diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index dfbdfefcc2..5b224029ba 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -1,5 +1,60 @@ { "redirections": [ + { + "source_path": "windows/configuration/wcd/wcd-embeddedlockdownprofiles.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/configure-mobile.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/lockdown-xml.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/mobile-lockdown-designer.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/product-ids-in-windows-10-mobile.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/provisioning-configure-mobile.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/provisioning-nfc.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/provisioning-package-splitter.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/settings-that-can-be-locked-down.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/set-up-a-kiosk-for-windows-10-for-mobile-edition.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, + { + "source_path": "windows/configuration/mobile-devices/start-layout-xml-mobile.md", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", + "redirect_document_id": false + }, { "source_path": "windows/whats-new/windows-11.md", "redirect_url": "/windows/whats-new/windows-11-whats-new", @@ -6637,22 +6692,22 @@ }, { "source_path": "windows/manage/set-up-a-kiosk-for-windows-10-for-mobile-edition.md", - "redirect_url": "/windows/configuration/mobile-devices/set-up-a-kiosk-for-windows-10-for-mobile-edition", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { "source_path": "windows/manage/lockdown-xml.md", - "redirect_url": "/windows/configuration/mobile-devices/lockdown-xml", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { "source_path": "windows/manage/settings-that-can-be-locked-down.md", - "redirect_url": "/windows/configuration/mobile-devices/settings-that-can-be-locked-down", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { "source_path": "windows/manage/product-ids-in-windows-10-mobile.md", - "redirect_url": "/windows/configuration/mobile-devices/product-ids-in-windows-10-mobile", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -6682,7 +6737,7 @@ }, { "source_path": "windows/manage/start-layout-xml-mobile.md", - "redirect_url": "/windows/configuration/mobile-devices/start-layout-xml-mobile", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -6847,7 +6902,7 @@ }, { "source_path": "windows/deploy/provisioning-nfc.md", - "redirect_url": "/windows/configuration/provisioning-packages/provisioning-nfc", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -7602,7 +7657,7 @@ }, { "source_path": "windows/configure/configure-mobile.md", - "redirect_url": "/windows/configuration/mobile-devices/configure-mobile", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -7767,7 +7822,7 @@ }, { "source_path": "windows/configure/lockdown-xml.md", - "redirect_url": "/windows/configuration/mobile-devices/lockdown-xml", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -7787,12 +7842,12 @@ }, { "source_path": "windows/configure/mobile-lockdown-designer.md", - "redirect_url": "/windows/configuration/mobile-devices/mobile-lockdown-designer", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { "source_path": "windows/configure/product-ids-in-windows-10-mobile.md", - "redirect_url": "/windows/configuration/mobile-devices/product-ids-in-windows-10-mobile", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -7822,7 +7877,7 @@ }, { "source_path": "windows/configure/provisioning-configure-mobile.md", - "redirect_url": "/windows/configuration/mobile-devices/provisioning-configure-mobile", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -7847,12 +7902,12 @@ }, { "source_path": "windows/configure/provisioning-nfc.md", - "redirect_url": "/windows/configuration/mobile-devices/provisioning-nfc", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { "source_path": "windows/configure/provisioning-package-splitter.md", - "redirect_url": "/windows/configuration/mobile-devices/provisioning-package-splitter", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -7892,7 +7947,7 @@ }, { "source_path": "windows/configure/set-up-a-kiosk-for-windows-10-for-mobile-edition.md", - "redirect_url": "/windows/configuration/mobile-devices/set-up-a-kiosk-for-windows-10-for-mobile-edition", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -7902,7 +7957,7 @@ }, { "source_path": "windows/configure/settings-that-can-be-locked-down.md", - "redirect_url": "/windows/configuration/mobile-devices/settings-that-can-be-locked-down", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { @@ -7912,7 +7967,7 @@ }, { "source_path": "windows/configure/start-layout-xml-mobile.md", - "redirect_url": "/windows/configuration/mobile-devices/start-layout-xml-mobile", + "redirect_url": "https://support.microsoft.com/windows/windows-10-mobile-end-of-support-faq-8c2dd1cf-a571-00f0-0881-bb83926d05c5", "redirect_document_id": false }, { diff --git a/browsers/edge/group-policies/index.yml b/browsers/edge/group-policies/index.yml index a1604c10e5..0b2aef014b 100644 --- a/browsers/edge/group-policies/index.yml +++ b/browsers/edge/group-policies/index.yml @@ -6,7 +6,7 @@ summary: Microsoft Edge Legacy works with Group Policy and Microsoft Intune to h metadata: title: Microsoft Edge Legacy # Required; page title displayed in search results. Include the brand. < 60 chars. description: Find the tools and resources you need to help deploy and use Microsoft Edge in your organization. # Required; article description that is displayed in search results. < 160 chars. - keywords: Microsoft Edge Legacy, Windows 10, Windows 10 Mobile + keywords: Microsoft Edge Legacy, Windows 10 ms.localizationpriority: medium ms.prod: edge author: shortpatti diff --git a/browsers/edge/microsoft-edge-faq.yml b/browsers/edge/microsoft-edge-faq.yml index 126a8572e8..96038bd4ce 100644 --- a/browsers/edge/microsoft-edge-faq.yml +++ b/browsers/edge/microsoft-edge-faq.yml @@ -15,7 +15,7 @@ metadata: title: Frequently Asked Questions (FAQ) for IT Pros summary: | - Applies to: Microsoft Edge on Windows 10 and Windows 10 Mobile + Applies to: Microsoft Edge on Windows 10 > [!NOTE] > You've reached the documentation for Microsoft Edge version 45 and earlier. To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](/DeployEdge/). @@ -40,7 +40,7 @@ sections: - question: How do I customize Microsoft Edge and related settings for my organization? answer: | - You can use Group Policy or Microsoft Intune to manage settings related to Microsoft Edge, such as security settings, folder redirection, and preferences. See [Group Policy and Mobile Device Management (MDM) settings for Microsoft Edge](./group-policies/index.yml) for a list of policies currently available for Microsoft Edge and configuration information. Note that the preview release of Chromium-based Microsoft Edge might not include management policies or other enterprise functionality; our focus during the preview is modern browser fundamentals. + You can use Group Policy or Microsoft Intune to manage settings related to Microsoft Edge, such as security settings, folder redirection, and preferences. See [Group Policy and Mobile Device Management (MDM) settings for Microsoft Edge](./group-policies/index.yml) for a list of policies currently available for Microsoft Edge and configuration information. The preview release of Chromium-based Microsoft Edge might not include management policies or other enterprise functionality; our focus during the preview is modern browser fundamentals. - question: Is Adobe Flash supported in Microsoft Edge? answer: | diff --git a/browsers/internet-explorer/ie11-deploy-guide/change-history-for-internet-explorer-11.md b/browsers/internet-explorer/ie11-deploy-guide/change-history-for-internet-explorer-11.md index f358312bbc..be03e1819a 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/change-history-for-internet-explorer-11.md +++ b/browsers/internet-explorer/ie11-deploy-guide/change-history-for-internet-explorer-11.md @@ -1,7 +1,7 @@ --- ms.localizationpriority: medium title: Change history for Internet Explorer 11 (IE11) - Deployment Guide for IT Pros (Internet Explorer 11 for IT Pros) -description: This topic lists new and updated topics in the Internet Explorer 11 Deployment Guide documentation for Windows 10 and Windows 10 Mobile. +description: This topic lists new and updated topics in the Internet Explorer 11 Deployment Guide documentation for Windows 10. ms.mktglfcycl: deploy ms.prod: ie11 ms.sitesec: library @@ -18,7 +18,7 @@ ms.author: dansimp [!INCLUDE [Microsoft 365 workloads end of support for IE11](../includes/microsoft-365-ie-end-of-support.md)] -This topic lists new and updated topics in the Internet Explorer 11 documentation for both Windows 10 and Windows 10 Mobile. +This topic lists new and updated topics in the Internet Explorer 11 documentation for Windows 10. ## April 2017 |New or changed topic | Description | diff --git a/browsers/internet-explorer/ie11-deploy-guide/index.md b/browsers/internet-explorer/ie11-deploy-guide/index.md index 561c0f9983..dfb9b8391c 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/index.md +++ b/browsers/internet-explorer/ie11-deploy-guide/index.md @@ -33,7 +33,7 @@ Because this content isn't intended to be a step-by-step guide, not all of the s ## In this guide |Topic |Description | |------|------------| -|[Change history for Internet Explorer 11](change-history-for-internet-explorer-11.md) |Lists new and updated topics in the Internet Explorer 11 documentation for both Windows 10 and Windows 10 Mobile. | +|[Change history for Internet Explorer 11](change-history-for-internet-explorer-11.md) |Lists new and updated topics in the Internet Explorer 11 documentation for Windows 10. | |[System requirements and language support for Internet Explorer 11 (IE11)](system-requirements-and-language-support-for-ie11.md) |IE11 is available for a number of systems and languages. This topic provides info about the minimum system requirements and language support. | |[List of updated features and tools - Internet Explorer 11 (IE11)](updated-features-and-tools-with-ie11.md) |IE11 includes several new features and tools. This topic includes high-level info about the each of them. | |[Install and Deploy Internet Explorer 11 (IE11)](install-and-deploy-ie11.md) |Use the topics in this section to learn how to customize your Internet Explorer installation package, how to choose the right method for installation, and how to deploy IE into your environment. You can also find more info about your virtualization options for legacy apps. | @@ -42,7 +42,7 @@ Because this content isn't intended to be a step-by-step guide, not all of the s |[Group Policy and Internet Explorer 11 (IE11)](group-policy-and-ie11.md) |Use the topics in this section to learn about Group Policy and how to use it to manage IE. | |[Manage Internet Explorer 11](manage-ie11-overview.md) |Use the topics in this section to learn about how to auto detect your settings, auto configure your configuration settings, and auto configure your proxy configuration settings for IE. | |[Troubleshoot Internet Explorer 11 (IE11)](troubleshoot-ie11.md) |Use the topics in this section to learn how to troubleshoot several of the more common problems experienced with IE. | -|[Out-of-date ActiveX control blocking](out-of-date-activex-control-blocking.md) |ActiveX controls are small apps that let websites provide content, like videos, games, and let you interact with content like toolbars. Unfortunately, because many ActiveX controls aren’t automatically updated, they can become outdated as new versions are released. It’s very important that you keep your ActiveX controls up-to-date because malicious software (or malware) can target security flaws in outdated controls, damaging your computer by collecting info from it, installing unwanted software, or by letting someone else control it remotely. To help avoid this situation, IE includes a new security feature, called out-of-date ActiveX control blocking. | +|[Out-of-date ActiveX control blocking](out-of-date-activex-control-blocking.md) |ActiveX controls are small apps that let websites provide content, like videos, games, and let you interact with content like toolbars. Unfortunately, because many ActiveX controls aren’t automatically updated, they can become outdated as new versions are released. It’s important that you keep your ActiveX controls up-to-date because malicious software (or malware) can target security flaws in outdated controls, damaging your computer by collecting info from it, installing unwanted software, or by letting someone else control it remotely. To help avoid this situation, IE includes a new security feature, called out-of-date ActiveX control blocking. | |[Deprecated document modes and Internet Explorer 11](deprecated-document-modes.md) |Internet Explorer 8 introduced document modes as a way to move from the proprietary coding of web features to a more standardized type of coding that could run on multiple browsers and devices. Starting with Windows 10, we’re deprecating document modes.

This means that while IE11 will continue to support document modes, Microsoft Edge won’t. And because of that, it also means that if you want to use Microsoft Edge, you’re going to have to update your legacy webpages and apps to support modern features, browsers, and devices.

Note
For specific details about the technologies and APIs that are no longer supported in Microsoft Edge, see [A break from the past, part 2: Saying goodbye to ActiveX, VBScript, attachEvent](https://go.microsoft.com/fwlink/p/?LinkId=615953). | |[What is the Internet Explorer 11 Blocker Toolkit?](what-is-the-internet-explorer-11-blocker-toolkit.md) |The IE11 Blocker Toolkit lets you turn off the automatic delivery of IE11 through the Automatic Updates feature of Windows Update. | |[Missing Internet Explorer Maintenance (IEM) settings for Internet Explorer 11](missing-internet-explorer-maintenance-settings-for-ie11.md) |The Internet Explorer Maintenance (IEM) settings have been deprecated in favor of Group Policy preferences, Administrative Templates (.admx), and the Internet Explorer Administration Kit 11 (IEAK 11).

Because of this change, your IEM-configured settings will no longer work on computers running Internet Explorer 10 or newer. To fix this, you need to update the affected settings using Group Policy preferences, Administrative Templates (.admx), or the IEAK 11.

