diff --git a/devices/surface-hub/surface-hub-downloads.md b/devices/surface-hub/surface-hub-downloads.md index 33ef0f983f..71706b04fe 100644 --- a/devices/surface-hub/surface-hub-downloads.md +++ b/devices/surface-hub/surface-hub-downloads.md @@ -31,7 +31,7 @@ This topic provides links to useful Surface Hub documents, such as product datas | [Rolling Stand Mounting and Assembly Guide (PDF)](http://download.microsoft.com/download/7/0/2/702485E3-B55E-4DE8-B5DD-3B56F90DCF5D/SH-Guide_WACG_Rolling_Stands_EN-FR-ES-NL-DE-IT-AR-DA-FI-NO-SV.pdf) | Detailed instructions on how to safely and securely assemble the rolling stand, and how to mount your Surface Hub onto it. [Watch the video (opens in a pop-up media player)](http://compass.xbox.com/assets/1f/94/1f949613-3e4a-41e3-ad60-fe8aa7134115.mov?n=04.07.16_installation_video_04_rolling_stand_mount.mov) | | [Mounts and Stands Datasheet (PDF)](http://download.microsoft.com/download/5/0/1/501F98D9-1BCC-4448-A1DB-47056CEE33B6/20160711_Surface_Hub_Mounts_and_Stands_Datasheet.pdf) | Specifications and prices for all Surface Hub add-on stands and mounts that turn your workspace into a Surface Hub workspace. | | [Surface Hub Stand and Wall Mount Specifications (PDF)](http://download.microsoft.com/download/7/A/7/7A75BD0F-5A46-4BCE-B313-A80E47AEB581/20160720_Combined_Stand_Wall_Mount_Drawings.pdf) | Illustrated specifications for the 55” and 84” Surface Hub rolling stands, wall mounts, and floor-supported wall mounts. | -| [Surface Hub Onsite Installation and Onsite Repair/Exchange Services FAQ (PDF)](http://download.microsoft.com/download/B/D/1/BD16D7C5-2662-4B7D-9C98-272CEB11A6F3/20160816%20SurfaceHub_Onsite%20Services%20FAQs%20FINAL.PDF) | Get answers to the most common questions about Surface Hub onsite service offerings and delivery. | + diff --git a/education/windows/education-scenarios-store-for-business.md b/education/windows/education-scenarios-store-for-business.md index 5659364a47..fad685b3d2 100644 --- a/education/windows/education-scenarios-store-for-business.md +++ b/education/windows/education-scenarios-store-for-business.md @@ -10,7 +10,7 @@ searchScope: - Store author: trudyha ms.author: trudyha -ms.date: 11/01/2017 +ms.date: 3/30/2018 --- # Working with Microsoft Store for Education diff --git a/education/windows/images/sfe-roles.png b/education/windows/images/sfe-roles.png index d208fb29b7..63a9290371 100644 Binary files a/education/windows/images/sfe-roles.png and b/education/windows/images/sfe-roles.png differ diff --git a/mdop/mbam-v25/how-to-enable-bitlocker-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md b/mdop/mbam-v25/how-to-enable-bitlocker-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md index 7234d14a83..6161649e6f 100644 --- a/mdop/mbam-v25/how-to-enable-bitlocker-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md +++ b/mdop/mbam-v25/how-to-enable-bitlocker-by-using-mbam-as-part-of-a-windows-deploymentmbam-25.md @@ -14,7 +14,7 @@ ms.date: 04/23/2017 # How to Enable BitLocker by Using MBAM as Part of a Windows Deployment -This topic explains how to enable BitLocker on an end user's computer by using MBAM as part of your Windows imaging and deployment process. +This topic explains how to enable BitLocker on an end user's computer by using MBAM as part of your Windows imaging and deployment process. If you see a black screen at restart (after Install phase concludes) indicating that the drive cannot be unlocked, see [Windows versions prior Windows 10 build 1511 fail to start after "Setup Windows and Configuration Manager" step when Pre-Provision BitLocker is used with Windows PE 10.0.586.0 (1511)](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2016/03/30/windows-versions-prior-windows-10-build-1511-fail-to-start-after-setup-windows-and-configuration-manager-step-when-pre-provision-bitlocker-is-used-with-windows-pe-10-0-586-0-1511/). **Prerequisites:** @@ -59,7 +59,7 @@ This topic explains how to enable BitLocker on an end user's computer by using M - Robust error handling - You can download the `Invoke-MbamClientDeployment.ps1` script from [Microsoft.com Download Center](https://www.microsoft.com/download/details.aspx?id=48698). This is the main script that your deployment system will call to configure BitLocker drive encryption and record recovery keys with the MBAM Server. + You can download the `Invoke-MbamClientDeployment.ps1` script from [Microsoft.com Download Center](https://www.microsoft.com/download/details.aspx?id=54439). This is the main script that your deployment system will call to configure BitLocker drive encryption and record recovery keys with the MBAM Server. **WMI deployment methods for MBAM:** The following WMI methods have been added in MBAM 2.5 SP1 to support enabling BitLocker by using the `Invoke-MbamClientDeployment.ps1` PowerShell script. diff --git a/store-for-business/roles-and-permissions-microsoft-store-for-business.md b/store-for-business/roles-and-permissions-microsoft-store-for-business.md index 1d42371897..e5c032895c 100644 --- a/store-for-business/roles-and-permissions-microsoft-store-for-business.md +++ b/store-for-business/roles-and-permissions-microsoft-store-for-business.md @@ -8,7 +8,7 @@ ms.sitesec: library ms.pagetype: store author: TrudyHa ms.localizationpriority: high -ms.date: 10/17/2017 +ms.date: 3/30/2018 --- # Roles and permissions in Microsoft Store for Business and Education @@ -48,7 +48,7 @@ This table lists the roles and their permissions. | | Admin | Purchaser | Device Guard signer | | ------------------------------ | ------ | -------- | ------------------- | | Assign roles | X | | | -| Manage Microsoft Store for business and education settings | X | | | +| Manage Microsoft Store for Business and Education settings | X | | | | Acquire apps | X | X | | | Distribute apps | X | X | | | Sign policies and catalogs | X | | | @@ -69,7 +69,9 @@ These permissions allow people to: - **Acquire apps** - Acquire apps from Microsoft Store and add them to your inventory. -- **Distribute apps** - Distribute apps that are in your inventory. You can distribute from inventory, private store, or use a management tool. +- **Distribute apps** - Distribute apps that are in your inventory. + - Admins can assign apps to people, add apps to the private store, or use a management tool. + - Purchasers can assign apps to people. **To assign roles to people** diff --git a/store-for-business/sfb-change-history.md b/store-for-business/sfb-change-history.md index ab4aee52e5..75ec8368a3 100644 --- a/store-for-business/sfb-change-history.md +++ b/store-for-business/sfb-change-history.md @@ -24,6 +24,7 @@ ms.localizationpriority: high | [Manage software purchased with Microsoft Products and Services agreement in Microsoft Store for Business](manage-mpsa-software-microsoft-store-for-business.md) | New | | [Manage private store settings](manage-private-store-settings.md) | Update for adding private store performance improvements. | | [What's New in Microsoft Store for Business and Education](whats-new-microsoft-store-business-education.md) | Update | + [Roles and permissions in Microsoft Store for Business](roles-and-permissions-microsoft-store-for-business.md) | Update | ## February 2018 diff --git a/windows/application-management/index.md b/windows/application-management/index.md index fdd42c35b8..23490f9d99 100644 --- a/windows/application-management/index.md +++ b/windows/application-management/index.md @@ -24,8 +24,8 @@ Learn about managing applications in Windows 10 and Windows 10 Mobile clients. | [Enable or block Windows Mixed Reality apps in the enterprise](manage-windows-mixed-reality.md) | Learn how to enable or block Windows Mixed Reality apps. | |[App-V](app-v/appv-getting-started.md)| Microsoft Application Virtualization (App-V) for Windows 10 enables organizations to deliver Win32 applications to users as virtual applications| | [Service Host process refactoring](svchost-service-refactoring.md) | Changes to Service Host grouping in Windows 10 | -|[Per User services in Windows 10](sideload-apps-in-windows-10.md)| Overview of per user services and instructions for viewing and disabling them in Windows 10 and Windows 2016| +|[Per User services in Windows 10](per-user-services-in-windows.md)| Overview of per user services and instructions for viewing and disabling them in Windows 10 and Windows 2016| [Disabling System Services in Windows Server](https://docs.microsoft.com/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server) | Security guidelines for disabling services in Windows Server 2016 with Desktop Experience |[Understand apps in Windows 10](apps-in-windows-10.md)| Overview of the different apps included by default in Windows 10 Enterprise| -| [Deploy app updgrades on Windows 10 Mobile](deploy-app-upgrades-windows-10-mobile.md) | How to upgrade apps on Windows 10 Mobile | +| [Deploy app upgrades on Windows 10 Mobile](deploy-app-upgrades-windows-10-mobile.md) | How to upgrade apps on Windows 10 Mobile | [Change history for Application management](change-history-for-application-management.md) | This topic lists new and updated topics in the Application management documentation for Windows 10 and Windows 10 Mobile. diff --git a/windows/client-management/mdm/images/provisioning-csp-vpn.png b/windows/client-management/mdm/images/provisioning-csp-vpn.png index 15e907a16c..f46b884641 100644 Binary files a/windows/client-management/mdm/images/provisioning-csp-vpn.png and b/windows/client-management/mdm/images/provisioning-csp-vpn.png differ diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index a7eeb7a2b0..4253263137 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -1329,16 +1329,16 @@ For details about Microsoft mobile device management protocols for Windows 10 s -<<<<<<< HEAD [AccountManagement CSP](accountmanagement-csp.md)

Added a new CSP in Windows 10, version 1803.

-======= + + + [RootCATrustedCertificates CSP](rootcacertificates-csp.md)

Added the following node in Windows 10, version 1803:

->>>>>>> 2aa0839b99c52229c7cf43d58f467019b1284a6a @@ -1669,6 +1669,7 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware

The following existing policies were updated:

diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md index 79d91ff2dc..76ccab305a 100644 --- a/windows/client-management/mdm/policy-csp-browser.md +++ b/windows/client-management/mdm/policy-csp-browser.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 03/13/2018 +ms.date: 03//2018 --- # Policy CSP - Browser @@ -445,8 +445,9 @@ ADMX Info: The following list shows the supported values: -- 0 – Not allowed. -- 1 (default) – Allowed. +- 0 – Block all cookies +- 1 – Block only third party cookies +- 2 - Allow cookies diff --git a/windows/client-management/mdm/policy-csp-experience.md b/windows/client-management/mdm/policy-csp-experience.md index 3f96460055..f1e51391bc 100644 --- a/windows/client-management/mdm/policy-csp-experience.md +++ b/windows/client-management/mdm/policy-csp-experience.md @@ -1027,7 +1027,7 @@ The following list shows the supported values: -Added in Windows 10, version 1083. This policy allows IT admins to turn off Suggestions in Settings app. These suggestions from Microsoft may show after each OS clean install, upgrade or an on-going basis to help users discover apps/features on Windows or across devices, to make thier experience productive. +Added in Windows 10, version 1803. This policy allows IT admins to turn off Suggestions in Settings app. These suggestions from Microsoft may show after each OS clean install, upgrade or an on-going basis to help users discover apps/features on Windows or across devices, to make thier experience productive. - User setting is under Settings -> Privacy -> General -> Show me suggested content in Settings app. - User Setting is changeable on a per user basis. diff --git a/windows/client-management/mdm/policy-csp-power.md b/windows/client-management/mdm/policy-csp-power.md index 5bee576aca..fc85260394 100644 --- a/windows/client-management/mdm/policy-csp-power.md +++ b/windows/client-management/mdm/policy-csp-power.md @@ -171,10 +171,10 @@ ADMX Info: cross mark - check mark - check mark - check mark - check mark + check mark3 + check mark3 + check mark3 + check mark3 cross mark cross mark @@ -235,10 +235,10 @@ ADMX Info: cross mark - check mark - check mark - check mark - check mark + check mark3 + check mark3 + check mark3 + check mark3 cross mark cross mark @@ -299,10 +299,10 @@ ADMX Info: cross mark - check mark - check mark - check mark - check mark + check mark3 + check mark3 + check mark3 + check mark3 cross mark cross mark @@ -363,10 +363,10 @@ ADMX Info: cross mark - check mark - check mark - check mark - check mark + check mark3 + check mark3 + check mark3 + check mark3 cross mark cross mark @@ -551,10 +551,10 @@ ADMX Info: cross mark - check mark - check mark - check mark - check mark + check mark3 + check mark3 + check mark3 + check mark3 cross mark cross mark @@ -615,10 +615,10 @@ ADMX Info: cross mark - check mark - check mark - check mark - check mark + check mark3 + check mark3 + check mark3 + check mark3 cross mark cross mark diff --git a/windows/client-management/mdm/policy-csp-systemservices.md b/windows/client-management/mdm/policy-csp-systemservices.md index 9dd4ebd067..1efa6419f1 100644 --- a/windows/client-management/mdm/policy-csp-systemservices.md +++ b/windows/client-management/mdm/policy-csp-systemservices.md @@ -80,7 +80,7 @@ ms.date: 03/12/2018 -Added in Windows 10, version 1803. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. +Added in Windows 10, version 1803. This setting determines whether the service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. @@ -129,7 +129,7 @@ GP Info: -Added in Windows 10, version 1803. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. +Added in Windows 10, version 1803. This setting determines whether the service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. @@ -178,7 +178,7 @@ GP Info: -Added in Windows 10, version 1803. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. +Added in Windows 10, version 1803. This setting determines whether the service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. @@ -227,7 +227,7 @@ GP Info: -Added in Windows 10, version 1803. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. +Added in Windows 10, version 1803. This setting determines whether the service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. @@ -276,7 +276,7 @@ GP Info: -Added in Windows 10, version 1803. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. +Added in Windows 10, version 1803. This setting determines whether the service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. @@ -325,7 +325,7 @@ GP Info: -Added in Windows 10, version 1803. This setting determines whether the service's start type is Automaic(2), Manual(3), Disabled(4). Default: Manual. +Added in Windows 10, version 1803. This setting determines whether the service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. diff --git a/windows/client-management/mdm/vpn-csp.md b/windows/client-management/mdm/vpn-csp.md index 47e0032fd3..fdbdbaed7c 100644 --- a/windows/client-management/mdm/vpn-csp.md +++ b/windows/client-management/mdm/vpn-csp.md @@ -7,7 +7,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 06/26/2017 +ms.date: 04/02/2017 --- # VPN CSP diff --git a/windows/configuration/configure-windows-diagnostic-data-in-your-organization.md b/windows/configuration/configure-windows-diagnostic-data-in-your-organization.md index ec20ebc2bc..c77762a5e4 100644 --- a/windows/configuration/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/configuration/configure-windows-diagnostic-data-in-your-organization.md @@ -56,7 +56,7 @@ Windows diagnostic data is vital technical data from Windows devices about the d - Improve Windows – through the aggregate analysis of the use of Windows - Personalize Windows engagement surfaces -Here are some specific examples of Windows diagnostic data data: +Here are some specific examples of Windows diagnostic data: - Type of hardware being used - Applications installed and usage details @@ -167,7 +167,7 @@ The diagnostic data data is categorized into four levels: - **Security**. Information that’s required to help keep Windows, Windows Server, and System Center secure, including data about the Connected User Experiences and Telemetry component settings, the Malicious Software Removal Tool, and Windows Defender. -- **Basic**. Basic device info, including: quality-related data, app compatibility, app usage data, and data from the **Security** level. +- **Basic**. Basic device info, including: quality-related data, app compatibility, and data from the **Security** level. - **Enhanced**. Additional insights, including: how Windows, Windows Server, System Center, and apps are used, how they perform, advanced reliability data, and data from both the **Basic** and the **Security** levels. @@ -188,7 +188,7 @@ Windows Server Update Services (WSUS) and System Center Configuration Manager fu The data gathered at this level includes: -- **Connected User Experiences and Telemetry component settings**. If general diagnostic data data has been gathered and is queued, it is sent to Microsoft. Along with this diagnostic data, the Connected User Experiences and Telemetry component may download a configuration settings file from Microsoft’s servers. This file is used to configure the Connected User Experiences and Telemetry component itself. The data gathered by the client for this request includes OS information, device id (used to identify what specific device is requesting settings) and device class (for example, whether the device is server or desktop). +- **Connected User Experiences and Telemetry component settings**. If general diagnostic data has been gathered and is queued, it is sent to Microsoft. Along with this diagnostic data, the Connected User Experiences and Telemetry component may download a configuration settings file from Microsoft’s servers. This file is used to configure the Connected User Experiences and Telemetry component itself. The data gathered by the client for this request includes OS information, device id (used to identify what specific device is requesting settings) and device class (for example, whether the device is server or desktop). - **Malicious Software Removal Tool (MSRT)** The MSRT infection report contains information, including device info and IP address. @@ -240,8 +240,6 @@ The data gathered at this level includes: - **General app data and app data for Internet Explorer add-ons**. Includes a list of apps that are installed on a native or virtualized instance of the OS and whether these apps function correctly after an upgrade. This app data includes the app name, publisher, version, and basic details about which files have been blocked from usage. - - **App usage data**. Includes how an app is used, including how long an app is used, when the app has focus, and when the app is started - - **Internet Explorer add-ons**. Includes a list of Internet Explorer add-ons that are installed on a device and whether these apps will work after an upgrade. - **System data**. Helps provide an understanding about whether a device meets the minimum requirements to upgrade to the next version of the operating system. System information includes the amount of memory, as well as information about the processor and BIOS. @@ -322,9 +320,9 @@ However, before more data is gathered, Microsoft’s privacy governance team, in Sharing diagnostic data data with Microsoft provides many benefits to enterprises, so we do not recommend turning it off. For most enterprise customers, simply adjusting the diagnostic data level and managing specific components is the best option. -Customers can set the diagnostic data level in both the user interface and with existing management tools. Users can change the diagnostic data level in the **Diagnostic data** setting. In the **Settings** app, it is in **Privacy\Feedback & diagnostics**. They can choose between Basic, Enhanced, and Full. The Security level is not available. +Customers can set the diagnostic data level in both the user interface and with existing management tools. Users can change the diagnostic data level in the **Diagnostic data** setting. In the **Settings** app, it is in **Privacy\Feedback & diagnostics**. They can choose between Basic and Full. The Enhanced level will only be displayed as an option when Group Policy or Mobile Device Management (MDM) are invoked with this level. The Security level is not available. -IT pros can use various methods, including Group Policy and Mobile Device Management (MDM), to choose a diagnostic data level. If you’re using Windows 10 Enterprise, Windows 10 Education, or Windows Server 2016, the Security diagnostic data level is available when managing the policy. Setting the diagnostic data level through policy overrides users’ choices. The remainder of this section describes how to do that. +IT pros can use various methods, including Group Policy and Mobile Device Management (MDM), to choose a diagnostic data level. If you’re using Windows 10 Enterprise, Windows 10 Education, or Windows Server 2016, the Security diagnostic data level is available when managing the policy. Setting the diagnostic data level through policy sets the upper boundary for the users’ choices. To disable user choice after setting the level with the policy, you will need to use the "Configure telemetry opt-in setting user interface" group policy. The remainder of this section describes how to use group policy to configure levels and settings interface. ### Manage your diagnostic data settings @@ -340,7 +338,7 @@ The lowest diagnostic data setting level supported through management policies i ### Configure the operating system diagnostic data level -You can configure your operating system diagnostic data settings using the management tools you’re already using, such as Group Policy, MDM, or Windows Provisioning. You can also manually change your settings using Registry Editor. Setting your diagnostic data levels through a management policy overrides any device level settings. +You can configure your operating system diagnostic data settings using the management tools you’re already using, such as Group Policy, MDM, or Windows Provisioning. You can also manually change your settings using Registry Editor. Setting your diagnostic data levels through a management policy sets the upper level for diagnostic data on the device. Use the appropriate value in the table below when you configure the management policy. @@ -351,6 +349,8 @@ Use the appropriate value in the table below when you configure the management p | Enhanced | Security data, basic system and quality data, and enhanced insights and advanced reliability data. | **2** | | Full | Security data, basic system and quality data, enhanced insights and advanced reliability data, and full diagnostics data. | **3** | + > [!NOTE] + > When the User Configuration policy is set for Diagnostic Data, this will override the Computer Configuration setting. ### Use Group Policy to set the diagnostic data level @@ -433,4 +433,4 @@ Web Pages - [Privacy at Microsoft](http://privacy.microsoft.com) - \ No newline at end of file + diff --git a/windows/configuration/setup-kiosk-digital-signage.md b/windows/configuration/setup-kiosk-digital-signage.md index 1d0f5bbcc6..c9b84f0646 100644 --- a/windows/configuration/setup-kiosk-digital-signage.md +++ b/windows/configuration/setup-kiosk-digital-signage.md @@ -8,7 +8,7 @@ ms.mktglfcycl: manage ms.sitesec: library author: jdeckerms ms.localizationpriority: high -ms.date: 03/23/2018 +ms.date: 03/30/2018 --- # Set up a kiosk or digital signage on Windows 10 Pro, Enterprise, or Education @@ -284,7 +284,8 @@ Using Shell Launcher, you can configure a kiosk device that runs a Classic Windo >You can also configure a kiosk device that runs a Classic Windows application by using the [Provision kiosk devices wizard](#wizard). >[!WARNING] ->Shell Launcher doesn't support a custom shell with an application that launches a different process and exits. For example, you cannot specify **write.exe** in Shell Launcher. Shell Launcher launches a custom shell and monitors the process to identify when the custom shell exits. **Write.exe** creates a 32-bit wordpad.exe process and exits. Because Shell Launcher is not aware of the newly created wordpad.exe process, Shell Launcher will take action based on the exit code of **Write.exe**, such as restarting the custom shell. +>- Windows 10 doesn’t support setting a custom shell prior to OOBE. If you do, you won’t be able to deploy the resulting image. +>- Shell Launcher doesn't support a custom shell with an application that launches a different process and exits. For example, you cannot specify **write.exe** in Shell Launcher. Shell Launcher launches a custom shell and monitors the process to identify when the custom shell exits. **Write.exe** creates a 32-bit wordpad.exe process and exits. Because Shell Launcher is not aware of the newly created wordpad.exe process, Shell Launcher will take action based on the exit code of **Write.exe**, such as restarting the custom shell. ### Requirements diff --git a/windows/configuration/wcd/wcd-smisettings.md b/windows/configuration/wcd/wcd-smisettings.md index 9be7d411e7..fdc91f9f6c 100644 --- a/windows/configuration/wcd/wcd-smisettings.md +++ b/windows/configuration/wcd/wcd-smisettings.md @@ -7,7 +7,7 @@ ms.sitesec: library author: jdeckerMS ms.localizationpriority: medium ms.author: jdecker -ms.date: 09/06/2017 +ms.date: 03/30/2018 --- # SMISettings (Windows Configuration Designer reference) @@ -94,6 +94,9 @@ When you **enable** KeyboardFilter, a number of other settings become available Use ShellLauncher to specify the application or executable to use as the default custom shell. One use of ShellLauncher is to [create a kiosk (fixed-purpose) device running a Classic Windows application](https://docs.microsoft.com/windows/configuration/set-up-a-kiosk-for-windows-10-for-desktop-editions#shell-launcher-for-classic-windows-applications). +>[!WARNING] +>Windows 10 doesn’t support setting a custom shell prior to OOBE. If you do, you won’t be able to deploy the resulting image. + You can also configure ShellLauncher to launch different shell applications for different users or user groups. >[!IMPORTANT] diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 2df4f8952f..94f70ce62d 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -8,6 +8,13 @@ ### [Configure VDA for Subscription Activation](vda-subscription-activation.md) ### [Deploy Windows 10 Enterprise licenses](deploy-enterprise-licenses.md) ## [Resolve Windows 10 upgrade errors](upgrade/resolve-windows-10-upgrade-errors.md) +### [Quick fixes](upgrade\quick-fixes.md) +### [SetupDiag](upgrade/setupdiag.md) +### [Troubleshooting upgrade errors](upgrade/troubleshoot-upgrade-errors.md) +### [Windows error reporting](upgrade/windows-error-reporting.md) +### [Upgrade error codes](upgrade/upgrade-error-codes.md) +### [Log files](upgrade/log-files.md) +### [Resolution procedures](upgrade/resolution-procedures.md) ### [Submit Windows 10 upgrade errors](upgrade/submit-errors.md) ## [Deploy Windows 10](deploy.md) diff --git a/windows/deployment/update/device-health-using.md b/windows/deployment/update/device-health-using.md index f14b1981bc..19e2365401 100644 --- a/windows/deployment/update/device-health-using.md +++ b/windows/deployment/update/device-health-using.md @@ -4,7 +4,7 @@ description: Explains how to begin usihg Device Health. ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library -ms.date: 03/21/20178 +ms.date: 03/30/2018 ms.pagetype: deploy author: jaimeo --- @@ -169,6 +169,8 @@ We welcome your suggestions and feedback on this filtering process at the [Devic #### Why are there multiple names and entries for the same app? For example, you might see *Skype for Business*, *‘skype for business’*, and *Lync* listed separately, but you only use *Skype for Business*. Or you might see *MyApp Pro* and *MyApp Professional* listed separately, even though they feel like the same thing. +Apps have many elements of metadata which describe them. These include an Add/Remove programs title (“Contoso Suite 12”), executable file names (“ContosoCRM.exe”), executable display name (“Contoso CRM”), and others. App publishers (and in some cases app re-packagers) set these values. For the most part we leave the data as set by the publisher which can lead to some report splitting. In certain cases we apply transformations to reduce splitting, for example we (by design) convert many values to lower case so that incoming data such as "Contoso CRM" and "CONTOSO CRM" become the same app name for reporting. + #### Clicking an app in the App Reliability Events blade sometimes results a List view of records instead of the App Reliability view diff --git a/windows/deployment/update/images/app-reliability-main.png b/windows/deployment/update/images/app-reliability-main.png index 18a1bd7f31..abbcc72690 100644 Binary files a/windows/deployment/update/images/app-reliability-main.png and b/windows/deployment/update/images/app-reliability-main.png differ diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md index f195cc6375..5d917cf8eb 100644 --- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md +++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md @@ -55,6 +55,11 @@ If you want to check a large number of devices, you should run the latest script If you think the issue might be related to a network proxy, check "Enable data sharing" section of the [Enrolling devices in Windows Analytics](windows-analytics-get-started.md) topic. Also see [Understanding connectivity scenarios and the deployment script](https://blogs.technet.microsoft.com/upgradeanalytics/2017/03/10/understanding-connectivity-scenarios-and-the-deployment-script/) on the Windows Analytics blog. +If you have deployed images that have not been generalized, then many of them might have the same ID and so analytics will see them as one device. If you suspect this is the issue, then you can reset the IDs on the non-generalized devices by performing these steps: +1. Net stop diagtrack +2. Reg delete hklm\software\microsoft\sqmclient /v MachineId /f +3. Net start diagtrack + ### Device Health crash data not appearing @@ -178,11 +183,11 @@ If you want to stop using Upgrade Readiness and stop sending diagnostic data dat ## Other common questions ### What are the requirements and costs for Windows Analytics solutions? -| Windows Analytics solution| Windows license requirements | Windows version requirements | Diagnostic data requirements | +| Windows Analytics solution| Windows license requirements | Windows version requirements | Minimum diagnostic data requirements | |----------------------|-----------------------------------|------------------------------|------------------------------| | Upgrade Readiness | No additional requirements | Windows 7 with Service Pack 1, Windows 8.1, Windows 10 | Basic level in most cases; Enhanced level to support Windows 10 app usage data and IE site discovery | | Update Compliance | No additional requirements | Windows 10 | Basic level | -| Device Health | No additional requirements | - Windows 10 Enterprise or Windows 10 Education per-device with active Software Assurance
