooting tips](https://go.microsoft.com/fwlink/p/?LinkId=620763).
### Turn on Cortana enterprise services on employees devices
### Turn on Cortana enterprise services on employees' devices
Your employees must connect Cortana to their Microsoft 365 account to be able to use skills like email and calendar.
#### Turn on Cortana enterprise services
@ -51,6 +51,6 @@ Cortana in Windows 10, versions 1909 and earlier can only access data in your Mi
2. Select the app launcher icon in the upper-left and choose **Admin**.
3. Expand **Settings** and select **Settings**.
3. Expand **Settings** and select **Org Settings**.
4. Select **Cortana** to toggle Cortana&#39;s access to Microsoft 365 data off.

13
windows/configuration/cortana-at-work/cortana-at-work-overview.md
View File

@ -17,7 +17,7 @@ ms.author: dansimp
Cortana is a personal productivity assistant in Microsoft 365, helping your users achieve more with less effort and focus on what matters. The Cortana app in Windows 10 helps users quickly get information across Microsoft 365, using typed or spoken queries to connect with people, check calendars, set reminders, add tasks, and more.
:::image type="content" source="../../../images/screenshot1.png" alt-text="Screenshot: Cortana home page example":::
:::image type="content" source="../screenshot1.png" alt-text="Screenshot: Cortana home page example":::
## Where is Cortana available for use in my organization?
@ -30,11 +30,11 @@ The Cortana app in Windows 10, version 2004 requires the latest Microsoft Store
Cortana requires a PC running Windows 10, version 1703 or later, as well as the following software to successfully run the included scenario in your organization.
>[!NOTE]
>A microphone is not required to use Cortana.
>A microphone isn't required to use Cortana.
|**Software** |**Minimum version** |
|---------|---------|
|Client operating system | Desktop: <br> - Windows 10, version 2004 (recommended) <br> <br> - Windows 10, version 1703 (legacy version of Cortana) <br> <br> Mobile: Windows 10 mobile, version 1703 (legacy version of Cortana) <br> <br> For more information on the differences between Cortana in Windows 10, version 2004 and earlier versions, see **How is my data processed by Cortana** below. |
|Client operating system | Desktop: <br> - Windows 10, version 2004 (recommended) <br> <br> - Windows 10, version 1703 (legacy version of Cortana) <br> <br> Mobile: Windows 10 mobile, version 1703 (legacy version of Cortana) <br> <br> For more information on the differences between Cortana in Windows 10, version 2004 and earlier versions, see [**How is my data processed by Cortana**](https://docs.microsoft.com/windows/configuration/cortana-at-work/cortana-at-work-overview#how-is-my-data-processed-by-cortana) below. |
|Azure Active Directory (Azure AD) | While all employees signing into Cortana need an Azure AD account, an Azure AD premium tenant isnt required. |
|Additional policies (Group Policy and Mobile Device Management (MDM)) |There is a rich set of policies that can be used to manage various aspects of Cortana. Most of these policies will limit the abilities of Cortana but won't turn Cortana off. For example, if you turn **Speech** off, your employees won't be able to use the wake word (“Cortana”) for hands-free activation or voice commands to easily ask for help. |
@ -48,7 +48,7 @@ Cortana's approach to integration with Microsoft 365 has changed with Windows 10
### Cortana in Windows 10, version 2004 and later
Cortana enterprise services that can be accessed using Azure AD through Cortana in Windows 10, version 2004 and later, meet the same enterprise-level privacy, security, and compliance promises as reflected in the [Online Services Terms (OST)](https://www.microsoft.com/en-us/licensing/product-licensing/products). For more information, see [Cortana in Microsoft 365](https://docs.microsoft.com/microsoft-365/admin/misc/cortana-integration?view=o365-worldwide#what-data-is-processed-by-cortana-in-office-365).
Cortana enterprise services that can be accessed using Azure AD through Cortana in Windows 10, version 2004 and later, meet the same enterprise-level privacy, security, and compliance promises as reflected in the [Online Services Terms (OST)](https://www.microsoft.com/en-us/licensing/product-licensing/products). To learn more, see [Cortana in Microsoft 365](https://docs.microsoft.com/microsoft-365/admin/misc/cortana-integration?view=o365-worldwide#what-data-is-processed-by-cortana-in-office-365).
#### How does Microsoft store, retain, process, and use Customer Data in Cortana?
@ -65,13 +65,16 @@ The table below describes the data handling for Cortana enterprise services.
#### How does the wake word (Cortana) work? If I enable it, is Cortana always listening?
>[!NOTE]
>The wake word has been temporarily disabled in the latest version of Cortana in Windows but will be restored soon. You can still click on the microphone button to use your voice with Cortana.
Cortana only begins listening for commands or queries when the wake word is detected, or the microphone button has been selected.
First, the user must enable the wake word from within Cortana settings. Once it has been enabled, a component of Windows called the [Windows Multiple Voice Assistant platform](https://docs.microsoft.com/windows-hardware/drivers/audio/voice-activation-mva#voice-activation) will start listening for the wake word. No audio is processed by speech recognition unless two local wake word detectors and a server-side one agree with high confidence that the wake word was heard.
The first decision is made by the Windows Multiple Voice Assistant platform leveraging hardware optionally included in the user&#39;s PC for power savings. If the wake word is detected, Windows will show a microphone icon in the system tray indicating an assistant app is listening.
:::image type="content" source="images/screenshot2.png" alt-text="Microphone icon in the system tray indicating an assistant app is listening":::
:::image type="content" source="../screenshot2.png" alt-text="Screenshot: Microphone icon in the system tray indicating an assistant app is listening":::
At that point, the Cortana app will receive the audio, run a second, more accurate wake word detector, and optionally send it to a Microsoft cloud service where a third wake word detector will confirm. If the service does not confirm that the activation was valid, the audio will be discarded and deleted from any further processing or server logs. On the user&#39;s PC, the Cortana app will be silently dismissed, and no query will be shown in conversation history because the query was discarded.