Because Group Policy Preferences and IEAK 11 run using asynchronous processes, you should choose to use only one of the tools within each group of settings. For example, using only IEAK 11 in the Security settings or Group Policy Preferences within the Internet Zone settings. Also, it's important to remember that policy is enforced and can't be changed by the user, while preferences are configured, but can be changed by the user. | diff --git a/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md b/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md index 5ea3970866..bebac3ffe6 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md +++ b/browsers/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode.md @@ -39,7 +39,7 @@ Using Enterprise Mode means that you can continue to use Microsoft Edge as your > [!TIP] > If you are running an earlier version of Internet Explorer, we recommend upgrading to IE11, so that any legacy apps continue to work correctly. -For Windows 10 and Windows 10 Mobile, Microsoft Edge is the default browser experience. However, Microsoft Edge lets you continue to use IE11 for sites that are on your corporate intranet or included on your Enterprise Mode Site List. +For Windows 10, Microsoft Edge is the default browser experience. However, Microsoft Edge lets you continue to use IE11 for sites that are on your corporate intranet or included on your Enterprise Mode Site List. ## What is Enterprise Mode? @@ -68,12 +68,12 @@ Download the [Enterprise Mode Site List Manager (schema v.2)](https://go.microso [!INCLUDE [Microsoft 365 workloads end of support for IE11](../includes/microsoft-365-ie-end-of-support.md)] XML file -The Enterprise Mode Site List is an XML document that specifies a list of sites, their compat mode, and their intended browser. Using [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853), you can automatically start a webpage using a specific browser. In the case of IE11, the webpage can also be launched in a specific compat mode, so it always renders correctly. Your employees can easily view this site list by typing _about:compat_ in either Microsoft Edge or IE11. +The Enterprise Mode Site List is an XML document that specifies a list of sites, their compatibility mode, and their intended browser. Using [Enterprise Mode Site List Manager (schema v.2)](https://go.microsoft.com/fwlink/p/?LinkId=716853), you can automatically start a webpage using a specific browser. In IE11, the webpage can also be launched in a specific compatibility mode, so it always renders correctly. Your employees can easily view this site list by typing `about:compat` in either Microsoft Edge or IE11. Starting with Windows 10, version 1511 (also known as the Anniversary Update), you can also [restrict IE11 to only the legacy web apps that need it](https://blogs.windows.com/msedgedev/2016/05/19/edge14-ie11-better-together/), automatically sending sites not included in the Enterprise Mode Site List to Microsoft Edge. ### Site list xml file -This is a view of the [raw EMIE v2 schema.xml file](https://gist.github.com/kypflug/9e9961de771d2fcbd86b#file-emie-v2-schema-xml). There are equivalent Enterprise Mode Site List policies for both [Microsoft Edge](/microsoft-edge/deploy/emie-to-improve-compatibility) and [Internet Explorer 11](turn-on-enterprise-mode-and-use-a-site-list.md). The Microsoft Edge list is used to determine which sites should open in IE11; while the IE11 list is used to determine the compat mode for a site, and which sites should open in Microsoft Edge. We recommend using one list for both browsers, where each policy points to the same XML file location. +This is a view of the [raw EMIE v2 schema.xml file](https://gist.github.com/kypflug/9e9961de771d2fcbd86b#file-emie-v2-schema-xml). There are equivalent Enterprise Mode Site List policies for both [Microsoft Edge](/microsoft-edge/deploy/emie-to-improve-compatibility) and [Internet Explorer 11](turn-on-enterprise-mode-and-use-a-site-list.md). The Microsoft Edge list is used to determine which sites should open in IE11; while the IE11 list is used to determine the compatibility mode for a site, and which sites should open in Microsoft Edge. We recommend using one list for both browsers, where each policy points to the same XML file location. ```xml @@ -123,7 +123,7 @@ You can build and manage your Enterprise Mode Site List is by using any generic ### Enterprise Mode Site List Manager This tool helps you create error-free XML documents with simple n+1 versioning and URL verification. We recommend using this tool if your site list is relatively small. For more info about this tool, see the Use the [Enterprise Mode Site List Manager](use-the-enterprise-mode-site-list-manager.md) topics. -There are 2 versions of this tool, both supported on Windows 7, Windows 8.1, and Windows 10: +There are two versions of this tool, both supported on Windows 7, Windows 8.1, and Windows 10: - [Enterprise Mode Site List Manager (schema v.1)](https://www.microsoft.com/download/details.aspx?id=42501). This is an older version of the schema that you must use if you want to create and update your Enterprise Mode Site List for devices running the v.1 version of the schema. diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md index 9dcdd7ca81..09c8ad86fe 100644 --- a/education/windows/deploy-windows-10-in-a-school-district.md +++ b/education/windows/deploy-windows-10-in-a-school-district.md @@ -20,11 +20,11 @@ manager: dansimp - Windows 10 -This guide shows you how to deploy the Windows 10 operating system in a school district. You learn how to deploy Windows 10 in classrooms; integrate the school environment with Microsoft Office 365, Active Directory Domain Services (AD DS), and Microsoft Azure Active Directory (Azure AD); and deploy Windows 10 and your apps to new devices or upgrade existing devices to Windows 10. This guide also describes how to use Microsoft Endpoint Configuration Manager, Microsoft Intune, and Group Policy to manage devices. Finally, the guide discusses common, ongoing maintenance tasks that you will perform after initial deployment as well as the automated tools and built-in features of the operating system. +This guide shows you how to deploy the Windows 10 operating system in a school district. You learn how to deploy Windows 10 in classrooms; integrate the school environment with Microsoft Office 365, Active Directory Domain Services (AD DS), and Microsoft Azure Active Directory (Azure AD); and deploy Windows 10 and your apps to new devices or upgrade existing devices to Windows 10. This guide also describes how to use Microsoft Endpoint Configuration Manager, Microsoft Intune, and Group Policy to manage devices. Finally, the guide discusses common, ongoing maintenance tasks that you will perform after initial deployment and the automated tools and built-in features of the operating system. ## Prepare for district deployment -Proper preparation is essential for a successful district deployment. To avoid common mistakes, your first step is to plan a typical district configuration. Just as with building a house, you need a blueprint for what your district and individual schools should look like when it’s finished. The second step in preparation is to learn how you will manage the users, apps, and devices in your district. Just as a builder needs to have the right tools to build a house, you need the right set of tools to deploy your district. +Proper preparation is essential for a successful district deployment. To avoid common mistakes, your first step is to plan a typical district configuration. As with building a house, you need a blueprint for what your district and individual schools should look like when it’s finished. The second step in preparation is to learn how you will manage the users, apps, and devices in your district. Just as a builder needs to have the right tools to build a house, you need the right set of tools to deploy your district. > [!NOTE] > This guide focuses on Windows 10 deployment and management in a district. For management of other devices and operating systems in education environments, see [Manage BYOD and corporate-owned devices with MDM solutions](https://www.microsoft.com/cloud-platform/mobile-device-management). @@ -126,7 +126,7 @@ Office 365 Education allows: * Students and faculty to use Yammer to collaborate through private social networking. -* Students and faculty to access classroom resources from anywhere on any device (including Windows 10 Mobile, iOS, and Android devices). +* Students and faculty to access classroom resources from anywhere on any device (including iOS and Android devices). For more information about Office 365 Education features and an FAQ, go to [Office 365 Education plans and pricing](https://products.office.com/en-us/academic). @@ -1577,7 +1577,7 @@ For more information about Intune, see [Microsoft Intune Documentation](/intune/ If you selected to deploy and manage apps by using Microsoft Endpoint Manager and Intune in a hybrid configuration, then skip this section and continue to the [Deploy and manage apps by using Microsoft Endpoint Configuration Manager](#deploy-and-manage-apps-by-using-microsoft-endpoint-configuration-manager) section. -You can use Intune to deploy Microsoft Store and Windows desktop apps. Intune provides improved control over which users receive specific apps. In addition, Intune allows you to deploy apps to companion devices (such as Windows 10 Mobile, iOS, or Android devices). Finally, Intune helps you manage app security and features, such as mobile application management policies that let you manage apps on devices that are not enrolled in Intune or that another solution manages. +You can use Intune to deploy Microsoft Store and Windows desktop apps. Intune provides improved control over which users receive specific apps. In addition, Intune allows you to deploy apps to companion devices (such as iOS or Android devices). Finally, Intune helps you manage app security and features, such as mobile application management policies that let you manage apps on devices that are not enrolled in Intune or that another solution manages. For more information about how to configure Intune to manage your apps, see the following resources: @@ -1589,9 +1589,9 @@ For more information about how to configure Intune to manage your apps, see the ### Deploy and manage apps by using Microsoft Endpoint Configuration Manager -You can use Microsoft Endpoint Manager to deploy Microsoft Store and Windows desktop apps. Configuration Manager allows you to create a Configuration Manager application that you can use to deploy apps to different devices (such as Windows 10 desktop, Windows 10 Mobile, iOS, or Android devices) by using *deployment types*. You can think of a Configuration Manager application as a box. You can think of deployment types as one or more sets of installation files and installation instructions within that box. +You can use Microsoft Endpoint Manager to deploy Microsoft Store and Windows desktop apps. Configuration Manager allows you to create a Configuration Manager application that you can use to deploy apps to different devices (such as Windows 10 desktop, iOS, or Android devices) by using *deployment types*. You can think of a Configuration Manager application as a box. You can think of deployment types as one or more sets of installation files and installation instructions within that box. -For example, you could create a Skype application that contains a deployment type for Windows 10 desktop, Windows 10 Mobile, iOS, and Android. You can deploy the one application to multiple device types. +For example, you could create a Skype application that contains a deployment type for Windows 10 desktop, iOS, and Android. You can deploy the one application to multiple device types. > [!NOTE] > When you configure Configuration Manager and Intune in a hybrid model, you deploy apps by using Configuration Manager as described in this section. @@ -1607,7 +1607,7 @@ If you selected to manage updates by using Configuration Manager and Intune in a To help ensure that your users have the most current features and security protection, keep Windows 10 and your apps current with updates. To configure Windows 10 and app updates, use the **Updates** workspace in Intune. > [!NOTE] -> You can only manage updates (including antivirus and antimalware updates) for Windows 10 desktop operating systems (not Windows 10 Mobile, iOS, or Android). +> You can only manage updates (including antivirus and antimalware updates) for Windows 10 desktop operating systems (not iOS or Android). For more information about how to configure Intune to manage updates and malware protection, see the following resources: @@ -1631,7 +1631,7 @@ In this section, you prepared your institution for device management. You identi ## Deploy Windows 10 to devices -You’re ready to deploy Windows 10 to faculty and student devices. You must complete the steps in this section for each student device in the classrooms as well as for any new student devices you add in the future. You can also perform these actions for any device that’s eligible for a Windows 10 upgrade. This section discusses deploying Windows 10 to new devices, refreshing Windows 10 on existing devices, and upgrading existing devices that are running eligible versions of Windows 8.1 or Windows 7 to Windows 10. +You’re ready to deploy Windows 10 to faculty and student devices. You must complete the steps in this section for each student device in the classrooms and for any new student devices you add in the future. You can also perform these actions for any device that’s eligible for a Windows 10 upgrade. This section discusses deploying Windows 10 to new devices, refreshing Windows 10 on existing devices, and upgrading existing devices that are running eligible versions of Windows 8.1 or Windows 7 to Windows 10. ### Prepare for deployment diff --git a/education/windows/deploy-windows-10-in-a-school.md b/education/windows/deploy-windows-10-in-a-school.md index 318b892188..d06c0039c5 100644 --- a/education/windows/deploy-windows-10-in-a-school.md +++ b/education/windows/deploy-windows-10-in-a-school.md @@ -20,23 +20,23 @@ manager: dansimp - Windows 10 -This guide shows you how to deploy the Windows 10 operating system in a school environment. You learn how to deploy Windows 10 in classrooms; integrate the school environment with Microsoft Office 365, Active Directory Domain Services (AD DS), and Microsoft Azure Active Directory (Azure AD); and deploy Windows 10 and your apps to new devices or upgrade existing devices to Windows 10. This guide also describes how to use Microsoft Intune and Group Policy to manage devices. Finally, the guide discusses common, ongoing maintenance tasks that you will perform after initial deployment as well as the automated tools and built-in features of the operating system. +This guide shows you how to deploy the Windows 10 operating system in a school environment. You learn how to deploy Windows 10 in classrooms; integrate the school environment with Microsoft Office 365, Active Directory Domain Services (AD DS), and Microsoft Azure Active Directory (Azure AD); and deploy Windows 10 and your apps to new devices or upgrade existing devices to Windows 10. This guide also describes how to use Microsoft Intune and Group Policy to manage devices. Finally, the guide discusses common, ongoing maintenance tasks that you will perform after initial deployment and the automated tools and built-in features of the operating system. ## Prepare for school deployment -Proper preparation is essential for a successful school deployment. To avoid common mistakes, your first step is to plan a typical school configuration. Just as with building a house, you need a blueprint for what your school should look like when it’s finished. The second step in preparation is to learn how you will configure your school. Just as a builder needs to have the right tools to build a house, you need the right set of tools to deploy your school. +Proper preparation is essential for a successful school deployment. To avoid common mistakes, your first step is to plan a typical school configuration. As with building a house, you need a blueprint for what your school should look like when it’s finished. The second step in preparation is to learn how you will configure your school. Just as a builder needs to have the right tools to build a house, you need the right set of tools to deploy your school. ### Plan a typical school configuration As part of preparing for your school deployment, you need to plan your configuration—the focus of this guide. Figure 1 illustrates a typical finished school configuration that you can use as a model (the blueprint in our builder analogy) for the finished state. -![fig 1.](images/deploy-win-10-school-figure1.png) +:::image type="content" source="images/deploy-win-10-school-figure1.png" alt-text="A finished school configuration for a Windows client deployment."::: *Figure 1. Typical school configuration for this guide* Figure 2 shows the classroom configuration this guide uses. -![fig 2.](images/deploy-win-10-school-figure2.png) +:::image type="content" source="images/deploy-win-10-school-figure2.png" alt-text="See the classroom configuration used in this Windows client deployment guide."::: *Figure 2. Typical classroom configuration in a school* @@ -54,13 +54,15 @@ This school configuration has the following characteristics: - You install the Windows Assessment and Deployment Kit (Windows ADK) on the admin device. - You install the 64-bit version of the Microsoft Deployment Toolkit (MDT) 2013 Update 2 on the admin device. - **Note**  In this guide, all references to MDT refer to the 64-bit version of MDT 2013 Update 2. + > [!NOTE] + > In this guide, all references to MDT refer to the 64-bit version of MDT 2013 Update 2. + - The devices use Azure AD in Office 365 Education for identity management. -- If you have on-premises AD DS, you can [integrate Azure AD with on-premises AD DS](/azure/active-directory/hybrid/whatis-hybrid-identity). -- Use [Intune](/mem/intune/), [compliance settings in Office 365](https://support.office.com/en-us/article/Manage-mobile-devices-in-Office-365-dd892318-bc44-4eb1-af00-9db5430be3cd?ui=en-US&rs=en-US&ad=US), or [Group Policy](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc725828(v=ws.10)?f=255&MSPPError=-2147217396) in AD DS to manage devices. +- If you have on-premises AD DS, you can [integrate Azure AD with on-premises AD DS](/azure/active-directory/hybrid/whatis-hybrid-identity). +- Use [Intune](/mem/intune/), [Set up Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/set-up), or Group Policy in AD DS to manage devices. - Each device supports a one-student-per-device or multiple-students-per-device scenario. - The devices can be a mixture of different make, model, and processor architecture (32 bit or 64 bit) or be identical. -- To initiate Windows 10 deployment, use a USB flash drive, DVD-ROM or CD-ROM, or Pre-Boot Execution Environment Boot (PXE Boot). +- To start a Windows 10 deployment, use a USB flash drive, DVD-ROM or CD-ROM, or Pre-Boot Execution Environment Boot (PXE Boot). - The devices can be a mixture of different Windows 10 editions, such as Windows 10 Home, Windows 10 Pro, and Windows 10 Education. Office 365 Education allows: @@ -78,9 +80,9 @@ Office 365 Education allows: - Teachers to provide collaboration in the classroom through Microsoft SharePoint Online team sites. - Students and faculty to use Office 365 Video to manage videos. - Students and faculty to use Yammer to collaborate through private social networking. -- Students and faculty to access classroom resources from anywhere on any device (including Windows 10 Mobile, iOS, and Android devices). +- Students and faculty to access classroom resources from anywhere on any device (including iOS and Android devices). -For more information about Office 365 Education features and a FAQ, go to [Office 365 Education](https://products.office.com/en-us/academic). +For more information about Office 365 Education features and a FAQ, go to [Office 365 Education](https://www.microsoft.com/microsoft-365/academic/compare-office-365-education-plans). ## How to configure a school @@ -90,11 +92,11 @@ The primary tool you will use to deploy Windows 10 in your school is MDT, which You can use MDT as a stand-alone tool or integrate it with Microsoft Endpoint Configuration Manager. As a stand-alone tool, MDT performs Lite Touch Installation (LTI) deployments—deployments that require minimal infrastructure and allow you to control the level of automation. When integrated with Configuration Manager, MDT performs Zero Touch Installation (ZTI) deployments, which require more infrastructure (such as Configuration Manager) but result in fully automated deployments. -MDT includes the Deployment Workbench—a console from which you can manage the deployment of Windows 10 and your apps. You configure the deployment process in the Deployment Workbench, including the management of operating systems, device drivers, apps and migration of user settings on existing devices. +MDT includes the Deployment Workbench—a console from which you can manage the deployment of Windows 10 and your apps. You configure the deployment process in the Deployment Workbench, including the management of operating systems, device drivers, apps, and migration of user settings on existing devices. LTI performs deployment from a *deployment share*—a network-shared folder on the device where you installed MDT. You can perform over-the-network deployments from the deployment share or perform deployments from a local copy of the deployment share on a USB drive or DVD. You will learn more about MDT in the [Prepare the admin device](#prepare-the-admin-device) section. -The focus of MDT is deployment, so you also need tools that help you manage your Windows 10 devices and apps. You can manage Windows 10 devices and apps with Intune, the Compliance Management feature in Office 365, or Group Policy in AD DS. You can use any combination of these tools based on your school requirements. +The focus of MDT is deployment, so you also need tools that help you manage your Windows 10 devices and apps. You can manage Windows 10 devices and apps with [Microsoft Endpoint Manager](/mem/), the Compliance Management feature in Office 365, or Group Policy in AD DS. You can use any combination of these tools based on your school requirements. The configuration process requires the following devices: @@ -112,7 +114,7 @@ The high-level process for deploying and configuring devices within individual c 6. On the student and faculty devices, deploy Windows 10 to new or existing devices, or upgrade eligible devices to Windows 10. 7. On the admin device, manage the Windows 10 devices and apps, the Office 365 subscription, and the AD DS and Azure AD integration. -![fig 3.](images/deploy-win-10-school-figure3.png) +:::image type="content" source="images/deploy-win-10-school-figure3.png" alt-text="See the high level process of configuring Windows client devices in a classroom and the school"::: *Figure 3. How school configuration works* @@ -136,7 +138,7 @@ When you install the Windows ADK on the admin device, select the following featu - Windows Preinstallation Environment (Windows PE) - User State Migration Tool (USMT) -For more information about installing the Windows ADK, see [Step 2-2: Install the Windows ADK](/mem/configmgr/mdt/lite-touch-installation-guide?f=255&MSPPError=-2147217396#InstallWindowsADK). +For more information about installing the Windows ADK, see [Step 2-2: Install the Windows ADK](/mem/configmgr/mdt/lite-touch-installation-guide#InstallWindowsADK). ### Install MDT @@ -144,7 +146,8 @@ Next, install MDT. MDT uses the Windows ADK to help you manage and perform Windo You can use MDT to deploy 32-bit or 64-bit versions of Windows 10. Install the 64-bit version of MDT to support deployment of 32-bit and 64-bit operating systems. -**Note**  If you install the 32-bit version of MDT, you can install only 32-bit versions of Windows 10. Ensure that you download and install the 64-bit version of MDT so that you can install 64-bit and 32 bit versions of the operating system. +> [!NOTE] +> If you install the 32-bit version of MDT, you can install only 32-bit versions of Windows 10. Ensure that you download and install the 64-bit version of MDT so that you can install 64-bit and 32-bit versions of the operating system. For more information about installing MDT on the admin device, see [Installing a New Instance of MDT](/mem/configmgr/mdt/use-the-mdt#InstallingaNewInstanceofMDT). @@ -154,7 +157,7 @@ Now, you’re ready to create the MDT deployment share and populate it with the MDT includes the Deployment Workbench, a graphical user interface that you can use to manage MDT deployment shares. A deployment share is a shared folder that contains all the MDT deployment content. The LTI Deployment Wizard accesses the deployment content over the network or from a local copy of the deployment share (known as MDT deployment media). -For more information about how to create a deployment share, see [Step 3-1: Create an MDT Deployment Share](/mem/configmgr/mdt/lite-touch-installation-guide?f=255&MSPPError=-2147217396#CreateMDTDeployShare). +For more information about how to create a deployment share, see [Step 3-1: Create an MDT Deployment Share](/mem/configmgr/mdt/lite-touch-installation-guide#step-3-configure-mdt-to-create-the-reference-computer). ### Summary @@ -164,80 +167,63 @@ In this section, you installed the Windows ADK and MDT on the admin device. You Office 365 is one of the core components of your classroom environment. You create and manage student identities in Office 365, and students and teachers use the suite as their email, contacts, and calendar system. Teachers and students use Office 365 collaboration features such as SharePoint, OneNote, and OneDrive for Business. -As a first step in deploying your classroom, create an Office 365 Education subscription, and then configure Office 365 for the classroom. For more information about Office 365 Education deployment, see [School deployment of Office 365 Education](https://www.microsoft.com/education/products/office-365-deployment-resources/default.aspx). +As a first step in deploying your classroom, create an Office 365 Education subscription, and then configure Office 365 for the classroom. For more information about Office 365 Education deployment, see [School deployment of Office 365 Education](https://www.microsoft.com/education/products/office). ### Select the appropriate Office 365 Education license plan Complete the following steps to select the appropriate Office 365 Education license plan for your school: -

    -
  1. Determine the number of faculty members and students who will use the classroom.
    Office 365 Education licensing plans are available specifically for faculty and students. You must assign faculty and students the correct licensing plan. -
    2. -
  2. Determine the faculty members and students who need to install Office applications on devices (if any). Faculty and students can use Office applications online (standard plans) or run them locally (Microsoft 365 Apps for enterprise plans). Table 1 lists the advantages and disadvantages of standard and Microsoft 365 Apps for enterprise plans.
    3. -
    -Table 1. Comparison of standard and Microsoft Microsoft 365 Apps for enterprise plans -
    - ----- - - - - - - - - - - +- Determine the number of faculty members and students who will use the classroom. Office 365 Education licensing plans are available specifically for faculty and students. You must assign faculty and students the correct licensing plan. + +- Determine the faculty members and students who need to install Office applications on devices (if any). Faculty and students can use Office applications online (standard plans) or run them locally (Microsoft 365 Apps for enterprise plans). Table 1 lists the advantages and disadvantages of standard and Microsoft 365 Apps for enterprise plans. + +*Table 1. Comparison of standard and Microsoft 365 Apps for enterprise plans* + +--- +| Plan | Advantages | Disadvantages | +| --- | --- | --- | +| Standard | - Less expensive than Microsoft 365 Apps for enterprise
    - Can be run from any device
    - No installation necessary | - Must have an Internet connection to use it
    - Does not support all the features found in Microsoft 365 Apps for enterprise | +| Office ProPlus | - Only requires an Internet connection every 30 days (for activation)
    - Supports full set of Office features | - Requires installation
    - Can be installed on only five devices per user (there is no limit to the number of devices on which you can run Office apps online) | + +--- - -
    PlanAdvantagesDisadvantages
    Standard
    • Less expensive than Microsoft 365 Apps for enterprise
    • Can be run from any device
    • No installation necessary
    • Must have an Internet connection to use it
    • Does not support all the features found in Microsoft 365 Apps for enterprise
    Office ProPlus
    • Only requires an Internet connection every 30 days (for activation)
    • Supports full set of Office features
    • Requires installation
    • Can be installed on only five devices per user (there is no limit to the number of devices on which you can run Office apps online)
    -
    The best user experience is to run Microsoft 365 Apps for enterprise or use native Office apps on mobile devices. If neither of these options is available, use Office applications online. In addition, all Office 365 plans provide a better user experience by storing documents in OneDrive for Business, which is included in all Office 365 plans. OneDrive for Business keeps content in sync among devices and helps ensure that users always have access to their documents on any device. -
    -
  3. Determine whether students or faculty need Azure Rights Management.
    You can use Azure Rights Management to protect classroom information against unauthorized access. Azure Rights Management protects your information inside or outside the classroom through encryption, identity, and authorization policies, securing your files and email. You can retain control of the information, even when it’s shared with people outside the classroom or your educational institution. Azure Rights Management is free to use with all Office 365 Education license plans. For more information, see Azure Rights Management.
    4. -
  4. Record the Office 365 Education license plans needed for the classroom in Table 2.

    + +- Determine whether students or faculty need Azure Rights Management. + + You can use Azure Rights Management to protect classroom information against unauthorized access. Azure Rights Management protects your information inside or outside the classroom through encryption, identity, and authorization policies, securing your files and email. You can retain control of the information, even when it’s shared with people outside the classroom or your educational institution. Azure Rights Management is free to use with all Office 365 Education license plans. For more information, see [Azure Rights Management](/information-protection/). + +- Record the Office 365 Education license plans needed for the classroom in Table 2. *Table 2. Office 365 Education license plans needed for the classroom* -
    - ---- - - - - - - - - - - - - -
    QuantityPlan
    Office 365 Education for students
    Office 365 Education for faculty
    Azure Rights Management for students
    Azure Rights Management for faculty
    -
    -You will use the Office 365 Education license plan information you record in Table 2 in the Create user accounts in Office 365 section of this guide.
+ +--- +| Quantity | Plan | +| --- | --- | +| | Office 365 Education for students | +| | Office 365 Education for faculty | +| | Azure Rights Management for students | +| | Azure Rights Management for faculty | + +--- + +You will use the Office 365 Education license plan information you record in Table 2 in the [Create user accounts in Office 365](#create-user-accounts-in-office-365) section of this guide. ### Create a new Office 365 Education subscription To create a new Office 365 Education subscription for use in the classroom, use your educational institution’s email account. There are no costs to you or to students for signing up for Office 365 Education subscriptions. -**Note**  If you already have an Office 365 Education subscription, you can use that subscription and continue to the next section, [Add domains and subdomains](#add-domains-and-subdomains). +> [!NOTE] +> If you already have an Office 365 Education subscription, you can use that subscription and continue to the next section, [Add domains and subdomains](#add-domains-and-subdomains). #### To create a new Office 365 subscription 1. In Microsoft Edge or Internet Explorer, type `https://portal.office.com/start?sku=faculty` in the address bar. - **Note**  If you have already used your current sign-in account to create a new Office 365 subscription, you will be prompted to sign in. If you want to create a new Office 365 subscription, start an In-Private Window in one of the following: - - Microsoft Edge by opening the Microsoft Edge app, either pressing Ctrl+Shift+P or clicking or tapping **More actions**, and then clicking or tapping **New InPrivate window**. - - Internet Explorer 11 by opening Internet Explorer 11, either pressing Ctrl+Shift+P or clicking or tapping **Settings**, clicking or tapping **Safety**, and then clicking or tapping **InPrivate Browsing**. + If you have already used your current sign-in account to create a new Office 365 subscription, you will be prompted to sign in. If you want to create a new Office 365 subscription, start an In-Private Window. Your options: + + - In Microsoft Edge, select Ctrl+Shift+N. Or, select **More actions** > **New InPrivate window**. + - In Internet Explorer, select Ctrl+Shift+P. Or, select **Settings** > **Safety** > **InPrivate Browsing**. 2. On the **Get started** page, type your school email address in the **Enter your school email address** box, and then click **Sign up**. You will receive an email in your school email account. 3. Click the hyperlink in the email in your school email account. @@ -245,7 +231,7 @@ To create a new Office 365 Education subscription for use in the classroom, use ### Add domains and subdomains -Now that you have created your new Office 365 Education subscription, add the domains and subdomains that your institution uses. For example, if your institution has contoso.edu as the primary domain name but you have subdomains for students or faculty (such as students.contoso.edu and faculty.contoso.edu), then you need to add the subdomains. +Now that you have created your new Office 365 Education subscription, add the domains and subdomains that your institution uses. For example, if your institution has `contoso.edu` as the primary domain name but you have subdomains for students or faculty (such as students.contoso.edu and faculty.contoso.edu), then you need to add the subdomains. #### To add additional domains and subdomains @@ -260,7 +246,8 @@ Now that you have created your new Office 365 Education subscription, add the do To make it easier for faculty and students to join your Office 365 Education subscription (or *tenant*), allow them to automatically sign up to your tenant (*automatic tenant join*). In automatic tenant join, when a faculty member or student signs up for Office 365, Office 365 automatically adds (joins) the user to your Office 365 tenant. -**Note**  By default, automatic tenant join is enabled in Office 365 Education, with the exception of certain areas in Europe, the Middle East, and Africa. These countries require opt-in steps to add new users to existing Office 365 tenants. Check your country requirements to determine the automatic tenant join default configuration. Also, if you use Azure AD Connect, then automatic tenant join is disabled. +> [!NOTE] +> By default, automatic tenant join is enabled in Office 365 Education, except for certain areas in Europe, the Middle East, and Africa. These countries require opt-in steps to add new users to existing Office 365 tenants. Check your country requirements to determine the automatic tenant join default configuration. Also, if you use Azure AD Connect, then automatic tenant join is disabled. Office 365 uses the domain portion of the user’s email address to know which Office 365 tenant to join. For example, if a faculty member or student provides an email address of user@contoso.edu, then Office 365 automatically performs one of the following tasks: @@ -269,42 +256,46 @@ Office 365 uses the domain portion of the user’s email address to know which O You will always want faculty and students to join the Office 365 tenant that you created. Ensure that you perform the steps in the [Create a new Office 365 Education subscription](#create-a-new-office-365-education-subscription) and [Add domains and subdomains](#add-domains-and-subdomains) sections before allowing other faculty and students to join Office 365. -**Note**  You cannot merge multiple tenants, so any faculty or students who create their own tenant will need to abandon their existing tenant and join yours. +> [!NOTE] +> You cannot merge multiple tenants, so any faculty or students who create their own tenant will need to abandon their existing tenant and join yours. -All new Office 365 Education subscriptions have automatic tenant join enabled by default, but you can enable or disable automatic tenant join by using the Windows PowerShell commands in Table 3. For more information about how to run these commands, see [How can I prevent students from joining my existing Office 365 tenant](https://support.office.com/en-us/article/Office-365-Education-Self-Sign-up-Technical-FAQ-7fb1b2f9-94c2-4cbb-b01e-a6eca34261d6?ui=en-US&rs=en-US&ad=US#BKMK_PreventJoins). +All new Office 365 Education subscriptions have automatic tenant join enabled by default, but you can enable or disable automatic tenant join by using the Windows PowerShell commands in Table 3. For more information about how to run these commands, see [How can I prevent students from joining my existing Office 365 tenant](/microsoft-365/education/deploy/office-365-education-self-sign-up#how-can-i-prevent-students-from-joining-my-existing-office-365-tenant). *Table 3. Windows PowerShell commands to enable or disable Automatic Tenant Join* - +--- | Action | Windows PowerShell command | |---------|-----------------------------------------------------------| | Enable | `Set-MsolCompanySettings -AllowEmailVerifiedUsers $true` | | Disable | `Set-MsolCompanySettings -AllowEmailVerifiedUsers $false` | -