- Windows 10 Enterprise E3 or E5 per-device or per-user subscription (including Microsoft 365 F1, E3, or E5)
- Windows 10 Education A3 or A5 (including Microsoft 365 Education A3 or A5)
- Windows VDA E3 or E5 per-device or per-user subscription
- Windows Server 2016 or later | Windows 10 | Enhanced level | +| Device Health | **Any** of the following licenses:
- Windows 10 Enterprise or Windows 10 Education per-device with active Software Assurance
- Windows 10 Enterprise E3 or E5 per-device or per-user subscription (including Microsoft 365 F1, E3, or E5)
- Windows 10 Education A3 or A5 (including Microsoft 365 Education A3 or A5)
- Windows VDA E3 or E5 per-device or per-user subscription
- Windows Server 2016 or later | Windows 10 | - For Windows 10 version 1709 or later: Enhanced (Limited)
- For earlier versions: Enhanced >[!NOTE] > Regarding licensing requirements for Device Health, you do not need per-seat licensing, but only enough licenses to cover your total device usage. For example, if you have 100 E3 licenses, you can monitor 100 devices with Device Health. diff --git a/windows/deployment/update/windows-analytics-get-started.md b/windows/deployment/update/windows-analytics-get-started.md index d2655a4cb3..3775d77bac 100644 --- a/windows/deployment/update/windows-analytics-get-started.md +++ b/windows/deployment/update/windows-analytics-get-started.md @@ -53,7 +53,8 @@ To enable data sharing, configure your proxy sever to whitelist the following en | `https://oca.telemetry.microsoft.com` | Online Crash Analysis; required for Device Health and Update Compliance AV reports. Not used by Upgrade Readiness. | - +>[!NOTE] +>If you have SSL Inspection enabled on your proxy server, you might need to add the above URLs to your SSL inspection exclusion list to allow data to reach Microsoft endpoints. ### Configuring endpoint access with proxy servers If your organization uses proxy server authentication for outbound traffic, use one or more of the following approaches to ensure that the diagnostic data is not blocked by proxy authentication: diff --git a/windows/deployment/upgrade/log-files.md b/windows/deployment/upgrade/log-files.md new file mode 100644 index 0000000000..72d23e920b --- /dev/null +++ b/windows/deployment/upgrade/log-files.md @@ -0,0 +1,168 @@ +--- +title: Log files - Windows IT Pro +description: Resolve Windows 10 upgrade errors for ITPros. Technical information for IT professionals to help diagnose Windows setup errors. +keywords: deploy, error, troubleshoot, windows, 10, upgrade, code, rollback, ITPro +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +author: greg-lindsay +ms.date: 03/30/2018 +ms.localizationpriority: high +--- + +# Log files + +**Applies to** +- Windows 10 + +>[!NOTE] +>This is a 400 level topic (advanced).
+>See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article. + + +Several log files are created during each phase of the upgrade process. These log files are essential for troubleshooting upgrade problems. By default, the folders that contain these log files are hidden on the upgrade target computer. To view the log files, configure Windows Explorer to view hidden items, or use a tool to automatically gather these logs. The most useful log is **setupact.log**. The log files are located in a different folder depending on the Windows Setup phase. Recall that you can determine the phase from the extend code. + +Note: Also see the [Windows Error Reporting](windows-error-reporting.md) section in this document for help locating error codes and log files. + +The following table describes some log files and how to use them for troubleshooting purposes:
+ +
+ + + + + + + + + + + + + + + + +
Log filePhase: LocationDescriptionWhen to use
setupact.logDown-Level:
$Windows.~BT\Sources\Panther		Contains information about setup actions during the downlevel phase. All down-level failures and starting point for rollback investigations.
This is the most important log for diagnosing setup issues.
OOBE:
$Windows.~BT\Sources\Panther\UnattendGC		Contains information about actions during the OOBE phase.Investigating rollbacks that failed during OOBE phase and operations – 0x4001C, 0x4001D, 0x4001E, 0x4001F.
Rollback:
$Windows.~BT\Sources\Rollback		Contains information about actions during rollback.Investigating generic rollbacks - 0xC1900101.
Pre-initialization (prior to downlevel):
Windows		Contains information about initializing setup.If setup fails to launch.
Post-upgrade (after OOBE):
Windows\Panther		Contains information about setup actions during the installation.Investigate post-upgrade related issues.
setuperr.logSame as setupact.logContains information about setup errors during the installation.Review all errors encountered during the installation phase.
miglog.xmlPost-upgrade (after OOBE):
Windows\Panther		Contains information about what was migrated during the installation.Identify post upgrade data migration issues.
BlueBox.logDown-Level:
Windows\Logs\Mosetup		Contains information communication between setup.exe and Windows Update.Use during WSUS and WU down-level failures or for 0xC1900107.
Supplemental rollback logs:
+Setupmem.dmp
+setupapi.dev.log
+Event logs (*.evtx)		$Windows.~BT\Sources\RollbackAdditional logs collected during rollback. +Setupmem.dmp: If OS bugchecks during upgrade, setup will attempt to extract a mini-dump.
+Setupapi: Device install issues - 0x30018
+Event logs: Generic rollbacks (0xC1900101) or unexpected reboots.
+ +## Log entry structure + +A setupact.log or setuperr.log entry includes the following elements: + +
    +
  1. The date and time - 2016-09-08 09:20:05. +
  2. The log level - Info, Warning, Error, Fatal Error. +
  3. The logging component - CONX, MOUPG, PANTHR, SP, IBSLIB, MIG, DISM, CSI, CBS. + +
  4. The message - Operation completed successfully. +
+ +See the following example: + +| Date/Time | Log level | Component | Message | +|------|------------|------------|------------| +|2016-09-08 09:23:50,| Warning | MIG | Could not replace object C:\Users\name\Cookies. Target Object cannot be removed.| + + +## Analyze log files + +>The following instructions are meant for IT professionals. Also see the [Upgrade error codes](upgrade-error-codes.md) section in this guide to familiarize yourself with [result codes](upgrade-error-codes.md#result-codes) and [extend codes](upgrade-error-codes.md#extend-codes). + +
To analyze Windows Setup log files: + +
    +
  1. Determine the Windows Setup error code. This code should be returned by Windows Setup if it is not successful with the upgrade process. +
  2. Based on the [extend code](upgrade-error-codes.md#extend-codes) portion of the error code, determine the type and location of a [log files](#log-files) to investigate. +
  3. Open the log file in a text editor, such as notepad. +
  4. Using the [result code](upgrade-error-codes.md#result-codes) portion of the Windows Setup error code, search for the result code in the file and find the last occurrence of the code. Alternatively search for the "abort" and abandoning" text strings described in step 7 below. +
  5. To find the last occurrence of the result code: +
      +
    1. Scroll to the bottom of the file and click after the last character. +
    2. Click Edit. +
    3. Click Find. +
    4. Type the result code. +
    5. Under Direction select Up. +
    6. Click Find Next. +
    +
  6. When you have located the last occurrence of the result code, scroll up a few lines from this location in the file and review the processes that failed just prior to generating the result code. +
  7. Search for the following important text strings: + +
  8. Decode Win32 errors that appear in this section. +
  9. Write down the timestamp for the observed errors in this section. +
  10. Search other log files for additional information matching these timestamps or errors. +
+ +For example, assume that the error code for an error is 0x8007042B - 0x2000D. Searching for "8007042B" reveals the following content from the setuperr.log file: + +>Some lines in the text below are shortened to enhance readability. The date and time at the start of each line (ex: 2016-10-05 15:27:08) is shortened to minutes and seconds, and the certificate file name which is a long text string is shortened to just "CN." + +
setuperr.log content: + +
+27:08, Error           SP     Error READ, 0x00000570 while gathering/applying object: File, C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Will return 0[gle=0x00000570]
+27:08, Error           MIG    Error 1392 while gathering object C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Shell application requested abort![gle=0x00000570]
+27:08, Error                  Gather failed. Last error: 0x00000000
+27:08, Error           SP     SPDoFrameworkGather: Gather operation failed. Error: 0x0000002C
+27:09, Error           SP     CMigrateFramework: Gather framework failed. Status: 44
+27:09, Error           SP     Operation failed: Migrate framework (Full). Error: 0x8007042B[gle=0x000000b7]
+27:09, Error           SP     Operation execution failed: 13. hr = 0x8007042B[gle=0x000000b7]
+27:09, Error           SP     CSetupPlatformPrivate::Execute: Execution of operations queue failed, abandoning. Error: 0x8007042B[gle=0x000000b7]
+
+ +The first line indicates there was an error **0x00000570** with the file **C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]** (shown below): + +
+27:08, Error           SP     Error READ, 0x00000570 while gathering/applying object: File, C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Will return 0[gle=0x00000570]
+
+ +The error 0x00000570 is a [Win32 error code](https://msdn.microsoft.com/en-us/library/cc231199.aspx) corresponding to: ERROR_FILE_CORRUPT: The file or directory is corrupted and unreadable. + +Therefore, Windows Setup failed because it was not able to migrate the corrupt file **C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\[CN]**. This file is a local system certificate and can be safely deleted. Searching the setupact.log file for additional details, the phrase "Shell application requested abort" is found in a location with the same timestamp as the lines in setuperr.log. This confirms our suspicion that this file is the cause of the upgrade failure: + +
setupact.log content: + +
+27:00, Info                   Gather started at 10/5/2016 23:27:00
+27:00, Info [0x080489] MIG    Setting system object filter context (System)
+27:00, Info [0x0803e5] MIG    Not unmapping HKCU\Software\Classes; it is not mapped
+27:00, Info [0x0803e5] MIG    Not unmapping HKCU; it is not mapped
+27:00, Info            SP     ExecuteProgress: Elapsed events:1 of 4, Percent: 12
+27:00, Info [0x0802c6] MIG    Processing GATHER for migration unit: \UpgradeFramework (CMXEAgent)
+27:08, Error           SP     Error READ, 0x00000570 while gathering/applying object: File, C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Will return 0[gle=0x00000570]
+27:08, Error           MIG    Error 1392 while gathering object C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Shell application requested abort![gle=0x00000570]
+27:08, Info            SP     ExecuteProgress: Elapsed events:2 of 4, Percent: 25
+27:08, Info            SP     ExecuteProgress: Elapsed events:3 of 4, Percent: 37
+27:08, Info [0x080489] MIG    Setting system object filter context (System)
+27:08, Info [0x0803e5] MIG    Not unmapping HKCU\Software\Classes; it is not mapped
+27:08, Info [0x0803e5] MIG    Not unmapping HKCU; it is not mapped
+27:08, Info            MIG    COutOfProcPluginFactory::FreeSurrogateHost: Shutdown in progress.
+27:08, Info            MIG    COutOfProcPluginFactory::LaunchSurrogateHost::CommandLine: -shortened-
+27:08, Info            MIG    COutOfProcPluginFactory::LaunchSurrogateHost: Successfully launched host and got control object.
+27:08, Error                  Gather failed. Last error: 0x00000000
+27:08, Info                   Gather ended at 10/5/2016 23:27:08 with result 44
+27:08, Info                   Leaving MigGather method
+27:08, Error           SP     SPDoFrameworkGather: Gather operation failed. Error: 0x0000002C
+
+ + +
This analysis indicates that the Windows upgrade error can be resolved by deleting the C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\[CN] file. Note: In this example, the full, unshortened file name is C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\be8228fb2d3cb6c6b0ccd9ad51b320b4_a43d512c-69f2-42de-aef9-7a88fabdaa3f. + +## Related topics + +[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/en-us/windows/dn798755.aspx) +
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/en-us/windows/dn798752.aspx) +
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications) +
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro) +
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821) diff --git a/windows/deployment/upgrade/quick-fixes.md b/windows/deployment/upgrade/quick-fixes.md new file mode 100644 index 0000000000..d11f924e4d --- /dev/null +++ b/windows/deployment/upgrade/quick-fixes.md @@ -0,0 +1,56 @@ +--- +title: Quick fixes - Windows IT Pro +description: Resolve Windows 10 upgrade errors for ITPros. Technical information for IT professionals to help diagnose Windows setup errors. +keywords: deploy, error, troubleshoot, windows, 10, upgrade, code, rollback, ITPro +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +author: greg-lindsay +ms.date: 03/30/2018 +ms.localizationpriority: high +--- + +# Quick fixes + +**Applies to** +- Windows 10 + +>[!NOTE] +>This is a 100 level topic (basic).
+>See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article. + +The following steps can resolve many Windows upgrade problems. + +
    +
  1. Remove nonessential external hardware, such as docks and USB devices.
    2. +
  2. Check all hard drives for errors and attempt repairs. To automatically repair hard drives, open an elevated command prompt, switch to the drive you wish to repair, and type the following command. You will be required to reboot the computer if the hard drive being repaired is also the system drive. + +
    3. +
  3. Attempt to restore and repair system files by typing the following commands at an elevated command prompt. It may take several minutes for the command operations to be completed. For more information, see [Repair a Windows Image](https://msdn.microsoft.com/windows/hardware/commercialize/manufacture/desktop/repair-a-windows-image). + +
    4. +
  4. Update Windows so that all available recommended updates are installed, and ensure the computer is rebooted if this is necessary to complete installation of an update.
    5. +
  5. Uninstall non-Microsoft antivirus software. + +
  6. Uninstall all nonessential software.
    7. +
  7. Update firmware and drivers.
    8. +
  8. Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.
    9. +
  9. Verify at least 16 GB of free space is available to upgrade a 32-bit OS, or 20 GB for a 64-bit OS. +
+ +## Related topics + +[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/en-us/windows/dn798755.aspx) +
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/en-us/windows/dn798752.aspx) +
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications) +
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro) +
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821) diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md new file mode 100644 index 0000000000..ae8d50adda --- /dev/null +++ b/windows/deployment/upgrade/resolution-procedures.md @@ -0,0 +1,684 @@ +--- +title: Resolution procedures - Windows IT Pro +description: Resolve Windows 10 upgrade errors for ITPros. Technical information for IT professionals to help diagnose Windows setup errors. +keywords: deploy, error, troubleshoot, windows, 10, upgrade, code, rollback, ITPro +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +author: greg-lindsay +ms.date: 03/30/2018 +ms.localizationpriority: high +--- + +# Resolution procedures + +**Applies to** +- Windows 10 + +>[!NOTE] +>This is a 200 level topic (moderate).
+>See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article. + + +## 0xC1900101 + +A frequently observed result code is 0xC1900101. This result code can be thrown at any stage of the upgrade process, with the exception of the downlevel phase. 0xC1900101 is a generic rollback code, and usually indicates that an incompatible driver is present. The incompatible driver can cause blue screens, system hangs, and unexpected reboots. Analysis of supplemental log files is often helpful, such as:
+ +- The minidump file: $Windows.~bt\Sources\Rollback\setupmem.dmp, +- Event logs: $Windows.~bt\Sources\Rollback\*.evtx +- The device install log: $Windows.~bt\Sources\Rollback\setupapi\setupapi.dev.log + +The device install log is particularly helpful if rollback occurs during the sysprep operation (extend code 0x30018). To resolve a rollback due to driver conflicts, try running setup using a minimal set of drivers and startup programs by performing a [clean boot](https://support.microsoft.com/en-us/kb/929135) before initiating the upgrade process. + +
See the following general troubleshooting procedures associated with a result code of 0xC1900101: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + +
Code +
0xC1900101 - 0x20004 +
+ +
+
Cause +
Windows Setup encountered an error during the SAFE_OS with the INSTALL_RECOVERY_ENVIRONMENT operation +
This is generally caused by out-of-date drivers. +
+		 + + +
Mitigation +
Uninstall antivirus applications. +
Remove all unused SATA devices. +
Remove all unused devices and drivers. +
Update drivers and BIOS. +
+
+ + +
Code +
0xC1900101 - 0x2000c +
+ +
+
Cause +
Windows Setup encountered an unspecified error during Wim apply in the WinPE phase. +
This is generally caused by out-of-date drivers. +
+		 + + +
Mitigation +
Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display. +
Contact your hardware vendor to obtain updated device drivers. +
Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process. +
+
+ + +
Code +
0xC1900101 - 0x20017 + +
+ +
+
Cause +
A driver has caused an illegal operation. +
Windows was not able to migrate the driver, resulting in a rollback of the operating system. +
This is a SafeOS boot failure, typically caused by drivers or non-Microsoft disk encryption software. +
+		 + + +
Mitigation +
+Ensure that all that drivers are updated.
+Open the Setuperr.log and Setupact.log files in the %windir%\Panther directory, and then locate the problem drivers. +
For more information, see [Understanding Failures and Log Files](https://technet.microsoft.com/en-us/library/ee851579.aspx). +
Update or uninstall the problem drivers. +
+
+ + +
Code +
0xC1900101 - 0x30018 +
+ +
+
Cause +
A device driver has stopped responding to setup.exe during the upgrade process. +
+		 + + +
Mitigation +
+Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display. +
Contact your hardware vendor to obtain updated device drivers. +
Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process. +
+
+ + +
Code +
0xC1900101 - 0x3000D +
+ +
+
Cause +
Installation failed during the FIRST_BOOT phase while attempting the MIGRATE_DATA operation. +
This can occur due to a problem with a display driver. + +
+		 + + +
Mitigation +
+Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display. +
Update or uninstall the display driver. +
+
+ + +
Code +
0xC1900101 - 0x4000D +
+ +
+
Cause +
A rollback occurred due to a driver configuration issue. +
Installation failed during the second boot phase while attempting the MIGRATE_DATA operation. + +
This can occur due to incompatible drivers. + +
+		 + + +
Mitigation +
+
Check supplemental rollback logs for a setupmem.dmp file, or event logs for any unexpected reboots or errors. +
Review the rollback log and determine the stop code. +
The rollback log is located in the **C:\$Windows.~BT\Sources\Panther** folder. An example analysis is shown below. This example is not representative of all cases: +
Info SP Crash 0x0000007E detected +
Info SP Module name : +
Info SP Bugcheck parameter 1 : 0xFFFFFFFFC0000005 +
Info SP Bugcheck parameter 2 : 0xFFFFF8015BC0036A +
Info SP Bugcheck parameter 3 : 0xFFFFD000E5D23728 +
Info SP Bugcheck parameter 4 : 0xFFFFD000E5D22F40 +
Info SP Cannot recover the system. +
Info SP Rollback: Showing splash window with restoring text: Restoring your previous version of Windows. + + +
Typically, there is a dump file for the crash to analyze. If you are not equipped to debug the dump, then attempt the following basic troubleshooting procedures:
+ +1. Make sure you have enough disk space.
+2. If a driver is identified in the bug check message, disable the driver or check with the manufacturer for driver updates.
+3. Try changing video adapters.
+4. Check with your hardware vendor for any BIOS updates.
+5. Disable BIOS memory options such as caching or shadowing. +

