diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 8b2d2e8dff..fc68ba7fb1 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -1,5 +1,10 @@
{
"redirections": [
+ {
+ "source_path": "windows/configuration/customize-the-start-menu-layout-on-windows-11.md",
+ "redirect_url": "/windows/configuration/customize-start-menu-layout-windows-11",
+ "redirect_document_id": false
+ },
{
"source_path": "windows/application-management/msix-app-packaging-tool.md",
"redirect_url": "/windows/application-management/apps-in-windows-10",
diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index c4eba79f3d..586e5edcc6 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -209,6 +209,7 @@ ms.date: 10/08/2020
- [ADMX_EAIME/L_TurnOnLexiconUpdate](./policy-csp-admx-eaime.md#admx-eaime-l-turnonlexiconupdate)
- [ADMX_EAIME/L_TurnOnLiveStickers](./policy-csp-admx-eaime.md#admx-eaime-l-turnonlivestickers)
- [ADMX_EAIME/L_TurnOnMisconversionLoggingForMisconversionReport](./policy-csp-admx-eaime.md#admx-eaime-l-turnonmisconversionloggingformisconversionreport)
+- [ADMX_EventLogging/EnableProtectedEventLogging](./policy-csp-admx-eventlogging.md#admx-eventlogging-enableprotectedeventlogging)
- [ADMX_EncryptFilesonMove/NoEncryptOnMove](./policy-csp-admx-encryptfilesonmove.md#admx-encryptfilesonmove-noencryptonmove)
- [ADMX_EnhancedStorage/ApprovedEnStorDevices](./policy-csp-admx-enhancedstorage.md#admx-enhancedstorage-approvedenstordevices)
- [ADMX_EnhancedStorage/ApprovedSilos](./policy-csp-admx-enhancedstorage.md#admx-enhancedstorage-approvedsilos)
@@ -268,11 +269,17 @@ ms.date: 10/08/2020
- [ADMX_EventLog/Channel_Log_Retention_2](./policy-csp-admx-eventlog.md#admx-eventlog-channel-log-retention-2)
- [ADMX_EventLog/Channel_Log_Retention_3](./policy-csp-admx-eventlog.md#admx-eventlog-channel-log-retention-3)
- [ADMX_EventLog/Channel_Log_Retention_4](./policy-csp-admx-eventlog.md#admx-eventlog-channel-log-retention-4)
+- [ADMX_EventViewer/EventViewer_RedirectionProgram](./policy-csp-admx-eventviewer.md#admx-eventviewer-eventviewer_redirectionprogram)
+- [ADMX_EventViewer/EventViewer_RedirectionProgramCommandLineParameters](./policy-csp-admx-eventviewer.md#admx-eventviewer-eventviewer_redirectionprogramcommandlineparameters)
+- [ADMX_EventViewer/EventViewer_RedirectionURL](./policy-csp-admx-eventviewer.md#admx-eventviewer-eventviewer_redirectionurl)
- [ADMX_Explorer/AdminInfoUrl](./policy-csp-admx-explorer.md#admx-explorer-admininfourl)
- [ADMX_Explorer/AlwaysShowClassicMenu](./policy-csp-admx-explorer.md#admx-explorer-alwaysshowclassicmenu)
- [ADMX_Explorer/DisableRoamedProfileInit](./policy-csp-admx-explorer.md#admx-explorer-disableroamedprofileinit)
- [ADMX_Explorer/PreventItemCreationInUsersFilesFolder](./policy-csp-admx-explorer.md#admx-explorer-preventitemcreationinusersfilesfolder)
- [ADMX_Explorer/TurnOffSPIAnimations](./policy-csp-admx-explorer.md#admx-explorer-turnoffspianimations)
+- [ADMX_ExternalBoot/PortableOperatingSystem_Hibernate](./policy-csp-admx-externalboot.md#admx-externalboot-portableoperatingsystem_hibernate)
+- [ADMX_ExternalBoot/PortableOperatingSystem_Sleep](./policy-csp-admx-externalboot.md#admx-externalboot-portableoperatingsystem_sleep)
+- [ADMX_ExternalBoot/PortableOperatingSystem_Launcher](./policy-csp-admx-externalboot.md#admx-externalboot-portableoperatingsystem_launcher)
- [ADMX_FileRecovery/WdiScenarioExecutionPolicy](./policy-csp-admx-filerecovery.md#admx-filerecovery-wdiscenarioexecutionpolicy)