-Note  If your institution has AD DS, then disable automatic tenant join. Instead, use Azure AD integration with AD DS to add users to your Office 365 tenant. +--- + +> [!NOTE] +> If your institution has AD DS, then disable automatic tenant join. Instead, use Azure AD integration with AD DS to add users to your Office 365 tenant. ### Disable automatic licensing To reduce your administrative effort, automatically assign Office 365 Education or Office 365 Education Plus licenses to faculty and students when they sign up (automatic licensing). Automatic licensing also enables Office 365 Education or Office 365 Education Plus features that do not require administrative approval. -**Note**  By default, automatic licensing is enabled in Office 365 Education. If you want to use automatic licensing, then skip this section and go to the next section. +> [!NOTE] +> By default, automatic licensing is enabled in Office 365 Education. If you want to use automatic licensing, then skip this section and go to the next section. -Although all new Office 365 Education subscriptions have automatic licensing enabled by default, you can enable or disable it for your Office 365 tenant by using the Windows PowerShell commands in Table 4. For more information about how to run these commands, see [How can I prevent students from joining my existing Office 365 tenant](https://support.office.com/en-us/article/Office-365-Education-Self-Sign-up-Technical-FAQ-7fb1b2f9-94c2-4cbb-b01e-a6eca34261d6?ui=en-US&rs=en-US&ad=US#BKMK_PreventJoins). +Although all new Office 365 Education subscriptions have automatic licensing enabled by default, you can enable or disable it for your Office 365 tenant by using the Windows PowerShell commands in Table 4. For more information about how to run these commands, see [How can I prevent students from joining my existing Office 365 tenant](/microsoft-365/education/deploy/office-365-education-self-sign-up#how-can-i-prevent-students-from-joining-my-existing-office-365-tenant). *Table 4. Windows PowerShell commands to enable or disable automatic licensing* - +--- | Action | Windows PowerShell command | |---------|-----------------------------------------------------------| | Enable | `Set-MsolCompanySettings -AllowAdHocSubscriptions $true` | | Disable | `Set-MsolCompanySettings -AllowAdHocSubscriptions $false` | -

+--- ### Enable Azure AD Premium -When you create your Office 365 subscription, you create an Office 365 tenant that includes an Azure AD directory. Azure AD is the centralized repository for all your student and faculty accounts in Office 365, Intune, and other Azure AD–integrated apps. Azure AD is available in Free, Basic, and Premium editions. Azure AD Free, which is included in Office 365 Education, has fewer features than Azure AD Basic, which in turn has fewer features than Azure AD Premium. +When you create your Office 365 subscription, you create an Office 365 tenant that includes an Azure AD directory. Azure AD is the centralized repository for all your student and faculty accounts in Office 365, Intune, and other Azure AD–integrated apps. Azure AD has different editions, which may include Office 365 Education. For more information, see [Introduction to Azure Active Directory Tenants](/microsoft-365/education/deploy/intro-azure-active-directory). Educational institutions can obtain Azure AD Basic edition licenses at no cost. After you obtain your licenses, activate your Azure AD access by completing the steps in [Step 3: Activate your Azure Active Directory access](/azure/active-directory/fundamentals/active-directory-get-started-premium#step-3-activate-your-azure-active-directory-access). @@ -324,10 +315,10 @@ You can assign Azure AD Premium licenses to the users who need these features. F You can sign up for Azure AD Premium, and then assign licenses to users. In this section, you sign up for Azure AD Premium. You will assign Azure AD Premium licenses to users later in the deployment process. -For more information about: +For more information, see: -- Azure AD editions and the features in each, see [Azure Active Directory editions](/azure/active-directory/fundamentals/active-directory-whatis). -- How to enable Azure AD premium, see [Associate an Azure AD directory with a new Azure subscription](/previous-versions/azure/azure-services/jj573650(v=azure.100)#create_tenant3). +- [Azure Active Directory licenses](/azure/active-directory/fundamentals/active-directory-whatis) +- [Sign up for Azure Active Directory Premium](/azure/active-directory/fundamentals/active-directory-get-started-premium) ### Summary You provision and initially configure Office 365 Education as part of the initial configuration. With the subscription in place, automatic tenant join configured, automatic licensing established, and Azure AD Premium enabled (if required), you’re ready to select the method you will use to create user accounts in Office 365. @@ -344,9 +335,10 @@ Now that you have an Office 365 subscription, you need to determine how you will In this method, you have an on-premises AD DS domain. As shown in Figure 4, the Azure AD Connector tool automatically synchronizes AD DS with Azure AD. When you add or change any user accounts in AD DS, the Azure AD Connector tool automatically updates Azure AD. -**Note**  Azure AD Connect also supports synchronization from any Lightweight Directory Access Protocol version 3 (LDAPv3)–compliant directory by using the information provided in [Generic LDAP Connector for FIM 2010 R2 Technical Reference](/previous-versions/mim/dn510997(v=ws.10)?f=255&MSPPError=-2147217396). +> [!NOTE] +> Azure AD Connect also supports synchronization from any Lightweight Directory Access Protocol version 3 (LDAPv3)–compliant directory by using the information provided in [LDAP synchronization with Azure Active Directory](/azure/active-directory/fundamentals/sync-ldap). -![fig 4.](images/deploy-win-10-school-figure4.png) +:::image type="content" source="images/deploy-win-10-school-figure4.png" alt-text="See the automatic synchronization between Active Directory Directory Services and Azure AD."::: *Figure 4. Automatic synchronization between AD DS and Azure AD* @@ -354,9 +346,9 @@ For more information about how to perform this step, see the [Integrate on-premi ### Method 2: Bulk import into Azure AD from a .csv file -In this method, you have no on-premises AD DS domain. As shown in Figure 5, you manually prepare a .csv file with the student information from your source, and then manually import the information directly into Azure AD. The .csv file must be in the format that Office 365 specifies. +In this method, you have no on-premises AD DS domain. As shown in Figure 5, you manually prepare a `.csv` file with the student information from your source, and then manually import the information directly into Azure AD. The `.csv` file must be in the format that Office 365 specifies. -![fig 5.](images/deploy-win-10-school-figure5.png) +:::image type="content" source="images/deploy-win-10-school-figure5.png" alt-text="Create a csv file with student information, and import the csv file into Azure AD."::: *Figure 5. Bulk import into Azure AD from other sources* @@ -373,7 +365,8 @@ In this section, you selected the method for creating user accounts in your Offi You can integrate your on-premises AD DS domain with Azure AD to provide identity management for your Office 365 tenant. With this integration, you can synchronize the users, security groups, and distribution lists in your AD DS domain with Azure AD with the Azure AD Connect tool. Users will be able to sign in to Office 365 automatically by using their email account and the same password they use to sign in to AD DS. -**Note**  If your institution does not have an on-premises AD DS domain, you can skip this section. +> [!NOTE] +> If your institution does not have an on-premises AD DS domain, you can skip this section. ### Select synchronization model @@ -381,15 +374,15 @@ Before you deploy AD DS and Azure AD synchronization, you need to determine wher You can deploy the Azure AD Connect tool by using one of the following methods: -- **On premises.** As shown in Figure 6, Azure AD Connect runs on premises, which has the advantage of not requiring a virtual private network (VPN) connection to Azure. It does, however, require a virtual machine (VM) or physical server. +- **On premises**: As shown in Figure 6, Azure AD Connect runs on premises, which has the advantage of not requiring a virtual private network (VPN) connection to Azure. It does, however, require a virtual machine (VM) or physical server. - ![fig 6.](images/deploy-win-10-school-figure6.png) + :::image type="content" source="images/deploy-win-10-school-figure6.png" alt-text="Azure AD Connect runs on-premises and uses a virtual machine."::: *Figure 6. Azure AD Connect on premises* -- **In Azure**. As shown in Figure 7, Azure AD Connect runs on a VM in Azure AD, which has the advantages of being faster to provision (than a physical, on-premises server), offers better site availability, and helps reduce the number of on-premises servers. The disadvantage is that you need to deploy a VPN gateway on premises. +- **In Azure**: As shown in Figure 7, Azure AD Connect runs on a VM in Azure AD, which has the advantages of being faster to provision (than a physical, on-premises server), offers better site availability, and helps reduce the number of on-premises servers. The disadvantage is that you need to deploy a VPN gateway on premises. - ![fig 7.](images/deploy-win-10-school-figure7.png) + :::image type="content" source="images/deploy-win-10-school-figure7.png" alt-text="Azure AD Connect runs on a VM in Azure AD, and uses a VPN gateway on-premises."::: *Figure 7. Azure AD Connect in Azure* @@ -401,10 +394,10 @@ In this synchronization model (illustrated in Figure 6), you run Azure AD Connec #### To deploy AD DS and Azure AD synchronization -1. Configure your environment to meet the prerequisites for installing Azure AD Connect by performing the steps in [Prerequisites for Azure AD Connect](https://azure.microsoft.com/documentation/articles/active-directory-aadconnect-prerequisites/). +1. Configure your environment to meet the prerequisites for installing Azure AD Connect by performing the steps in [Prerequisites for Azure AD Connect](/azure/active-directory/hybrid/how-to-connect-install-prerequisites). 2. On the VM or physical device that will run Azure AD Connect, sign in with a domain administrator account. -3. Install Azure AD Connect by performing the steps in [Install Azure AD Connect](/azure/active-directory/hybrid/whatis-hybrid-identity#install-azure-ad-connect). -4. Configure Azure AD Connect features based on your institution’s requirements by performing the steps in [Configure features](/azure/active-directory/hybrid/whatis-hybrid-identity#configure-sync-features). +3. Install Azure AD Connect by performing the steps in [Install Azure AD Connect](/azure/active-directory/hybrid/how-to-connect-install-select-installation). +4. Configure Azure AD Connect features based on your institution’s requirements. For more information, see [Azure AD Connect sync: Understand and customize synchronization](/azure/active-directory/hybrid/how-to-connect-sync-whatis). Now that you have used on premises Azure AD Connect to deploy AD DS and Azure AD synchronization, you’re ready to verify that Azure AD Connect is synchronizing AD DS user and group accounts with Azure AD. @@ -414,7 +407,7 @@ Azure AD Connect should start synchronization immediately. Depending on the numb #### To verify AD DS and Azure AD synchronization -1. Open https://portal.office.com in your web browser. +1. In your web browser, go to [https://portal.office.com](https://portal.office.com). 2. Using the administrative account that you created in the [Create a new Office 365 Education subscription](#create-a-new-office-365-education-subscription) section, sign in to Office 365. 3. In the list view, expand **USERS**, and then click **Active Users**. 4. In the details pane, view the list of users. The list of users should mirror the users in AD DS. @@ -434,7 +427,8 @@ In this section, you selected your synchronization model, deployed Azure AD Conn You can bulk-import user and group accounts into your on-premises AD DS domain. Bulk-importing accounts helps reduce the time and effort needed to create users compared to creating the accounts manually in the Office 365 Admin portal. First, you select the appropriate method for bulk-importing user accounts into AD DS. Next, you create the .csv file that contains the user accounts. Finally, you use the selected method to import the .csv file into AD DS. -**Note**  If your institution doesn’t have an on-premises AD DS domain, you can skip this section. +> [!NOTE] +> If your institution doesn’t have an on-premises AD DS domain, you can skip this section. ### Select the bulk import method @@ -442,14 +436,14 @@ Several methods are available to bulk-import user accounts into AD DS domains. T *Table 5. AD DS bulk-import account methods* +--- +| Method | Description and reason to select this method | +|---|---| +| **Ldifde.exe** | This command-line tool allows you to import and export objects (such as user accounts) from AD DS. Select this method if you aren’t comfortable with Microsoft Visual Basic Scripting Edition (VBScript), Windows PowerShell, or other scripting languages. For more information about using Ldifde.exe, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://social.technet.microsoft.com/wiki/contents/articles/116.active-directory-step-by-step-guide-bulk-import-and-export.aspx), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/kb/555636), [Import or Export Directory Objects Using Ldifde](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816781(v=ws.10)), and [LDIFDE](/previous-versions/orphan-topics/ws.10/cc755456(v=ws.10)). | +| **VBScript** | This scripting language uses the Active Directory Services Interfaces (ADSI) Component Object Model interface to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with VBScript. For more information about using VBScript and ADSI, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://social.technet.microsoft.com/wiki/contents/articles/116.active-directory-step-by-step-guide-bulk-import-and-export.aspx). | +| **Windows PowerShell** | This scripting language natively supports cmdlets to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with Window PowerShell scripting. For more information about using Windows PowerShell, see [Import Bulk Users to Active Directory](/archive/blogs/technet/bettertogether/import-bulk-users-to-active-directory) and [PowerShell: Bulk create AD Users from CSV file](https://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx). | -| Method | Description and reason to select this method | -|--------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Ldifde.exe | This command-line tool allows you to import and export objects (such as user accounts) from AD DS. Select this method if you aren’t comfortable with Microsoft Visual Basic Scripting Edition (VBScript), Windows PowerShell, or other scripting languages. For more information about using Ldifde.exe, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](/previous-versions/windows/it-pro/windows-2000-server/bb727091(v=technet.10)), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/kb/555636), [Import or Export Directory Objects Using Ldifde](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816781(v=ws.10)), and [LDIFDE](/previous-versions/orphan-topics/ws.10/cc755456(v=ws.10)). | -| VBScript | This scripting language uses the Active Directory Services Interfaces (ADSI) Component Object Model interface to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with VBScript. For more information about using VBScript and ADSI, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](/previous-versions/windows/it-pro/windows-2000-server/bb727091(v=technet.10)) and [ADSI Scriptomatic](https://technet.microsoft.com/scriptcenter/dd939958.aspx). | -| Windows PowerShell | This scripting language natively supports cmdlets to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with Window PowerShell scripting. For more information about using Windows PowerShell, see [Import Bulk Users to Active Directory](/archive/blogs/technet/bettertogether/import-bulk-users-to-active-directory) and [PowerShell: Bulk create AD Users from CSV file](https://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx). | - -

+--- ### Create a source file that contains the user and group accounts @@ -457,26 +451,27 @@ After you have selected your user and group account bulk import method, you’re *Table 6. Source file format for each bulk import method* +--- +| Method | Source file format | +|---|---| +| **Ldifde.exe** | Ldifde.exe requires a specific format for the source file. Use Ldifde.exe to export existing user and group accounts so that you can see the format. For examples of the format that Ldifde.exe requires, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://social.technet.microsoft.com/wiki/contents/articles/116.active-directory-step-by-step-guide-bulk-import-and-export.aspx), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/kb/555636), [Import or Export Directory Objects Using Ldifde](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816781(v=ws.10)), and [LDIFDE](/previous-versions/orphan-topics/ws.10/cc755456(v=ws.10)). | +| **VBScript** | VBScript can use any .csv file format to create a source file for the bulk-import process. To create the .csv file, use software such as Excel. For examples of how to format your source file in comma-separated values (CSV) format, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://social.technet.microsoft.com/wiki/contents/articles/116.active-directory-step-by-step-guide-bulk-import-and-export.aspx) | +| **Windows PowerShell** | Windows PowerShell can use any .csv file format you want to create as a source file for the bulk-import process. To create the .csv file, use software such as Excel. For examples of how to format your source file in CSV format, see [Import Bulk Users to Active Directory](/archive/blogs/technet/bettertogether/import-bulk-users-to-active-directory) and [PowerShell: Bulk create AD Users from CSV file](https://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx). | -| Method | Source file format | -|--------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Ldifde.exe | Ldifde.exe requires a specific format for the source file. Use Ldifde.exe to export existing user and group accounts so that you can see the format. For examples of the format that Ldifde.exe requires, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](/previous-versions/windows/it-pro/windows-2000-server/bb727091(v=technet.10)), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/kb/555636), [Import or Export Directory Objects Using Ldifde](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816781(v=ws.10)), and [LDIFDE](/previous-versions/orphan-topics/ws.10/cc755456(v=ws.10)). | -| VBScript | VBScript can use any .csv file format to create a source file for the bulk-import process. To create the .csv file, use software such as Excel. For examples of how to format your source file in comma-separated values (CSV) format, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](/previous-versions/windows/it-pro/windows-2000-server/bb727091(v=technet.10)). | -| Windows PowerShell | Windows PowerShell can use any .csv file format you want to create as a source file for the bulk-import process. To create the .csv file, use software such as Excel. For examples of how to format your source file in CSV format, see [Import Bulk Users to Active Directory](/archive/blogs/technet/bettertogether/import-bulk-users-to-active-directory) and [PowerShell: Bulk create AD Users from CSV file](https://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx). | - -

+--- ### Import the user accounts into AD DS With the bulk-import source file finished, you’re ready to import the user and group accounts into AD DS. The steps for importing the file are slightly different for each method. -**Note**  Bulk-import your group accounts first, and then import your user accounts. Importing in this order allows you to specify group membership when you import your user accounts. +> [!NOTE] +> Bulk-import your group accounts first, and then import your user accounts. Importing in this order allows you to specify group membership when you import your user accounts. For more information about how to import user accounts into AD DS by using: -- Ldifde.exe, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](/previous-versions/windows/it-pro/windows-2000-server/bb727091(v=technet.10)), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/kb/555636), [Import or Export Directory Objects Using Ldifde](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816781(v=ws.10)), and [LDIFDE](/previous-versions/orphan-topics/ws.10/cc755456(v=ws.10)). -- VBScript, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](/previous-versions/windows/it-pro/windows-2000-server/bb727091(v=technet.10)). -- Windows PowerShell, see [Import Bulk Users to Active Directory](/archive/blogs/technet/bettertogether/import-bulk-users-to-active-directory) and [PowerShell: Bulk create AD Users from CSV file](https://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx). +- Ldifde.exe: See [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://social.technet.microsoft.com/wiki/contents/articles/116.active-directory-step-by-step-guide-bulk-import-and-export.aspx), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/kb/555636), [Import or Export Directory Objects Using Ldifde](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816781(v=ws.10)), and [LDIFDE](/previous-versions/orphan-topics/ws.10/cc755456(v=ws.10)). +- VBScript: See [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://social.technet.microsoft.com/wiki/contents/articles/116.active-directory-step-by-step-guide-bulk-import-and-export.aspx). +- Windows PowerShell: See [Import Bulk Users to Active Directory](/archive/blogs/technet/bettertogether/import-bulk-users-to-active-directory) and [PowerShell: Bulk create AD Users from CSV file](https://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx). ### Summary @@ -494,23 +489,26 @@ You can use the Microsoft 365 admin center to add individual Office 365 accounts The bulk-add process assigns the same Office 365 Education license plan to all users on the list. Therefore, you must create a separate list for each license plan you recorded in Table 2. Depending on the number of faculty members who need to use the classroom, you may want to add the faculty Office 365 accounts manually; however, use the bulk-add process to add student accounts. -For more information about how to bulk-add users to Office 365, see [Add several users at the same time to Office 365](https://support.office.com/en-us/article/Add-several-users-at-the-same-time-to-Office-365-Admin-Help-1f5767ed-e717-4f24-969c-6ea9d412ca88?ui=en-US&rs=en-US&ad=US). +For more information about how to bulk-add users to Office 365, see [Add several users at the same time to Office 365](/microsoft-365/enterprise/add-several-users-at-the-same-time). -**Note**  If you encountered errors during bulk add, resolve them before you continue the bulk-add process. You can view the log file to see which users caused the errors, and then modify the .csv file to correct the problems. Click **Back** to retry the verification process. +> [!NOTE] +> If you encountered errors during bulk add, resolve them before you continue the bulk-add process. You can view the log file to see which users caused the errors, and then modify the .csv file to correct the problems. Click **Back** to retry the verification process. -The email accounts are assigned temporary passwords upon creation. You must communicate these temporary passwords to your users before they can sign in to Office 365. +The email accounts are assigned temporary passwords upon creation. Communicate these temporary passwords to your users before they can sign in to Office 365. ### Create Office 365 security groups Assign SharePoint Online resource permissions to Office 365 security groups, not individual user accounts. For example, create one security group for faculty members and another for students. Then, you can assign unique SharePoint Online resource permissions to faculty members and a different set of permissions to students. Add or remove users from the security groups to grant or revoke access to SharePoint Online resources. -**Note**  If your institution has AD DS, don’t create security accounts in Office 365. Instead, create the security groups in AD DS, and then use Azure AD integration to synchronize the security groups with your Office 365 tenant. +> [!NOTE] +> If your institution has AD DS, don’t create security accounts in Office 365. Instead, create the security groups in AD DS, and then use Azure AD integration to synchronize the security groups with your Office 365 tenant. -For information about creating security groups, see [Create and manage Microsoft 365 groups in Admin Center Preview](https://support.office.com/en-us/article/Create-and-manage-Office-365-groups-in-Admin-Center-Preview-93df5bd4-74c4-45e8-9625-56db92865a6e?ui=en-US&rs=en-US&ad=US). +For information about creating security groups, see [Create a group in the Microsoft 365 admin center](/microsoft-365/admin/create-groups/create-groups). You can add and remove users from security groups at any time. -**Note**  Office 365 evaluates group membership when users sign in. If you change group membership for a user, that user may need to sign out, and then sign in again for the change to take effect. +> [!NOTE] +> Office 365 evaluates group membership when users sign in. If you change group membership for a user, that user may need to sign out, and then sign in again for the change to take effect. ### Create email distribution groups @@ -518,9 +516,10 @@ Microsoft Exchange Online uses an email distribution group as a single email rec You can create email distribution groups based on job role (such as teachers, administration, or students) or specific interests (such as robotics, drama club, or soccer team). You can create any number of distribution groups, and users can be members of more than one group. -**Note**  Office 365 can take some time to complete the Exchange Online creation process. You will have to wait until Office 365 completes the Exchange Online creation process before you can perform the following steps. +> [!NOTE] +> Office 365 can take some time to complete the Exchange Online creation process. You will have to wait until Office 365 completes the Exchange Online creation process before you can perform the following steps. -For information about how to create security groups, see [Create and manage Microsoft 365 groups in Admin Center Preview](https://support.office.com/en-us/article/Create-and-manage-Office-365-groups-in-Admin-Center-Preview-93df5bd4-74c4-45e8-9625-56db92865a6e?ui=en-US&rs=en-US&ad=US). +For information about how to create security groups, see [Create a group in the Microsoft 365 admin center](/microsoft-365/admin/create-groups/create-groups). ### Summary @@ -545,44 +544,48 @@ Microsoft Store for Business allows you to create your own private portal to man - Manage apps, app licenses, and updates. - Distribute apps to your users. -For more information about Microsoft Store for Business, see [Microsoft Store for Business overview](/microsoft-store/microsoft-store-for-business-overview). +For more information, see [Microsoft Store for Business overview](/microsoft-store/microsoft-store-for-business-overview). The following section shows you how to create a Microsoft Store for Business portal and configure it for your school. ### Create and configure your Microsoft Store for Business portal -To create and configure your Microsoft Store for Business portal, simply use the administrative account for your Office 365 subscription to sign in to Microsoft Store for Business. Microsoft Store for Business automatically creates a portal for your institution and uses your account as its administrator. +To create and configure your Microsoft Store for Business portal, use the administrative account for your Office 365 subscription to sign in to Microsoft Store for Business. Microsoft Store for Business automatically creates a portal for your institution and uses your account as its administrator. #### To create and configure a Microsoft Store for Business portal -1. In Microsoft Edge or Internet Explorer, type `https://microsoft.com/business-store` in the address bar. -2. On the **Microsoft Store for Business** page, click **Sign in with an organizational account**.