+
+
+ + +
Code +
0xC1900101 - 0x40017 +
+ +
+
Cause +
Windows 10 upgrade failed after the second reboot. +
This is usually caused by a faulty driver. For example: antivirus filter drivers or encryption drivers. +
+		 + + +
Mitigation +
Clean boot into Windows, and then attempt the upgrade to Windows 10.
+ +For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/en-us/kb/929135). + +

Ensure you select the option to "Download and install updates (recommended)." +
+
+ +

0x800xxxxx

+ +
Result codes starting with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and are not unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly. + +
See the following general troubleshooting procedures associated with a result code of 0x800xxxxx:
+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + +
Code +
+ +80040005 - 0x20007 + +
+ +
+
Cause +
+ +An unspecified error occurred with a driver during the SafeOS phase. + +
+		 + + +
Mitigation +
+ +This error has more than one possible cause. Attempt [quick fixes](quick-fixes.md), and if not successful, [analyze log files](log-files.md#analyze-log-files) in order to determine the problem and solution. + +
+
+ + +
Code +
+ +0x80073BC3 - 0x20009
+0x8007002 - 0x20009
+0x80073B92 - 0x20009 + +
+ +
+
Cause +
+ +The requested system device cannot be found, there is a sharing violation, or there are multiple devices matching the identification criteria. + +
+		 + + +
Mitigation +
+ +These errors occur during partition analysis and validation, and can be caused by the presence of multiple system partitions. For example, if you installed a new system drive but left the previous system drive connected, this can cause a conflict. To resolve the errors, disconnect or temporarily disable drives that contain the unused system partition. You can reconnect the drive after the upgrade has completed. Alternatively, you can delete the unused system partition. + +
+
+ + +
Code +
+ +800704B8 - 0x3001A + +
+ +
+
Cause +
+ +An extended error has occurred during the first boot phase. + +
+		 + + +
Mitigation +
+ +Disable or uninstall non-Microsoft antivirus applications, disconnect all unnecessary devices, and perform a [clean boot](https://support.microsoft.com/en-us/kb/929135). + +
+
+ + +
Code +
+ +8007042B - 0x4000D + +
+ +
+
Cause +
+ +The installation failed during the second boot phase while attempting the MIGRATE_DATA operation. +
This issue can occur due to file system, application, or driver issues. + +
+		 + + +
Mitigation +
+ +[Analyze log files](log-files.md#analyze-log-files) in order to determine the file, application, or driver that is not able to be migrated. Disconnect, update, remove, or replace the device or object. + +
+
+ + +
Code +
+ +8007001F - 0x3000D + +
+ +
+
Cause +
+ +The installation failed in the FIRST_BOOT phase with an error during MIGRATE_DATA operation. + +
+		 + + +
Mitigation +
+ +[Analyze log files](log-files.md#analyze-log-files) in order to determine the files or registry entries that are blocking data migration. + +This error can be due to a problem with user profiles. It can occur due to corrupt registry entries under **HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList** or invalid files in the **\\Users** directory. + +Note: If a previous upgrade did not complete, invalid profiles might exist in the **Windows.old\\Users** directory. + +To repair this error, ensure that deleted accounts are not still present in the Windows registry and that files under the \\Users directory are valid. Delete the invalid files or user profiles that are causing this error. The specific files and profiles that are causing the error will be recorded in the Windows setup log files. + +
+
+ + +
Code +
+ +8007001F - 0x4000D + +
+ +
+
Cause +
+ +General failure, a device attached to the system is not functioning. + +
+		 + + +
Mitigation +
+ +[Analyze log files](log-files.md#analyze-log-files) in order to determine the device that is not functioning properly. Disconnect, update, or replace the device. + +
+
+ + +
Code +
+ +8007042B - 0x4001E + +
+ +
+
Cause +
+ +The installation failed during the second boot phase while attempting the PRE_OOBE operation. + +
+		 + + +
Mitigation +
+ +This error has more than one possible cause. Attempt [quick fixes](quick-fixes.md), and if not successful, [analyze log files](log-files.md#analyze-log-files) in order to determine the problem and solution. + +
+
+ + +## Other result codes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Error code +Cause +Mitigation +
0xC1800118WSUS has downloaded content that it cannot use due to a missing decryption key.See [Steps to resolve error 0xC1800118](https://blogs.technet.microsoft.com/wsus/2016/09/21/resolving-error-0xc1800118/) for information.
0xC1900200Setup.exe has detected that the machine does not meet the minimum system requirements.Ensure the system you are trying to upgrade meets the minimum system requirements.
See [Windows 10 specifications](https://www.microsoft.com/en-us/windows/windows-10-specifications) for information.
0x80090011A device driver error occurred during user data migration.Contact your hardware vendor and get all the device drivers updated. It is recommended to have an active internet connection during upgrade process. +
Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.
0xC7700112Failure to complete writing data to the system drive, possibly due to write access failure on the hard disk.This issue is resolved in the latest version of Upgrade Assistant. +
Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.
0x80190001An unexpected error was encountered while attempting to download files required for upgrade.To resolve this issue, download and run the media creation tool. See [Download windows 10](https://www.microsoft.com/en-us/software-download/windows10). +
0x80246007The update was not downloaded successfully.Attempt other methods of upgrading the operating system.
+Download and run the media creation tool. See [Download windows 10](https://www.microsoft.com/en-us/software-download/windows10). +
Attempt to upgrade using .ISO or USB.
+**Note**: Windows 10 Enterprise isn’t available in the media creation tool. For more information, go to the [Volume Licensing Service Center](https://www.microsoft.com/licensing/servicecenter/default.aspx). +
0xC1900201The system did not pass the minimum requirements to install the update.Contact the hardware vendor to get the latest updates.
0x80240017The upgrade is unavailable for this edition of Windows.Administrative policies enforced by your organization might be preventing the upgrade. Contact your IT administrator.
0x80070020The existing process cannot access the file because it is being used by another process.Use the MSCONFIG tool to perform a clean boot on the machine and then try to perform the update again. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/en-us/kb/929135).
0x80070522The user doesn’t have required privilege or credentials to upgrade.Ensure that you have signed in as a local administrator or have local administrator privileges.
0xC1900107A cleanup operation from a previous installation attempt is still pending and a system reboot is required in order to continue the upgrade. +Reboot the device and run setup again. If restarting device does not resolve the issue, then use the Disk Cleanup utility and cleanup the temporary as well as the System files. For more information, see [Disk cleanup in Windows 10](https://support.microsoft.com/en-us/instantanswers/8fef4121-711b-4be1-996f-99e02c7301c2/disk-cleanup-in-windows-10).
0xC1900209The user has chosen to cancel because the system does not pass the compatibility scan to install the update. Setup.exe will report this error when it can upgrade the machine with user data but cannot migrate installed applications.Incompatible software is blocking the upgrade process. Uninstall the application and try the upgrade again. See [Windows 10 Pre-Upgrade Validation using SETUP.EXE](https://blogs.technet.microsoft.com/mniehaus/2015/08/23/windows-10-pre-upgrade-validation-using-setup-exe/) for more information. + +
You can also download the [Windows Assessment and Deployment Kit (ADK) for Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=526740) and install Application Compatibility Tools. +
0x8007002 This error is specific to upgrades using System Center Configuration Manager 2012 R2 SP1 CU3 (5.00.8238.1403)Analyze the SMSTS.log and verify that the upgrade is failing on "Apply Operating system" Phase: Error 80072efe DownloadFileWithRanges() failed. 80072efe. ApplyOperatingSystem (0x0760) + +
The error 80072efe means that the connection with the server was terminated abnormally. + +
To resolve this issue, try the OS Deployment test on a client in same VLAN as the Configuration Manager server. Check the network configuration for random client-server connection issues happening on the remote VLAN. +
0x80240FFF Occurs when update synchronization fails. It can occur when you are using Windows Server Update Services on its own or when it is integrated with System Center Configuration Manager. If you enable update synchronization before you install hotfix 3095113, WSUS doesn't recognize the Upgrades classification and instead treats the upgrade like a regular update. You can prevent this by installing hotfix 3095113 before you enable update synchronization. However, if you have already run into this problem, do the following: + +
    +
  1. Disable the Upgrades classification.
    2. +
  2. Install hotfix 3095113.
    3. +
  3. Delete previously synched updates.
    4. +
  4. Enable the Upgrades classification.
    5. +
  5. Perform a full synch.
    6. +
+
For detailed information on how to run these steps check out How to delete upgrades in WSUS.