- [ADMX_FileServerVSSProvider/Pol_EncryptProtocol](./policy-csp-admx-fileservervssprovider.md#admx-fileservervssprovider-pol-encryptprotocol)
- [ADMX_FileSys/DisableCompression](./policy-csp-admx-filesys.md#admx-filesys-disablecompression)
@@ -284,6 +291,7 @@ ms.date: 10/08/2020
- [ADMX_FileSys/SymlinkEvaluation](./policy-csp-admx-filesys.md#admx-filesys-symlinkevaluation)
- [ADMX_FileSys/TxfDeprecatedFunctionality](./policy-csp-admx-filesys.md#admx-filesys-txfdeprecatedfunctionality)
- [ADMX_FileRecovery/WdiScenarioExecutionPolicy](./policy-csp-admx-filerecovery.md#admx-filerecovery-wdiscenarioexecutionpolicy)
+- [ADMX_FileRevocation/DelegatedPackageFamilyNames](./policy-csp-admx-filerevocation.md#admx-filerevocation-delegatedpackagefamilynames)
- [ADMX_FolderRedirection/DisableFRAdminPin](./policy-csp-admx-folderredirection.md#admx-folderredirection-disablefradminpin)
- [ADMX_FolderRedirection/DisableFRAdminPinByFolder](./policy-csp-admx-folderredirection.md#admx-folderredirection-disablefradminpinbyfolder)
- [ADMX_FolderRedirection/FolderRedirectionEnableCacheRename](./policy-csp-admx-folderredirection.md#admx-folderredirection-folderredirectionenablecacherename)
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index a394943879..6922bada43 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -755,6 +755,7 @@ dfsdiscoverdc">ADMX_DFS/DFSDiscoverDC
+
### ADMX_DnsClient policies
@@ -896,6 +897,13 @@ dfsdiscoverdc">ADMX_DFS/DFSDiscoverDC
+### ADMX_EventLogging policies
+
+ -
+ ADMX_EventLogging/EnableProtectedEventLogging
+
+
+
### ADMX_EnhancedStorage policies
@@ -1090,6 +1098,19 @@ dfsdiscoverdc">ADMX_DFS/DFSDiscoverDC
+### ADMX_EventViewer policies
+
+
+ -
+ ADMX_EventViewer/EventViewer_RedirectionProgram
+
+ -
+ ADMX_EventViewer/EventViewer_RedirectionProgramCommandLineParameters
+
+ -
+ ADMX_EventViewer/EventViewer_RedirectionURL
+
-
+
### ADMX_Explorer policies
@@ -1110,6 +1131,19 @@ dfsdiscoverdc">ADMX_DFS/DFSDiscoverDC
+### ADMX_ExternalBoot policies
+
+
+ -
+ ADMX_ExternalBoot/PortableOperatingSystem_Hibernate
+
+ ADMX_ExternalBoot/PortableOperatingSystem_Sleep
+
+
+ ADMX_ExternalBoot/PortableOperatingSystem_Launcher
+
+
+
### ADMX_FileRecovery policies
-
@@ -1117,6 +1151,13 @@ dfsdiscoverdc">ADMX_DFS/DFSDiscoverDC
+### ADMX_FileRevocation policies
+
+ -
+ ADMX_FileRevocation/DelegatedPackageFamilyNames
+
+
+
### ADMX_FileServerVSSProvider policies
-
diff --git a/windows/client-management/mdm/policy-csp-admx-eventlogging.md b/windows/client-management/mdm/policy-csp-admx-eventlogging.md
new file mode 100644
index 0000000000..f5b94b93f3
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-eventlogging.md
@@ -0,0 +1,114 @@
+---
+title: Policy CSP - ADMX_EventLogging
+description: Policy CSP - ADMX_EventLogging
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: nimishasatapathy
+ms.date: 09/12/2021
+ms.reviewer:
+manager: dansimp
+---
+
+# Policy CSP - ADMX_EventLogging
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+
+
+
+## ADMX_EventLogging policies
+
+
+ -
+ ADMX_EventLogging/EnableProtectedEventLogging
+
+
+
+
+
+
+
+**ADMX_EventLogging/EnableProtectedEventLogging**
+
+
+
+
+ | Edition |
+ Windows 10 |
+ Windows 11 |
+
+
+ | Home |
+ No |
+ No |
+
+
+ | Pro |
+ No |
+ No |
+
+
+ | Business |
+ No |
+ No |
+
+
+ | Enterprise |
+ Yes |
+ Yes |
+
+
+ | Education |
+ Yes |
+ Yes |
+
+
+
+
+
+
+
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+
+
+
+
+This policy setting lets you configure Protected Event Logging.