**Note**  If your institution has AD DS, then don’t create security accounts in Office 365. Instead, create the security groups in AD DS, and then use Azure AD integration to synchronize the security groups with your Office 365 tenant. -3. On the Microsoft Store for Business sign-in page, use the administrative account for the Office 365 subscription you created in the [Create a new Office 365 Education subscription](#create-a-new-office-365-education-subscription) section to sign in. -4. On the **Microsoft Store for Business Services Agreement** page, review the agreement, select the **I accept this agreement and certify that I have the authority to bind my organization to its terms** check box, and then click **Accept** -5. In the **Welcome to the Microsoft Store for Business** dialog box, click **OK**. +1. In Microsoft Edge or Internet Explorer, go to [https://microsoft.com/business-store](https://microsoft.com/business-store). +2. On the **Microsoft Store for Business** page, click **Sign in with an organizational account**. + + If your institution has AD DS, then don’t create security accounts in Office 365. Instead, create the security groups in AD DS, and then use Azure AD integration to synchronize the security groups with your Office 365 tenant. + +1. On the Microsoft Store for Business sign-in page, use the administrative account for the Office 365 subscription you created in the [Create a new Office 365 Education subscription](#create-a-new-office-365-education-subscription) section to sign in. +2. On the **Microsoft Store for Business Services Agreement** page, review the agreement, select the **I accept this agreement and certify that I have the authority to bind my organization to its terms** check box, and then click **Accept** +3. In the **Welcome to the Microsoft Store for Business** dialog box, click **OK**. After you create the Microsoft Store for Business portal, configure it by using the commands in the settings menu listed in Table 7. Depending on your institution, you may (or may not) need to change these settings to further customize your portal. *Table 7. Menu selections to configure Microsoft Store for Business settings* - -| Menu selection | What you can do in this menu | -|----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| Account information | Displays information about your Microsoft Store for Business account (no settings can be changed). You make changes to this information in Office 365 or the Azure Portal. For more information, see [Update Microsoft Store for Business account settings](/microsoft-store/update-microsoft-store-for-business-account-settings). | -| Device Guard signing | Allows you to upload and sign Device Guard catalog and policy files. For more information about Device Guard, see [Device Guard deployment guide](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide). | -| LOB publishers | Allows you to add line-of-business (LOB) publishers that can then publish apps to your private store. LOB publishers are usually internal developers or software vendors that are working with your institution. For more information, see [Working with line-of-business apps](/microsoft-store/working-with-line-of-business-apps). | -| Management tools | Allows you to add tools that you can use to distribute (deploy) apps in your private store. For more information, see [Distribute apps with a management tool](/microsoft-store/distribute-apps-with-management-tool). | -| Offline licensing | Allows you to show (or not show) offline licensed apps to people shopping in your private store. For more information, see [Licensing model: online and offline licenses](/microsoft-store/apps-in-microsoft-store-for-business#licensing-model). | +--- +| Menu selection | What you can do in this menu | +|---|---| +| Account information | Displays information about your Microsoft Store for Business account (no settings can be changed). You make changes to this information in Office 365 or the Azure portal. For more information, see [Update Microsoft Store for Business account settings](/microsoft-store/update-microsoft-store-for-business-account-settings).| +| Device Guard signing | Allows you to upload and sign Device Guard catalog and policy files. For more information about Device Guard, see [Device Guard deployment guide](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide). | +| LOB publishers | Allows you to add line-of-business (LOB) publishers that can then publish apps to your private store. LOB publishers are usually internal developers or software vendors that are working with your institution. For more information, see [Working with line-of-business apps](/microsoft-store/working-with-line-of-business-apps). | +| Management tools | Allows you to add tools that you can use to distribute (deploy) apps in your private store. For more information, see [Distribute apps with a management tool](/microsoft-store/distribute-apps-with-management-tool). | +| Offline licensing | Allows you to show (or not show) offline licensed apps to people shopping in your private store. For more information, see [Licensing model: online and offline licenses](/microsoft-store/apps-in-microsoft-store-for-business#licensing-model). | | Permissions | Allows you to grant other users in your organization the ability to buy, manage, and administer your Microsoft Store for Business portal. You can also remove permissions you have previously granted. For more information, see [Roles and permissions in Microsoft Store for Business](/microsoft-store/roles-and-permissions-microsoft-store-for-business). | | Private store | Allows you to change the organization name used in your Microsoft Store for Business portal. When you create your portal, the private store uses the organization name that you used to create your Office 365 subscription. For more information, see [Distribute apps using your private store](/microsoft-store/distribute-apps-from-your-private-store). | -

+--- ### Find, acquire, and distribute apps in the portal Now that you have created your Microsoft Store for Business portal, you’re ready to find, acquire, and distribute apps that you will add to your portal. You do this by using the Inventory page in Microsoft Store for Business. -**Note**  Your educational institution can now use a credit card to pay for apps in Microsoft Store for Business. +> [!NOTE] +> Your educational institution can now use a credit card to pay for apps in Microsoft Store for Business. You can deploy apps to individual users or make apps available to users through your private store. Deploying apps to individual users restricts the app to those specified users. Making apps available through your private store allows all your users. @@ -598,7 +601,7 @@ You will use the LTI deployment process in MDT to deploy Windows 10 to devices o ### Select the operating systems -Later in the process, you will import the versions of Windows 10 you want to deploy. You can deploy the operating system to new devices, refresh existing devices, or upgrade existing devices. In the case of: +Later in the process, you will import the versions of Windows 10 you want to deploy. You can deploy the operating system to new devices, refresh existing devices, or upgrade existing devices. If: - New devices or refreshing existing devices, you will complete replace the existing operating system on a device with Windows 10. - Upgrading existing devices, you will upgrade the existing operating system (the Windows 8.1 or Windows 7 operating system) to Windows 10. @@ -614,13 +617,15 @@ Depending on your school’s requirements, you may need any combination of the f - Deploy new instances of Windows 10 Education so that new devices have a known configuration. - **Windows 10 Pro Education**. Use this operating system to upgrade existing eligible institution-owned devices running Windows 10 Pro Education, version 1903 or later, to Windows 10 Education using [subscription activation](/windows/deployment/windows-10-subscription-activation). -**Note**  Although you can use Windows 10 Home on institution-owned devices, Microsoft recommends that you use Windows 10 Pro or Windows 10 Education, instead. Windows 10 Pro and Windows 10 Education provide support for MDM, policy-based management, and Microsoft Store for Business. These features are not available in Windows 10 Home. +> [!NOTE] +> Although you can use Windows 10 Home on institution-owned devices, Microsoft recommends that you use Windows 10 Pro or Windows 10 Education, instead. Windows 10 Pro and Windows 10 Education provide support for MDM, policy-based management, and Microsoft Store for Business. These features are not available in Windows 10 Home. -One other consideration is the mix of processor architectures you will support. If you can, support only 64-bit versions of Windows 10. If you have devices that can run only 32 bit versions of Windows 10, you will need to import both 64-bit and 32-bit versions of the Windows 10 editions listed above. +One other consideration is the mix of processor architectures you will support. If you can, support only 64-bit versions of Windows 10. If you have devices that can run only 32-bit versions of Windows 10, you will need to import both 64-bit and 32-bit versions of the Windows 10 editions listed above. -**Note**  On devices that have minimal system resources (such as devices with only 2 GB of memory or 32 GB of storage), use 32-bit versions of Windows 10 because 64-bit versions of Windows 10 place more stress on device system resources. +> [!NOTE] +> On devices that have minimal system resources (such as devices with only 2 GB of memory or 32 GB of storage), use 32-bit versions of Windows 10 because 64-bit versions of Windows 10 place more stress on device system resources. -Finally, as a best practice, minimize the number of operating systems that you deploy and manage. If possible, standardize institution-owned devices on one Windows 10 edition (such as a 64-bit version of Windows 10 Education or Windows 10 Pro). Of course, you cannot standardize personal devices on a specific operating system version or processor architecture. +Finally, as a best practice, minimize the number of operating systems that you deploy and manage. If possible, standardize institution-owned devices on one Windows 10 edition (such as a 64-bit version of Windows 10 Education or Windows 10 Pro). You cannot standardize personal devices on a specific operating system version or processor architecture. ### Select an image approach @@ -636,60 +641,14 @@ The MDT deployment process is highly automated, requiring minimal information to *Table 8. Methods to initiate MDT deployment* - ---- - - - - - - - +--- +| Method | Description and reason to select this method | +| --- | --- | +| **Windows Deployment Services** | This method:

- Uses diskless booting to initiate MDT deployment
- Works only with devices that support PXE boot.
- Deploys Windows 10 over the network, which consumes more network bandwidth than deployment from local media.
-Deploys images more slowly than when using local media.
- Requires that you deploy a Windows Deployment Services server.

Select this method when you want to deploy Windows over-the-network and perform diskless booting. The advantage of this method is that the diskless media are generic and typically don’t require updates after you create them (the Deployment Wizard accesses the centrally located deployment share over the network). The disadvantage of this method is that over-the-network deployments are slower than deployments from local media, and you must deploy a Windows Deployment Services server. | +| **Bootable media** | This method:

- Initiates MDT deployment by booting from local media, including from USB drives, DVD-ROM, or CD-ROM.
- Deploys Windows 10 over the network, which consumes more network bandwidth than deployment from local media.
- Deploys images more slowly than when using local media.
- Requires no additional infrastructure.

Select this method when you want to deploy Windows over-the-network and are willing to boot the target device from local media. The advantage of this method is that the media are generic and typically don’t require updates after you create them (the Deployment Wizard accesses the centrally located deployment share over the network). The disadvantage of this method is that over-the-network deployments are slower than deployment from local media. | +| **MDT deployment media** | This method:

- Initiates MDT deployment by booting from a local USB hard disk.
- Deploys Windows 10 from local media, which consumes less network bandwidth than over-the-network methods.
- Deploys images more quickly than network-based methods do.
- Requires a USB hard disk because of the deployment share’s storage requirements (up to 100 GB).

Select this method when you want to perform local deployments and are willing to boot the target device from a local USB hard disk. The advantage of this method is that local deployments are faster than over-the-network deployments. The disadvantage of this method is that each time you change the deployment share, you must regenerate the MDT deployment media and update the USB hard disk. | - - - - - - - - - - - - - - - -
MethodDescription and reason to select this method
Windows Deployment ServicesThis method:

-
    -
  • Uses diskless booting to initiate MDT deployment.
    • -
  • Works only with devices that support PXE boot.
    • -
  • Deploys Windows 10 over the network, which consumes more network bandwidth than deployment from local media.
    • -
  • Deploys images more slowly than when using local media.
    • -
  • Requires that you deploy a Windows Deployment Services server.
    • -
- -Select this method when you want to deploy Windows over-the-network and perform diskless booting. The advantage of this method is that the diskless media are generic and typically don’t require updates after you create them (the Deployment Wizard accesses the centrally located deployment share over the network). The disadvantage of this method is that over-the-network deployments are slower than deployments from local media, and you must deploy a Windows Deployment Services server.
Bootable mediaThis method:

-
    -
  • Initiates MDT deployment by booting from local media, including from USB drives, DVD-ROM, or CD-ROM.
    • -
  • Deploys Windows 10 over the network, which consumes more network bandwidth than deployment from local media.
    • -
  • Deploys images more slowly than when using local media.
    • -
  • Requires no additional infrastructure.
    • -
- -Select this method when you want to deploy Windows over-the-network and are willing to boot the target device from local media. The advantage of this method is that the media are generic and typically don’t require updates after you create them (the Deployment Wizard accesses the centrally located deployment share over the network). The disadvantage of this method is that over-the-network deployments are slower than deployment from local media.
MDT deployment mediaThis method:

-
    -
  • Initiates MDT deployment by booting from a local USB hard disk.
    • -
  • Deploys Windows 10 from local media, which consumes less network bandwidth than over-the-network methods.
    • -
  • Deploys images more quickly than network-based methods do.
    • -
  • Requires a USB hard disk because of the deployment share’s storage requirements (up to 100 GB).
    • -
- -Select this method when you want to perform local deployments and are willing to boot the target device from a local USB hard disk. The advantage of this method is that local deployments are faster than over-the-network deployments. The disadvantage of this method is that each time you change the deployment share, you must regenerate the MDT deployment media and update the USB hard disk.
+--- ### Summary @@ -705,105 +664,35 @@ The first step in preparation for Windows 10 deployment is to configure—that i *Table 9. Tasks to configure the MDT deployment share* - ---- - - - - - - - - - - - +--- +| Task | Description | +| --- | --- | +| **1. Import operating systems** | Import the operating systems that you selected in the [Select operating systems](#select-the-operating-systems) section into the deployment share. For more information about how to import operating systems, see [Import an Operating System into the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#ImportanOperatingSystemintotheDeploymentWorkbench). | +| **2. Import device drives** | Device drivers allow Windows 10 to know a device’s hardware resources and connected hardware accessories. Without the proper device drivers, certain features may be unavailable. For example, without the proper audio driver, a device cannot play sounds; without the proper camera driver, the device cannot take photos or use video chat.

Import device drivers for each device in your institution. For more information about how to import device drivers, see [Import Device Drivers into the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#ImportDeviceDriversintotheDeploymentWorkbench). | +| **3. Create MDT applications for Microsoft Store apps** | Create an MDT application for each Microsoft Store app you want to deploy. You can deploy Microsoft Store apps by using sideloading, which allows you to use the Add-AppxPackage Windows PowerShell cmdlet to deploy the .appx files associated with the app (called provisioned apps). Use this method to deploy up to 24 apps to Windows 10.

Prior to sideloading the .appx files, obtain the Microsoft Store .appx files that you will use to deploy (sideload) the apps in your provisioning package. For apps in Microsoft Store, you will need to obtain the .appx files from the app software vendor directly. If you are unable to obtain the .appx files from the app software vendor, then you or the students will need to install the apps on the student devices directly from Microsoft Store or Microsoft Store for Business.

If you have Intune, you can deploy Microsoft Store apps after you deploy Windows 10, as described in the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section. This method provides granular deployment of Microsoft Store apps, and you can use it for ongoing management of Microsoft Store apps. This is the preferred method of deploying and managing Microsoft Store apps.

In addition, you must prepare your environment for sideloading (deploying) Microsoft Store apps. For more information about how to:

- Prepare your environment for sideloading, see [Sideload LOB apps in Windows 10](/windows/application-management/sideload-apps-in-windows-10).
- Create an MDT application, see [Create a New Application in the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#CreateaNewApplicationintheDeploymentWorkbench). | +| **4. Create MDT applications for Windows desktop apps** | You need to create an MDT application for each Windows desktop app you want to deploy. You can obtain the Windows desktop apps from any source, but ensure that you have sufficient licenses for them.

To help reduce the effort needed to deploy Microsoft Office 2016 desktop apps, use the Office Deployment Tool, as described in [Deploy Click-to-Run for Office 365 products by using the Office Deployment Tool](/deployoffice/deploy-microsoft-365-apps-local-source?f=255&MSPPError=-2147217396).

If you have Intune, you can deploy Windows desktop apps after you deploy Windows 10, as described in the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section. This method provides granular deployment of Windows desktop apps, and you can use it for ongoing management of the apps. This is the preferred method for deploying and managing Windows desktop apps.

You can also deploy Windows desktop apps after you deploy Windows 10, as described in the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section.

For more information about how to create an MDT application for Window desktop apps, see [Create a New Application in the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#CreateaNewApplicationintheDeploymentWorkbench). | +| **5. Create task sequences.** | You must create a separate task sequence for each Windows 10 edition, processor architecture, operating system upgrade process, and new operating system deployment process. Minimally, create a task sequence for each Windows 10 operating system you imported in Step 1—for example, (1) if you want to deploy Windows 10 Education to new devices or refresh existing devices with a new deployment of Windows 10 Education; (2) if you want to upgrade existing devices running Windows 8.1 or Windows 7 to Windows 10 Education; or (3) if you want to run deployments and upgrades for both 32 bit and 64-bit versions of Windows 10. To do so, you must create task sequences that will:

- Deploy Windows 10 Education 64-bit to devices.
- Deploy Windows 10 Education 32-bit to devices.
- Upgrade existing devices to Windows 10 Education 64-bit.
- Upgrade existing devices to Windows 10 Education 32-bit.

Again, you will create the task sequences based on the operating systems that you imported in Step 1. For more information about how to create a task sequence, see [Create a New Task Sequence in the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#CreateaNewTaskSequenceintheDeploymentWorkbench). | +| **6. Update the deployment share.** | Updating a deployment share generates the MDT boot images you use to initiate the Windows 10 deployment process. You can configure the process to create 32 bit and 64-bit versions of the .iso and .wim files you can use to create bootable media or in Windows Deployment Services.

For more information about how to update a deployment share, see [Update a Deployment Share in the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#UpdateaDeploymentShareintheDeploymentWorkbench).| - - - - - - - - - - - - - - - - - - - - - - - - - -
TaskDescription
1. Import operating systemsImport the operating systems that you selected in the Select operating systems section into the deployment share. For more information about how to import operating systems, see Import an Operating System into the Deployment Workbench.
2. Import device drivesDevice drivers allow Windows 10 to know a device’s hardware resources and connected hardware accessories. Without the proper device drivers, certain features may be unavailable. For example, without the proper audio driver, a device cannot play sounds; without the proper camera driver, the device cannot take photos or use video chat.

- -Import device drivers for each device in your institution. For more information about how to import device drivers, see [Import Device Drivers into the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#ImportDeviceDriversintotheDeploymentWorkbench). - -
3. Create MDT applications for Microsoft Store appsCreate an MDT application for each Microsoft Store app you want to deploy. You can deploy Microsoft Store apps by using sideloading, which allows you to use the Add-AppxPackage Windows PowerShell cmdlet to deploy the .appx files associated with the app (called provisioned apps). Use this method to deploy up to 24 apps to Windows 10.

- -Prior to sideloading the .appx files, obtain the Microsoft Store .appx files that you will use to deploy (sideload) the apps in your provisioning package. For apps in Microsoft Store, you will need to obtain the .appx files from the app software vendor directly. If you are unable to obtain the .appx files from the app software vendor, then you or the students will need to install the apps on the student devices directly from Microsoft Store or Microsoft Store for Business.

- -If you have Intune, you can deploy Microsoft Store apps after you deploy Windows 10, as described in the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section. This method provides granular deployment of Microsoft Store apps, and you can use it for ongoing management of Microsoft Store apps. This is the preferred method of deploying and managing Microsoft Store apps.

- -In addition, you must prepare your environment for sideloading (deploying) Microsoft Store apps. For more information about how to:

- - - -
4. Create MDT applications for Windows desktop apps -You need to create an MDT application for each Windows desktop app you want to deploy. You can obtain the Windows desktop apps from any source, but ensure that you have sufficient licenses for them.

- -To help reduce the effort needed to deploy Microsoft Office 2016 desktop apps, use the Office Deployment Tool, as described in [Deploy Click-to-Run for Office 365 products by using the Office Deployment Tool](/deployoffice/deploy-microsoft-365-apps-local-source?f=255&MSPPError=-2147217396).

- -If you have Intune, you can deploy Windows desktop apps after you deploy Windows 10, as described in the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section. This method provides granular deployment of Windows desktop apps, and you can use it for ongoing management of the apps. This is the preferred method for deploying and managing Windows desktop apps.

- -**Note**  You can also deploy Windows desktop apps after you deploy Windows 10, as described in the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section.

- -For more information about how to create an MDT application for Window desktop apps, see [Create a New Application in the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#CreateaNewApplicationintheDeploymentWorkbench). - -
5. Create task sequences. -You must create a separate task sequences for each Windows 10 edition, processor architecture, operating system upgrade process, and new operating system deployment process. Minimally, create a task sequence for each Windows 10 operating system you imported in Step 1—for example, (1) if you want to deploy Windows 10 Education to new devices or refresh existing devices with a new deployment of Windows 10 Education; (2) if you want to upgrade existing devices running Windows 8.1 or Windows 7 to Windows 10 Education; or (3) if you want to run deployments and upgrades for both 32 bit and 64 bit versions of Windows 10. To do so, you must create task sequences that will: -

-
  • Deploy Windows 10 Education 64-bit to devices.
    • -
  • Deploy Windows 10 Education 32-bit to devices.
    • -
  • Upgrade existing devices to Windows 10 Education 64-bit.
    • -
  • Upgrade existing devices to Windows 10 Education 32-bit.
    • -
- -Again, you will create the task sequences based on the operating systems that you imported in Step 1. For more information about how to create a task sequence, see [Create a New Task Sequence in the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#CreateaNewTaskSequenceintheDeploymentWorkbench). - -
6. Update the deployment share. -Updating a deployment share generates the MDT boot images you use to initiate the Windows 10 deployment process. You can configure the process to create 32 bit and 64 bit versions of the .iso and .wim files you can use to create bootable media or in Windows Deployment Services.

- -For more information about how to update a deployment share, see [Update a Deployment Share in the Deployment Workbench](/mem/configmgr/mdt/use-the-mdt#UpdateaDeploymentShareintheDeploymentWorkbench).
+--- ### Configure Window Deployment Services for MDT -You can use Windows Deployment Services in conjunction with MDT to automatically initiate boot images on target computers. These boot images can be Windows PE images (which you generated in Step 6 in Table 9) or custom images that can deploy operating systems directly to the target computers. +You can use Windows Deployment Services with MDT to automatically initiate boot images on target computers. These boot images can be Windows PE images (which you generated in Step 6 in Table 9) or custom images that can deploy operating systems directly to the target computers. #### To configure Windows Deployment Services for MDT -1. Set up and configure Windows Deployment Services.