+
0x8007007EOccurs when update synchronization fails because you do not have hotfix 3095113 installed before you enable update synchronization. Specifically, the CopyToCache operation fails on clients that have already downloaded the upgrade because Windows Server Update Services has bad metadata related to the upgrade. It can occur when you are using standalone Windows Server Update Services or when WSUS is integrated with System Center Configuration Manager. Use the following steps to repair Windows Server Update Services. You must run these steps on each WSUS server that synched metadata before you installed the hotfix. + +
    +
  1. Stop the Windows Update service. Sign in as a user with administrative privileges, and then do the following: +
      +
    1. Open Administrative Tools from the Control Panel.
      2. +
    2. Double-click Services.
      3. +
    3. Find the Windows Update service, right-click it, and then click Stop. If prompted, enter your credentials.
      4. +
    +
    2. +
  2. Delete all files and folders under c:\Windows\SoftwareDistribution\DataStore.
    3. +
  3. Restart the Windows Update service.
    4. +
+
+ +## Other error codes + + + + + + + + + + + + + + + +
Error CodesCauseMitigation
0x80070003- 0x20007 +This is a failure during SafeOS phase driver installation. + +[Verify device drivers](https://msdn.microsoft.com/windows/hardware/drivers/install/troubleshooting-device-and-driver-installations) on the computer, and [analyze log files](log-files.md#analyze-log-files) to determine the problem driver. +
0x8007025D - 0x2000C +This error occurs if the ISO file's metadata is corrupt."Re-download the ISO/Media and re-attempt the upgrade. + +Alternatively, re-create installation media the [Media Creation Tool](https://www.microsoft.com/en-us/software-download/windows10). + +
0x80070490 - 0x20007An incompatible device driver is present. + +[Verify device drivers](https://msdn.microsoft.com/windows/hardware/drivers/install/troubleshooting-device-and-driver-installations) on the computer, and [analyze log files](log-files.md#analyze-log-files) to determine the problem driver. + +
0xC1900101 - 0x2000c +An unspecified error occurred in the SafeOS phase during WIM apply. This can be caused by an outdated driver or disk corruption. +Run checkdisk to repair the file system. For more information, see the [quick fixes](quick-fixes.md) section in this guide. +
Update drivers on the computer, and select "Download and install updates (recommended)" during the upgrade process. Disconnect devices other than the mouse, keyboard and display.
0xC1900200 - 0x20008 + +The computer doesn’t meet the minimum requirements to download or upgrade to Windows 10. + +See [Windows 10 Specifications](https://www.microsoft.com/en-us/windows/windows-10-specifications) and verify the computer meets minimum requirements. + +
Review logs for [compatibility information](https://blogs.technet.microsoft.com/askcore/2016/01/21/using-the-windows-10-compatibility-reports-to-understand-upgrade-issues/).
0x80070004 - 0x3000D +This is a problem with data migration during the first boot phase. There are multiple possible causes. + +[Analyze log files](log-files.md#analyze-log-files) to determine the issue.
0xC1900101 - 0x4001E +Installation failed in the SECOND_BOOT phase with an error during PRE_OOBE operation. +This is a generic error that occurs during the OOBE phase of setup. See the [0xC1900101](#0xc1900101) section of this guide and review general troubleshooting procedures described in that section.
0x80070005 - 0x4000D +The installation failed in the SECOND_BOOT phase with an error in during MIGRATE_DATA operation. This error indicates that access was denied while attempting to migrate data. +[Analyze log files](log-files.md#analyze-log-files) to determine the data point that is reporting access denied.
0x80070004 - 0x50012 +Windows Setup failed to open a file. +[Analyze log files](log-files.md#analyze-log-files) to determine the data point that is reporting access problems.
0xC190020e +
0x80070070 - 0x50011 +
0x80070070 - 0x50012 +
0x80070070 - 0x60000 +		These errors indicate the computer does not have enough free space available to install the upgrade. +To upgrade a computer to Windows 10, it requires 16 GB of free hard drive space for a 32-bit OS, and 20 GB for a 64-bit OS. If there is not enough space, attempt to [free up drive space](https://support.microsoft.com/en-us/help/17421/windows-free-up-drive-space) before proceeding with the upgrade. + +
Note: If your device allows it, you can use an external USB drive for the upgrade process. Windows setup will back up the previous version of Windows to a USB external drive. The external drive must be at least 8GB (16GB is recommended). The external drive should be formatted using NTFS. Drives that are formatted in FAT32 may run into errors due to FAT32 file size limitations. USB drives are preferred over SD cards because drivers for SD cards are not migrated if the device does not support Connected Standby. +
+ +## Related topics + +[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/en-us/windows/dn798755.aspx) +
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/en-us/windows/dn798752.aspx) +
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications) +
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro) +
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821) diff --git a/windows/deployment/upgrade/resolve-windows-10-upgrade-errors.md b/windows/deployment/upgrade/resolve-windows-10-upgrade-errors.md index d3d5edf9a2..347b42dee1 100644 --- a/windows/deployment/upgrade/resolve-windows-10-upgrade-errors.md +++ b/windows/deployment/upgrade/resolve-windows-10-upgrade-errors.md @@ -7,7 +7,7 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: deploy author: greg-lindsay -ms.date: 02/22/2018 +ms.date: 03/30/2018 ms.localizationpriority: high --- @@ -18,1073 +18,37 @@ ms.localizationpriority: high >**Important**: This topic contains technical instructions for IT administrators. If you are not an IT administrator, see the following topic: [Get help with Windows 10 upgrade and installation errors](https://support.microsoft.com/en-us/help/10587/windows-10-get-help-with-upgrade-installation-errors). You can also [Submit Windows 10 upgrade errors using Feedback Hub](submit-errors.md). -## In this topic - -This topic contains a brief introduction to Windows 10 installation processes, and provides resolution procedures that IT administrators can use to resolve issues with Windows 10 upgrade. The following sections and procedures are provided in this guide: - -- [Troubleshooting upgrade errors](#troubleshooting-upgrade-errors): General advice and techniques for troubleshooting Windows 10 upgrade errors.
-- [The Windows 10 upgrade process](#the-windows-10-upgrade-process): An explanation of phases used during the upgrade process.
-- [Quick fixes](#quick-fixes): Steps you can take to eliminate many Windows upgrade errors.
-- [Upgrade error codes](#upgrade-error-codes): The components of an error code are explained. - - [Result codes](#result-codes): Information about result codes. - - [Extend codes](#extend-codes): Information about extend codes. -- [Windows Error Reporting](#windows-error-reporting): How to use Event Viewer to review details about a Windows 10 upgrade. -- [Log files](#log-files): A list and description of log files useful for troubleshooting. - - [Log entry structure](#log-entry-structure): The format of a log entry is described. - - [Analyze log files](#analyze-log-files): General procedures for log file analysis, and an example. -- [Resolution procedures](#resolution-procedures): Causes and mitigation procedures associated with specific error codes. - - [0xC1900101](#0xc1900101): Information about the 0xC1900101 result code. - - [0x800xxxxx](#0x800xxxxx): Information about result codes that start with 0x800. - - [Other result codes](#other-result-codes): Additional causes and mitigation procedures are provided for some result codes. - - [Other error codes](#other-error-codes): Additional causes and mitigation procedures are provided for some error codes. - -## Troubleshooting upgrade errors - -If a Windows 10 upgrade is not successful, it can be very helpful to understand *when* an error occurred in the upgrade process. - -Briefly, the upgrade process consists of four phases: **Downlevel**, **SafeOS**, **First boot**, and **Second boot**. The computer will reboot once between each phase. - -These phases are explained in greater detail [below](#the-windows-10-upgrade-process). First, let's summarize the actions performed during each phase because this affects the type of errors that can be encountered. - -1. **Downlevel phase**: Because this phase runs on the source OS, upgrade errors are not typically seen. If you do encounter an error, ensure the source OS is stable. Also ensure the Windows setup source and the destination drive are accessible. - -2. **SafeOS phase**: Errors most commonly occur during this phase due to hardware issues, firmware issues, or non-microsoft disk encryption software. - - Since the computer is booted into Windows PE during the SafeOS phase, a useful troubleshooting technique is to boot into [Windows PE](https://docs.microsoft.com/windows-hardware/manufacture/desktop/winpe-intro) using installation media. You can use the [media creation tool](https://www.microsoft.com/software-download/windows10) to create bootable media, or you can use tools such as the [Windows ADK](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit), and then boot your device from this media to test for hardware and firmware compatibility issues. - - **Do not proceed with the Windows 10 installation after booting from this media**. This method can only be used to perform a clean install which will not migrate any of your apps and settings, and you will be required re-enter your Windows 10 license information. - - If the computer does not successfully boot into Windows PE using the media that you created, this is likely due to a hardware or firmware issue. Check with your hardware manufacturer and apply any recommended BIOS and firmware updates. If you are still unable to boot to installation media after applying updates, disconnect or replace legacy hardware. - - If the computer successfully boots into Windows PE, but you are not able to browse the system drive on the computer, it is possible that non-Microsoft disk encryption software is blocking your ability to perform a Windows 10 upgrade. Update or temporarily remove the disk encryption. - -3. **First boot phase**: Boot failures in this phase are relatively rare, and almost exclusively caused by device drivers. Disconnect all peripheral devices except for the mouse, keyboard, and display. Obtain and install updated device drivers, then retry the upgrade. - -4. **Second boot phase**: In this phase, the system is running under the target OS with new drivers. Boot failures are most commonly due to anti-virus software or filter drivers. Disconnect all peripheral devices except for the mouse, keyboard, and display. Obtain and install updated device drivers, temporarily uninstall anti-virus software, then retry the upgrade. - -If the general troubleshooting techniques described above or the [quick fixes](#quick-fixes) detailed below do not resolve your issue, you can attempt to analyze [log files](#log-files) and interpret [upgrade error codes](#upgrade-error-codes). You can also [Submit Windows 10 upgrade errors using Feedback Hub](submit-errors.md) so that Microsoft can diagnose your issue. - -## The Windows 10 upgrade process - -The **Windows Setup** application is used to upgrade a computer to Windows 10, or to perform a clean installation. Windows Setup starts and restarts the computer, gathers information, copies files, and creates or adjusts configuration settings. - -When performing an operating system upgrade, Windows Setup uses phases described below. A reboot occurs between each of the phases. After the first reboot, the user interface will remain the same until the upgrade is completed. Percent progress is displayed and will advance as you move through each phase, reaching 100% at the end of the second boot phase. - -1. **Downlevel phase**: The downlevel phase is run within the previous operating system. Windows files are copied and installation components are gathered. - - ![downlevel phase](../images/downlevel.png) - -2. **Safe OS phase**: A recovery partition is configured, Windows files are expanded, and updates are installed. An OS rollback is prepared if needed. Example error codes: 0x2000C, 0x20017. - - ![safeOS phase](../images/safeos.png) - -3. **First boot phase**: Initial settings are applied. Example error codes: 0x30018, 0x3000D. - - ![first boot phase](../images/firstboot.png) - -4. **Second boot phase**: Final settings are applied. This is also called the **OOBE boot phase**. Example error codes: 0x4000D, 0x40017. - - At the end of the second boot phase, the **Welcome to Windows 10** screen is displayed, preferences are configured, and the Windows 10 sign-in prompt is displayed. - - ![second boot phase](../images/secondboot.png) - - ![second boot phase](../images/secondboot2.png) - - ![second boot phase](../images/secondboot3.png) - -5. **Uninstall phase**: This phase occurs if upgrade is unsuccessful (image not shown). Example error codes: 0x50000, 0x50015. - -**Figure 1**: Phases of a successful Windows 10 upgrade (uninstall is not shown): - -![Upgrade process](../images/upgrade-process.png) - -DU = Driver/device updates.
-OOBE = Out of box experience.
-WIM = Windows image (Microsoft) - - -## Quick fixes - -The following steps can resolve many Windows upgrade problems. - -
    -
  1. Remove nonessential external hardware, such as docks and USB devices.
    2. -
  2. Check all hard drives for errors and attempt repairs. To automatically repair hard drives, open an elevated command prompt, switch to the drive you wish to repair, and type the following command. You will be required to reboot the computer if the hard drive being repaired is also the system drive. - -
    3. -
  3. Attempt to restore and repair system files by typing the following commands at an elevated command prompt. It may take several minutes for the command operations to be completed. For more information, see [Repair a Windows Image](https://msdn.microsoft.com/windows/hardware/commercialize/manufacture/desktop/repair-a-windows-image). - -
    4. -
  4. Update Windows so that all available recommended updates are installed, and ensure the computer is rebooted if this is necessary to complete installation of an update.
    5. -
  5. Uninstall non-Microsoft antivirus software. - -
  6. Uninstall all nonessential software.
    7. -
  7. Update firmware and drivers.
    8. -
  8. Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.
    9. -
  9. Verify at least 16 GB of free space is available to upgrade a 32-bit OS, or 20 GB for a 64-bit OS. -
- - -## Upgrade error codes - -If the upgrade process is not successful, Windows Setup will return two codes: - -1. **A result code**: The result code corresponds to a specific Win32 or NTSTATUS error. -2. **An extend code**: The extend code contains information about both the *phase* in which an error occurred, and the *operation* that was being performed when the error occurred. - ->For example, a result code of **0xC1900101** with an extend code of **0x4000D** will be returned as: **0xC1900101 - 0x4000D**. - -Note: If only a result code is returned, this can be because a tool is being used that was not able to capture the extend code. For example, if you are using the [Windows 10 Upgrade Assistant](https://support.microsoft.com/en-us/kb/3159635) then only a result code might be returned. - ->[!TIP] ->If you are unable to locate the result and extend error codes, you can attempt to find these codes using Event Viewer. For more information, see [Windows Error Reporting](#windows-error-reporting). - -### Result codes - ->A result code of **0xC1900101** is generic and indicates that a rollback occurred. In most cases, the cause is a driver compatibility issue.
To troubleshoot a failed upgrade that has returned a result code of 0xC1900101, analyze the extend code to determine the Windows Setup phase, and see the [Resolution procedures](#resolution-procedures) section later in this topic. - -Result codes can be matched to the type of error encountered. To match a result code to an error: - -1. Identify the error code type as either Win32 or NTSTATUS using the first hexadecimal digit: -
**8** = Win32 error code (ex: 0x**8**0070070) -
**C** = NTSTATUS value (ex: 0x**C**1900107) -2. Write down the last 4 digits of the error code (ex: 0x8007**0070** = 0070). These digits are the actual error code type as defined in the [HRESULT](https://msdn.microsoft.com/en-us/library/cc231198.aspx) or the [NTSTATUS](https://msdn.microsoft.com/en-us/library/cc231200.aspx) structure. Other digits in the code identify things such as the device type that produced the error. -3. Based on the type of error code determined in the first step (Win32 or NTSTATUS), match the 4 digits derived from the second step to either a Win32 error code or NTSTATUS value using the following links: - - [Win32 error code](https://msdn.microsoft.com/en-us/library/cc231199.aspx) - - [NTSTATUS value](https://msdn.microsoft.com/en-us/library/cc704588.aspx) - -Examples: -- 0x80070070 - - Based on the "8" this is a Win32 error code - - The last four digits are 0070, so look up 0x00000070 in the [Win32 error code](https://msdn.microsoft.com/en-us/library/cc231199.aspx) table - - The error is: **ERROR_DISK_FULL** -- 0xC1900107 - - Based on the "C" this is an NTSTATUS error code - - The last four digits are 0107, so look up 0x00000107 in the [NTSTATUS value](https://msdn.microsoft.com/en-us/library/cc704588.aspx) table - - The error is: **STATUS_SOME_NOT_MAPPED** - -Some result codes are self-explanatory, whereas others are more generic and require further analysis. In the examples shown above, ERROR_DISK_FULL indicates that the hard drive is full and additional room is needed to complete Windows upgrade. The message STATUS_SOME_NOT_MAPPED is more ambiguous, and means that an action is pending. In this case, the action pending is often the cleanup operation from a previous installation attempt, which can be resolved with a system reboot. - -### Extend codes - ->**Important**: Extend codes reflect the current Windows 10 upgrade process, and might change in future releases of Windows 10. The codes discussed in this section apply to Windows 10 version 1607, also known as the Anniversary Update. - -Extend codes can be matched to the phase and operation when an error occurred. To match an extend code to the phase and operation: - -1. Use the first digit to identify the phase (ex: 0x4000D = 4). -2. Use the last two digits to identify the operation (ex: 0x4000D = 0D). -3. Match the phase and operation to values in the tables provided below. - -The following tables provide the corresponding phase and operation for values of an extend code: - -
- - - -
Extend code: phase
HexPhase -
0SP_EXECUTION_UNKNOWN -
1SP_EXECUTION_DOWNLEVEL -
2SP_EXECUTION_SAFE_OS -
3SP_EXECUTION_FIRST_BOOT -
4SP_EXECUTION_OOBE_BOOT -
5SP_EXECUTION_UNINSTALL -
- - - - - - - -
Extend code: operation
- -
HexOperation -
0SP_EXECUTION_OP_UNKNOWN -
1SP_EXECUTION_OP_COPY_PAYLOAD -
2SP_EXECUTION_OP_DOWNLOAD_UPDATES -
3SP_EXECUTION_OP_INSTALL_UPDATES -
4SP_EXECUTION_OP_INSTALL_RECOVERY_ENVIRONMENT -
5SP_EXECUTION_OP_INSTALL_RECOVERY_IMAGE -
6SP_EXECUTION_OP_REPLICATE_OC -
7SP_EXECUTION_OP_INSTALL_DRVIERS -
8SP_EXECUTION_OP_PREPARE_SAFE_OS -
9SP_EXECUTION_OP_PREPARE_ROLLBACK -
ASP_EXECUTION_OP_PREPARE_FIRST_BOOT -
BSP_EXECUTION_OP_PREPARE_OOBE_BOOT -
CSP_EXECUTION_OP_APPLY_IMAGE -
DSP_EXECUTION_OP_MIGRATE_DATA -
ESP_EXECUTION_OP_SET_PRODUCT_KEY -
FSP_EXECUTION_OP_ADD_UNATTEND -
-		 - -
HexOperation -
10SP_EXECUTION_OP_ADD_DRIVER -
11SP_EXECUTION_OP_ENABLE_FEATURE -
12SP_EXECUTION_OP_DISABLE_FEATURE -
13SP_EXECUTION_OP_REGISTER_ASYNC_PROCESS -
14SP_EXECUTION_OP_REGISTER_SYNC_PROCESS -
15SP_EXECUTION_OP_CREATE_FILE -
16SP_EXECUTION_OP_CREATE_REGISTRY -
17SP_EXECUTION_OP_BOOT -
18SP_EXECUTION_OP_SYSPREP -
19SP_EXECUTION_OP_OOBE -
1ASP_EXECUTION_OP_BEGIN_FIRST_BOOT -
1BSP_EXECUTION_OP_END_FIRST_BOOT -
1CSP_EXECUTION_OP_BEGIN_OOBE_BOOT -
1DSP_EXECUTION_OP_END_OOBE_BOOT -
1ESP_EXECUTION_OP_PRE_OOBE -
1FSP_EXECUTION_OP_POST_OOBE -
20SP_EXECUTION_OP_ADD_PROVISIONING_PACKAGE -
-
- -For example: An extend code of **0x4000D**, represents a problem during phase 4 (**0x4**) with data migration (**000D**). - -## Windows Error Reporting - -When Windows Setup fails, the result and extend code are recorded as an informational event in the Application log by Windows Error Reporting as event 1001. The event name is **WinSetupDiag02**. You can use Event Viewer to review this event, or you can use Windows PowerShell. - -To use Windows PowerShell, type the following commands from an elevated Windows PowerShell prompt: - -``` -$events = Get-WinEvent -FilterHashtable @{LogName="Application";ID="1001";Data="WinSetupDiag02"} -$event = [xml]$events[0].ToXml() -$event.Event.EventData.Data -``` - -To use Event Viewer: -1. Open Event Viewer and navigate to **Windows Logs\Application**. -2. Click **Find**, and then search for **winsetupdiag02**. -3. Double-click the event that is highlighted. - -Note: For legacy operating systems, the Event Name was WinSetupDiag01. - -Ten parameters are listed in the event: -
- - - - - - - - - - - -
P1: The Setup Scenario (1=Media,5=WindowsUpdate,7=Media Creation Tool)
P2: Setup Mode (x=default,1=Downlevel,5=Rollback)
P3: New OS Architecture (x=default,0=X86,9=AMD64)
P4: Install Result (x=default,0=Success,1=Failure,2=Cancel,3=Blocked)
P5: Result Error Code (Ex: 0xc1900101)
P6: Extend Error Code (Ex: 0x20017)
P7: Source OS build (Ex: 9600)
P8: Source OS branch (not typically available)
P9: New OS build (Ex: 16299}
P10: New OS branch (Ex: rs3_release}
- -The event will also contain links to log files that can be used to perform a detailed diagnosis of the error. An example of this event from a successful upgrade is shown below. - -![Windows Error Reporting](../images/event.png) - -## Log files - -Several log files are created during each phase of the upgrade process. These log files are essential for troubleshooting upgrade problems. By default, the folders that contain these log files are hidden on the upgrade target computer. To view the log files, configure Windows Explorer to view hidden items, or use a tool to automatically gather these logs. The most useful log is **setupact.log**. The log files are located in a different folder depending on the Windows Setup phase. Recall that you can determine the phase from the extend code. - -Note: Also see the [Windows Error Reporting](#windows-error-reporting) section in this document for help locating error codes and log files. - -The following table describes some log files and how to use them for troubleshooting purposes:
- -
- - - - - - - - - - - - - - - - -
Log filePhase: LocationDescriptionWhen to use
setupact.logDown-Level:
$Windows.~BT\Sources\Panther		Contains information about setup actions during the downlevel phase. All down-level failures and starting point for rollback investigations.
This is the most important log for diagnosing setup issues.
OOBE:
$Windows.~BT\Sources\Panther\UnattendGC		Contains information about actions during the OOBE phase.Investigating rollbacks that failed during OOBE phase and operations – 0x4001C, 0x4001D, 0x4001E, 0x4001F.
Rollback:
$Windows.~BT\Sources\Rollback		Contains information about actions during rollback.Investigating generic rollbacks - 0xC1900101.
Pre-initialization (prior to downlevel):
Windows		Contains information about initializing setup.If setup fails to launch.
Post-upgrade (after OOBE):
Windows\Panther		Contains information about setup actions during the installation.Investigate post-upgrade related issues.
setuperr.logSame as setupact.logContains information about setup errors during the installation.Review all errors encountered during the installation phase.
miglog.xmlPost-upgrade (after OOBE):
Windows\Panther		Contains information about what was migrated during the installation.Identify post upgrade data migration issues.
BlueBox.logDown-Level:
Windows\Logs\Mosetup		Contains information communication between setup.exe and Windows Update.Use during WSUS and WU down-level failures or for 0xC1900107.
Supplemental rollback logs:
-Setupmem.dmp
-setupapi.dev.log
-Event logs (*.evtx)		$Windows.~BT\Sources\RollbackAdditional logs collected during rollback. -Setupmem.dmp: If OS bugchecks during upgrade, setup will attempt to extract a mini-dump.
-Setupapi: Device install issues - 0x30018
-Event logs: Generic rollbacks (0xC1900101) or unexpected reboots.
- -### Log entry structure - -A setupact.log or setuperr.log entry includes the following elements: - -
    -
  1. The date and time - 2016-09-08 09:20:05. -
  2. The log level - Info, Warning, Error, Fatal Error. -
  3. The logging component - CONX, MOUPG, PANTHR, SP, IBSLIB, MIG, DISM, CSI, CBS. - -
  4. The message - Operation completed successfully. -
- -See the following example: - -| Date/Time | Log level | Component | Message | -|------|------------|------------|------------| -|2016-09-08 09:23:50,| Warning | MIG | Could not replace object C:\Users\name\Cookies. Target Object cannot be removed.| - - -### Analyze log files - ->The following instructions are meant for IT professionals. Also see the [Upgrade error codes](#upgrade-error-codes) section in this guide to familiarize yourself with [result codes](#result-codes) and [extend codes](#extend-codes). - -
To analyze Windows Setup log files: - -
    -
  1. Determine the Windows Setup error code. This code should be returned by Windows Setup if it is not successful with the upgrade process. -
  2. Based on the [extend code](#extend-codes) portion of the error code, determine the type and location of a [log files](#log-files) to investigate. -
  3. Open the log file in a text editor, such as notepad. -
  4. Using the [result code](#result-codes) portion of the Windows Setup error code, search for the result code in the file and find the last occurrence of the code. Alternatively search for the "abort" and abandoning" text strings described in step 7 below. -
  5. To find the last occurrence of the result code: -
      -
    1. Scroll to the bottom of the file and click after the last character. -
    2. Click Edit. -
    3. Click Find. -
    4. Type the result code. -
    5. Under Direction select Up. -
    6. Click Find Next. -
    -
  6. When you have located the last occurrence of the result code, scroll up a few lines from this location in the file and review the processes that failed just prior to generating the result code. -
  7. Search for the following important text strings: - -
  8. Decode Win32 errors that appear in this section. -
  9. Write down the timestamp for the observed errors in this section. -
  10. Search other log files for additional information matching these timestamps or errors. -
- -For example, assume that the error code for an error is 0x8007042B - 0x2000D. Searching for "8007042B" reveals the following content from the setuperr.log file: - ->Some lines in the text below are shortened to enhance readability. The date and time at the start of each line (ex: 2016-10-05 15:27:08) is shortened to minutes and seconds, and the certificate file name which is a long text string is shortened to just "CN." - -
setuperr.log content: - -
-27:08, Error           SP     Error READ, 0x00000570 while gathering/applying object: File, C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Will return 0[gle=0x00000570]
-27:08, Error           MIG    Error 1392 while gathering object C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Shell application requested abort![gle=0x00000570]
-27:08, Error                  Gather failed. Last error: 0x00000000
-27:08, Error           SP     SPDoFrameworkGather: Gather operation failed. Error: 0x0000002C
-27:09, Error           SP     CMigrateFramework: Gather framework failed. Status: 44
-27:09, Error           SP     Operation failed: Migrate framework (Full). Error: 0x8007042B[gle=0x000000b7]
-27:09, Error           SP     Operation execution failed: 13. hr = 0x8007042B[gle=0x000000b7]
-27:09, Error           SP     CSetupPlatformPrivate::Execute: Execution of operations queue failed, abandoning. Error: 0x8007042B[gle=0x000000b7]
-
- -The first line indicates there was an error **0x00000570** with the file **C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]** (shown below): - -
-27:08, Error           SP     Error READ, 0x00000570 while gathering/applying object: File, C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Will return 0[gle=0x00000570]
-
- -The error 0x00000570 is a [Win32 error code](https://msdn.microsoft.com/en-us/library/cc231199.aspx) corresponding to: ERROR_FILE_CORRUPT: The file or directory is corrupted and unreadable. - -Therefore, Windows Setup failed because it was not able to migrate the corrupt file **C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\[CN]**. This file is a local system certificate and can be safely deleted. Searching the setupact.log file for additional details, the phrase "Shell application requested abort" is found in a location with the same timestamp as the lines in setuperr.log. This confirms our suspicion that this file is the cause of the upgrade failure: - -
setupact.log content: - -
-27:00, Info                   Gather started at 10/5/2016 23:27:00
-27:00, Info [0x080489] MIG    Setting system object filter context (System)
-27:00, Info [0x0803e5] MIG    Not unmapping HKCU\Software\Classes; it is not mapped
-27:00, Info [0x0803e5] MIG    Not unmapping HKCU; it is not mapped
-27:00, Info            SP     ExecuteProgress: Elapsed events:1 of 4, Percent: 12
-27:00, Info [0x0802c6] MIG    Processing GATHER for migration unit: \UpgradeFramework (CMXEAgent)
-27:08, Error           SP     Error READ, 0x00000570 while gathering/applying object: File, C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Will return 0[gle=0x00000570]
-27:08, Error           MIG    Error 1392 while gathering object C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18 [CN]. Shell application requested abort![gle=0x00000570]
-27:08, Info            SP     ExecuteProgress: Elapsed events:2 of 4, Percent: 25
-27:08, Info            SP     ExecuteProgress: Elapsed events:3 of 4, Percent: 37
-27:08, Info [0x080489] MIG    Setting system object filter context (System)
-27:08, Info [0x0803e5] MIG    Not unmapping HKCU\Software\Classes; it is not mapped
-27:08, Info [0x0803e5] MIG    Not unmapping HKCU; it is not mapped
-27:08, Info            MIG    COutOfProcPluginFactory::FreeSurrogateHost: Shutdown in progress.
-27:08, Info            MIG    COutOfProcPluginFactory::LaunchSurrogateHost::CommandLine: -shortened-
-27:08, Info            MIG    COutOfProcPluginFactory::LaunchSurrogateHost: Successfully launched host and got control object.
-27:08, Error                  Gather failed. Last error: 0x00000000
-27:08, Info                   Gather ended at 10/5/2016 23:27:08 with result 44
-27:08, Info                   Leaving MigGather method
-27:08, Error           SP     SPDoFrameworkGather: Gather operation failed. Error: 0x0000002C
-
- - -
This analysis indicates that the Windows upgrade error can be resolved by deleting the C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\[CN] file. Note: In this example, the full, unshortened file name is C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\be8228fb2d3cb6c6b0ccd9ad51b320b4_a43d512c-69f2-42de-aef9-7a88fabdaa3f. - -## Resolution procedures - -### 0xC1900101 - -A frequently observed result code is 0xC1900101. This result code can be thrown at any stage of the upgrade process, with the exception of the downlevel phase. 0xC1900101 is a generic rollback code, and usually indicates that an incompatible driver is present. The incompatible driver can cause blue screens, system hangs, and unexpected reboots. Analysis of supplemental log files is often helpful, such as:
- -- The minidump file: $Windows.~bt\Sources\Rollback\setupmem.dmp, -- Event logs: $Windows.~bt\Sources\Rollback\*.evtx -- The device install log: $Windows.~bt\Sources\Rollback\setupapi\setupapi.dev.log - -The device install log is particularly helpful if rollback occurs during the sysprep operation (extend code 0x30018). To resolve a rollback due to driver conflicts, try running setup using a minimal set of drivers and startup programs by performing a [clean boot](https://support.microsoft.com/en-us/kb/929135) before initiating the upgrade process. - -
See the following general troubleshooting procedures associated with a result code of 0xC1900101: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - -
Code -
0xC1900101 - 0x20004 -
- -
-
Cause -
Windows Setup encountered an error during the SAFE_OS with the INSTALL_RECOVERY_ENVIRONMENT operation -
This is generally caused by out-of-date drivers. -
-		 - - -
Mitigation -
Uninstall antivirus applications. -
Remove all unused SATA devices. -
Remove all unused devices and drivers. -
Update drivers and BIOS. -
-
- - -
Code -
0xC1900101 - 0x2000c -
- -
-
Cause -
Windows Setup encountered an unspecified error during Wim apply in the WinPE phase. -
This is generally caused by out-of-date drivers. -
-		 - - -
Mitigation -
Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display. -
Contact your hardware vendor to obtain updated device drivers. -
Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process. -
-
- - -
Code -
0xC1900101 - 0x20017 - -
- -
-
Cause -
A driver has caused an illegal operation. -
Windows was not able to migrate the driver, resulting in a rollback of the operating system. -
This is a SafeOS boot failure, typically caused by drivers or non-Microsoft disk encryption software. -
-		 - - -
Mitigation -
-Ensure that all that drivers are updated.
-Open the Setuperr.log and Setupact.log files in the %windir%\Panther directory, and then locate the problem drivers. -
For more information, see [Understanding Failures and Log Files](https://technet.microsoft.com/en-us/library/ee851579.aspx). -
Update or uninstall the problem drivers. -
-
- - -
Code -
0xC1900101 - 0x30018 -
- -
-
Cause -
A device driver has stopped responding to setup.exe during the upgrade process. -
-		 - - -
Mitigation -
-Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display. -
Contact your hardware vendor to obtain updated device drivers. -
Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process. -
-
- - -
Code -
0xC1900101 - 0x3000D -
- -
-
Cause -
Installation failed during the FIRST_BOOT phase while attempting the MIGRATE_DATA operation. -
This can occur due to a problem with a display driver. - -
-		 - - -
Mitigation -
-Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display. -
Update or uninstall the display driver. -
-
- - -
Code -
0xC1900101 - 0x4000D -
- -
-
Cause -
A rollback occurred due to a driver configuration issue. -
Installation failed during the second boot phase while attempting the MIGRATE_DATA operation. - -
This can occur due to incompatible drivers. - -
-		 - - -
Mitigation -
-
Check supplemental rollback logs for a setupmem.dmp file, or event logs for any unexpected reboots or errors. -
Review the rollback log and determine the stop code. -
The rollback log is located in the **C:\$Windows.~BT\Sources\Panther** folder. An example analysis is shown below. This example is not representative of all cases: -
Info SP Crash 0x0000007E detected -
Info SP Module name : -
Info SP Bugcheck parameter 1 : 0xFFFFFFFFC0000005 -
Info SP Bugcheck parameter 2 : 0xFFFFF8015BC0036A -
Info SP Bugcheck parameter 3 : 0xFFFFD000E5D23728 -
Info SP Bugcheck parameter 4 : 0xFFFFD000E5D22F40 -
Info SP Cannot recover the system. -
Info SP Rollback: Showing splash window with restoring text: Restoring your previous version of Windows. - - -
Typically, there is a dump file for the crash to analyze. If you are not equipped to debug the dump, then attempt the following basic troubleshooting procedures:
- -1. Make sure you have enough disk space.
-2. If a driver is identified in the bug check message, disable the driver or check with the manufacturer for driver updates.
-3. Try changing video adapters.
-4. Check with your hardware vendor for any BIOS updates.
-5. Disable BIOS memory options such as caching or shadowing. -