+
+- If you enable this policy setting, components that support it will use the certificate you supply to encrypt potentially sensitive event log data before writing it to the event log. Data will be encrypted using the Cryptographic Message Syntax (CMS) standard and the public key you provide.
+
+You can use the Unprotect-CmsMessage PowerShell cmdlet to decrypt these encrypted messages, provided that you have access to the private key corresponding to the public key that they were encrypted with.
+
+- If you disable or do not configure this policy setting, components will not encrypt event log messages before writing them to the event log.
+
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+
+ADMX Info:
+- GP Friendly name: *Enable Protected Event Logging*
+- GP name: *EnableProtectedEventLogging*
+- GP path: *Windows Components\Event Logging*
+- GP ADMX file name: *EventLogging.admx*
+
+
+
+
+
+> [!NOTE]
+> These policies are currently only available as part of a Windows Insider release.
+
+
+
diff --git a/windows/client-management/mdm/policy-csp-admx-eventviewer.md b/windows/client-management/mdm/policy-csp-admx-eventviewer.md
new file mode 100644
index 0000000000..d153f1ca58
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-eventviewer.md
@@ -0,0 +1,256 @@
+---
+title: Policy CSP - ADMX_EventViewer
+description: Policy CSP - ADMX_EventViewer
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: nimishasatapathy
+ms.date: 09/13/2021
+ms.reviewer:
+manager: dansimp
+---
+
+# Policy CSP - ADMX_EventViewer
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+
+
+
+## ADMX_EventViewer policies
+
+
+ -
+ ADMX_EventViewer/EventViewer_RedirectionProgram
+
+ -
+ ADMX_EventViewer_RedirectionProgramCommandLineParameters
+
+ -
+ ADMX_EventViewer/EventViewer_RedirectionURL
+
+
+
+
+
+
+
+**ADMX_EventViewer/EventViewer_RedirectionProgram**
+
+
+
+
+ | Edition |
+ Windows 10 |
+ Windows 11 |
+
+
+ | Home |
+ No |
+ No |
+
+
+ | Pro |
+ No |
+ No |
+
+
+ | Business |
+ No |
+ No |
+
+
+ | Enterprise |
+ Yes |
+ Yes |
+
+
+ | Education |
+ Yes |
+ Yes |
+
+
+
+
+
+
+
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+
+
+
+
+This is the program that will be invoked when the user clicks the `events.asp` link.
+
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+
+ADMX Info:
+- GP Friendly name: *Events.asp program*
+- GP name: *EventViewer_RedirectionProgram*
+- GP path: *Windows Components\Event Viewer*
+- GP ADMX file name: *EventViewer.admx*
+
+
+
+
+
+
+**ADMX_EventViewer/EventViewer_RedirectionProgramCommandLineParameters**
+
+
+
+
+ | Edition |
+ Windows 10 |
+ Windows 11 |
+
+
+ | Home |
+ No |
+ No |
+
+
+ | Pro |
+ No |
+ No |
+
+
+ | Business |
+ No |
+ No |
+
+
+ | Enterprise |
+ Yes |
+ Yes |
+
+
+ | Education |
+ Yes |
+ Yes |
+
+
+
+
+
+
+
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+
+
+
+
+This specifies the command line parameters that will be passed to the `events.asp` program.
+
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+
+ADMX Info:
+- GP Friendly name: *Events.asp program command line parameters*
+- GP name: *EventViewer_RedirectionProgramCommandLineParameters*
+- GP path: *Windows Components\Event Viewer*
+- GP ADMX file name: *EventViewer.admx*
+
+
+
+
+
+
+**ADMX_EventViewer/EventViewer_RedirectionURL**
+
+
+
+
+ | Edition |
+ Windows 10 |
+ Windows 11 |
+
+
+ | Home |
+ No |
+ No |
+
+
+ | Pro |
+ No |
+ No |
+
+
+ | Business |
+ No |
+ No |
+
+
+ | Enterprise |
+ Yes |
+ Yes |
+
+
+ | Education |
+ Yes |
+ Yes |
+
+
+
+
+
+
+
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+
+
+
+
+This is the URL that will be passed to the Description area in the Event Properties dialog box.