7
windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md
View File

@ -14,6 +14,9 @@ manager: dansimp
# Test scenario 1 Sign into Azure AD, enable the wake word, and try a voice query
>[!NOTE]
>The wake word has been temporarily disabled in the latest version of Cortana in Windows but will be restored soon.
1. Select the **Cortana** icon in the task bar and sign in using your Azure AD account.
2. Select the &quot;&quot; menu and select **Talking to Cortana**.
@ -22,9 +25,9 @@ manager: dansimp
4. Say **Cortana, what can you do?**.
When you say &quot;Cortana&quot;, Cortana will open in listening mode to acknowledge the wake word.
When you say **Cortana**, Cortana will open in listening mode to acknowledge the wake word.
:::image type="content" source="../../../images/screenshot4.png" alt-text="Screenshot: Cortana listening mode":::
:::image type="content" source="../screenshot4.png" alt-text="Screenshot: Cortana listening mode":::
Once you finish saying your query, Cortana will open with the result.

4
windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md
View File

@ -20,7 +20,7 @@ manager: dansimp
Cortana will respond with the information from Bing.
:::image type="content" source="../../../images/screenshot5.png" alt-text="Screenshot: Cortana showing current time in Hyderbad":::
:::image type="content" source="../screenshot5.png" alt-text="Screenshot: Cortana showing current time in Hyderbad":::
>[!NOTE]
>This scenario requires Bing Answers to be enabled. For more information, see [Set up and configure the Bing Answers feature](https://docs.microsoft.com/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10#set-up-and-configure-the-bing-answers-feature).
>This scenario requires Bing Answers to be enabled. To learn more, see [Set up and configure the Bing Answers feature](https://docs.microsoft.com/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10#set-up-and-configure-the-bing-answers-feature).

7
windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md
View File

@ -16,11 +16,10 @@ manager: dansimp
This scenario helps you set up, review, and edit a reminder. For example, you can remind yourself to send someone a link to a document after a meeting.
1. Select the **Cortana** icon in the taskbar and type _Remind me to send a link to the deck at 3:05pm_ and press **Enter**.
1. Select the **Cortana** icon in the taskbar and type **Remind me to send a link to the deck at 3:05pm** and press **Enter**.
Cortana will create a reminder in Microsoft To Do and will remind you at the appropriate time.
:::image type="content" source="../../../images/screenshot6.png" alt-text="Screenshot: Cortana set a reminder":::
:::image type="content" source="../../../images/screenshot7.png" alt-text="Screenshot: Cortana showing reminder on page":::
:::image type="content" source="../screenshot6.png" alt-text="Screenshot: Cortana set a reminder":::
:::image type="content" source="../screenshot7.png" alt-text="Screenshot: Cortana showing reminder on page":::

4
windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md
View File

@ -14,7 +14,7 @@ manager: dansimp
# Test scenario 4 - Use Cortana to find free time on your calendar
This process helps you find out if a time slot is free on your calendar.
This scenario helps you find out if a time slot is free on your calendar.
1. Select the **Cortana** icon in the taskbar.
@ -24,4 +24,4 @@ This process helps you find out if a time slot is free on your calendar.
Cortana will respond with your availability for that time, as well as nearby meetings.
:::image type="content" source="../../../images/screenshot8.png" alt-text="Screenshot: Cortana showing free time on a calendar":::
:::image type="content" source="../screenshot8.png" alt-text="Screenshot: Cortana showing free time on a calendar":::

Some files were not shown because too many files have changed in this diff Show More