-
-
- - -
Code -
0xC1900101 - 0x40017 -
- -
-
Cause -
Windows 10 upgrade failed after the second reboot. -
This is usually caused by a faulty driver. For example: antivirus filter drivers or encryption drivers. -
-		 - - -
Mitigation -
Clean boot into Windows, and then attempt the upgrade to Windows 10.
- -For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/en-us/kb/929135). - -

Ensure you select the option to "Download and install updates (recommended)." -
-
- -

0x800xxxxx

- -
Result codes starting with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and are not unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly. - -
See the following general troubleshooting procedures associated with a result code of 0x800xxxxx:
- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - -
Code -
- -80040005 - 0x20007 - -
- -
-
Cause -
- -An unspecified error occurred with a driver during the SafeOS phase. - -
-		 - - -
Mitigation -
- -This error has more than one possible cause. Attempt [quick fixes](#quick-fixes), and if not successful, [analyze log files](#analyze-log-files) in order to determine the problem and solution. - -
-
- - -
Code -
- -0x80073BC3 - 0x20009
-0x8007002 - 0x20009
-0x80073B92 - 0x20009 - -
- -
-
Cause -
- -The requested system device cannot be found, there is a sharing violation, or there are multiple devices matching the identification criteria. - -
-		 - - -
Mitigation -
- -These errors occur during partition analysis and validation, and can be caused by the presence of multiple system partitions. For example, if you installed a new system drive but left the previous system drive connected, this can cause a conflict. To resolve the errors, disconnect or temporarily disable drives that contain the unused system partition. You can reconnect the drive after the upgrade has completed. Alternatively, you can delete the unused system partition. - -
-
- - -
Code -
- -800704B8 - 0x3001A - -
- -
-
Cause -
- -An extended error has occurred during the first boot phase. - -
-		 - - -
Mitigation -
- -Disable or uninstall non-Microsoft antivirus applications, disconnect all unnecessary devices, and perform a [clean boot](https://support.microsoft.com/en-us/kb/929135). - -
-
- - -
Code -
- -8007042B - 0x4000D - -
- -
-
Cause -
- -The installation failed during the second boot phase while attempting the MIGRATE_DATA operation. -
This issue can occur due to file system, application, or driver issues. - -
-		 - - -
Mitigation -
- -[Analyze log files](#analyze-log-files) in order to determine the file, application, or driver that is not able to be migrated. Disconnect, update, remove, or replace the device or object. - -
-
- - -
Code -
- -8007001F - 0x3000D - -
- -
-
Cause -
- -The installation failed in the FIRST_BOOT phase with an error during MIGRATE_DATA operation. - -
-		 - - -
Mitigation -
- -[Analyze log files](#analyze-log-files) in order to determine the files or registry entries that are blocking data migration. - -This error can be due to a problem with user profiles. It can occur due to corrupt registry entries under **HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList** or invalid files in the **\\Users** directory. - -Note: If a previous upgrade did not complete, invalid profiles might exist in the **Windows.old\\Users** directory. - -To repair this error, ensure that deleted accounts are not still present in the Windows registry and that files under the \\Users directory are valid. Delete the invalid files or user profiles that are causing this error. The specific files and profiles that are causing the error will be recorded in the Windows setup log files. - -
-
- - -
Code -
- -8007001F - 0x4000D - -
- -
-
Cause -
- -General failure, a device attached to the system is not functioning. - -
-		 - - -
Mitigation -
- -[Analyze log files](#analyze-log-files) in order to determine the device that is not functioning properly. Disconnect, update, or replace the device. - -
-
- - -
Code -
- -8007042B - 0x4001E - -
- -
-
Cause -
- -The installation failed during the second boot phase while attempting the PRE_OOBE operation. - -
-		 - - -
Mitigation -
- -This error has more than one possible cause. Attempt [quick fixes](#quick-fixes), and if not successful, [analyze log files](#analyze-log-files) in order to determine the problem and solution. - -
-
- - -### Other result codes - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Error code -Cause -Mitigation -
0xC1800118WSUS has downloaded content that it cannot use due to a missing decryption key.See [Steps to resolve error 0xC1800118](https://blogs.technet.microsoft.com/wsus/2016/09/21/resolving-error-0xc1800118/) for information.
0xC1900200Setup.exe has detected that the machine does not meet the minimum system requirements.Ensure the system you are trying to upgrade meets the minimum system requirements.
See [Windows 10 specifications](https://www.microsoft.com/en-us/windows/windows-10-specifications) for information.
0x80090011A device driver error occurred during user data migration.Contact your hardware vendor and get all the device drivers updated. It is recommended to have an active internet connection during upgrade process. -
Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.
0xC7700112Failure to complete writing data to the system drive, possibly due to write access failure on the hard disk.This issue is resolved in the latest version of Upgrade Assistant. -
Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.
0x80190001An unexpected error was encountered while attempting to download files required for upgrade.To resolve this issue, download and run the media creation tool. See [Download windows 10](https://www.microsoft.com/en-us/software-download/windows10). -
0x80246007The update was not downloaded successfully.Attempt other methods of upgrading the operating system.
-Download and run the media creation tool. See [Download windows 10](https://www.microsoft.com/en-us/software-download/windows10). -
Attempt to upgrade using .ISO or USB.
-**Note**: Windows 10 Enterprise isn’t available in the media creation tool. For more information, go to the [Volume Licensing Service Center](https://www.microsoft.com/licensing/servicecenter/default.aspx). -
0xC1900201The system did not pass the minimum requirements to install the update.Contact the hardware vendor to get the latest updates.
0x80240017The upgrade is unavailable for this edition of Windows.Administrative policies enforced by your organization might be preventing the upgrade. Contact your IT administrator.
0x80070020The existing process cannot access the file because it is being used by another process.Use the MSCONFIG tool to perform a clean boot on the machine and then try to perform the update again. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/en-us/kb/929135).
0x80070522The user doesn’t have required privilege or credentials to upgrade.Ensure that you have signed in as a local administrator or have local administrator privileges.
0xC1900107A cleanup operation from a previous installation attempt is still pending and a system reboot is required in order to continue the upgrade. -Reboot the device and run setup again. If restarting device does not resolve the issue, then use the Disk Cleanup utility and cleanup the temporary as well as the System files. For more information, see [Disk cleanup in Windows 10](https://support.microsoft.com/en-us/instantanswers/8fef4121-711b-4be1-996f-99e02c7301c2/disk-cleanup-in-windows-10).
0xC1900209The user has chosen to cancel because the system does not pass the compatibility scan to install the update. Setup.exe will report this error when it can upgrade the machine with user data but cannot migrate installed applications.Incompatible software is blocking the upgrade process. Uninstall the application and try the upgrade again. See [Windows 10 Pre-Upgrade Validation using SETUP.EXE](https://blogs.technet.microsoft.com/mniehaus/2015/08/23/windows-10-pre-upgrade-validation-using-setup-exe/) for more information. - -
You can also download the [Windows Assessment and Deployment Kit (ADK) for Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=526740) and install Application Compatibility Tools. -
0x8007002 This error is specific to upgrades using System Center Configuration Manager 2012 R2 SP1 CU3 (5.00.8238.1403)Analyze the SMSTS.log and verify that the upgrade is failing on "Apply Operating system" Phase: Error 80072efe DownloadFileWithRanges() failed. 80072efe. ApplyOperatingSystem (0x0760) - -
The error 80072efe means that the connection with the server was terminated abnormally. - -
To resolve this issue, try the OS Deployment test on a client in same VLAN as the Configuration Manager server. Check the network configuration for random client-server connection issues happening on the remote VLAN. -
0x80240FFF Occurs when update synchronization fails. It can occur when you are using Windows Server Update Services on its own or when it is integrated with System Center Configuration Manager. If you enable update synchronization before you install hotfix 3095113, WSUS doesn't recognize the Upgrades classification and instead treats the upgrade like a regular update. You can prevent this by installing hotfix 3095113 before you enable update synchronization. However, if you have already run into this problem, do the following: - -
    -
  1. Disable the Upgrades classification.
    2. -
  2. Install hotfix 3095113.
    3. -
  3. Delete previously synched updates.
    4. -
  4. Enable the Upgrades classification.
    5. -
  5. Perform a full synch.
    6. -
-
For detailed information on how to run these steps check out How to delete upgrades in WSUS.