+Change this value if you want to use a different Web server to handle event information requests.
+
+
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+
+ADMX Info:
+- GP Friendly name: *Events.asp URL*
+- GP name: *EventViewer_RedirectionURL*
+- GP path: *Windows Components\Event Viewer*
+- GP ADMX file name: *EventViewer.admx*
+
+
+
+
+
+
+
+
diff --git a/windows/client-management/mdm/policy-csp-admx-externalboot.md b/windows/client-management/mdm/policy-csp-admx-externalboot.md
new file mode 100644
index 0000000000..24c4aeecbe
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-externalboot.md
@@ -0,0 +1,274 @@
+---
+title: Policy CSP - ADMX_ExternalBoot
+description: Policy CSP - ADMX_ExternalBoot
+ms.author: dansimp
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: nimishasatapathy
+ms.localizationpriority: medium
+ms.date: 09/13/2021
+ms.reviewer:
+manager: dansimp
+---
+
+# Policy CSP - ADMX_ExternalBoot
+
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+
+
+
+## Policy CSP - ADMX_ExternalBoot
+
+
+ -
+ ADMX_ExternalBoot/PortableOperatingSystem_Hibernate
+
+
+ -
+ ADMX_ExternalBoot/PortableOperatingSystem_Sleep
+
+
+ -
+ ADMX_ExternalBoot/PortableOperatingSystem_Launcher
+
+
+
+
+
+
+
+**ADMX_ExternalBoot/PortableOperatingSystem_Hibernate**
+
+
+
+
+ | Edition |
+ Windows 10 |
+ Windows 11 |
+
+
+ | Home |
+ No |
+ No |
+
+
+ | Pro |
+ No |
+ No |
+
+
+ | Business |
+ No |
+ No |
+
+
+ | Enterprise |
+ Yes |
+ Yes |
+
+
+ | Education |
+ Yes |
+ Yes |
+
+
+
+
+
+
+
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+
+
+
+
+This policy specifies whether the PC can use the hibernation sleep state (S4) when started from a Windows To Go workspace.
+
+- If you enable this setting, Windows, when started from a Windows To Go workspace, can hibernate the PC.
+
+- If you disable or do not configure this setting, Windows, when started from a Windows To Go workspace, and cannot hibernate the PC.
+
+
+
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+
+ADMX Info:
+- GP Friendly name: *Allow hibernate (S4) when starting from a Windows To Go workspace*
+- GP name: *PortableOperatingSystem_Hibernate*
+- GP path: *Windows Components\Portable Operating System*
+- GP ADMX file name: *ExternalBoot.admx*
+
+
+
+
+
+
+
+**ADMX_ExternalBoot/PortableOperatingSystem_Sleep**
+
+
+
+
+ | Edition |
+ Windows 10 |
+ Windows 11 |
+
+
+ | Home |
+ No |
+ No |
+
+
+ | Pro |
+ No |
+ No |
+
+ | Business |
+ No |
+ No |
+
+
+ | Enterprise |
+ Yes |
+ Yes |
+
+
+ | Education |
+ Yes |
+ Yes |
+
+
+
+
+
+
+
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+
+
+
+
+This policy specifies whether the PC can use standby sleep states (S1-S3) when starting from a Windows To Go workspace.
+
+If you enable this setting, Windows, when started from a Windows To Go workspace, cannot use standby states to make the PC sleep.
+
+If you disable or do not configure this setting, Windows, when started from a Windows To Go workspace, can use standby states to make the PC sleep.