Windows Deployment Services is a server role available in all Windows Server editions. You can enable the Windows Deployment Services server role on a new server or on any server running Windows Server in your institution. For more information about how to perform this step, see the following resources: +1. Set up and configure Windows Deployment Services. - - [Windows Deployment Services overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831764(v=ws.11)) - - The Windows Deployment Services Help file, included in Windows Deployment Services - - [Windows Deployment Services Getting Started Guide for Windows Server 2012](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj648426(v=ws.11)) + Windows Deployment Services is a server role available in all Windows Server editions. You can enable the Windows Deployment Services server role on a new server or on any server running Windows Server in your institution. For more information about how to perform this step, see the following resources: -2. Add LTI boot images (Windows PE images) to Windows Deployment Services.

The LTI boot images (.wim files) that you will add to Windows Deployment Services are in the MDT deployment share. Locate the .wim files in the Boot subfolder in the deployment share. For more information about how to perform this step, see [Add LTI Boot Images to Windows Deployment Services](/mem/configmgr/mdt/use-the-mdt#AddLTIBootImagestoWindowsDeploymentServices). + - [Windows Deployment Services overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831764(v=ws.11)) + - The Windows Deployment Services Help file, included in Windows Deployment Services + - [Windows Deployment Services Getting Started Guide for Windows Server 2012](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj648426(v=ws.11)) + +2. Add LTI boot images (Windows PE images) to Windows Deployment Services. + + The LTI boot images (.wim files) that you will add to Windows Deployment Services are in the MDT deployment share. Locate the .wim files in the Boot subfolder in the deployment share. For more information about how to perform this step, see [Add LTI Boot Images to Windows Deployment Services](/mem/configmgr/mdt/use-the-mdt#AddLTIBootImagestoWindowsDeploymentServices). ### Summary @@ -815,82 +704,19 @@ Before you deploy Windows 10 in your institution, you must prepare for device ma ### Select the management method -If you have only one device to configure, manually configuring that one device is tedious but possible. When you have multiple classrooms of devices to configure, however, manually configuring each device becomes overwhelming. In addition, manually keeping an identical configuration on each device is virtually impossible as the number of devices in the school increases. +If you have only one device to configure, manually configuring that one device is tedious but possible. When you have multiple classrooms of devices to configure, however, manually configuring each device becomes overwhelming. In addition, manually keeping an identical configuration on each device is difficult as the number of devices in the school increases. For a school, there are many ways to manage devices. Table 10 lists the methods that this guide describes and recommends. Use the information in Table 10 to determine which combination of management methods is right for your institution. *Table 10. School management methods* - ---- - - - - - - - +--- +| Method | Description | +| --- | --- | +| **Group Policy** | Group Policy is an integral part of AD DS and allows you to specify configuration settings for Windows 10 and previous versions of Windows. Select this method when you:

- Want to manage institution-owned devices that are domain joined (personally owned devices are typically not domain joined).
- Want more granular control of device and user settings.
- Have an existing AD DS infrastructure.
- Typically manage on-premises devices.
- Can manage a required setting only by using Group Policy.

The advantages of this method include:

- No cost beyond the AD DS infrastructure.
- A larger number of settings.

The disadvantages of this method are:

- Can only manage domain-joined (institution-owned devices).
- Requires an AD DS infrastructure (if the institution does not have AD DS already).
- Typically manages on-premises devices (unless devices connect by using a VPN or DirectAccess). | +| **Intune** | Intune is a cloud-based management system that allows you to specify configuration settings for Windows 10 and other operating systems, such as iOS/iPadOS, macOS, and Android. Intune is a subscription-based cloud service that integrates with Microsoft 365 and Azure AD.

Select this method when you:

- Want to manage institution-owned and personal devices (does not require that the device be domain joined).
- Don’t require the level of granular control over device and user settings (compared to Group Policy).
- Don’t have an existing AD DS infrastructure.
- Need to manage devices regardless of where they are (on or off premises).
- Can manage a required setting only by using Intune.

The advantages of this method are:

- You can manage institution-owned and personal devices.
- It doesn’t require that devices be domain joined.
- It doesn’t require any on-premises infrastructure.
- It can manage devices regardless of their location (on or off premises).

The disadvantages of this method are:

- Carries an additional cost for subscription.
- Doesn’t have a granular level control over device and user settings (compared to Group Policy). | - - - - - - - - - - - -
MethodDescription
Group Policy -Group Policy is an integral part of AD DS and allows you to specify configuration settings for Windows 10 and previous versions of Windows. Select this method when you: -
    -
  • Want to manage institution-owned devices that are domain joined (personally owned devices are typically not domain joined).
    • -
  • Want more granular control of device and user settings.
    • -
  • Have an existing AD DS infrastructure.
    • -
  • Typically manage on-premises devices.
    • -
  • Can manage a required setting only by using Group Policy.
    • -
- -The advantages of this method include: -
    -
  • No cost beyond the AD DS infrastructure.
    • -
  • A larger number of settings (compared to Intune).
    • -
-The disadvantages of this method are: -
    -
  • Can only manage domain-joined (institution-owned devices).
    • -
  • Requires an AD DS infrastructure (if the institution does not have AD DS already).
    • -
  • Typically manages on-premises devices (unless devices connect by using a VPN or DirectAccess).
    • -
-
IntuneIntune is a cloud-based management system that allows you to specify configuration settings for Windows 10, previous versions of Windows, and other operating systems (such as iOS or Android). Intune is a subscription-based cloud service that integrates with Office 365 and Azure AD. -Select this method when you: -
    -
  • Want to manage institution-owned and personal devices (does not require that the device be domain joined).
    • -
  • Don’t require the level of granular control over device and user settings (compared to Group Policy).
    • -
  • Don’t have an existing AD DS infrastructure.
    • -
  • Need to manage devices regardless of where they are (on or off premises).
    • -
  • Can manage a required setting only by using Intune.
    • -
- -The advantages of this method are: -
    -
  • You can manage institution-owned and personal devices.
    • -
  • It doesn’t require that devices be domain joined.
    • -
  • It doesn’t require any on-premises infrastructure.
    • -
  • It can manage devices regardless of their location (on or off premises).
    • - -
-The disadvantages of this method are: -
    -
  • Carries an additional cost for subscription.
    • -
  • Doesn’t have a granular level control over device and user settings (compared to Group Policy).
    • -
- -

+--- ### Select Microsoft-recommended settings @@ -898,111 +724,21 @@ Microsoft has several recommended settings for educational institutions. Table 1 *Table 11. Recommended settings for educational institutions* - ---- - - - - - - - +--- +| Recommendation | Description | +| --- | --- | +| **Use of Microsoft accounts** | You want faculty and students to use only Azure AD accounts for institution-owned devices. For these devices, do not use Microsoft accounts or associate a Microsoft account with the Azure AD accounts.

Personal devices typically use Microsoft accounts. Faculty and students can associate their Microsoft account with their Azure AD account on these devices.

**Group Policy**: Configure the [Accounts: Block Microsoft accounts](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj966262(v=ws.11)?amp;MSPPError=-2147217396&f=255) Group Policy setting to use the Users can’t add Microsoft accounts setting option.

**Intune**: Enable or disable Microsoft accounts by using the **Allow Microsoft account**, **Allow adding non-Microsoft accounts manually**, and **Allow settings synchronization for Microsoft accounts** policy settings under the **Accounts and Synchronization** section of a **Windows 10 General Configuration** policy. | +| **Restrict local administrator accounts on the devices** | Ensure that only authorized users are local administrators on institution-owned devices. Typically, you don’t want students to be administrators on instruction-owned devices. Explicitly specify the users who will be local administrators on a group of devices.

**Group Policy**: Create a **Local Group** Group Policy preference to limit the local administrators group membership. Select the **Delete all member users** and **Delete all member groups** check boxes to remove any existing members. For more information about how to configure Local Group preferences, see [Configure a Local Group Item](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732525(v=ws.11)).

**Intune**: Not available | +| **Manage the built-in administrator account created during device deployment** | When you use MDT to deploy Windows 10, the MDT deployment process automatically creates a local Administrator account with the password you specified. As a security best practice, rename the built-in Administrator account and optionally disable it.

**Group Policy**: Rename the built-in Administrator account by using the **Accounts: Rename administrator account** Group Policy setting. For more information about how to rename the built-in Administrator account, see [To rename the Administrator account using the Group Policy Management Console](/previous-versions/windows/it-pro/windows-server-essentials-sbs/cc747484(v=ws.10)). You will specify the new name for the Administrator account. You can disable the built-in Administrator account by using the **Accounts: Administrator account status** Group Policy setting. For more information about how to disable the built-in Administrator account, see [Accounts: Administrator account status](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj852165(v=ws.11)).

**Intune**: Not available. | +| **Control Microsoft Store access** | You can control access to Microsoft Store and whether existing Microsoft Store apps receive updates. You can only disable the Microsoft Store app in Windows 10 Education and Windows 10 Enterprise.

**Group Policy**: You can disable the Microsoft Store app by using the **Turn off the Store Application** Group Policy setting. You can prevent Microsoft Store apps from receiving updates by using the **Turn off Automatic Download and Install of updates** Group Policy setting. For more information about configuring these settings, see [Can I use Group Policy to control the Microsoft Store in my enterprise environment?](/previous-versions/windows/it-pro/windows-8.1-and-8/hh832040(v=ws.11)#BKMK_UseGP).

**Intune**: You can enable or disable the camera by using the **Allow application store** policy setting in the **Apps** section of a **Windows 10 General Configuration** policy. | +| **Use of Remote Desktop connections to devices** | Remote Desktop connections could allow unauthorized access to the device. Depending on your institution’s policies, you may want to disable Remote Desktop connections on your devices.

**Group Policy**: You can enable or disable Remote Desktop connections to devices by using the **Allow Users to connect remotely using Remote Desktop setting** in Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections.

**Intune**: Not available. | +| **Use of camera** | A device’s camera can be a source of disclosure or privacy issues in an education environment. Depending on your institution’s policies, you may want to disable the camera on your devices.

**Group Policy**: Not available.

**Intune**: You can enable or disable the camera by using the **Allow camera** policy setting in the **Hardware** section of a **Windows 10 General Configuration** policy. | +| **Use of audio recording** | Audio recording (by using the Sound Recorder app) can be a source of disclosure or privacy issues in an education environment. Depending on your institution’s policies, you may want to disable the Sound Recorder app on your devices.

**Group Policy**: You can disable the Sound Recorder app by using the **Do not allow Sound Recorder to run** Group Policy setting. You can disable other audio recording apps by using AppLocker policies. Create AppLocker policies by using the information in [Editing an AppLocker Policy](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee791894(v=ws.10)) and [Create Your AppLocker Policies](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/ee791899(v=ws.11))

**Intune**: You can enable or disable the camera by using the **Allow voice recording** policy setting in the **Features** section of a **Windows 10 General Configuration** policy. | +| **Use of screen capture** | Screen captures can be a source of disclosure or privacy issues in an education environment. Depending on your institution’s policies, you may want to disable the ability to perform screen captures on your devices.

**Group Policy**: Not available.

**Intune**: You can enable or disable the camera by using the **Allow screen capture** policy setting in the **System** section of a **Windows 10 General Configuration** policy. | +| **Use of location services** | Providing a device’s location can be a source of disclosure or privacy issues in an education environment. Depending on your institution’s policies, you may want to disable the location service on your devices.

**Group Policy**: You can enable or disable location services by using the **Turn off location** Group Policy setting in User Configuration\Windows Components\Location and Sensors.

**Intune**: You can enable or disable the camera by using the **Allow geolocation** policy setting in the **Hardware** section of a **Windows 10 General Configuration** policy. | +| **Changing wallpaper** | Displaying a custom wallpaper can be a source of disclosure or privacy issues in an education environment (if the wallpaper displays information about the user or the device). Depending on your institution’s policies, you may want to prevent users from changing the wallpaper on your devices.

**Group Policy**: You can configure the wallpaper by using the **Desktop WallPaper** setting in User Configuration\Administrative Templates\Desktop\Desktop.

**Intune**: Not available. | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
RecommendationDescription
Use of Microsoft accountsYou want faculty and students to use only Azure AD accounts for institution-owned devices. For these devices, do not use Microsoft accounts or associate a Microsoft account with the Azure AD accounts.

-Note  Personal devices typically use Microsoft accounts. Faculty and students can associate their Microsoft account with their Azure AD account on these devices.

-Group Policy. Configure the Accounts: Block Microsoft accounts Group Policy setting to use the Users can’t add Microsoft accounts setting option.

-Intune. Enable or disable the camera by using the Allow Microsoft account, Allow adding non-Microsoft accounts manually, and Allow settings synchronization for Microsoft accounts policy settings under the Accounts and Synchronization section of a Windows 10 General Configuration policy. -
Restrict local administrator accounts on the devicesEnsure that only authorized users are local administrators on institution-owned devices. Typically, you don’t want students to be administrators on instruction-owned devices. Explicitly specify the users who will be local administrators on a group of devices.

-Group Policy. Create a Local Group Group Policy preference to limit the local administrators group membership. Select the Delete all member users and Delete all member groups check boxes to remove any existing members. For more information about how to configure Local Group preferences, see Configure a Local Group Item.

-Intune. Not available. -
Restrict the local administrator accounts on the devicesEnsure that only authorized users are local administrators on institution-owned devices. Typically, you don’t want students to be administrators on instruction-owned devices. Explicitly specify the users who will be local administrators on a group of devices.

-Group Policy. Create a Local Group Group Policy preference to limit the local administrators group membership. Select the Delete all member users and Delete all member groups check boxes to remove any existing members. For more information about how to configure Local Group preferences, see Configure a Local Group Item.

-Intune. Not available. -
Manage the built-in administrator account created during device deploymentWhen you use MDT to deploy Windows 10, the MDT deployment process automatically creates a local Administrator account with the password you specified. As a security best practice, rename the built-in Administrator account and optionally disable it.

-Group Policy. Rename the built-in Administrator account by using the Accounts: Rename administrator account Group Policy setting. For more information about how to rename the built-in Administrator account, see To rename the Administrator account using the Group Policy Management Console. You will specify the new name for the Administrator account. You can disable the built-in Administrator account by using the Accounts: Administrator account status Group Policy setting. For more information about how to disable the built-in Administrator account, see Accounts: Administrator account status.

-Intune. Not available. -
Control Microsoft Store accessYou can control access to Microsoft Store and whether existing Microsoft Store apps receive updates. You can only disable the Microsoft Store app in Windows 10 Education and Windows 10 Enterprise.

-Group Policy. You can disable the Microsoft Store app by using the Turn off the Store Application Group Policy setting. You can prevent Microsoft Store apps from receiving updates by using the Turn off Automatic Download and Install of updates Group Policy setting. For more information about configuring these settings, see Can I use Group Policy to control the Microsoft Store in my enterprise environment?.

-Intune. You can enable or disable the camera by using the Allow application store policy setting in the Apps section of a Windows 10 General Configuration policy. -
Use of Remote Desktop connections to devicesRemote Desktop connections could allow unauthorized access to the device. Depending on your institution’s policies, you may want to disable Remote Desktop connections on your devices.

-Group Policy. You can enable or disable Remote Desktop connections to devices by using the Allow Users to connect remotely using Remote Desktop setting in Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections.

-Intune. Not available. -
Use of cameraA device’s camera can be a source of disclosure or privacy issues in an education environment. Depending on your institution’s policies, you may want to disable the camera on your devices.

-Group Policy. Not available.

-Intune. You can enable or disable the camera by using the Allow camera policy setting in the Hardware section of a Windows 10 General Configuration policy. -
Use of audio recordingAudio recording (by using the Sound Recorder app) can be a source of disclosure or privacy issues in an education environment. Depending on your institution’s policies, you may want to disable the Sound Recorder app on your devices.

-Group Policy. You can disable the Sound Recorder app by using the Do not allow Sound Recorder to run Group Policy setting. You can disable other audio recording apps by using AppLocker policies. Create AppLocker policies by using the information in Editing an AppLocker Policy and Create Your AppLocker Policies.

-Intune. You can enable or disable the camera by using the Allow voice recording policy setting in the Features section of a Windows 10 General Configuration policy. -
Use of screen captureScreen captures can be a source of disclosure or privacy issues in an education environment. Depending on your institution’s policies, you may want to disable the ability to perform screen captures on your devices.

-Group Policy. Not available.

-Intune. You can enable or disable the camera by using the Allow screen capture policy setting in the System section of a Windows 10 General Configuration policy. -
Use of location servicesProviding a device’s location can be a source of disclosure or privacy issues in an education environment. Depending on your institution’s policies, you may want to disable the location service on your devices.

-Group Policy. You can enable or disable location services by using the Turn off location Group Policy setting in User Configuration\Windows Components\Location and Sensors.

-Intune. You can enable or disable the camera by using the Allow geolocation policy setting in the Hardware section of a Windows 10 General Configuration policy. -
Changing wallpaperDisplaying a custom wallpaper can be a source of disclosure or privacy issues in an education environment (if the wallpaper displays information about the user or the device). Depending on your institution’s policies, you may want to prevent users from changing the wallpaper on your devices.

-Group Policy. You can configure the wallpaper by using the Desktop WallPaper setting in User Configuration\Administrative Templates\Desktop\Desktop.

-Intune. Not available. -

+--- ### Configure settings by using Group Policy @@ -1018,22 +754,25 @@ For more information about Group Policy, see [Group Policy Planning and Deployme ### Configure settings by using Intune -Now, you’re ready to configure settings by using Intune. The steps in this section assume that you have an Office 365 subscription. You will configure the Intune settings that you selected in the [Select Microsoft-recommended settings](#select-microsoft-recommended-settings) section. +Now, you’re ready to configure settings using Intune. The steps in this section assume that you have an Office 365 subscription. You will configure the Intune settings that you selected in the [Select Microsoft-recommended settings](#select-microsoft-recommended-settings) section. -For more information about Intune, see [Documentation for Microsoft Intune](/intune/). +For more information about Intune, see [Documentation for Microsoft Intune](/mem/intune/). #### To configure Intune settings -1. Add Intune to your Office 365 subscription by completing the steps in [Get started with a paid subscription to Microsoft Intune](/intune/get-started/start-with-a-paid-subscription-to-microsoft-intune). -2. Enroll devices with Intune by completing the steps in [Get ready to enroll devices in Microsoft Intune](https://technet.microsoft.com/library/dn646962.aspx). -3. Configure the settings in Intune Windows 10 policies by completing the steps in [Manage settings and features on your devices with Microsoft Intune policies](https://technet.microsoft.com/library/dn646984.aspx). -4. Manage Windows 10 devices by completing the steps in [Manage Windows PCs with Microsoft Intune](https://technet.microsoft.com/library/dn646959.aspx). +1. Check your Intune licensing. If you have a Microsoft 365 subscription, you may already have Intune. For more information, see [Microsoft Intune licensing](/mem/intune/fundamentals/licenses). +2. Enroll devices in Microsoft Intune. For more information on your enrollment options, see [Intune enrollment methods for Windows devices](/mem/intune/enrollment/windows-enrollment-methods). +3. Configure the [compliance settings](/mem/intune/protect/device-compliance-get-started) and [configuration settings](/mem/intune/configuration/device-profiles) that meet your school system's needs. +4. Use the reporting features in Intune to monitor devices. For more information, see [Intune reports](/mem/intune/fundamentals/reports). ### Deploy apps by using Intune -You can use Intune to deploy Microsoft Store and Windows desktop apps. Intune provides improved control over which users receive specific apps. In addition, Intune allows you deploy apps to companion devices (such as Windows 10 Mobile, iOS, or Android devices) Finally, Intune helps you manage app security and features, such as mobile application management policies that let you manage apps on devices that are not enrolled in Intune or are managed by another solution. +You can use Intune to deploy apps to Android, iOS/iPadOS, macOS, and Windows devices. You can manage app security and features on organization-owned devices and personal devices. -For more information about how to configure Intune to manage your apps, see [Deploy and configure apps with Microsoft Intune](/intune/). +For more information about how to configure Intune to manage your apps, see: + +- [What is Microsoft Intune app management?](/mem/intune/apps/app-management) +- [App protection policies overview](/mem/intune/apps/app-protection-policy) ### Summary @@ -1041,7 +780,7 @@ In this section, you prepared your institution for device management. You determ ## Deploy Windows 10 to devices -You’re ready to deploy Windows 10 to faculty and student devices. You must complete the steps in this section for each student device in the classrooms as well as for any new student devices you add in the future. You can also perform these actions for any device that’s eligible for a Windows 10 upgrade. This section discusses deploying Windows 10 to new devices, refreshing Windows 10 on existing devices, and upgrading existing devices that are running eligible versions of Windows 8.1 or Windows to Windows 10. +You’re ready to deploy Windows 10 to faculty and student devices. You must complete the steps in this section for each student device in the classrooms and for any new student devices you add in the future. You can also perform these actions for any device that’s eligible for a Windows 10 upgrade. This section discusses deploying Windows 10 to new devices, refreshing Windows 10 on existing devices, and upgrading existing devices that are running eligible versions of Windows 8.1 or Windows to Windows 10. ### Prepare for deployment @@ -1049,6 +788,7 @@ Prior to deployment of Windows 10, ensure that you complete the tasks listed in *Table 12. Deployment preparation checklist* +--- | Tasks | |-------| | The target devices have sufficient system resources to run Windows 10. | @@ -1056,14 +796,14 @@ Prior to deployment of Windows 10, ensure that you complete the tasks listed in | Create an MDT application for each Microsoft Store and Windows desktop app. | | Notify the students and faculty about the deployment. | - -

+--- ### Perform the deployment Use the Deployment Wizard to deploy Windows 10. The LTI deployment process is almost fully automated: You provide only minimal information to the Deployment Wizard at the beginning of the process. After the wizard collects the necessary information, the remainder of the process is fully automated. -**Note**  To fully automate the LTI deployment process, complete the steps in the “Fully Automated LTI Deployment Scenario” section in the [Microsoft Deployment Toolkit Samples Guide](/mem/configmgr/mdt/samples-guide). +> [!NOTE] +> To fully automate the LTI deployment process, complete the steps in the “Fully Automated LTI Deployment Scenario” section in the [Microsoft Deployment Toolkit Samples Guide](/mem/configmgr/mdt/samples-guide). In most instances, deployments occur without incident. Only in rare occasions do deployments experience problems. @@ -1076,7 +816,8 @@ In most instances, deployments occur without incident. Only in rare occasions do After you have deployed Windows 10, the devices are almost ready for use. First, you must set up the printers that each classroom will use. Typically, you connect the printers to the same network as the devices in the same classroom. If you don’t have printers in your classrooms, skip this section and proceed to the [Verify deployment](#verify-deployment) section. -**Note**  If you’re performing an upgrade instead of a new deployment, the printers remain configured as they were in the previous version of Windows. As a result, you can skip this section and proceed to the [Verify deployment](#verify-deployment) section. +> [!NOTE] +> If you’re performing an upgrade instead of a new deployment, the printers remain configured as they were in the previous version of Windows. As a result, you can skip this section and proceed to the [Verify deployment](#verify-deployment) section. #### To set up printers @@ -1119,167 +860,30 @@ Table 13 lists the school and individual classroom maintenance tasks, the resour *Table 13. School and individual classroom maintenance tasks, with resources and the schedule for performing them* - ------ - - - - - - - - - +--- +| Task and resources | Monthly | New semester or academic year | As required | +| --- | --- | --- | --- | +| Verify that Windows Update is active and current with operating system and software updates.