-
0x8007007EOccurs when update synchronization fails because you do not have hotfix 3095113 installed before you enable update synchronization. Specifically, the CopyToCache operation fails on clients that have already downloaded the upgrade because Windows Server Update Services has bad metadata related to the upgrade. It can occur when you are using standalone Windows Server Update Services or when WSUS is integrated with System Center Configuration Manager. Use the following steps to repair Windows Server Update Services. You must run these steps on each WSUS server that synched metadata before you installed the hotfix. - -
    -
  1. Stop the Windows Update service. Sign in as a user with administrative privileges, and then do the following: -
      -
    1. Open Administrative Tools from the Control Panel.
      2. -
    2. Double-click Services.
      3. -
    3. Find the Windows Update service, right-click it, and then click Stop. If prompted, enter your credentials.
      4. -
    -
    2. -
  2. Delete all files and folders under c:\Windows\SoftwareDistribution\DataStore.
    3. -
  3. Restart the Windows Update service.
    4. -
-
- -### Other error codes - - - - - - - - - - - - - - - -
Error CodesCauseMitigation
0x80070003- 0x20007 -This is a failure during SafeOS phase driver installation. - -[Verify device drivers](https://msdn.microsoft.com/windows/hardware/drivers/install/troubleshooting-device-and-driver-installations) on the computer, and [analyze log files](#analyze-log-files) to determine the problem driver. -
0x8007025D - 0x2000C -This error occurs if the ISO file's metadata is corrupt."Re-download the ISO/Media and re-attempt the upgrade. - -Alternatively, re-create installation media the [Media Creation Tool](https://www.microsoft.com/en-us/software-download/windows10). - -
0x80070490 - 0x20007An incompatible device driver is present. - -[Verify device drivers](https://msdn.microsoft.com/windows/hardware/drivers/install/troubleshooting-device-and-driver-installations) on the computer, and [analyze log files](#analyze-log-files) to determine the problem driver. - -
0xC1900101 - 0x2000c -An unspecified error occurred in the SafeOS phase during WIM apply. This can be caused by an outdated driver or disk corruption. -Run checkdisk to repair the file system. For more information, see the [quick fixes](#quick-fixes) section in this guide. -
Update drivers on the computer, and select "Download and install updates (recommended)" during the upgrade process. Disconnect devices other than the mouse, keyboard and display.
0xC1900200 - 0x20008 - -The computer doesn’t meet the minimum requirements to download or upgrade to Windows 10. - -See [Windows 10 Specifications](https://www.microsoft.com/en-us/windows/windows-10-specifications) and verify the computer meets minimum requirements. - -
Review logs for [compatibility information](https://blogs.technet.microsoft.com/askcore/2016/01/21/using-the-windows-10-compatibility-reports-to-understand-upgrade-issues/).
0x80070004 - 0x3000D -This is a problem with data migration during the first boot phase. There are multiple possible causes. - -[Analyze log files](#analyze-log-files) to determine the issue.
0xC1900101 - 0x4001E -Installation failed in the SECOND_BOOT phase with an error during PRE_OOBE operation. -This is a generic error that occurs during the OOBE phase of setup. See the [0xC1900101](#0xc1900101) section of this guide and review general troubleshooting procedures described in that section.
0x80070005 - 0x4000D -The installation failed in the SECOND_BOOT phase with an error in during MIGRATE_DATA operation. This error indicates that access was denied while attempting to migrate data. -[Analyze log files](#analyze-log-files) to determine the data point that is reporting access denied.
0x80070004 - 0x50012 -Windows Setup failed to open a file. -[Analyze log files](#analyze-log-files) to determine the data point that is reporting access problems.
0xC190020e -
0x80070070 - 0x50011 -
0x80070070 - 0x50012 -
0x80070070 - 0x60000 -		These errors indicate the computer does not have enough free space available to install the upgrade. -To upgrade a computer to Windows 10, it requires 16 GB of free hard drive space for a 32-bit OS, and 20 GB for a 64-bit OS. If there is not enough space, attempt to [free up drive space](https://support.microsoft.com/en-us/help/17421/windows-free-up-drive-space) before proceeding with the upgrade. - -
Note: If your device allows it, you can use an external USB drive for the upgrade process. Windows setup will back up the previous version of Windows to a USB external drive. The external drive must be at least 8GB (16GB is recommended). The external drive should be formatted using NTFS. Drives that are formatted in FAT32 may run into errors due to FAT32 file size limitations. USB drives are preferred over SD cards because drivers for SD cards are not migrated if the device does not support Connected Standby. -
- - - +This topic contains a brief introduction to Windows 10 installation processes, and provides resolution procedures that IT administrators can use to resolve issues with Windows 10 upgrade. + +The topic was originally one page, but has been divided into sub-topics of different technical levels. Basic level provides common procedures that can resolve several types of upgrade errors. Advanced level requires some experience with detailed troubleshooting methods. + +The following four levels are assigned: + +Level 100: Basic
+Level 200: Moderate
+Level 300: Moderate advanced
+Level 400: Advanced
+ +## In this guide + +See the following topics: + +- [Quick fixes](quick-fixes.md): \Level 100\ Steps you can take to eliminate many Windows upgrade errors.
+- [SetupDiag](setupdiag.md): \Level 300\ SetupDiag is a new tool to help you isolate the root cause of an upgrade failure. +- [Troubleshooting upgrade errors](troubleshoot-upgrade-errors.md): \Level 300\ General advice and techniques for troubleshooting Windows 10 upgrade errors, and an explanation of phases used during the upgrade process.
+- [Windows Error Reporting](windows-error-reporting.md): \Level 300\ How to use Event Viewer to review details about a Windows 10 upgrade. +- [Upgrade error codes](upgrade-error-codes.md): \Level 400\ The components of an error code are explained. + - [Result codes](upgrade-error-codes.md#result-codes): Information about result codes. + - [Extend codes](upgrade-error-codes.md#extend-codes): Information about extend codes. +- [Log files](log-files.md): \Level 400\ A list and description of log files useful for troubleshooting. + - [Log entry structure](log-files.md#log-entry-structure): The format of a log entry is described. + - [Analyze log files](log-files.md#analyze-log-files): General procedures for log file analysis, and an example. +- [Resolution procedures](resolution-procedures.md): \Level 200\ Causes and mitigation procedures associated with specific error codes. + - [0xC1900101](resolution-procedures.md#0xc1900101): Information about the 0xC1900101 result code. + - [0x800xxxxx](resolution-procedures.md#0x800xxxxx): Information about result codes that start with 0x800. + - [Other result codes](resolution-procedures.md#other-result-codes): Additional causes and mitigation procedures are provided for some result codes. + - [Other error codes](resolution-procedures.md#other-error-codes): Additional causes and mitigation procedures are provided for some error codes. +- [Submit Windows 10 upgrade errors](submit-errors.md): \Level 100\ Submit upgrade errors to Microsoft for analysis. ## Related topics diff --git a/windows/deployment/upgrade/setupdiag.md b/windows/deployment/upgrade/setupdiag.md new file mode 100644 index 0000000000..a460f3c8b5 --- /dev/null +++ b/windows/deployment/upgrade/setupdiag.md @@ -0,0 +1,251 @@ +--- +title: SetupDiag +description: How to use the SetupDiag tool to diagnose Windows Setup errors +keywords: deploy, troubleshoot, windows, 10, upgrade, update, setup, diagnose +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +author: greg-lindsay +ms.date: 03/30/2018 +ms.localizationpriority: high +--- + +# SetupDiag + +**Applies to** +- Windows 10 + +>[!NOTE] +>This is a 300 level topic (moderate advanced).
+>See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article. + +[SetupDiag.exe](https://go.microsoft.com/fwlink/?linkid=870142) is a standalone diagnostic tool that can be used to obtain details about why a Windows 10 upgrade was unsuccessful. + +SetupDiag works by examining Windows Setup log files. It attempts to parse these log files to determine the root cause of a failure to update or upgrade the computer to Windows 10. SetupDiag can be run on the computer that failed to update, or you can export logs from the computer to another location and run SetupDiag in offline mode. + +See the [Release notes](#release-notes) section at the bottom of this topic for information about updates to this tool. + +## Requirements + +1. The destination OS must be Windows 10. +2. [.NET Framework 4.6](https://www.microsoft.com/download/details.aspx?id=48137) must be installed. If you are not sure what version of .NET is currently installed, see [How to: Determine Which .NET Framework Versions Are Installed](https://docs.microsoft.com/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed). You can also use the following command-line query to display the installed v4 versions: + + ``` + reg query "HKLM\SOFTWARE\Microsoft\Net Framework Setup\NDP\v4" /s + ``` + +## Parameters + +| Parameter | Description | +| --- | --- | +| /? | | +| /Output:\ | | +| /Mode:\ | | +| /LogsPath:\ |
  • This optional parameter is required only when **/Mode:Offline** is specified. This tells SetupDiag.exe where to find the log files. These log files can be in a flat folder format, or containing multiple subdirectories. SetupDiag will recursively search all child directories. This parameter should be omitted when the **/Mode:Online** is specified.
| +| /ZipLogs:\ |
  • This optional parameter tells SetupDiag.exe to create a zip file continuing its results and all the log files it parsed. The zip file is created in the same directory where SetupDiag.exe is run.
  • Default: If not specified, a value of 'true' is used.
| +| /Verbose |
  • This optional parameter will output much more data to the log file produced by SetupDiag.exe. By default SetupDiag will only produce a log file entry for serious errors. Using **/Verbose** will cause SetupDiag to always produce a log file with debugging details, which can be useful when reporting a problem with SetupDiag.
| + +### Examples: + +In the following example, SetupDiag is run with default parameters (online mode, results file is SetupDiagResults.log in the same folder where SetupDiag is run). + +``` +SetupDiag.exe +``` + +In the following example, SetupDiag is specified to run in Online mode (this is the default). It will know where to look for logs on the current (failing) system, so there is no need to gather logs ahead of time. A custom location for results is specified. + +``` +SetupDiag.exe /Output:C:\SetupDiag\Results.log /Mode:Online +``` + +The following example uses the /Output parameter to save results to a path name that contains a space: + +``` +SetupDiag /Output:"C:\Tools\SetupDiag\SetupDiag Results\Results.log" +``` + +The following example specifies that SetupDiag is to run in offline mode, and to process the log files found in **D:\Temp\Logs\LogSet1**. + +``` +SetupDiag.exe /Output:C:\SetupDiag\Results.log /Mode:Offline /LogsPath:D:\Temp\Logs\LogSet1 +``` + +## Log files + +[Windows Setup Log Files and Event Logs](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-log-files-and-event-logs) has information about where logs are created during Windows Setup. For offline processing, you should run SetupDiag against the contents of the entire folder. For example, depending on when the upgrade failed, copy one of the following folders to your offline location: + +\\$Windows.~bt\sources\panther +
\\$Windows.~bt\Sources\Rollback +
\Windows\Panther +
\Windows\Panther\NewOS + +If you copy the parent folder and all sub-folders, SetupDiag will automatically search for log files in all subdirectories. + +## Setup bug check analysis + +When Microsoft Windows encounters a condition that compromises safe system operation, the system halts. This condition is called a bug check. It is also commonly referred to as a system crash, a kernel error, a Stop error, or BSOD. Typically a hardware device, hardware driver, or related software causes this error. + +If crash dumps [are enabled](https://docs.microsoft.com/windows-hardware/drivers/debugger/enabling-a-kernel-mode-dump-file) on the system, a crash dump file is created. If the bug check occurs during an upgrade, Windows Setup will extract a minidump (setupmem.dmp) file. SetupDiag can also debug these setup related minidumps. + +To debug a setup related bug check, you must: +- Specify the **/Mode:Offline** and **/LogsPath** parameters. You cannot debug memory dumps in online mode. +- Gather the setup memory dump file (setupmem.dmp) from the failing system. + - Setupmem.dmp will be created in either **%SystemDrive%\$Windows.~bt\Sources\Rollback**, or in **%WinDir%\Panther\NewOS\Rollback** depending on when the bug check occurs. +- Install the [Windows Debugging Tools](https://docs.microsoft.com/windows-hardware/drivers/debugger/debugger-download-tools) on the computer that runs SetupDiag. + +In the following example, the **setupmem.dmp** file is copied to the **D:\Dump** directory and the Windows Debugging Tools are installed prior to running SetupDiag: + +``` +SetupDiag.exe /Output:C:\SetupDiag\Dumpdebug.log /Mode:Offline /LogsPath:D:\Dump +``` + +## Known issues + +1. Some rules can take a long time to process if the log files involved as large. +2. SetupDiag only outputs data in a text format. If another format is desired, please provide this [feedback](#feedback). +3. If the failing computer is opted into the Insider program and getting regular pre-release updates, or an update is already pending on the computer when SetupDiag is run, it can encounter problems trying to open these log files. This will likely cause a failure to determine a root cause. In this case, try gathering the log files and running SetupDiag in offline mode. + + +## Sample output + +The following is an example where SetupDiag is run in offline mode. In this example, it is found that disk space is not sufficient to complete Windows Setup: + +``` +C:\setupdiag>SetupDiag /Output:C:\setupdiag\results.log /Mode:Offline /LogsPath:C:\setupdiag\logfiles + + +SetupDiag v1.00 +Copyright (c) Microsoft Corporation. All rights reserved. + + +Searching for setup logs, this can take a minute or more depending on the number and size of the logs...please wait. + Found 1 setupact.logs. + Processing setupact.log 1 of 1 +Gathering information from setup logs. + +SetupDiag: processing rule: CompatScanOnly. +...No match. + + +SetupDiag: processing rule: BitLockerHardblock. +...No match. + + +SetupDiag: processing rule: VHDHardblock. +...No match. + + +SetupDiag: processing rule: PortableWorkspaceHardblock. +...No match. + + +SetupDiag: processing rule: AuditModeHardblock. +...No match. + + +SetupDiag: processing rule: SafeModeHardblock. +...No match. + + +SetupDiag: processing rule: InsufficientSystemPartitionDiskSpaceHardblock. +...No match. + + +SetupDiag: processing rule: HardblockApplication. +...No match. + + +SetupDiag: processing rule: HardblockDeviceOrDriver. +...No match. + + +SetupDiag: processing rule: HardblockMismatchedLanguage. +..No match. + + +SetupDiag: processing rule: HardblockFlightSigning. +..No match. + + +SetupDiag: processing rule: DiskSpaceBlockInDownLevel. +... + +Matching Profile found: DiskSpaceBlockInDownLevel - 6080AFAC-892E-4903-94EA-7A17E69E549E +Warning: Found Disk Space Hard Block. +Warning: You must free up at least 6603 MB of space on the System Drive, and try again. + +SetupDiag found 1 matching issue. +SetupDiag results were logged to: c:\setupdiag\results.log +Logs ZipFile created at: c:\setupdiag\Logs.zip + +``` + +## Rules + +When searching log files, SetupDiag uses a set of rules to match known issues. These rules are contained in the rules.xml file which is extracted when SetupDiag is run. The rules.xml file might be updated as new versions of SetupDiag are made available. See [Release notes](#release-notes) for more information. + +Each rule name and its associated unique rule identifier are listed with a description of the known upgrade-blocking issue. In the rule descriptions, the term "down-level" refers to the first phase of the upgrade process, which runs under the starting OS. + +1. CompatScanOnly - FFDAFD37-DB75-498A-A893-472D49A1311D + - This rule indicates that setup.exe was called with a specific command line parameter that indicated setup was to do a compat scan only, not an upgrade. +2. BitLockerHardblock - C30152E2-938E-44B8-915B-D1181BA635AE + - This is a block when the target OS does not support BitLocker, yet the host OS has BitLocker enabled. +3. VHDHardblock - D9ED1B82-4ED8-4DFD-8EC0-BE69048978CC + - This block happens when the host OS is booted to a VHD image. Upgrade is not supported when the host OS is booted from a VHD image. +4. PortableWorkspaceHardblock - 5B0D3AB4-212A-4CE4-BDB9-37CA404BB280 + - This indicates that the host OS is booted from a Windows To-Go device (USB key). Upgrade is not supported in the Windows To-Go environment. +5. AuditModeHardblock - A03BD71B-487B-4ACA-83A0-735B0F3F1A90 + - This block indicates that the host OS is currently booted into Audit Mode, a special mode for modifying the Windows state. Upgrade is not supported from this state. +6. SafeModeHardblock - 404D9523-B7A8-4203-90AF-5FBB05B6579B + - This block indicates that the host OS is booted to Safe Mode, where upgrade is not supported. +7. InsufficientSystemPartitionDiskSpaceHardblock - 3789FBF8-E177-437D-B1E3-D38B4C4269D1 + - This block is encountered when setup determines the system partition (where the boot loader files are stored) does not have enough space to be serviced with the newer boot files required during the upgrade process. +8. HardblockApplication - D6FBF046-5927-4FCD-B998-FE21CA7F6AC9 + - This rule indicates the host OS had one or more hard blocked applications that need to be uninstalled prior to continuing. This typically is only a problem when /Quiet is specified on the command line. +9. HardblockDeviceOrDriver - ED3AEFA1-F3E2-4F33-8A21-184ADF215B1B + - This indicates a device driver that is loaded on the host OS is not compatible with the newer OS version and needs to be removed prior to the upgrade. +10. HardblockMismatchedLanguage - 60BA8449-CF23-4D92-A108-D6FCEFB95B45 + - This rule indicates the host OS and the target OS language editions do not match. +11. HardblockFlightSigning - 598F2802-3E7F-4697-BD18-7A6371C8B2F8 + - This rule indicates the target OS is a pre-release, Windows Insider build, and the target machine has Secure Boot enabled. This will block the pre-release signed build from booting if installed on the machine. +12. DiskSpaceBlockInDownLevel - 6080AFAC-892E-4903-94EA-7A17E69E549E + - This failure indicates the system ran out of disk space during the down-level operations of upgrade. +13. DiskSpaceFailure - 981DCBA5-B8D0-4BA7-A8AB-4030F7A10191 + - This failure indicates the system drive ran out of available disk space at some point after the first reboot into the upgrade. +14. DeviceInstallHang - 37BB1C3A-4D79-40E8-A556-FDA126D40BC6 + - This failure rule indicates the system hung or bug checked during the device installation phase of upgrade. +15. DebugSetupMemoryDump - C7C63D8A-C5F6-4255-8031-74597773C3C6 + - This offline only rule indicates a bug check occurred during setup. If the debugger tools are available on the system, SetupDiag will debug the memory dump and provide details. +16. DebugSetupCrash - CEEBA202-6F04-4BC3-84B8-7B99AED924B1 + - This offline only rule indicates that setup itself encountered a failure that resulted in a process memory dump. If the debugger tools are installed on the system, SetupDiag will debug the memory dump and give further details. +17. DebugMemoryDump - 505ED489-329A-43F5-B467-FCAAF6A1264C + - This offline only rule is for any memory.dmp file that resulted during the setup/upgrade operation. If the debugger tools are installed on the system, SetupDiag will debug the memory dump and give further details. +18. FindDebugInfoFromRollbackLog - 9600EB68-1120-4A87-9FE9-3A4A70ACFC37 + - This rule will determine and give details when a bug check occurs during the setup/upgrade process that resulted in a memory dump, but without the requirement of the debugger package being on the executing machine. +19. AdvancedInstallerFailed - 77D36C96-32BE-42A2-BB9C-AAFFE64FCADC + - Finds fatal advanced installer operations that cause setup failures. +20. FindSuccessfulUpgrade - 8A0824C8-A56D-4C55-95A0-22751AB62F3E + - Determines if the given setup was a success or not based off the logs. +21. FindSetupHostReportedFailure - 6253C04F-2E4E-4F7A-B88E-95A69702F7EC + - Gives information about failures surfaced early in the upgrade process by setuphost.exe +22. FindDownlevelFailure - 716334B7-F46A-4BAA-94F2-3E31BC9EFA55 + - Gives failure information surfaced by SetupPlatform, later in the down-level phase. +23. FindAbruptDownlevelFailure - 55882B1A-DA3E-408A-9076-23B22A0472BD + - Gives last operation failure information when the system fails in the down-level, but the log just ends abruptly. +24. FindSetupPlatformDownlevelFailure - 307A0133-F06B-4B75-AEA8-116C3B53C2D1 + - Gives last operation and phase failure information when Setup indicates a down-level failure. +25. FindSetupPlatformDownlevelFailedOperation - 087610ED-329A-4DE9-A54C-38A3A07B5B8B + - Gives last phase and error information when Setup indicates a down-level failure. +26. FindRollbackFailure - 3A43C9B5-05B3-4F7C-A955-88F991BB5A48 + - Gives last operation, failure phase and error information when a rollback occurs. + + +## Release notes + +03/30/2018 - SetupDiag v1.00 released with 26 rules, as a standalone tool available from the Download Center. + +## Related topics + +[Resolve Windows 10 upgrade errors: Technical information for IT Pros](https://docs.microsoft.com/en-us/windows/deployment/upgrade/resolve-windows-10-upgrade-errors) \ No newline at end of file diff --git a/windows/deployment/upgrade/submit-errors.md b/windows/deployment/upgrade/submit-errors.md index 2118867a21..32eddd5c45 100644 --- a/windows/deployment/upgrade/submit-errors.md +++ b/windows/deployment/upgrade/submit-errors.md @@ -7,7 +7,7 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: deploy author: greg-lindsay -ms.date: 02/01/2018 +ms.date: 03/16/2018 ms.localizationpriority: high --- @@ -16,6 +16,10 @@ ms.localizationpriority: high **Applies to** - Windows 10 +>[!NOTE] +>This is a 100 level topic (basic).
+>See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article. + ## In this topic This topic describes how to submit problems with a Windows 10 upgrade to Microsoft using the Windows 10 Feedback Hub. @@ -47,7 +51,7 @@ The Feedback Hub will open. - Are there any external devices connected? - If you used the link above, the category and subcategory will be automatically selected. If it is not selected, choose **Install and Update** and **Windows Installation**. -You can attach a screenshot or file if desired. This is optional. +You can attach a screenshot or file if desired. This is optional, but can be extremely helpful when diagnosing your upgrade issue. The location of these files is described here: [Windows Setup log files and event logs](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-log-files-and-event-logs). Click **Submit** to send your feedback. diff --git a/windows/deployment/upgrade/troubleshoot-upgrade-errors.md b/windows/deployment/upgrade/troubleshoot-upgrade-errors.md new file mode 100644 index 0000000000..a7f5d26c91 --- /dev/null +++ b/windows/deployment/upgrade/troubleshoot-upgrade-errors.md @@ -0,0 +1,91 @@ +--- +title: Troubleshoot Windows 10 upgrade errors - Windows IT Pro +description: Resolve Windows 10 upgrade errors for ITPros. Technical information for IT professionals to help diagnose Windows setup errors. +keywords: deploy, error, troubleshoot, windows, 10, upgrade, code, rollback, ITPro +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +author: greg-lindsay +ms.date: 03/30/2018 +ms.localizationpriority: high +--- + +# Troubleshooting upgrade errors + +**Applies to** +- Windows 10 + +>[!NOTE] +>This is a 300 level topic (moderately advanced).
+>See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article. + +If a Windows 10 upgrade is not successful, it can be very helpful to understand *when* an error occurred in the upgrade process. + +Briefly, the upgrade process consists of four phases: **Downlevel**, **SafeOS**, **First boot**, and **Second boot**. The computer will reboot once between each phase. + +These phases are explained in greater detail [below](#the-windows-10-upgrade-process). First, let's summarize the actions performed during each phase because this affects the type of errors that can be encountered. + +1. **Downlevel phase**: Because this phase runs on the source OS, upgrade errors are not typically seen. If you do encounter an error, ensure the source OS is stable. Also ensure the Windows setup source and the destination drive are accessible. + +2. **SafeOS phase**: Errors most commonly occur during this phase due to hardware issues, firmware issues, or non-microsoft disk encryption software. + + Since the computer is booted into Windows PE during the SafeOS phase, a useful troubleshooting technique is to boot into [Windows PE](https://docs.microsoft.com/windows-hardware/manufacture/desktop/winpe-intro) using installation media. You can use the [media creation tool](https://www.microsoft.com/software-download/windows10) to create bootable media, or you can use tools such as the [Windows ADK](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit), and then boot your device from this media to test for hardware and firmware compatibility issues. + + **Do not proceed with the Windows 10 installation after booting from this media**. This method can only be used to perform a clean install which will not migrate any of your apps and settings, and you will be required re-enter your Windows 10 license information. + + If the computer does not successfully boot into Windows PE using the media that you created, this is likely due to a hardware or firmware issue. Check with your hardware manufacturer and apply any recommended BIOS and firmware updates. If you are still unable to boot to installation media after applying updates, disconnect or replace legacy hardware. + + If the computer successfully boots into Windows PE, but you are not able to browse the system drive on the computer, it is possible that non-Microsoft disk encryption software is blocking your ability to perform a Windows 10 upgrade. Update or temporarily remove the disk encryption. + +3. **First boot phase**: Boot failures in this phase are relatively rare, and almost exclusively caused by device drivers. Disconnect all peripheral devices except for the mouse, keyboard, and display. Obtain and install updated device drivers, then retry the upgrade. + +4. **Second boot phase**: In this phase, the system is running under the target OS with new drivers. Boot failures are most commonly due to anti-virus software or filter drivers. Disconnect all peripheral devices except for the mouse, keyboard, and display. Obtain and install updated device drivers, temporarily uninstall anti-virus software, then retry the upgrade. + +If the general troubleshooting techniques described above or the [quick fixes](quick-fixes.md) detailed below do not resolve your issue, you can attempt to analyze [log files](log-files.md) and interpret [upgrade error codes](upgrade-error-codes.md). You can also [Submit Windows 10 upgrade errors using Feedback Hub](submit-errors.md) so that Microsoft can diagnose your issue. + +## The Windows 10 upgrade process + +The **Windows Setup** application is used to upgrade a computer to Windows 10, or to perform a clean installation. Windows Setup starts and restarts the computer, gathers information, copies files, and creates or adjusts configuration settings. + +When performing an operating system upgrade, Windows Setup uses phases described below. A reboot occurs between each of the phases. After the first reboot, the user interface will remain the same until the upgrade is completed. Percent progress is displayed and will advance as you move through each phase, reaching 100% at the end of the second boot phase. + +1. **Downlevel phase**: The downlevel phase is run within the previous operating system. Windows files are copied and installation components are gathered. + + ![downlevel phase](../images/downlevel.png) + +2. **Safe OS phase**: A recovery partition is configured, Windows files are expanded, and updates are installed. An OS rollback is prepared if needed. Example error codes: 0x2000C, 0x20017. + + ![safeOS phase](../images/safeos.png) + +3. **First boot phase**: Initial settings are applied. Example error codes: 0x30018, 0x3000D. + + ![first boot phase](../images/firstboot.png) + +4. **Second boot phase**: Final settings are applied. This is also called the **OOBE boot phase**. Example error codes: 0x4000D, 0x40017. + + At the end of the second boot phase, the **Welcome to Windows 10** screen is displayed, preferences are configured, and the Windows 10 sign-in prompt is displayed. + + ![second boot phase](../images/secondboot.png) + + ![second boot phase](../images/secondboot2.png) + + ![second boot phase](../images/secondboot3.png) + +5. **Uninstall phase**: This phase occurs if upgrade is unsuccessful (image not shown). Example error codes: 0x50000, 0x50015. + +**Figure 1**: Phases of a successful Windows 10 upgrade (uninstall is not shown): + +![Upgrade process](../images/upgrade-process.png) + +DU = Driver/device updates.