+
+
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+
+ADMX Info:
+- GP Friendly name: *Disallow standby sleep states (S1-S3) when starting from a Windows to Go workspace*
+- GP name: *PortableOperatingSystem_Sleep*
+- GP path: *Windows Components\Portable Operating System*
+- GP ADMX file name: *ExternalBoot.admx*
+
+
+
+
+
+
+
+**ADMX_ExternalBoot/PortableOperatingSystem_Launcher**
+
+
+
+
+ | Edition |
+ Windows 10 |
+ Windows 11 |
+
+
+ | Home |
+ No |
+ No |
+
+
+ | Pro |
+ No |
+ No |
+
+
+ | Business |
+ No |
+ No |
+
+
+ | Enterprise |
+ Yes |
+ Yes |
+
+
+ | Education |
+ Yes |
+ Yes |
+
+
+
+
+
+
+
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * Device
+
+
+
+
+
+This policy setting controls whether the PC will boot to Windows To Go if a USB device containing a Windows To Go workspace is connected, and controls whether users can make changes using the Windows To Go Startup Options Control Panel item.
+
+- If you enable this setting, booting to Windows To Go when a USB device is connected will be enabled, and users will not be able to make changes using the Windows To Go Startup Options Control Panel item.
+
+- If you disable this setting, booting to Windows To Go when a USB device is connected will not be enabled unless a user configures the option manually in the BIOS or other boot order configuration.
+
+If you do not configure this setting, users who are members of the Administrators group can make changes using the Windows To Go Startup Options Control Panel item.
+
+
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+
+ADMX Info:
+- GP Friendly name: *Windows To Go Default Startup Options*
+- GP name: *PortableOperatingSystem_Launcher*
+- GP path: *Windows Components\Portable Operating System*
+- GP ADMX file name: *ExternalBoot.admx*
+
+
+
+
+
+
diff --git a/windows/client-management/mdm/policy-csp-admx-filerevocation.md b/windows/client-management/mdm/policy-csp-admx-filerevocation.md
new file mode 100644
index 0000000000..a36aca27de
--- /dev/null
+++ b/windows/client-management/mdm/policy-csp-admx-filerevocation.md
@@ -0,0 +1,115 @@
+---
+title: Policy CSP - ADMX_FileRevocation
+description: Policy CSP - ADMX_FileRevocation
+ms.author: dansimp
+ms.localizationpriority: medium
+ms.topic: article
+ms.prod: w10
+ms.technology: windows
+author: nimishasatapathy
+ms.date: 09/13/2021
+ms.reviewer:
+manager: dansimp
+---
+
+# Policy CSP - ADMX_FileRevocation
+> [!WARNING]
+> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
+
+
+
+
+
+ -
+ ADMX_FileRevocation/DelegatedPackageFamilyNames
+
+
+
+
+
+
+
+**ADMX_FileRevocation/DelegatedPackageFamilyNames**
+
+
+
+
+ | Edition |
+ Windows 10 |
+ Windows 11 |
+
+
+
+ | Home |
+ No |
+ No |
+
+
+ | Pro |
+ No |
+ No |
+
+
+ | Business |
+ No |
+ No |
+
+
+ | Enterprise |
+ Yes |
+ Yes |
+
+
+ | Education |
+ Yes |
+ Yes |
+
+
+
+
+
+
+
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+
+
+
+Windows Runtime applications can protect content which has been associated with an enterprise identifier (EID), but can only revoke access to content it protected. To allow an application to revoke access to all content on the device that is protected by a particular enterprise, add an entry to the list on a new line that contains the enterprise identifier, separated by a comma, and the Package Family Name of the application. The EID must be an internet domain belonging to the enterprise in standard international domain name format.
+Example value: `Contoso.com,ContosoIT.HumanResourcesApp_m5g0r7arhahqy`
+
+- If you enable this policy setting, the application identified by the Package Family Name will be permitted to revoke access to all content protected using the specified EID on the device.
+
+- If you disable or do not configure this policy setting, the only Windows Runtime applications that can revoke access to all enterprise-protected content on the device are Windows Mail and the user-selected mailto protocol handler app.
+
+Any other Windows Runtime application will only be able to revoke access to content it protected.
+
+> [!NOTE]
+> Information the user should notice even if skimmingFile revocation applies to all content protected under the same second level domain as the provided enterprise identifier. Therefore, revoking an enterprise ID of `mail.contoso.com` will revoke the user’s access to all content protected under the contoso.com hierarchy.
+
+
+> [!TIP]
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
+> You must specify the data type in the SyncML as <Format>chr</Format>. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+
+
+ADMX Info:
+- GP Friendly name: *Allow Windows Runtime apps to revoke enterprise data.*
+- GP name: *DelegatedPackageFamilyNames*
+- GP path: *Windows Components\File Revocation*
+- GP ADMX file name: *FileRevocation.admx*
+
+
+
+
+
+> [!NOTE]
+> These policies are currently only available as part of a Windows Insider release.