For more information about completing this task, see:

- Intune: See [Keep Windows PCs up to date with software updates in Microsoft Intune](https://www.microsoft.com/en-us/insidetrack/keeping-windows-10-devices-up-to-date-with-microsoft-intune-and-windows-update-for-business)
- Group Policy: See [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb)
- Windows Server Update Services (WSUS): See [Deploy Windows Server Update Services](/windows-server/administration/windows-server-update-services/deploy/deploy-windows-server-update-services)
- Neither Intune, Group Policy, or WSUS: See [Update Windows](https://support.microsoft.com/windows/update-windows-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a). | ✔️ | ✔️ | ✔️ | +| Verify that Windows Defender is active and current with malware Security intelligence.

For more information, see [Enforce compliance for Microsoft Defender for Endpoint with Conditional Access in Intune](/mem/intune/protect/advanced-threat-protection) and [Enable and configure Microsoft Defender Antivirus always-on protection in Group Policy](/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus)). | ✔️ | ✔️ | ✔️ | +| Verify that Windows Defender has run a scan in the past week and that no viruses or malware were found.

For more information about completing this task, see [Protect my PC from viruses](https://support.microsoft.com/windows/protect-my-pc-from-viruses-b2025ed1-02d5-1e87-ba5f-71999008e026). | ✔️ | ✔️ | ✔️ | +| Verify that you are using the appropriate Windows 10 servicing options for updates and upgrades (such as selecting whether you want to use Current Branch or Current Branch for Business).

For more information about Windows 10 servicing options for updates and upgrades, see [Windows 10 servicing options for updates and upgrades](/windows/deployment/update/). | | ✔️ | ✔️ | +| Refresh the operating system and apps on devices.

For more information about completing this task, see the [Deploy Windows 10 to devices](#deploy-windows-10-to-devices) section. | | ✔️ | ✔️ | +| Install any new Windows desktop apps or update any Windows desktop apps that are used in the curriculum.

For more information, see the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section. | | ✔️ | ✔️ | +| Install new or update existing Microsoft Store apps that are used in the curriculum.

Microsoft Store apps are automatically updated from Microsoft Store. The menu bar in the Microsoft Store app shows whether any Microsoft Store app updates are available for download.

You can also deploy Microsoft Store apps directly to devices by using Intune. For more information, see the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section. | | ✔️ | ✔️ | +| Remove unnecessary user accounts (and corresponding licenses) from Office 365.

For more information, see:

- Remove unnecessary user accounts, see [Delete a user from your organization](/microsoft-365/admin/add-users/delete-a-user).
- Unassign licenses, see [Add users and assign licenses at the same time](/microsoft-365/admin/add-users/add-users). | | ✔️ | ✔️ | +| Add new accounts (and corresponding licenses) to Office 365.

For more information, see [Add users and assign licenses at the same time](/microsoft-365/admin/add-users/add-users) and [Assign licenses to users](/microsoft-365/admin/manage/assign-licenses-to-users). | | ✔️ | ✔️ | +| Create or modify security groups and manage group membership in Office 365.

For more information, see:

- [Create a group in the Microsoft 365 admin center](/microsoft-365/admin/create-groups/create-groups)
- [Add or remove members from Microsoft 365 groups using the admin center](/microsoft-365/admin/create-groups/add-or-remove-members-from-groups) | | ✔️ | ✔️ | +| Create or modify Exchange Online or Microsoft Exchange Server distribution lists in Office 365.

For more information, see [Create and manage distribution list groups in Exchange Online](/exchange/recipients-in-exchange-online/manage-distribution-groups/manage-distribution-groups) and [Create, edit, or delete a security group in the Microsoft 365 admin center](/microsoft-365/admin/email/create-edit-or-delete-a-security-group) | | ✔️ | ✔️ | +| Install new student devices

Follow the same steps in the [Deploy Windows 10 to devices](#deploy-windows-10-to-devices) section. | | | ✔️ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Task and resourcesMonthlyNew semester or academic yearAs required
Verify that Windows Update is active and current with operating system and software updates.

-For more information about completing this task when you have: - -		XXX
Verify that Windows Defender is active and current with malware Security intelligence.

-For more information about completing this task, see Turn Windows Defender on or off and Updating Windows Defender. 		XXX
Verify that Windows Defender has run a scan in the past week and that no viruses or malware were found.

-For more information about completing this task, see How do I find and remove a virus? -		XXX
Verify that you are using the appropriate Windows 10 servicing options for updates and upgrades (such as selecting whether you want to use Current Branch or Current Branch for Business).

-For more information about Windows 10 servicing options for updates and upgrades, see Windows 10 servicing options for updates and upgrades.		XX
Refresh the operating system and apps on devices.

-For more information about completing this task, see the Deploy Windows 10 to devices section. - -		XX
Install any new Windows desktop apps or update any Windows desktop apps that are used in the curriculum.

-For more information, see the Deploy apps by using Intune section. - -		XX
Install new or update existing Microsoft Store apps that are used in the curriculum.

-Microsoft Store apps are automatically updated from Microsoft Store. The menu bar in the Microsoft Store app shows whether any Microsoft Store app updates are available for download.

-You can also deploy Microsoft Store apps directly to devices by using Intune. For more information, see the Deploy apps by using Intune section. - -		XX
Remove unnecessary user accounts (and corresponding licenses) from Office 365.

-For more information about how to: - - -		XX
Add new accounts (and corresponding licenses) to Office 365.

-For more information about how to: - -		XX
Create or modify security groups and manage group membership in Office 365.

-For more information about how to: - - -		XX
Create or modify Exchange Online or Microsoft Exchange Server distribution lists in Office 365.

-For more information about how to create or modify Exchange Online or Exchange Server distribution lists in Office 365, see Manage Distribution Groups and Groups in Exchange Online and SharePoint Online. - -		XX
Install new student devices

-Follow the same steps described in the Deploy Windows 10 to devices section. - -		X
-

+--- ### Summary -Now, you have identified the tasks you need to perform monthly, at the end of an academic year or semester, and as required. Your school configuration should match the typical school configuration that you saw in the [Plan a typical school configuration](#plan-a-typical-school-configuration) section. By performing these maintenance tasks you help ensure that your school stays secure and is configured as you specified. +Now, you have identified the tasks you need to perform monthly, at the end of an academic year or semester, and as required. Your school configuration should match the typical school configuration that you saw in the [Plan a typical school configuration](#plan-a-typical-school-configuration) section. By running these maintenance tasks, you help ensure that your school stays secure and is configured as you specified. ## Related resources -

\ No newline at end of file + +- [Try it out: Windows 10 deployment (for educational institutions)](../index.yml) +- [Try it out: Windows 10 in the classroom](../index.yml) +- [Chromebook migration guide](/education/windows/chromebook-migration-guide) diff --git a/education/windows/index.md b/education/windows/index.md index cf961bfe83..9db6cd7672 100644 --- a/education/windows/index.md +++ b/education/windows/index.md @@ -18,29 +18,63 @@ ms.date: 10/13/2017 ## ![Learn more about Windows.](images/education.png) Learn -

Windows 10 editions for education customers
Windows 10, version 1607 introduces two editions designed for the unique needs of K-12 institutions: Windows 10 Pro Education and Windows 10 Education. These editions provide education-specific default settings for the evolving landscape in K-12 education IT environments.

-

Compare each Windows edition
Find out more about the features and functionality we support in each edition of Windows.

-

Get Windows 10 Education or Windows 10 Pro Education
When you've made your decision, find out how to buy Windows for your school.

+**[Windows 10 editions for education customers](windows-editions-for-education-customers.md)** + +Windows 10, version 1607 introduces two editions designed for the unique needs of K-12 institutions: Windows 10 Pro Education and Windows 10 Education. These editions provide education-specific default settings for the evolving landscape in K-12 education IT environments. + +**[Compare each Windows edition](https://www.microsoft.com/WindowsForBusiness/Compare)** + +Find out more about the features and functionality we support in each edition of Windows. + +**[Get Windows 10 Education or Windows 10 Pro Education](https://www.microsoft.com/education/buy-license/overview-of-how-to-buy/default.aspx?tabshow=schools)** + +When you've made your decision, find out how to buy Windows for your school. ## ![Plan for Windows 10 in your school.](images/clipboard.png) Plan -

Windows 10 configuration recommendations for education customers
Provides guidance on ways to customize the OS diagnostic data, consumer experiences, Cortana, search, as well as some of the preinstalled apps, so that Windows is ready for your school.

-

Deployment recommendations for school IT administrators
Learn how to customize the OS privacy settings, Skype, and Xbox for Windows-based devices used in schools so that you can choose what information is shared with Microsoft.

-Get Minecraft Education Edition
Minecraft Education Edition is built for learning. Learn how to get early access and add it to your Microsoft Store for Business for distribution.

-

Take tests in Windows 10
Take a Test is a new app that lets you create the right environment for taking tests. Learn how to use and get it set up.

-

Chromebook migration guide
Find out how you can migrate a Chromebook-based learning environment to a Windows 10-based learning environment.

+**[Windows 10 configuration recommendations for education customers](configure-windows-for-education.md)** + +Provides guidance on ways to customize the OS diagnostic data, consumer experiences, Cortana, search, and some of the preinstalled apps, so that Windows is ready for your school. + +**[Deployment recommendations for school IT administrators](edu-deployment-recommendations.md)** + +Learn how to customize the OS privacy settings, Skype, and Xbox for Windows-based devices used in schools so that you can choose what information is shared with Microsoft. + +**[Get Minecraft Education Edition](get-minecraft-for-education.md)** + +Minecraft Education Edition is built for learning. Learn how to get early access and add it to your Microsoft Store for Business for distribution. + +**[Take tests in Windows 10](take-tests-in-windows-10.md)** + +Take a Test is a new app that lets you create the right environment for taking tests. Learn how to use and get it set up. + +**[Chromebook migration guide](chromebook-migration-guide.md)** + +Find out how you can migrate a Chromebook-based learning environment to a Windows 10-based learning environment. ## ![Deploy Windows 10 for Education.](images/PCicon.png) Deploy -

Set up Windows devices for education
Depending on your school's device management needs, you can use the Set up School PCs app or the Windows Configuration Designer tool to quickly set up student PCs.

-

Deploy Windows 10 in a school
Get step-by-step guidance to help you deploy Windows 10 in a school environment.

-

Deploy Windows 10 in a school district
Get step-by-step guidance on how to deploy Windows 10 to PCs and devices across a school district.

-

Test Windows 10 S on existing Windows 10 education devices
Test Windows 10 S on a variety of Windows 10 devices (except Windows 10 Home) in your school and share your feedback with us.

+**[Set up Windows devices for education](set-up-windows-10.md)** + +Depending on your school's device management needs, you can use the Set up School PCs app or the Windows Configuration Designer tool to quickly set up student PCs. + +**[Deploy Windows 10 in a school](deploy-windows-10-in-a-school.md)** + +Get step-by-step guidance to help you deploy Windows 10 in a school environment. + +**[Deploy Windows 10 in a school district](deploy-windows-10-in-a-school-district.md)** + +Get step-by-step guidance on how to deploy Windows 10 to PCs and devices across a school district. + +**[Test Windows 10 S on existing Windows 10 education devices](test-windows10s-for-edu.md)** + +Test Windows 10 S on various Windows 10 devices (except Windows 10 Home) in your school and share your feedback with us. ## ![Switch to Windows 10 for Education.](images/windows.png) Switch -

Switch to Windows 10 Pro Education from Windows 10 Pro or Windows 10 S
If you have an education tenant and use Windows 10 Pro or Windows 10 S in your schools, find out how you can opt-in to a free switch to Windows 10 Pro Education.

+**[Switch to Windows 10 Pro Education from Windows 10 Pro or Windows 10 S](change-to-pro-education.md)** +If you have an education tenant and use Windows 10 Pro or Windows 10 S in your schools, find out how you can opt-in to a free switch to Windows 10 Pro Education. ## Windows 8.1 @@ -54,9 +88,11 @@ Follow these links to find step-by-step guidance on how to deploy Windows 8.1 in

Microsoft Store apps
Explore Microsoft Store app deployment strategies and considerations for educational institutions running Windows 8.1.

Windows To Go
Learn about the benefits, limitations, and processes involved in deploying Windows To Go.