+OOBE = Out of box experience.
+WIM = Windows image (Microsoft) + +## Related topics + +[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/en-us/windows/dn798755.aspx) +
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/en-us/windows/dn798752.aspx) +
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications) +
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro) +
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821) diff --git a/windows/deployment/upgrade/upgrade-error-codes.md b/windows/deployment/upgrade/upgrade-error-codes.md new file mode 100644 index 0000000000..cdd4fe37c9 --- /dev/null +++ b/windows/deployment/upgrade/upgrade-error-codes.md @@ -0,0 +1,144 @@ +--- +title: Upgrade error codes - Windows IT Pro +description: Resolve Windows 10 upgrade errors for ITPros. Technical information for IT professionals to help diagnose Windows setup errors. +keywords: deploy, error, troubleshoot, windows, 10, upgrade, code, rollback, ITPro +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +author: greg-lindsay +ms.date: 03/30/2018 +ms.localizationpriority: high +--- + +# Upgrade error codes + +**Applies to** +- Windows 10 + +>[!NOTE] +>This is a 400 level topic (advanced).
+>See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article. + + +If the upgrade process is not successful, Windows Setup will return two codes: + +1. **A result code**: The result code corresponds to a specific Win32 or NTSTATUS error. +2. **An extend code**: The extend code contains information about both the *phase* in which an error occurred, and the *operation* that was being performed when the error occurred. + +>For example, a result code of **0xC1900101** with an extend code of **0x4000D** will be returned as: **0xC1900101 - 0x4000D**. + +Note: If only a result code is returned, this can be because a tool is being used that was not able to capture the extend code. For example, if you are using the [Windows 10 Upgrade Assistant](https://support.microsoft.com/en-us/kb/3159635) then only a result code might be returned. + +>[!TIP] +>If you are unable to locate the result and extend error codes, you can attempt to find these codes using Event Viewer. For more information, see [Windows Error Reporting](windows-error-reporting.md). + +## Result codes + +>A result code of **0xC1900101** is generic and indicates that a rollback occurred. In most cases, the cause is a driver compatibility issue.
To troubleshoot a failed upgrade that has returned a result code of 0xC1900101, analyze the extend code to determine the Windows Setup phase, and see the [Resolution procedures](resolution-procedures.md) section later in this article. + +Result codes can be matched to the type of error encountered. To match a result code to an error: + +1. Identify the error code type as either Win32 or NTSTATUS using the first hexadecimal digit: +
**8** = Win32 error code (ex: 0x**8**0070070) +
**C** = NTSTATUS value (ex: 0x**C**1900107) +2. Write down the last 4 digits of the error code (ex: 0x8007**0070** = 0070). These digits are the actual error code type as defined in the [HRESULT](https://msdn.microsoft.com/en-us/library/cc231198.aspx) or the [NTSTATUS](https://msdn.microsoft.com/en-us/library/cc231200.aspx) structure. Other digits in the code identify things such as the device type that produced the error. +3. Based on the type of error code determined in the first step (Win32 or NTSTATUS), match the 4 digits derived from the second step to either a Win32 error code or NTSTATUS value using the following links: + - [Win32 error code](https://msdn.microsoft.com/en-us/library/cc231199.aspx) + - [NTSTATUS value](https://msdn.microsoft.com/en-us/library/cc704588.aspx) + +Examples: +- 0x80070070 + - Based on the "8" this is a Win32 error code + - The last four digits are 0070, so look up 0x00000070 in the [Win32 error code](https://msdn.microsoft.com/en-us/library/cc231199.aspx) table + - The error is: **ERROR_DISK_FULL** +- 0xC1900107 + - Based on the "C" this is an NTSTATUS error code + - The last four digits are 0107, so look up 0x00000107 in the [NTSTATUS value](https://msdn.microsoft.com/en-us/library/cc704588.aspx) table + - The error is: **STATUS_SOME_NOT_MAPPED** + +Some result codes are self-explanatory, whereas others are more generic and require further analysis. In the examples shown above, ERROR_DISK_FULL indicates that the hard drive is full and additional room is needed to complete Windows upgrade. The message STATUS_SOME_NOT_MAPPED is more ambiguous, and means that an action is pending. In this case, the action pending is often the cleanup operation from a previous installation attempt, which can be resolved with a system reboot. + +## Extend codes + +>**Important**: Extend codes reflect the current Windows 10 upgrade process, and might change in future releases of Windows 10. The codes discussed in this section apply to Windows 10 version 1607, also known as the Anniversary Update. + +Extend codes can be matched to the phase and operation when an error occurred. To match an extend code to the phase and operation: + +1. Use the first digit to identify the phase (ex: 0x4000D = 4). +2. Use the last two digits to identify the operation (ex: 0x4000D = 0D). +3. Match the phase and operation to values in the tables provided below. + +The following tables provide the corresponding phase and operation for values of an extend code: + +
+ + + +
Extend code: phase
HexPhase +
0SP_EXECUTION_UNKNOWN +
1SP_EXECUTION_DOWNLEVEL +
2SP_EXECUTION_SAFE_OS +
3SP_EXECUTION_FIRST_BOOT +
4SP_EXECUTION_OOBE_BOOT +
5SP_EXECUTION_UNINSTALL +
+ + + + + + + +
Extend code: operation
+ +
HexOperation +
0SP_EXECUTION_OP_UNKNOWN +
1SP_EXECUTION_OP_COPY_PAYLOAD +
2SP_EXECUTION_OP_DOWNLOAD_UPDATES +
3SP_EXECUTION_OP_INSTALL_UPDATES +
4SP_EXECUTION_OP_INSTALL_RECOVERY_ENVIRONMENT +
5SP_EXECUTION_OP_INSTALL_RECOVERY_IMAGE +
6SP_EXECUTION_OP_REPLICATE_OC +
7SP_EXECUTION_OP_INSTALL_DRVIERS +
8SP_EXECUTION_OP_PREPARE_SAFE_OS +
9SP_EXECUTION_OP_PREPARE_ROLLBACK +
ASP_EXECUTION_OP_PREPARE_FIRST_BOOT +
BSP_EXECUTION_OP_PREPARE_OOBE_BOOT +
CSP_EXECUTION_OP_APPLY_IMAGE +
DSP_EXECUTION_OP_MIGRATE_DATA +
ESP_EXECUTION_OP_SET_PRODUCT_KEY +
FSP_EXECUTION_OP_ADD_UNATTEND +
+		 + +
HexOperation +
10SP_EXECUTION_OP_ADD_DRIVER +
11SP_EXECUTION_OP_ENABLE_FEATURE +
12SP_EXECUTION_OP_DISABLE_FEATURE +
13SP_EXECUTION_OP_REGISTER_ASYNC_PROCESS +
14SP_EXECUTION_OP_REGISTER_SYNC_PROCESS +
15SP_EXECUTION_OP_CREATE_FILE +
16SP_EXECUTION_OP_CREATE_REGISTRY +
17SP_EXECUTION_OP_BOOT +
18SP_EXECUTION_OP_SYSPREP +
19SP_EXECUTION_OP_OOBE +
1ASP_EXECUTION_OP_BEGIN_FIRST_BOOT +
1BSP_EXECUTION_OP_END_FIRST_BOOT +
1CSP_EXECUTION_OP_BEGIN_OOBE_BOOT +
1DSP_EXECUTION_OP_END_OOBE_BOOT +
1ESP_EXECUTION_OP_PRE_OOBE +
1FSP_EXECUTION_OP_POST_OOBE +
20SP_EXECUTION_OP_ADD_PROVISIONING_PACKAGE +
+
+ +For example: An extend code of **0x4000D**, represents a problem during phase 4 (**0x4**) with data migration (**000D**). + +## Related topics + +[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/en-us/windows/dn798755.aspx) +
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/en-us/windows/dn798752.aspx) +
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications) +
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro) +
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821) diff --git a/windows/deployment/upgrade/upgrade-readiness-deployment-script.md b/windows/deployment/upgrade/upgrade-readiness-deployment-script.md index fb04dd5bf6..7b45c2ed1b 100644 --- a/windows/deployment/upgrade/upgrade-readiness-deployment-script.md +++ b/windows/deployment/upgrade/upgrade-readiness-deployment-script.md @@ -66,7 +66,7 @@ To run the Upgrade Readiness deployment script: > > *IEOptInLevel = 3 Data collection is enabled for all sites* -4. The latest version (03.02.17) of the deployment script is configured to collect and send diagnostic and debugging data to Microsoft. If you wish to disable sending diagnostic and debugging data to Microsoft, set **AppInsightsOptIn = false**. By default, **AppInsightsOptIn** is set to **true**. +4. A recent version (03.02.17) of the deployment script is configured to collect and send diagnostic and debugging data to Microsoft. If you wish to disable sending diagnostic and debugging data to Microsoft, set **AppInsightsOptIn = false**. By default, **AppInsightsOptIn** is set to **true**. The data that is sent is the same data that is collected in the text log file that captures the events and error codes while running the script. This file is named in the following format: **UA_yyyy_mm_dd_hh_mm_ss_machineID.txt**. Log files are created in the drive that is specified in the RunConfig.bat file. By default this is set to: **%SystemDrive%\UADiagnostics**. @@ -75,7 +75,9 @@ To run the Upgrade Readiness deployment script: \*vortex\*.data.microsoft.com
\*settings\*.data.microsoft.com -5. After you finish editing the parameters in RunConfig.bat, you are ready to run the script. If you are using the Pilot version, run RunConfig.bat from an elevated command prompt. If you are using the Deployment version, use ConfigMgr or other software deployment service to run RunConfig.bat as system. +5. The latest version (03.28.2018) of the deployment script configures insider builds to continue to send the device name to the diagnostic data management service and the analytics portal. If you do not want to have insider builds send the device name sent to analytics and be available in the analytics portal, set **DeviceNAmeOptIn = false**. By default it is true, which preserves the behavior on previous versions of Windows. This setting only applies to insider builds. Note that the device name is also sent to AppInsights, so to ensure the device name is not sent to either place you would need to also set **AppInsightsOptIn = false**. + +6. After you finish editing the parameters in RunConfig.bat, you are ready to run the script. If you are using the Pilot version, run RunConfig.bat from an elevated command prompt. If you are using the Deployment version, use ConfigMgr or other software deployment service to run RunConfig.bat as system. ## Exit codes diff --git a/windows/deployment/upgrade/windows-error-reporting.md b/windows/deployment/upgrade/windows-error-reporting.md new file mode 100644 index 0000000000..e8c3251320 --- /dev/null +++ b/windows/deployment/upgrade/windows-error-reporting.md @@ -0,0 +1,66 @@ +--- +title: Windows error reporting - Windows IT Pro +description: Resolve Windows 10 upgrade errors for ITPros. Technical information for IT professionals to help diagnose Windows setup errors. +keywords: deploy, error, troubleshoot, windows, 10, upgrade, code, rollback, ITPro +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +author: greg-lindsay +ms.date: 03/30/2018 +ms.localizationpriority: high +--- + +# Windows error reporting + +**Applies to** +- Windows 10 + +>[!NOTE] +>This is a 300 level topic (moderately advanced).
+>See [Resolve Windows 10 upgrade errors](resolve-windows-10-upgrade-errors.md) for a full list of topics in this article. + + +When Windows Setup fails, the result and extend code are recorded as an informational event in the Application log by Windows Error Reporting as event 1001. The event name is **WinSetupDiag02**. You can use Event Viewer to review this event, or you can use Windows PowerShell. + +To use Windows PowerShell, type the following commands from an elevated Windows PowerShell prompt: + +``` +$events = Get-WinEvent -FilterHashtable @{LogName="Application";ID="1001";Data="WinSetupDiag02"} +$event = [xml]$events[0].ToXml() +$event.Event.EventData.Data +``` + +To use Event Viewer: +1. Open Event Viewer and navigate to **Windows Logs\Application**. +2. Click **Find**, and then search for **winsetupdiag02**. +3. Double-click the event that is highlighted. + +Note: For legacy operating systems, the Event Name was WinSetupDiag01. + +Ten parameters are listed in the event: +
+ + + + + + + + + + + +
P1: The Setup Scenario (1=Media,5=WindowsUpdate,7=Media Creation Tool)
P2: Setup Mode (x=default,1=Downlevel,5=Rollback)
P3: New OS Architecture (x=default,0=X86,9=AMD64)
P4: Install Result (x=default,0=Success,1=Failure,2=Cancel,3=Blocked)
P5: Result Error Code (Ex: 0xc1900101)
P6: Extend Error Code (Ex: 0x20017)
P7: Source OS build (Ex: 9600)
P8: Source OS branch (not typically available)
P9: New OS build (Ex: 16299}
P10: New OS branch (Ex: rs3_release}
+ +The event will also contain links to log files that can be used to perform a detailed diagnosis of the error. An example of this event from a successful upgrade is shown below. + +![Windows Error Reporting](../images/event.png) + +## Related topics + +[Windows 10 FAQ for IT professionals](https://technet.microsoft.com/en-us/windows/dn798755.aspx) +
[Windows 10 Enterprise system requirements](https://technet.microsoft.com/en-us/windows/dn798752.aspx) +
[Windows 10 Specifications](https://www.microsoft.com/en-us/windows/Windows-10-specifications) +
[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro) +
[Fix Windows Update errors by using the DISM or System Update Readiness tool](https://support.microsoft.com/kb/947821) diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md index 43ce0a6db5..645efb6bee 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md @@ -1,5 +1,5 @@ --- -title: Hybrid Key trust Windows Hello for Business Prerequistes (Windows Hello for Business) +title: Hybrid Key trust Windows Hello for Business Prerequisites (Windows Hello for Business) description: Prerequisites for Hybrid Windows Hello for Business Deployments keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, key-trust ms.prod: w10 diff --git a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md index c8fbfbe290..29fcf7faee 100644 --- a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md +++ b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md @@ -72,7 +72,7 @@ The table shows the minimum requirements for each deployment. ## Frequently Asked Questions ### Can I deploy Windows Hello for Business using System Center Configuration Manager? -Windows Hello for Business deployments using System Center Configuration Manager need to move to the hybrid deploymnet model that uses Active Directory Federation Services. Deployments using System Center Configuration Manager wil no long be supported after November 2018. +Windows Hello for Business deployments using System Center Configuration Manager need to move to the hybrid deployment model that uses Active Directory Federation Services. Deployments using System Center Configuration Manager will no long be supported after November 2018. ### What is the password-less strategy? diff --git a/windows/security/identity-protection/hello-for-business/hello-planning-guide.md b/windows/security/identity-protection/hello-for-business/hello-planning-guide.md index 61dc742a69..880d8394b1 100644 --- a/windows/security/identity-protection/hello-for-business/hello-planning-guide.md +++ b/windows/security/identity-protection/hello-for-business/hello-planning-guide.md @@ -284,7 +284,7 @@ If box **2a** reads **GP** and box **2b** reads **modern management**, write **A | Web Server | NDES | | CEP Encryption | NDES | -If box **2a** reads **GP** and box **2b** reads **N/A**, write **AD FA RA** in box **5b** and write the following certificate template names and issuances in box **5c** on your planning worksheet. +If box **2a** reads **GP** and box **2b** reads **N/A**, write **AD FS RA** in box **5b** and write the following certificate template names and issuances in box **5c** on your planning worksheet. | Certificate Template Name | Issued To | | --- | --- | diff --git a/windows/security/identity-protection/hello-for-business/toc.md b/windows/security/identity-protection/hello-for-business/toc.md index 86c01a544c..ae838d1fcc 100644 --- a/windows/security/identity-protection/hello-for-business/toc.md +++ b/windows/security/identity-protection/hello-for-business/toc.md @@ -22,7 +22,7 @@ #### [Sign-in and Provision](hello-hybrid-key-whfb-provision.md) ### [Hybrid Azure AD Joined Certificate Trust Deployment](hello-hybrid-cert-trust.md) -#### [Prerequistes](hello-hybrid-cert-trust-prereqs.md) +#### [Prerequisites](hello-hybrid-cert-trust-prereqs.md) #### [New Installation Baseline](hello-hybrid-cert-new-install.md) #### [Configure Azure Device Registration](hello-hybrid-cert-trust-devreg.md) #### [Configure Windows Hello for Business policy settings](hello-hybrid-cert-whfb-settings.md) diff --git a/windows/security/identity-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md b/windows/security/identity-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md index 7ce6c1be29..04fceb336d 100644 --- a/windows/security/identity-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md +++ b/windows/security/identity-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md @@ -1,5 +1,5 @@ --- -title: Open the Group Policy Management Console to Windows Defender Firewall with Advanced Security (Windows 10) +title: Open the Group Policy Management Console to Windows Defender Firewall (Windows 10) description: Open the Group Policy Management Console to Windows Defender Firewall with Advanced Security ms.assetid: 5090b2c8-e038-4905-b238-19ecf8227760 ms.prod: w10 @@ -7,10 +7,10 @@ ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security author: brianlic-msft -ms.date: 08/17/2017 +ms.date: 04/02/2017 --- -# Open the Group Policy Management Console to Windows Defender Firewall with Advanced Security +# Open the Group Policy Management Console to Windows Defender Firewall **Applies to** - Windows 10 @@ -18,10 +18,8 @@ ms.date: 08/17/2017 To open a GPO to Windows Defender Firewall: -1. Open the Active Directory Users and Computers console. +1. Open the Group Policy Management console. -2. In the navigation pane, expand *YourDomainName*, right-click the container that your GPO is linked to, and then click **Properties**. +2. In the navigation pane, expand **Forest:** *YourForestName*, expand **Domains**, expand *YourDomainName*, expand **Group Policy Objects**, right-click the GPO you want to modify, and then click **Edit**. -3. Click the **Group Policy** tab, select your GPO, and then click **Edit**. - -4. In the navigation pane of the Group Policy Object Editor, navigate to **Computer Configuration** > **Administrative Templates** > **Network** > **Network Connections** > **Windows Defender Firewall**. \ No newline at end of file +3. In the navigation pane of the Group Policy Object Editor, navigate to **Computer Configuration** > **Administrative Templates** > **Network** > **Network Connections** > **Windows Defender Firewall**. \ No newline at end of file diff --git a/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md b/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md index c68ad8e70c..20431799cb 100644 --- a/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md +++ b/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md @@ -62,7 +62,7 @@ WIP provides: - Additional data protection for existing line-of-business apps without a need to update the apps. -- Ability to wipe corporate data from devices while leaving personal data alone. +- Ability to wipe corporate data from Intune MDM enrolled devices while leaving personal data alone. - Use of audit reports for tracking issues and remedial actions. diff --git a/windows/security/threat-protection/applocker/configure-the-application-identity-service.md b/windows/security/threat-protection/applocker/configure-the-application-identity-service.md index 73a7463d29..eace7b9b57 100644 --- a/windows/security/threat-protection/applocker/configure-the-application-identity-service.md +++ b/windows/security/threat-protection/applocker/configure-the-application-identity-service.md @@ -7,7 +7,7 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library author: brianlic-msft -ms.date: 09/21/2017 +ms.date: 04/02/2018 --- # Configure the Application Identity service @@ -38,4 +38,12 @@ Membership in the local **Administrators** group, or equivalent, is the minimum 2. Click the **Services** tab, right-click **AppIDSvc**, and then click **Start Service**. 3. Verify that the status for the Application Identity service is **Running**. -Starting with Windows 10, the Application Identity service is now a protected process. Because of this, you can no longer manually set the service **Startup type** to **Automatic**. +Starting with Windows 10, the Application Identity service is now a protected process. Because of this, you can no longer manually set the service **Startup type** to **Automatic** by using the Sevices snap-in. Try either of these methods instead: + +- Open an elevated commnad prompt or PowerShell session and type: + + ```powershell + sc.exe config appidsvc start= auto + ``` + +- Create a security template that configures appidsvc to be automatic start, and apply it using secedit.exe or LGPO.exe. diff --git a/windows/security/threat-protection/device-guard/deploy-catalog-files-to-support-windows-defender-application-control.md b/windows/security/threat-protection/device-guard/deploy-catalog-files-to-support-windows-defender-application-control.md index 1cdb8061a7..0d9c04fc68 100644 --- a/windows/security/threat-protection/device-guard/deploy-catalog-files-to-support-windows-defender-application-control.md +++ b/windows/security/threat-protection/device-guard/deploy-catalog-files-to-support-windows-defender-application-control.md @@ -146,7 +146,7 @@ After the catalog file is signed, add the signing certificate to a WDAC policy, 1. If you have not already verified the catalog file digital signature, right-click the catalog file, and then click **Properties**. On the **Digital Signatures** tab, verify that your signing certificate exists with the algorithm you expect. -2. If you already have an XML policy file that you want to add the signing certificate to, skip to the next step. Otherwise, use [New-CIPolicy](https://technet.microsoft.com/library/mt634473.aspx) to create a WDAC policy that you will later merge into another policy (not deploy as-is). This example creates a policy called **CatalogSignatureOnly.xml** in the location **C:\\PolicyFolder**: +2. If you already have an XML policy file that you want to add the signing certificate to, skip to the next step. Otherwise, use [New-CIPolicy](https://docs.microsoft.com/powershell/module/configci/new-cipolicy?view=win10-ps) to create a WDAC policy that you will later merge into another policy (not deploy as-is). This example creates a policy called **CatalogSignatureOnly.xml** in the location **C:\\PolicyFolder**: ` New-CIPolicy -Level PcaCertificate -FilePath C:\PolicyFolder\CatalogSignatureOnly.xml –UserPEs` diff --git a/windows/security/threat-protection/device-guard/deploy-windows-defender-application-control-policy-rules-and-file-rules.md b/windows/security/threat-protection/device-guard/deploy-windows-defender-application-control-policy-rules-and-file-rules.md index 891d33a3be..909c8b6e52 100644 --- a/windows/security/threat-protection/device-guard/deploy-windows-defender-application-control-policy-rules-and-file-rules.md +++ b/windows/security/threat-protection/device-guard/deploy-windows-defender-application-control-policy-rules-and-file-rules.md @@ -105,13 +105,13 @@ Table 3. Windows Defender Application Control policy - file rule levels | **WHQLPublisher** | This is a combination of the WHQL and the CN on the leaf certificate and is primarily for kernel binaries. | | **WHQLFilePublisher** | Specifies that the binaries are validated and signed by WHQL, with a specific publisher (WHQLPublisher), and that the binary is the specified version or newer. This is primarily for kernel binaries. | -> **Note**  When you create WDAC policies with the [New-CIPolicy](https://technet.microsoft.com/library/mt634473.aspx) cmdlet, you can specify a primary file rule level by including the **-Level** parameter. For discovered binaries that cannot be trusted based on the primary file rule criteria, use the **-Fallback** parameter. For example, if the primary file rule level is PCACertificate but you would like to trust the unsigned applications as well, using the Hash rule level as a fallback adds the hash values of binaries that did not have a signing certificate. +> **Note**  When you create WDAC policies with the [New-CIPolicy](https://docs.microsoft.com/powershell/module/configci/new-cipolicy?view=win10-ps) cmdlet, you can specify a primary file rule level by including the **-Level** parameter. For discovered binaries that cannot be trusted based on the primary file rule criteria, use the **-Fallback** parameter. For example, if the primary file rule level is PCACertificate but you would like to trust the unsigned applications as well, using the Hash rule level as a fallback adds the hash values of binaries that did not have a signing certificate. ## Example of file rule levels in use For example, consider some IT professionals in a department that runs many servers. They decide they want their servers to run only software signed by the providers of their software and drivers, that is, the companies that provide their hardware, operating system, antivirus, and other important software. They know that their servers also run an internally written application that is unsigned but is rarely updated. They want to allow this application to run. -To create the WDAC policy, they build a reference server on their standard hardware, and install all of the software that their servers are known to run. Then they run [New-CIPolicy](https://technet.microsoft.com/library/mt634473.aspx) with **-Level Publisher** (to allow software from their software providers, the "Publishers") and **-Fallback Hash** (to allow the internal, unsigned application). They enable the policy in auditing mode and gather information about any necessary software that was not included on the reference server. They merge WDAC policies into the original policy to allow that additional software to run. Then they enable the WDAC policy in enforced mode for their servers. +To create the WDAC policy, they build a reference server on their standard hardware, and install all of the software that their servers are known to run. Then they run [New-CIPolicy](https://docs.microsoft.com/powershell/module/configci/new-cipolicy?view=win10-ps) with **-Level Publisher** (to allow software from their software providers, the "Publishers") and **-Fallback Hash** (to allow the internal, unsigned application). They enable the policy in auditing mode and gather information about any necessary software that was not included on the reference server. They merge WDAC policies into the original policy to allow that additional software to run. Then they enable the WDAC policy in enforced mode for their servers. As part of normal operations, they will eventually install software updates, or perhaps add software from the same software providers. Because the "Publisher" remains the same on those updates and software, they will not need to update their WDAC policy. If they come to a time when the internally-written, unsigned application must be updated, they must also update the WDAC policy so that the hash in the policy matches the hash of the updated internal application. diff --git a/windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md b/windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md index be8ccb2590..64881457e7 100644 --- a/windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md +++ b/windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md @@ -797,7 +797,7 @@ To create a WDAC policy, copy each of the following commands into an elevated Wi ` $CIPolicyBin=$CIPolicyPath+"DeviceGuardPolicy.bin"` -2. Use [New-CIPolicy](https://technet.microsoft.com/library/mt634473.aspx) to create a new WDAC policy by scanning the system for installed applications: +2. Use [New-CIPolicy](https://docs.microsoft.com/powershell/module/configci/new-cipolicy?view=win10-ps) to create a new WDAC policy by scanning the system for installed applications: ` New-CIPolicy -Level PcaCertificate -FilePath $InitialCIPolicy –UserPEs 3> CIPolicyLog.txt ` @@ -887,7 +887,7 @@ Use the following procedure after you have been running a computer with a WDAC p ` $CIAuditPolicy=$CIPolicyPath+"DeviceGuardAuditPolicy.xml"` -3. Use [New-CIPolicy](https://technet.microsoft.com/library/mt634473.aspx) to generate a new WDAC policy from logged audit events. This example uses a file rule level of **Hash** and includes `3> CIPolicylog.txt`, which redirects warning messages to a text file, **CIPolicylog.txt**. +3. Use [New-CIPolicy](https://docs.microsoft.com/powershell/module/configci/new-cipolicy?view=win10-ps) to generate a new WDAC policy from logged audit events. This example uses a file rule level of **Hash** and includes `3> CIPolicylog.txt`, which redirects warning messages to a text file, **CIPolicylog.txt**. ` New-CIPolicy -Audit -Level Hash -FilePath $CIAuditPolicy –UserPEs 3> CIPolicylog.txt` diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md index 1adc579110..504909f266 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md @@ -29,7 +29,7 @@ This policy setting is dependent on the **Account lockout threshold** policy set If [Account lockout threshold](account-lockout-threshold.md) is configured, after the specified number of failed attempts, the account will be locked out. If th **Account lockout duration** is set to 0, the account will remain locked until an administrator unlocks it manually. -It is advisable to set **Account lockout duration** to approximately 30 minutes. To specify that the account will never be locked out, set the value to 0. To configure the value for this policy setting so that it never automatically unlocks the account might seem like a good idea; however, doing so can increase the number of requests that your organization’s Help Desk receives to unlock accounts that were locked by mistake. +It is advisable to set **Account lockout duration** to approximately 15 minutes. To specify that the account will never be locked out, set the Account lockout threshold value to 0. ### Location