+
+
+
diff --git a/windows/client-management/mdm/toc.yml b/windows/client-management/mdm/toc.yml
index 4395fbc920..04c1850c2f 100644
--- a/windows/client-management/mdm/toc.yml
+++ b/windows/client-management/mdm/toc.yml
@@ -465,6 +465,8 @@ items:
href: policy-csp-admx-eaime.md
- name: ADMX_EncryptFilesonMove
href: policy-csp-admx-encryptfilesonmove.md
+ - name: ADMX_EventLogging
+ href: policy-csp-admx-eventlogging.md
- name: ADMX_EnhancedStorage
href: policy-csp-admx-enhancedstorage.md
- name: ADMX_ErrorReporting
@@ -473,10 +475,16 @@ items:
href: policy-csp-admx-eventforwarding.md
- name: ADMX_EventLog
href: policy-csp-admx-eventlog.md
+ - name: ADMX_EventViewer
+ href: policy-csp-admx-eventviewer.md
- name: ADMX_Explorer
href: policy-csp-admx-explorer.md
+ - name: ADMX_ExternalBoot
+ href: policy-csp-admx-externalboot.md
- name: ADMX_FileRecovery
href: policy-csp-admx-filerecovery.md
+ - name: ADMX_FileRevocation
+ href: policy-csp-admx-filerevocation.md
- name: ADMX_FileServerVSSProvider
href: policy-csp-admx-fileservervssprovider.md
- name: ADMX_FileSys
diff --git a/windows/configuration/TOC.yml b/windows/configuration/TOC.yml
index d5ce0457f4..90c2e725ed 100644
--- a/windows/configuration/TOC.yml
+++ b/windows/configuration/TOC.yml
@@ -5,7 +5,7 @@
- name: Windows 11
items:
- name: Start menu layout
- href: use-json-customize-start-menu-windows.md
+ href: customize-start-menu-layout-windows-11.md
- name: Supported Start menu CSPs
href: supported-csp-start-menu-layout-windows.md
- name: Windows 10 Start and taskbar
@@ -64,7 +64,7 @@
href: set-up-shared-or-guest-pc.md
- name: Set up a kiosk on Windows 10 Mobile
href: mobile-devices/set-up-a-kiosk-for-windows-10-for-mobile-edition.md
- - name: Additional kiosk reference information
+ - name: Kiosk reference information
items:
- name: More kiosk methods and reference information
href: kiosk-additional-reference.md
@@ -129,7 +129,7 @@
href: cortana-at-work/cortana-at-work-testing-scenarios.md
- name: Test scenario 1 - Sign into Azure AD, enable the wake word, and try a voice query
href: cortana-at-work/cortana-at-work-scenario-1.md
- - name: Test scenario 2 - Perform a Bing search with Cortana
+ - name: Test scenario 2 - Run a Bing search with Cortana
href: cortana-at-work/cortana-at-work-scenario-2.md
- name: Test scenario 3 - Set a reminder
href: cortana-at-work/cortana-at-work-scenario-3.md
@@ -137,9 +137,9 @@
href: cortana-at-work/cortana-at-work-scenario-4.md
- name: Test scenario 5 - Find out about a person
href: cortana-at-work/cortana-at-work-scenario-5.md
- - name: Test scenario 6 - Change your language and perform a quick search with Cortana
+ - name: Test scenario 6 - Change your language and run a quick search with Cortana
href: cortana-at-work/cortana-at-work-scenario-6.md
- - name: Send feedback about Cortana back to Microsoftr
+ - name: Send feedback about Cortana back to Microsoft
href: cortana-at-work/cortana-at-work-feedback.md
- name: Testing scenarios using Cortana in Windows 10, versions 1909 and earlier, with Microsoft 365 in your organization
items:
@@ -149,13 +149,13 @@
href: cortana-at-work/testing-scenarios-using-cortana-in-business-org.md
- name: Test scenario 1 - Sign into Azure AD, enable the wake word, and try a voice query
href: cortana-at-work/test-scenario-1.md
- - name: Test scenario 2 - Perform a quick search with Cortana at work
+ - name: Test scenario 2 - Run a quick search with Cortana at work
href: cortana-at-work/test-scenario-2.md
- name: Test scenario 3 - Set a reminder for a specific location using Cortana at work
href: cortana-at-work/test-scenario-3.md