-## Related topics +## Related articles + - [Microsoft Education documentation and resources](/education) -- [Windows 10 and Windows 10 Mobile](/windows/windows-10/) +- [Windows for business](https://www.microsoft.com/windows/business) +- [Microsoft 365 for business](https://www.microsoft.com/microsoft-365/business) - - - -``` - -## Apps - -![XML for Apps.](../images/AppsXML.png) - -The Apps setting serves as an allow list and specifies the applications that will be available in the All apps list. Apps that are not included in this setting are hidden from the user and blocked from running. - -You provide the App User Model ID (AUMID) and product ID for each app in your file. The product ID identifies an app package, and an app package can contain multiple apps, so you also provide the ADUMID to differentiate the app. Optionally, you can set an app to run automatically. [Get product ID and AUMID for apps in Windows 10 Mobile.](product-ids-in-windows-10-mobile.md) - -The following example makes Outlook Calendar available on the device. - -```xml - - - - - -``` - -When you list an app, you can also set the app to be pinned to the Start screen by specifying the tile size and location. Tip: draw a grid and mark your app tiles on it to make sure you get the result you want. The width (X axis) in the following example is the limit for Windows 10 Mobile, but the length (Y axis) is unlimited. The number of columns available to you depends on the value for [StartScreenSize](#start-screen-size). - -![Grid to lay out tiles for Start.](../images/StartGrid.jpg) - -Tile sizes are: -* Small: 1x1 -* Medium: 2x2 -* Large: 2x4 - -Based on 6 columns, you can pin six small tiles or three medium tiles on a single row. A large tile can be combined with two small tiles or one medium tile on the same row. Obviously, you cannot set a medium tile for LocationX=5, or a large tile for LocationX=3, 4, or 5. - -If the tile configuration in your file exceeds the available width, such as setting a large tile to start at position 3 on the X axis, that tile is appended to the bottom of the Start screen. Also, if the tile configuration in your file would result in tiles overlapping each other, the overlapping tiles are instead appended to the bottom of the Start screen. - -In the following example, Outlook Calendar and Outlook Mail are pinned to the Start screen, and the Store app is allowed but is not pinned to Start. - -```xml - - - - - Large - - 0 - 0 - - - - - - - Medium - - 4 - 0 - - - - - - -``` - -That layout would appear on a device like this: - -![Example of the layout on a Start screen.](../images/StartGridPinnedApps.jpg) - -You can create and pin folders to Start by using the Apps setting. Each folder requires a **folderId**, which must be a consecutive positive integer starting with `1`. You can also specify a **folderName** (optional) which will be displayed on Start. - -```xml - - - - - Medium - - 4 - 0 - - - - -``` - -To add apps to the folder, include **ParentFolderId** in the application XML, as shown in the following example: - -```xml - - - - - Large - - 0 - 0 - - 1 - - - - - - Medium - - 4 - 0 - - 1 - - - -``` -When an app is contained in a folder, its **PinToStart** configuration (tile size and location) applies to its appearance when the folder is opened. - -## Buttons - -![XML for buttons.](../images/ButtonsXML.jpg) - -In the Buttons setting, you use ButtonLockdownList to disable hardware buttons and ButtonRemapList to change button events to open an app that you specify. - -### ButtonLockdownList - -When a user taps a button that is in the lockdown list, nothing will happen. The following table lists which events can be disabled for each button. - -Button | Press | PressAndHold | All ----|:---:|:---:|:--:|- -Start | ![no.](../images/crossmark.png) | ![yes](../images/checkmark.png) | ![no](../images/crossmark.png) -Back | ![yes.](../images/checkmark.png) | ![yes](../images/checkmark.png) | ![yes](../images/checkmark.png) -Search | ![yes.](../images/checkmark.png) | ![yes](../images/checkmark.png) | ![yes](../images/checkmark.png) -Camera | ![yes.](../images/checkmark.png) | ![yes](../images/checkmark.png) | ![yes](../images/checkmark.png) -Custom 1, 2, and 3 | ![yes.](../images/checkmark.png) | ![yes](../images/checkmark.png) | ![yes](../images/checkmark.png) - -> [!NOTE] -> Custom buttons are hardware buttons that can be added to devices by OEMs. - -In the following example, press-and-hold is disabled for the Back button. - -```xml - - - - - -``` - -If you don't specify a button event, all actions for the button are disabled. In the next example, all actions are disabled for the camera button. - -```xml - - - - - -``` - -### ButtonRemapList - -ButtonRemapList lets you change the app that a button will run. You can remap the Search button and any custom buttons included by the OEM. You can't remap the Back, Start, or Camera buttons. - -> [!WARNING] -> Button remapping can enable a user to open an application that is not in the allow list for that user role. Use button lock down to prevent application access for a user role. - -To remap a button, you specify the button, the event, and the product ID for the app that you want the event to open. -In the following example, when a user presses the Search button, the phone dialer will open instead of the Search app. - -```xml - - - - - -``` - -## CSPRunner - -![XML for CSP Runner.](../images/CSPRunnerXML.jpg) - -You can use CSPRunner to include settings that are not defined in AssignedAccessXML. For example, you can include settings from other sections of EnterpriseAssignedAccess CSP, such as lockscreen, theme, and time zone. You can also include settings from other CSPs, such as [Wi-Fi CSP](/windows/client-management/mdm/wifi-csp) or [Policy CSP](/windows/client-management/mdm/policy-configuration-service-provider). - -CSPRunner is helpful when you are configuring a device to support multiple roles. It lets you apply different policies according to the role that is signed on. For example, Wi-Fi could be enabled for a supervisor role and disabled for a stocking clerk role. - -In CSPRunner, you specify the CSP and settings using SyncML, a standardized markup language for device management. A SyncML section can include multiple settings, or you can use multiple SyncML sections -- it's up to you how you want to organize settings in this section. - -> [!NOTE] -> This description of SyncML is just the information that you need to use SyncML in a lockdown XML file. To learn more about SyncML, see [Structure of OMA DM provisioning files](/windows/client-management/mdm/structure-of-oma-dm-provisioning-files). - -Let's start with the structure of SyncML in the following example: - -```xml -SyncML> - - | - # - - - CSP Path - - - Data Type - - Value - - | - - - -``` - -This table explains the parts of the SyncML structure. - -SyncML entry | Description ----|--- -**Add** or **Replace** | Use **Add** to apply a setting or policy that is not already configured. Use **Replace** to change an existing setting or policy. -**CmdID** | SyncBody can contain multiple commands. Each command in a lockdown XML file must have a different **CmdID** value. -**Item** | **Item** is a wrapper for a single setting. You can include multiple items for the command if they all use the same **Add** or **Replace** operation. -**Target > LocURI** | **LocURI** is the path to the CSP. -**Meta > Format** | The data format required by the CSP. -**Data** | The value for the setting. - - -## Menu items - -![XML for menu items.](../images/MenuItemsXML.png) - -Use DisableMenuItems to prevent use of the context menu, which is displayed when a user presses and holds an application in the All Apps list. You can include this entry in the default profile and in any additional user role profiles that you create. - -```xml - - - -``` - -## Settings - -![XML for settings.](../images/SettingsXML.png) - -The **Settings** section contains an `allow` list of pages in the Settings app and quick actions. The following example allows all settings. - -```xml - - - - ``` -In earlier versions of Windows 10, you used the page name to define allowed settings. Starting in Windows 10, version 1703, you use the settings URI. - -In the following example for Windows 10, version 1703, all system setting pages that have a settings URI are enabled. - -```xml - - - - - - - - - - - -``` - -If you list a setting or quick action in **Settings**, all settings and quick actions that are not listed are blocked. To remove access to all of the settings in the system, do not include the settings application in [Apps](#apps). - -For a list of the settings and quick actions that you can allow or block, see [Settings and quick actions that can be locked down in Windows 10 Mobile](settings-that-can-be-locked-down.md). - - - ## Tiles - - ![XML for tiles.](../images/TilesXML.png) - - By default, under Assigned Access, tile manipulation is turned off (blocked) and only available if enabled in the user’s profile. If tile manipulation is enabled in the user’s profile, they can pin/unpin, move, and resize tiles based on their preferences. When multiple people use one device and you want to enable tile manipulation for multiple users, you must enable it for each user in their user profile. - - > [!IMPORTANT] - > If a device is turned off then back on, the tiles reset to their predefined layout. If a device has only one profile, the only way to reset the tiles is to turn off then turn on the device. If a device has multiple profiles, the device resets the tiles to the predefined layout based on the logged-in user’s profile. - - ```xml - - - - ``` - - ## Start screen size - - Specify the size of the Start screen. In addition to 4/6 columns, you can also use 4/6/8 depending on screen resolutions. Valid values: - -- Small sets the width to 4 columns on devices with short axis (less than 400epx) or 6 columns on devices with short axis (greater than or equal to 400epx). -- Large sets the width to 6 columns on devices with short axis (less than 400epx) or 8 columns on devices with short axis (greater than or equal to 400epx). - - If you have existing lockdown xml, you must update start screen size if your device has >=400epx on its short axis so that tiles on Start can fill all 8 columns if you want to use all 8 columns instead of 6, or use 6 columns instead of 4. - - [Learn about effective pixel width (epx) for different device size classes.](/windows/uwp/design/layout/screen-sizes-and-breakpoints-for-responsive-design) - - -## Configure additional roles - -You can add custom configurations by role. In addition to the role configuration, you must also install a login application on the device. The app displays a list of available roles on the device; the user taps a role, such as "Manager"; the configuration defined for the "Manager" role is applied. - -[Learn how to create a login application that will work with your Lockdown XML file.](https://github.com/Microsoft/Windows-universal-samples/tree/master/Samples/DeviceLockdownAzureLogin) For reference, see the [Windows.Embedded.DeviceLockdown API](/uwp/api/Windows.Embedded.DeviceLockdown). - -In the XML file, you define each role with a GUID and name, as shown in the following example: - -```xml - -``` - -You can create a GUID using a GUID generator -- free tools are available online. The GUID needs to be unique within this XML file. - -You can configure the same settings for each role as you did for the default role, except Start screen size which can only be configured for the default role. If you use CSPRunner with roles, be aware that the last CSP setting applied will be retained across roles unless explicitly changed in each role configuration. CSP settings applied by CSPRunner may conflict with settings applied by MDM. - -```xml - - - - - - - - - - - - - - - - - - - - - - - - -``` - -## Validate your XML - -You can validate your lockdown XML file against the [EnterpriseAssignedAccess XSD](/windows/client-management/mdm/enterpriseassignedaccess-xsd). - -## Add lockdown XML to a provisioning package - - -Use the Windows ICD tool included in the Windows Assessment and Deployment Kit (ADK) for Windows 10 to create a provisioning package. [Install the ADK.](https://go.microsoft.com/fwlink/p/?LinkId=526740) - -1. Follow the instructions at [Build and apply a provisioning package](../provisioning-packages/provisioning-create-package.md) to create a project, selecting **Common to all Windows mobile editions** for your project. - -2. In **Available customizations**, go to **Runtime settings** > **EmbeddedLockdownProfiles** > **AssignedAccessXml**. - -3. In the center pane, click **Browse** to locate and select the lockdown XML file that you created. - - ![browse button.](../images/icdbrowse.png) - -4. On the **File** menu, select **Save.** - -5. On the **Export** menu, select **Provisioning package**. - -6. Change **Owner** to **IT Admin**, which will set the precedence of this provisioning package higher than provisioning packages applied to this device from other sources, and then select **Next.** - -7. Optional. In the **Provisioning package security** window, you can choose to encrypt the package and enable package signing. - - - **Enable package encryption** - If you select this option, an auto-generated password will be shown on the screen. - - - **Enable package signing** - If you select this option, you must select a valid certificate to use for signing the package. You can specify the certificate by clicking **Select** and choosing the certificate you want to use to sign the package. - -8. Click **Next** to specify the output location where you want the provisioning package to go when it's built. By default, Windows ICD uses the project folder as the output location. - - Optionally, you can click **Browse** to change the default output location. - -9. Click **Next**. - -10. Click **Build** to start building the package. The provisioning package doesn't take long to build. The project information is displayed in the build page and the progress bar indicates the build status. - - If you need to cancel the build, click **Cancel**. This cancels the current build process, closes the wizard, and takes you back to the **Customizations Page**. - -11. If your build fails, an error message will show up that includes a link to the project folder. You can scan the logs to determine what caused the error. Once you fix the issue, try building the package again. - - If your build is successful, the name of the provisioning package, output directory, and project directory will be shown. - - - If you choose, you can build the provisioning package again and pick a different path for the output package. To do this, click **Back** to change the output package name and path, and then click **Next** to start another build. - - If you are done, click **Finish** to close the wizard and go back to the **Customizations Page**. - -After you build the provisioning package, follow the instructions for [applying a provisioning package at runtime to Windows 10 Mobile](../provisioning-packages/provisioning-create-package.md). - -## Push lockdown XML using MDM - - -After you deploy your devices, you can still configure lockdown settings through your MDM solution if it supports the [EnterpriseAssignedAccess CSP](/windows/client-management/mdm/enterpriseassignedaccess-csp). - -To push lockdown settings to enrolled devices, use the AssignedAccessXML setting and use the lockdown XML as the value. The lockdown XML will be in a HandheldLockdown section that becomes XML embedded in XML, so the XML that you enter must use escaped characters (such as `<` in place of <). After the MDM provider pushes your lockdown settings to the device, the CSP processes the file and updates the device. - -## Full Lockdown.xml example - -```xml - - - - - - - - - Large - - 0 - 0 - - - - - - - Small - - 0 - 2 - - - - - - - Medium - - 2 - 2 - - - - - - - - - - - - - - - - - - - - - - - - - - 1 - - - ./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeAccentColorID - - - int - - - 7 - - - - - - - - - 1 - - - ./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeBackground - - - int - - - 1 - - - - - - - - - 2 - - - ./Vendor/MSFT/EnterpriseAssignedAccess/LockScreenWallpaper/BGFileName - - - chr - text/plain - - c:\windows\system32\lockscreen\480x800\Wallpaper_05.jpg - - - - - - - - - - - - - - - - - - - - - - - - Small - - - - - - - - - Small - - 0 - 0 - - - - - - - Large - - 0 - 2 - - - - - - - - - - - - 1 - - - ./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeAccentColorID - - - int - - - 10 - - - - - - - - - 1 - - - ./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeBackground - - - int - - - 0 - - - - - - - - - 2 - - - ./Vendor/MSFT/EnterpriseAssignedAccess/LockScreenWallpaper/BGFileName - - - chr - text/plain - - c:\windows\system32\lockscreen\480x800\Wallpaper_08.jpg - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Small - - 0 - 0 - - - - - - - Small - - 1 - 0 - - - - - - - Medium - - 2 - 0 - - - - - - - - - Small - - 0 - 2 - - - - - - - Medium - - 2 - 2 - - - - - - - - - - - - 1 - - - ./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeAccentColorID - - - int - - - 2 - - - - - - - - - 1 - - - ./Vendor/MSFT/EnterpriseAssignedAccess/Theme/ThemeBackground - - - int - - - 1 - - - - - - - - - 2 - - - ./Vendor/MSFT/EnterpriseAssignedAccess/LockScreenWallpaper/BGFileName - - - chr - text/plain - - c:\windows\system32\lockscreen\480x800\Wallpaper_015.jpg - - - - - - - - - - - - - - - - - - -``` - -## Learn more - -[Customizing Your Device Experience with Assigned Access](https://channel9.msdn.com/Events/Build/2016/P508) - -## Related topics - - -[Settings and quick actions that can be locked down in Windows 10 Mobile](settings-that-can-be-locked-down.md) - -[Product IDs in Windows 10 Mobile](product-ids-in-windows-10-mobile.md) \ No newline at end of file diff --git a/windows/configuration/mobile-devices/mobile-lockdown-designer.md b/windows/configuration/mobile-devices/mobile-lockdown-designer.md deleted file mode 100644 index a7d82f6088..0000000000 --- a/windows/configuration/mobile-devices/mobile-lockdown-designer.md +++ /dev/null @@ -1,172 +0,0 @@ ---- -title: Use the Lockdown Designer app to create a Lockdown XML file (Windows 10) -description: -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: medium -author: greg-lindsay -ms.author: greglin -ms.topic: article -ms.date: 07/27/2017 -ms.reviewer: -manager: dansimp ---- - -# Use the Lockdown Designer app to create a Lockdown XML file - -![Lockdown Designer in the Store.](../images/ldstore.png) - -Windows 10 Mobile allows enterprises to lock down a device, define multiple user roles, and configure custom layouts on a device. For example, the enterprise can lock down a device so that only applications and settings in an allow list are available. This is accomplished using Lockdown XML, an XML file that contains settings for Windows 10 Mobile. - -When you deploy the lockdown XML file to a device, it is saved on the device as **wehlockdown.xml**. When the device boots, it looks for wehlockdown.xml and applies any settings configured in the file. You can deploy the lockdown XML file by [adding it to a provisioning package](lockdown-xml.md#add-lockdown-xml-to-a-provisioning-package) or [by using mobile device management (MDM)](lockdown-xml.md#push-lockdown-xml-using-mdm). - -The Lockdown Designer app helps you configure and create a lockdown XML file that you can apply to devices running Windows 10 Mobile, version 1703, and includes a remote simulation to help you determine the layout for tiles on the Start screen. Lockdown Designer also validates the XML. Using Lockdown Designer is easier than [manually creating a lockdown XML file](lockdown-xml.md). - - - -## Overview - -Lockdown Designer can be installed on a PC running Windows 10, version 1607 or later. After you install the app, you connect a mobile device running Windows 10 Mobile, version 1703, to the PC. - ->[!NOTE] ->Lockdown Designer will not make any changes to the connected device, but we recommend that you use a test device. - -Lockdown Designer will populate the available settings and apps to configure from the connected device. Using the different pages in the app, you select the settings, apps, and layout to be included in the lockdown XML. - -When you're done, you export the configuration to a lockdown XML file. This configuration can be applied to any device running Windows 10 Mobile, version 1703. - ->[!NOTE] ->You can also import an existing WEHLockdown.xml file to Lockdown Designer and modify it in the app. - -## Prepare the test mobile device - -Perform these steps on the device running Windows 10 Mobile that you will use to supply the settings, apps, and layout to Lockdown Designer. - -1. Install all apps on the device that you want to include in the configuration, including line-of-business apps. - -2. On the mobile device, go to **Settings** > **Update & security** > **For developers**, enable **Developer mode**. - -3. Read the disclaimer, then click **Yes** to accept the change. - -4. Enable **Device discovery**, and then turn on **Device Portal**. - ->[!IMPORTANT] ->Check **Settings > Personalization > Start > Show more tiles** on the test mobile device. If **Show more tiles** is **On**, you must select **Large** on the [**Start screen** page](#start) in Lockdown Designer. If you want to apply a **Small** layout, set **Show more tiles** on the test mobile device to **Off**. -> ->![turn off show more tiles for small start screen size.](../images/show-more-tiles.png) - -## Prepare the PC - -[Install Lockdown Designer](https://www.microsoft.com/store/r/9nblggh40753) on the PC. - -If the PC and the test mobile device are on the same Wi-Fi network, you can connect the devices using Wi-Fi. - -If you want to connect the PC and the test mobile device using a USB cable, perform the following steps on the PC: - -1. [Install the Windows 10 Software Development Kit (SDK)](https://developer.microsoft.com/windows/downloads/windows-10-sdk). This enables the **Windows Phone IP over USB Transport (IpOverUsbSvc)** service. - -2. Open a command prompt as an administrator and run `checknetisolation LoopbackExempt -a -n=microsoft.lockdowndesigner_8wekyb3d8bbwe` - - >[!NOTE] - >Loopback is permitted only for development purposes. To remove the loopback exemption when you're done using Lockdown Designer, run `checknetisolation LoopbackExempt -d -n=microsoft.lockdowndesigner_8wekyb3d8bbwe` - - - - -## Connect the mobile device to Lockdown Designer - -**Using Wi-Fi** - -1. Open Lockdown Designer. - -2. Click **Create new project**. - -3. On the test mobile device, go to **Settings** > **Update & security** > **For developers** > **Connect using:** and get the IP address listed for **Wi-Fi**. - -2. On the **Project setting** > **General settings** page, in **Remote device IP address**, enter the IP address for the test mobile device, using `https://`. - -3. Click **Pair**. - - ![Pair.](../images/ld-pair.png) - - **Connect to remote device** appears. - -4. On the mobile device, under **Device discovery**, tap **Pair**. A case-sensitive code is displayed. - -5. On the PC, in **Connect to remote device**, enter the code from the mobile device. - -6. Next, click **Sync** to pull information from the device in to Lockdown Designer. - - ![Sync.](../images/ld-sync.png) - -7. Click the **Save** icon and enter a name for your project. - -**Using a USB cable** - -1. Open Lockdown Designer. - -2. Click **Create new project**. - -2. Connect a Windows 10 Mobile device to the PC by USB and unlock the device. - -3. On the **Project setting** > **General settings** page, click **Pair**. - - ![Pair.](../images/ld-pair.png) - - **Connect to remote device** appears. - -4. On the mobile device, under **Device discovery**, tap **Pair**. A case-sensitive code is displayed. - -5. On the PC, in **Connect to remote device**, enter the code from the mobile device. - -6. Next, click **Sync** to pull information from the device in to Lockdown Designer. - - ![Sync.](../images/ld-sync.png) - -7. Click the **Save** icon and enter a name for your project. - - -## Configure your lockdown XML settings - -The apps and settings available in the pages of Lockdown Designer should now be populated from the test mobile device. The following table describes what you can configure on each page. - -| Page | Description | -| --- | --- | -| ![Applications.](../images/ld-apps.png) | Each app from the test mobile device is listed. Select the apps that you want visible to users.

You can select an app to run automatically when a user signs in to the device. The **Select Auto-Run** menu is populated by the apps that you select to allow on the device. | -| ![CSP Runner.](../images/ld-csp.png) | CSPRunner enables you to include settings and policies that are not defined in other sections of the app. To make use of CSPRunner, you must create the SyncML block that contains the settings, and then import the SyncML in Lockdown Designer. [Learn how to use CSPRunner and author SyncML.](lockdown-xml.md#csprunner) | -| ![Settings.](../images/ld-settings.png) | On this page, you select the settings that you want visible to users. See the [ms settings: URI scheme reference](/windows/uwp/launch-resume/launch-settings-app#ms-settings-uri-scheme-reference) to see which Settings page maps to a URI. | -| ![Quick actions.](../images/ld-quick.png) | On this page, you select the settings that you want visible to users. | -| ![Buttons.](../images/ld-buttons.png) | Each hardware button on a mobile device has different actions that can be disabled. In addition, the behavior for **Search** button can be changed to open an app other than **Search**.

Some devices may have additional hardware buttons provided by the OEM. These are listed as Custom1, Custom2, and Custom3. If your device has custom hardware buttons, contact your equipment provider to identify how their custom buttons are defined. | -| ![Other settings.](../images/ld-other.png) | This page contains several settings that you can configure:

- The context menu is displayed when a user presses and holds an application in the All Apps list. You can enable or disable the context menu.

- Tile manipulation allows users to pin, unpin, move, and resize tiles on the Start screen. You can enable or disable tile manipulation.

- The Action Center setting controls whether the user can open the Action Center on the device. When the Action Center is disabled, notifications on the lockscreen and toasts are also disabled. You can use optional attributes with the Action Center element to change that behavior for either notifications, toasts, or both. | -| ![Start screen.](../images/ld-start.png) | On this page, you can start a remote simulation session with the test mobile device. Click **Start remote simulation**. You will see a **Start screen remote simulation in progress** message on the PC. (If the **Start remote simulation** button is not active, [pair the mobile device with the PC again](#pair).)

On the test mobile device, tiles for the apps that you allowed on the **Applications** page are displayed on the screen. You can move, resize, or unpin these tiles to achieve the desired layout.

When you are done changing the layout on the test mobile device, click **Accept** on the PC. | - - -## Validate and export - -On the **Validate and export** page, click **Validate** to make sure your lockdown XML is valid. - ->[!WARNING] ->Lockdown Designer cannot validate SyncML that you imported to CSPRunner. - -Click **Export** to generate the XML file for your project. You can select the location to save the file. - -## Create and configure multiple roles - -You can create additional roles for the device and have unique configurations for each role. For example, you could have one configuration for a **Manager** role and a different configuration for a **Salesperson** role. - ->[!NOTE] ->Using multiple roles on a device requires a login application that displays the list of roles and allows users to sign in to Azure Active Directory. [Learn how to create a login application that will work with your Lockdown XML file.](https://github.com/Microsoft/Windows-universal-samples/tree/master/Samples/DeviceLockdownAzureLogin) - -**For each role:** - -1. On the **Project setting** page, click **Role management**. - -2. Click **Add a role**. - -3. Enter a name for the role, and then click **Save**. - -4. Configure the settings for the role as above, but make sure on each page that you select the correct role. - - ![Current role selection box.](../images/ld-role.png) \ No newline at end of file diff --git a/windows/configuration/mobile-devices/product-ids-in-windows-10-mobile.md b/windows/configuration/mobile-devices/product-ids-in-windows-10-mobile.md deleted file mode 100644 index fbea1f61d8..0000000000 --- a/windows/configuration/mobile-devices/product-ids-in-windows-10-mobile.md +++ /dev/null @@ -1,254 +0,0 @@ ---- -title: Product IDs in Windows 10 Mobile (Windows 10) -description: You can use the product ID and Application User Model (AUMID) in Lockdown.xml to specify apps that will be available to the user. -ms.assetid: 31116BED-C16A-495A-BD44-93218A087A1C -ms.reviewer: -manager: dansimp -keywords: ["lockdown"] -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: mobile -author: greg-lindsay -ms.author: greglin -ms.topic: article -ms.localizationpriority: medium -ms.date: 07/27/2017 ---- - -# Product IDs in Windows 10 Mobile - - -**Applies to** - -- Windows 10 Mobile - -You can use the product ID and Application User Model (AUMID) in Lockdown.xml to specify apps that will be available to the user. - -## Apps included in Windows 10 Mobile - - -The following table lists the product ID and AUMID for each app that is included in Windows 10 Mobile. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
AppProduct IDAUMID
Alarms and clock44F7D2B4-553D-4BEC-A8B7-634CE897ED5FMicrosoft.WindowsAlarms_8wekyb3d8bbwe!App
CalculatorB58171C6-C70C-4266-A2E8-8F9C994F4456Microsoft.WindowsCalculator_8wekyb3d8bbwe!App
CameraF0D8FEFD-31CD-43A1-A45A-D0276DB069F1Microsoft.WindowsCamera_8wekyb3d8bbwe!App
Contact Support0DB5FCFF-4544-458A-B320-E352DFD9CA2BWindows.ContactSupport_cw5n1h2txyewy!App
CortanaFD68DCF4-166F-4C55-A4CA-348020F71B94Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
ExcelEAD3E7C0-FAE6-4603-8699-6A448138F4DCMicrosoft.Office.Excel_8wekyb3d8bbwe!microsoft.excel
Facebook82A23635-5BD9-DF11-A844-00237DE2DB9EMicrosoft.MSFacebook_8wekyb3d8bbwe!x82a236355bd9df11a84400237de2db9e
File ExplorerC5E2524A-EA46-4F67-841F-6A9465D9D515c5e2524a-ea46-4f67-841f-6a9465d9d515_cw5n1h2txyewy!App
FM RadioF725010E-455D-4C09-AC48-BCDEF0D4B626N/A
Get StartedB3726308-3D74-4A14-A84C-867C8C735C3CMicrosoft.Getstarted_8wekyb3d8bbwe!App
Groove MusicD2B6A184-DA39-4C9A-9E0A-8B589B03DEC0Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic
MapsED27A07E-AF57-416B-BC0C-2596B622EF7DMicrosoft.WindowsMaps_8wekyb3d8bbwe!App
Messaging27E26F40-E031-48A6-B130-D1F20388991AMicrosoft.Messaging_8wekyb3d8bbwe!x27e26f40ye031y48a6yb130yd1f20388991ax
Microsoft Edge395589FB-5884-4709-B9DF-F7D558663FFDMicrosoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
Money1E0440F1-7ABF-4B9A-863D-177970EEFB5EMicrosoft.BingFinance_8wekyb3d8bbwe!AppexFinance
Movies and TV6AFFE59E-0467-4701-851F-7AC026E21665Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo
News9C3E8CAD-6702-4842-8F61-B8B33CC9CAF1Microsoft.BingNews_8wekyb3d8bbwe!AppexNews
OneDriveAD543082-80EC-45BB-AA02-FFE7F4182BA8Microsoft.MicrosoftSkydrive_8wekyb3d8bbwe!App
OneNoteCA05B3AB-F157-450C-8C49-A1F127F5E71DMicrosoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim
Outlook Calendar

A558FEBA-85D7-4665-B5D8-A2FF9C19799B

Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar

Outlook Mail

A558FEBA-85D7-4665-B5D8-A2FF9C19799B

Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail

People60BE1FB8-3291-4B21-BD39-2221AB166481Microsoft.People_8wekyb3d8bbwe!xb94d6231y84ddy49a8yace3ybc955e769e85x
Phone (dialer)F41B5D0E-EE94-4F47-9CFE-3D3934C5A2C7Microsoft.CommsPhone_8wekyb3d8bbwe!App
PhotosFCA55E1B-B9A4-4289-882F-084EF4145005Microsoft.Windows.Photos_8wekyb3d8bbwe!App
PodcastsC3215724-B279-4206-8C3E-61D1A9D63ED3Microsoft.MSPodcast_8wekyb3d8bbwe!xc3215724yb279y4206y8c3ey61d1a9d63ed3x
PowerpointB50483C4-8046-4E1B-81BA-590B24935798Microsoft.Office.PowerPoint_8wekyb3d8bbwe!microsoft.pptim
Settings2A4E62D8-8809-4787-89F8-69D0F01654FB2a4e62d8-8809-4787-89f8-69d0f01654fb_8wekyb3d8bbwe!App
SkypeC3F8E570-68B3-4D6A-BDBB-C0A3F4360A51Microsoft.SkypeApp_kzf8qxf38zg5c!Skype.AppId
Skype Video27E26F40-E031-48A6-B130-D1F20388991AMicrosoft.Messaging_8wekyb3d8bbwe!App
Sports0F4C8C7E-7114-4E1E-A84C-50664DB13B17Microsoft.BingSports_8wekyb3d8bbwe!AppexSports
Storage5B04B775-356B-4AA0-AAF8-6491FFEA564DN/A
Store7D47D89A-7900-47C5-93F2-46EB6D94C159Microsoft.WindowsStore_8wekyb3d8bbwe!App
Voice recorder7311B9C5-A4E9-4C74-BC3C-55B06BA95AD0Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe!App
Wallet587A4577-7868-4745-A29E-F996203F1462Microsoft.MicrosoftWallet_8wekyb3d8bbwe!App
Weather63C2A117-8604-44E7-8CEF-DF10BE3A57C8Microsoft.BingWeather_8wekyb3d8bbwe!App
Windows Feedback7604089D-D13F-4A2D-9998-33FC02B63CE3Microsoft.WindowsFeedback_8wekyb3d8bbwe!App
Word258F115C-48F4-4ADB-9A68-1387E634459BMicrosoft.Office.Word_8wekyb3d8bbwe!microsoft.word
XboxB806836F-EEBE-41C9-8669-19E243B81B83Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp
- -  - - - -## Related topics - - -[Configure Windows 10 Mobile using Lockdown XML](lockdown-xml.md) - -[Settings and quick actions that can be locked down in Windows 10 Mobile](settings-that-can-be-locked-down.md) - -  - -  - - - - - diff --git a/windows/configuration/mobile-devices/provisioning-configure-mobile.md b/windows/configuration/mobile-devices/provisioning-configure-mobile.md deleted file mode 100644 index b2cd8a0e5c..0000000000 --- a/windows/configuration/mobile-devices/provisioning-configure-mobile.md +++ /dev/null @@ -1,91 +0,0 @@ ---- -title: Configure Windows 10 Mobile devices with Configuration Designer -description: Use Windows Configuration Designer to configure Windows 10 Mobile devices -keywords: phone, handheld, lockdown, customize -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: medium -author: greg-lindsay -ms.author: greglin -ms.topic: article -ms.date: 07/27/2017 -ms.reviewer: -manager: dansimp ---- - -# Use Windows Configuration Designer to configure Windows 10 Mobile devices - -Windows provisioning makes it easy for IT administrators to configure end-user devices without imaging. Using provisioning packages, you can easily specify desired configuration, settings, and information required to enroll the devices into management, and then apply that configuration to target devices in a matter of minutes. - -A provisioning package (.ppkg) is a container for a collection of configuration settings. Using Windows Configuration Designer, you can create provisioning packages that let you quickly and efficiently configure a device without having to install a new image. - -Windows Configuration Designer can be installed from the [Windows Assessment and Deployment Kit (ADK) for Windows 10](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit). Windows Configuration Designer is also available as an app in the Microsoft Store. [Learn more about installing Windows Configuration Designer.](../provisioning-packages/provisioning-install-icd.md) - -## Create a provisioning package using the wizard - -The **Provision Windows mobile devices** wizard lets you configure common settings for devices running Windows 10 Mobile in a simple, graphical workflow. - -### Start a new project - -1. Open Windows Configuration Designer: - - From either the Start screen or Start menu search, type 'Windows Configuration Designer' and click the Windows Configuration Designer shortcut, - - or - - - If you installed Windows Configuration Designer from the ADK, navigate to `C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Imaging and Configuration Designer\x86` (on an x64 computer) or `C:\Program Files\Windows Kits\10\Assessment and Deployment Kit\Imaging and Configuration Designer\x86\ICD.exe` (on an x86 computer), and then double-click **ICD.exe**. - -2. On the **Start** page, choose **Provision Windows mobile devices**. - -3. Enter a name for your project, and then click **Next**. - - -### Configure settings in the wizard - - - - - - -
step oneset up device

Enter a device name.