- name: Test scenario 4 - Use Cortana at work to find your upcoming meetings
href: cortana-at-work/test-scenario-4.md
- - name: Test scenario 5 - Use Cortana to send email to a co-worker
+ - name: Test scenario 5 - Use Cortana to send email to a coworker
href: cortana-at-work/test-scenario-5.md
- name: Test scenario 6 - Review a reminder suggested by Cortana based on what you’ve promised in email
href: cortana-at-work/test-scenario-6.md
@@ -341,7 +341,7 @@
href: ue-v/uev-deploy-uev-for-custom-applications.md
- name: Administer UE-V
items:
- - name: UE-V administion guide
+ - name: UE-V administration guide
href: ue-v/uev-administering-uev.md
- name: Manage Configurations for UE-V
items:
diff --git a/windows/configuration/use-json-customize-start-menu-windows.md b/windows/configuration/customize-start-menu-layout-windows-11.md
similarity index 93%
rename from windows/configuration/use-json-customize-start-menu-windows.md
rename to windows/configuration/customize-start-menu-layout-windows-11.md
index 90db044f87..ab20b9ad4f 100644
--- a/windows/configuration/use-json-customize-start-menu-windows.md
+++ b/windows/configuration/customize-start-menu-layout-windows-11.md
@@ -1,6 +1,6 @@
---
-title: Use JSON to customize Start menu layout on Windows 11 | Microsoft Docs
-description: Export start layout to LayoutModification.json that includes pinned apps. Add or remove apps, and use the JSON text in an MDM policy to deploy a custom Start menu layout to Windows 11 devices.
+title: Add or remove pinned apps on the Start menu in Windows 11 | Microsoft Docs
+description: Export start layout to LayoutModification.json that includes pinned apps. Add or remove pinned apps, and use the JSON text in an MDM policy to deploy a custom Start menu layout to Windows 11 devices.
ms.assetid:
manager: dougeby
ms.author: mandia
@@ -10,7 +10,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: mobile
author: MandiOhlinger
-ms.date: 09/09/2021
+ms.date: 09/13/2021
ms.localizationpriority: medium
---
@@ -46,7 +46,7 @@ This article shows you how to export an existing Start menu layout, and use the
In Windows 11, the Start menu is redesigned with a simplified set of apps that are arranged in a grid of pages. There aren't folders, groups, or different-sized app icons:
-:::image type="content" source="./images/use-json-customize-start-menu-windows/start-menu-layout.png" alt-text="Sample start menu layout on Windows 11 devices that shows pinned apps, access to all apps, and shows recommended files.":::
+:::image type="content" source="./images/customize-start-menu-layout-windows-11/start-menu-layout.png" alt-text="Sample start menu layout on Windows 11 devices that shows pinned apps, access to all apps, and shows recommended files.":::
Start has the following areas:
@@ -154,7 +154,7 @@ To deploy this policy in Microsoft Intune, the devices must be enrolled in Micro
Your settings look similar to the following settings:
- :::image type="content" source="./images/use-json-customize-start-menu-windows/endpoint-manager-admin-center-custom-oma-uri-start-layout.png" alt-text="Custom OMA-URI settings to customize Start menu layout using pinnedList":::
+ :::image type="content" source="./images/customize-start-menu-layout-windows-11/endpoint-manager-admin-center-custom-oma-uri-start-layout.png" alt-text="Custom OMA-URI settings to customize Start menu layout using pinnedList":::
8. Select **Save** > **Next** to save your changes.
9. Configure the rest of the policy settings. For more specific information, see [Create a profile with custom settings in Intune](/mem/intune/configuration/custom-settings-configure).
diff --git a/windows/configuration/images/use-json-customize-start-menu-windows/endpoint-manager-admin-center-custom-oma-uri-start-layout.png b/windows/configuration/images/customize-start-menu-layout-windows-11/endpoint-manager-admin-center-custom-oma-uri-start-layout.png
similarity index 100%
rename from windows/configuration/images/use-json-customize-start-menu-windows/endpoint-manager-admin-center-custom-oma-uri-start-layout.png
rename to windows/configuration/images/customize-start-menu-layout-windows-11/endpoint-manager-admin-center-custom-oma-uri-start-layout.png
diff --git a/windows/configuration/images/customize-start-menu-layout-windows-11/start-menu-layout.png b/windows/configuration/images/customize-start-menu-layout-windows-11/start-menu-layout.png
new file mode 100644
index 0000000000..ca0cbd51cc
Binary files /dev/null and b/windows/configuration/images/customize-start-menu-layout-windows-11/start-menu-layout.png differ
diff --git a/windows/configuration/images/use-json-customize-start-menu-windows/start-menu-layout.png b/windows/configuration/images/use-json-customize-start-menu-windows/start-menu-layout.png
deleted file mode 100644
index c80391141f..0000000000
Binary files a/windows/configuration/images/use-json-customize-start-menu-windows/start-menu-layout.png and /dev/null differ
diff --git a/windows/configuration/supported-csp-start-menu-layout-windows.md b/windows/configuration/supported-csp-start-menu-layout-windows.md
index 6a3d62ba5f..d26c7b384d 100644
--- a/windows/configuration/supported-csp-start-menu-layout-windows.md
+++ b/windows/configuration/supported-csp-start-menu-layout-windows.md
@@ -10,7 +10,7 @@ ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: mobile
author: MandiOhlinger
-ms.date: 09/09/2021
+ms.date: 09/13/2021
ms.localizationpriority: medium
---
@@ -22,9 +22,9 @@ ms.localizationpriority: medium
The Windows OS exposes CSPs that are used by MDM providers, like [Microsoft Endpoint Manager](/mem/endpoint-manager-overview). In an MDM policy, these CSPs are settings that you configure in a policy. When the policy is ready, you deploy the policy to your devices.
-This article lists the CSPs that are available to customize the Start menu for Windows 11 devices. Windows 11 uses the [Policy CSP - Start](/windows/client-management/mdm/policy-csp-start).
+This article lists the CSPs that are available to customize the Start menu for Windows 11 devices. Windows 11 uses the [Policy CSP - Start](/windows/client-management/mdm/policy-csp-start). For more general information, see [Configuration service provider (CSP) reference](/windows/client-management/mdm/configuration-service-provider-reference).
-For more general information, see [Configuration service provider (CSP) reference](/windows/client-management/mdm/configuration-service-provider-reference).
+For information on customizing the Start menu layout using policy, see [Customize the Start menu layout on Windows 11](customize-start-menu-layout-windows-11.md).
## Existing Windows CSP policies that Windows 11 supports
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information.md
index 969d80c8bf..33a2c7d531 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information.md
@@ -10,7 +10,7 @@ ms.pagetype: security
ms.localizationpriority: medium
author: dansimp
ms.author: dansimp
-ms.date: 04/30/2018
+ms.date: 09/13/2021
ms.reviewer:
manager: dansimp
ms.technology: mde
@@ -36,8 +36,6 @@ You can add information about your organization in a contact card to the Windows
This information will also be shown in some enterprise-specific notifications (including notifications for the [Block at first sight feature](/windows/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus), and [potentially unwanted applications](/windows/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus)).
-
-
Users can select the displayed information to initiate a support request:
- Select **Call** or the phone number to open Skype to start a call to the displayed number.
@@ -60,7 +58,7 @@ This can only be done in Group Policy.
3. Expand the tree to **Windows components > Windows Security > Enterprise Customization**.
-4. Enable the contact card and the customized notifications by configuring two separate Group Policy settings. They will both use the same source of information (explained in Steps 5 and 6). You can enable both, or slect one or the other:
+4. Enable the contact card and the customized notifications by configuring two separate Group Policy settings. They will both use the same source of information (explained in Steps 5 and 6). You can enable both, or select one or the other:
1. To enable the contact card, open the **Configure customized contact information** setting and set it to **Enabled**. Click **OK**.
@@ -76,4 +74,4 @@ This can only be done in Group Policy.
7. Select **OK** after you configure each setting to save your changes.
>[!IMPORTANT]
->You must specify the contact company name and at least one contact method - email, phone number, or website URL. If you do not specify the contact name and a contact method the customization will not apply, the contact card will not show, and notifications will not be customized.
\ No newline at end of file
+>You must specify the contact company name and at least one contact method - email, phone number, or website URL. If you do not specify the contact name and a contact method the customization will not apply, the contact card will not show, and notifications will not be customized.