Optionally, you can enter a product key to upgrade the device from Windows 10 Mobile to Windows 10 Mobile Enterprise. 		device name, upgrade license
step two set up network

Toggle On or Off for wireless network connectivity.

If you select On, enter the SSID, network type (Open or WPA2-Personal), and (if WPA2-Personal) the password for the wireless network.		Enter network SSID and type
step three bulk enrollment in Azure Active Directory

Before you use a Windows Configuration Designer wizard to configure bulk Azure AD enrollment, set up Azure AD join in your organization. The maximum number of devices per user setting in your Azure AD tenant determines how many times the bulk token that you get in the wizard can be used.

Set an expiration date for the token (maximum is 180 days from the date you get the token). Click Get bulk token. In the Let's get you signed in window, enter an account that has permissions to join a device to Azure AD, and then the password. Click Accept to give Windows Configuration Designer the necessary permissions.

Warning: You must run Windows Configuration Designer on Windows 10 to configure Azure Active Directory enrollment using any of the wizards. 		Enter expiration and get bulk token
step four finish

You can set a password to protect your provisioning package. You must enter this password when you apply the provisioning package to a device.		Protect your package
- -After you're done, click **Create**. It only takes a few seconds. When the package is built, the location where the package is stored is displayed as a hyperlink at the bottom of the page. - -### Apply provisioning package - -You can apply a provisioning package to a device running Windows 10 Mobile by using: - -- removable media -- copying the provisioning package to the device -- [NFC tags](provisioning-nfc.md) -- [barcodes](provisioning-package-splitter.md) - -### Using removable media - -1. Insert an SD card containing the provisioning package into the device. -2. Navigate to **Settings** > **Accounts** > **Access work or school** > **Add or remove a provisioning package** > **Add a package**, and select the package to install. - - ![add a package option.](../images/packages-mobile.png) - -3. Click **Add**. - -4. On the device, the **Is this package from a source you trust?** message will appear. Tap **Yes, add it**. - - ![Is this package from a source you trust.](../images/package-trust.png) - -### Copying the provisioning package to the device - -1. Connect the device to your PC through USB. - -2. On the PC, select the provisioning package that you want to use to provision the device and then drag and drop the file to your device. - -3. On the device, the **Is this package from a source you trust?** message will appear. Tap **Yes, add it**. - - ![Is this package from a source you trust.](../images/package-trust.png) - - -## Related topics - -- [NFC-based device provisioning](provisioning-nfc.md) -- [Use the package splitter tool](provisioning-package-splitter.md) \ No newline at end of file diff --git a/windows/configuration/mobile-devices/provisioning-nfc.md b/windows/configuration/mobile-devices/provisioning-nfc.md deleted file mode 100644 index 42ff3ff229..0000000000 --- a/windows/configuration/mobile-devices/provisioning-nfc.md +++ /dev/null @@ -1,144 +0,0 @@ ---- -title: NFC-based device provisioning (Windows 10) -description: -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -author: greg-lindsay -ms.author: greglin -ms.topic: article -ms.localizationpriority: medium -ms.date: 07/27/2017 -ms.reviewer: -manager: dansimp ---- - -# NFC-based device provisioning - - -**Applies to** - -- Windows 10 Mobile - - -Near field communication (NFC) enables Windows 10 Mobile Enterprise and Windows 10 Mobile devices to communicate with an NFC tag or another NFC-enabled transmitting device. Enterprises that do bulk provisioning can use NFC-based device provisioning to provide a provisioning package to the device that's being provisioned. NFC provisioning is simple and convenient and it can easily store an entire provisioning package. - -The NFC provisioning option enables the administrator to provide a provisioning package during initial device setup (the out-of-box experience or OOBE phase). Administrators can use the NFC provisioning option to transfer provisioning information to persistent storage by tapping an unprovisioned mobile device to an NFC tag or NFC-enabled device. To use NFC for pre-provisioning a device, you must either prepare your own NFC tags by storing your provisioning package to a tag as described in this section, or build the infrastructure needed to transmit a provisioning package between an NFC-enabled device and a mobile device during OOBE. - -## Provisioning OOBE UI - -All Windows 10 Mobile Enterprise and Windows 10 Mobile images have the NFC provisioning capability incorporated into the operating system. On devices that support NFC and are running Windows 10 Mobile Enterprise or Windows 10 Mobile, NFC-based device provisioning provides an additional mechanism to provision the device during OOBE. - -On all Windows devices, device provisioning during OOBE can be triggered by 5 fast taps on the Windows hardware key, which shows the **Provision this device** screen. In the **Provision this device** screen, select **NFC** for NFC-based provisioning. - -![Example of Provision this device screen.](../images/nfc.png) - -If there is an error during NFC provisioning, the device will show a message if any of the following errors occur: - -- **NFC initialization error** - This can be caused by any error that occurs before data transfer has started. For example, if the NFC driver isn't enabled or there's an error communicating with the proximity API. -- **Interrupted download or incomplete package transfer** - This error can happen if the peer device is out of range or the transfer is aborted. This error can be caused whenever the device being provisioned fails to receive the provisioning package in time. -- **Incorrect package format** - This error can be caused by any protocol error that the operating system encounters during the data transfer between the devices. -- **NFC is disabled by policy** - Enterprises can use policies to disallow any NFC usage on the managed device. In this case, NFC functionality is not enabled. - -## NFC tag - -You can use an NFC tag for minimal provisioning and use an NFC-enabled device tag for larger provisioning packages. - -The protocol used for NFC-based device provisioning is similar to the one used for NFC provisioning on Windows Embedded 8.1 Handheld, which supported both single-chunk and multi-chunk transfer when the total transfer didn't fit in one NDEP message size. In Windows 10, the provisioning stack contains the following changes: - -- **Protocol namespace** - The protocol namespace has changed from Windows.WEH.PreStageProv.Chunk to Windows.ProvPlugins.Chunk. -- **Tag data type** - The tag data type has changed from UTF-8 into binary raw data. - - ->[!NOTE] ->The NFC tag doesn't go in the secondary device. You can transfer the NFC tag by using a provisioning package from device-to-device using the NFC radio or by re-reading the provisioning package from an NFC tag. - -### NFC tag components - -NFC tags are suitable for very light applications where minimal provisioning is required. The size of NFC tags that contain provisioning packages is typically 4 KB to 10 KB. - -To write to an NFC tag, you will need to use an NFC Writer tool, or you can use the [ProximityDevice class API](/uwp/api/Windows.Networking.Proximity.ProximityDevice) to write your own custom tool to transfer your provisioning package file to your NFC tag. The tool must publish a binary message (write) a Chunk data type to your NFC tag. - -The following table describes the information that is required when writing to an NFC tag. - -| Required field | Description | -| --- | --- | -| **Type** | Windows.ProvPlugins.Chunk

The receiving device uses this information to understand information in the Data field. | -| **Data** | Tag data with small header in raw binary format that contains a chunk of the provisioning package to be transferred. | - - - -### NFC provisioning helper - -The NFC provisioning helper device must split the provisioning package raw content into multiple parts and publish these in order. Each part should follow the following format: - -
Version
(1 byte)		Leading
(1 byte)		Order
(1 byte)		Total
(1 byte)		Chunk payload
(N bytes)
- -For each part: -- Version should always be 0x00. -- Leading byte should always be 0xFF. -- Order represents which message chunk (out of the whole message) the part belongs to. The Order begins with zero (0). -- Total represents the total number of chunks to be transferred for the whole message. -- Chunk payload represents each of the split parts. - -The NFC provisioning helper device must publish the record in a type of Windows.ProvPlugins.Chunk. - -**Code example** - -The following example shows how to write to an NFC tag. This example assumes that the tag is already in range of the writing device. - -``` - private async void WriteProvPkgToTag(IStorageFile provPkgFile) - { - var buffer = await FileIO.ReadBufferAsync(provPkgFile); - if (null == buffer) - { - return; - } - - var proximityDevice = Windows.Networking.Proximity.ProximityDevice.GetDefault(); - if (null == proximityDevice) - { - return; - } - - var dataWriter = new DataWriter(); - var header = new NfcProvHeader(); - - header.version = NFC_PROV_MESSAGE_CURRENT_VERSION; // Currently the supported version is 0x00. - header.leading = NFC_PROV_MESSAGE_LEADING_BYTE; // The leading byte should be always 0xFF. - header.index = 0; // Assume we only have 1 chunk. - header.total = 1; // Assume we only have 1 chunk. - - // Write the header first and then the raw data of the provisioning package. - dataWriter.WriteBytes(GetBytes(header)); - dataWriter.WriteBuffer(buffer); - - var chunkPubId = proximityDevice.PublishBinaryMessage( - "Windows:WriteTag.ProvPlugins.Chunk", - dataWriter.DetachBuffer()); - } -``` - - -### NFC-enabled device tag components - -Provisioning from an NFC-enabled source device allows for larger provisioning packages than can be transferred using an NFC tag. When provisioning from an NFC-enabled device, we recommend that the total file size not exceed 120 KB. Be aware that the larger the NFC file is, the longer it will take to transfer the provisioning file. Depending on your NFC hardware, the transfer time for a 120 KB file will vary between 2.5 seconds and 10 seconds. - -To provision from an NFC-enabled source device, use [ProximityDevice class API](/uwp/api/Windows.Networking.Proximity.ProximityDevice) to write your own custom tool that transfers your provisioning package in chunks to your target mobile device. The tool must publish binary messages (transmit) a Header message, followed by one or more Chunk messages. The Header specifies the total amount of data that will be transferred to the target device; the Chunks must contain binary raw data formatted provisioning data, as shown in the NFC tag components section. - -For detailed information and code samples on how to implement an NFC-enabled device tag, see **ConvertToNfcMessageAsync** in [this GitHub NfcProvisioner Universal Windows app example](https://github.com/Microsoft/Windows-universal-samples/blob/master/Samples/NfcProvisioner/cs/Scenario1.xaml.cs). The sample app shows you how to host the provisioning package on a master device so that you can transfer it to the receiving device. - - - - - - - -## Related topics - -- [Use Windows Configuration Designer to configure Windows 10 Mobile devices](provisioning-configure-mobile.md) - -- [Barcode provisioning and the package splitter tool](provisioning-package-splitter.md) - - diff --git a/windows/configuration/mobile-devices/provisioning-package-splitter.md b/windows/configuration/mobile-devices/provisioning-package-splitter.md deleted file mode 100644 index 3bfd9c31b4..0000000000 --- a/windows/configuration/mobile-devices/provisioning-package-splitter.md +++ /dev/null @@ -1,93 +0,0 @@ ---- -title: Barcode provisioning and the package splitter tool (Windows 10) -description: -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -author: greg-lindsay -ms.author: greglin -ms.topic: article -ms.localizationpriority: medium -ms.date: 07/27/2017 -ms.reviewer: -manager: dansimp ---- - -# Barcode provisioning and the package splitter tool - - -**Applies to** - -- Windows 10 Mobile - -Enterprises that do bulk provisioning can use barcode-based device provisioning to provide a provisioning package to the device that's being provisioned. - -The barcode provisioning option enables the administrator to provide a provisioning package during initial device setup (the out-of-box experience or OOBE phase). To use barcodes to provision a device, your devices must have an integrated barcode scanner. You can get the barcode format that the scanner supports from your OEM or device provider, and use your existing tools and processes to convert a provisioning package into barcodes. - -Enterprise IT professionals who want to use a barcode to provision mobile devices during OOBE can use the package splitter tool, **ppkgtobase64.exe**, which is a command-line tool to split the provisioning package into smaller files. - -The smallest provisioning package is typically 5-6 KB, which cannot fit into one single barcode. The package splitter tool allows partners to split the original provisioning package into multiple smaller sized chunks that are encoded with Base64 so that enterprises can leverage their existing tools to convert these files into barcodes. - -When you [install Windows Configuration Designer](../provisioning-packages/provisioning-install-icd.md) from the Windows Assessment and Deployment Kit (ADK), **ppkgtobase64.exe** is installed to the same folder. - -## Prerequisites - -Before you can use the tool, you must have a built provisioning package. The package file is the input to the package splitter tool. - -- To build a provisioning package using the Windows Configuration Designer UI, see [Use Windows Configuration Designer to configure Windows 10 Mobile devices](provisioning-configure-mobile.md). -- To build a provisioning package using the Windows Configuration Designer CLI, see [Windows Configuration Designer command-line interface](../provisioning-packages/provisioning-command-line.md). - -## To use the package splitter tool (ppkgtobase64.exe) - -1. Open a command-line window with administrator privileges. - - -2. From the command-line, navigate to the Windows Configuration Designer install directory. - - On an x64 computer, type: - ``` - cd C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Imaging and Configuration Designer\x86 - ``` - - - or - - - On an x86 computer, type: - - ``` - cd C:\Program Files\Windows Kits\10\Assessment and Deployment Kit\Imaging and Configuration Designer\x86 - ``` - -3. Run `ppkgtobase64.exe`. The [syntax](#syntax) and [switches and arguments](#switches-and-arguments) sections provide details for the command. - - -### Syntax - -``` -ppkgtobase64.exe -i -o -s [-c] [/?] -``` - -### Switches and arguments - -| Switch | Required? | Arguments | -| --- | --- | --- | -| -i | Yes | Use to specify the path and file name of the provisioning package that you want to divide into smaller files.

The tool allows you to specify the absolute path of the provisioning package file. However, if you don't specify the path, the tool will search the current folder for a package that matches the file name you specified. | -| -o | Yes | Use to specify the directory where the output files will be saved. | -| -s | Yes | Use to specify the size of the block that will be encoded in Base64. | -| -c | No | Use to delete any files in the output directory if the directory already exists. This parameter is optional. | -| /? | No | Lists the switches and their descriptions for the command-line tool or for certain commands. | - - - - - -## Related topics - - - - - - - - - - diff --git a/windows/configuration/mobile-devices/set-up-a-kiosk-for-windows-10-for-mobile-edition.md b/windows/configuration/mobile-devices/set-up-a-kiosk-for-windows-10-for-mobile-edition.md deleted file mode 100644 index a265a544e3..0000000000 --- a/windows/configuration/mobile-devices/set-up-a-kiosk-for-windows-10-for-mobile-edition.md +++ /dev/null @@ -1,202 +0,0 @@ ---- -title: Set up a kiosk on Windows 10 Mobile or Windows 10 Mobile Enterprise (Windows 10) -description: A device in kiosk mode runs a specified app with no access to other device functions, menus, or settings. -ms.assetid: 35EC82D8-D9E8-45C3-84E9-B0C8C167BFF7 -ms.reviewer: -manager: dansimp -keywords: kiosk, lockdown, assigned access -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: mobile -author: greg-lindsay -ms.author: greglin -ms.topic: article -ms.localizationpriority: medium -ms.date: 07/27/2017 ---- - -# Set up a kiosk on Windows 10 Mobile or Windows 10 Mobile Enterprise - - -**Applies to** - -- Windows 10 Mobile - - -A device in kiosk mode runs a specified app with no access to other device functions, menus, or settings. You use the [Enterprise Assigned Access](#enterprise-assigned-access) configuration service provider (CSP) to configure a kiosk experience. You can also configure a device running Windows 10 Mobile or Windows 10 Mobile Enterprise, version 1607 or earlier, for kiosk mode by using the [Apps Corner](#apps-corner) feature. (Apps Corner is removed in version 1703.) - - - -## Enterprise Assigned Access - - -Enterprise Assigned Access allows you to put your Windows 10 Mobile or Windows 10 Mobile Enterprise device in kiosk mode by creating a user role that has only a single app, set to run automatically, in the Allow list. - ->[!NOTE] ->The app can be a Universal Windows app, Universal Windows Phone 8 app, or a legacy Silverlight app. - - - -### Set up Enterprise Assigned Access in MDM - -In AssignedAccessXml, for Application, you enter the product ID for the app to run in kiosk mode. Find product IDs at [Product IDs in Windows 10 Mobile](product-ids-in-windows-10-mobile.md). - -[See the technical reference for the Enterprise Assigned Access configuration service provider (CSP).](/windows/client-management/mdm/enterpriseassignedaccess-csp) - -### Set up assigned access using Windows Configuration Designer - ->[!IMPORTANT] ->When you build a provisioning package, you may include sensitive information in the project files and in the provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when they are no longer needed. - -#### Create the *AssignedAccess*.xml file - -1. Create an *AssignedAccess*.xml file that specifies the app the device will run. (You can name use any file name.) For instructions on AssignedAccessXml, see [EnterpriseAssignedAccess CSP](/windows/client-management/mdm/enterpriseassignedaccess-csp). - - >[!NOTE] - >Do not escape the xml in *AssignedAccess*.xml file as Windows Configuration Designer will do that when building the package. Providing escaped xml in Windows ICD will cause building the package fail. - -#### Create the provisioning package - -1. [Install Windows Configuration Designer.](../provisioning-packages/provisioning-install-icd.md) - -2. Open Windows Configuration Designer (if you installed it from the Windows ADK, `%windir%\\Program Files (x86)\\Windows Kits\\10\\Assessment and Deployment Kit\\Imaging and Configuration Designer\\x86\\ICD.exe`). - -3. Choose **Advanced provisioning**. - - - -4. Name your project, and click **Next**. - -5. Choose **All Windows mobile editions** and click **Next**. - -6. On **New project**, click **Finish**. The workspace for your package opens. - -7. Expand **Runtime settings** > **EmbeddedLockdownProfiles**, and click **AssignedAccessXml**. - -8. Click **Browse** to select the *AssignedAccess*.xml file. - -9. On the **File** menu, select **Save.** - -10. On the **Export** menu, select **Provisioning package**. - -11. Change **Owner** to **IT Admin**, which will set the precedence of this provisioning package higher than provisioning packages applied to this device from other sources, and then select **Next.** - -12. Optional. In the **Provisioning package security** window, you can choose to encrypt the package and enable package signing. - - - **Enable package encryption** - If you select this option, an auto-generated password will be shown on the screen. - - - **Enable package signing** - If you select this option, you must select a valid certificate to use for signing the package. You can specify the certificate by clicking **Select** and choosing the certificate you want to use to sign the package. - -13. Click **Next** to specify the output location where you want the provisioning package to go when it's built. By default, Windows ICD uses the project folder as the output location. - - Optionally, you can click **Browse** to change the default output location. - -14. Click **Next**. - -15. Click **Build** to start building the package. The provisioning package doesn't take long to build. The project information is displayed in the build page and the progress bar indicates the build status. - - If you need to cancel the build, click **Cancel**. This cancels the current build process, closes the wizard, and takes you back to the **Customizations Page**. - -16. If your build fails, an error message will show up that includes a link to the project folder. You can scan the logs to determine what caused the error. Once you fix the issue, try building the package again. - - If your build is successful, the name of the provisioning package, output directory, and project directory will be shown. - - - If you choose, you can build the provisioning package again and pick a different path for the output package. To do this, click **Back** to change the output package name and path, and then click **Next** to start another build. - - If you are done, click **Finish** to close the wizard and go back to the **Customizations Page**. - -17. Select the **output location** link to go to the location of the package. - -#### Distribute the provisioning package - -You can distribute that .ppkg to mobile devices using any of the following methods: - -- Removable media (USB/SD) - - **To apply a provisioning package from removable media** - - 1. Copy the provisioning package file to the root directory on a micro SD card. - - 2. On the device, insert the micro SD card containing the provisioning package. - - 3. Go to **Settings** > **Accounts** > **Provisioning.** - - 4. Tap **Add a package**. - - 5. On the **Choose a method** screen, in the **Add from** dropdown menu, select **Removable Media**. - - 6. Select a package will list all available provisioning packages on the micro SD card. Tap the desired package, and then tap **Add**. - - 7. You will see a message that tells you what the package will do the device, such as **Adding it will: Lock down the user interface**. Tap **Yes, add it**. - - 8. Restart the device and verify that the runtime settings that were configured in the provisioning package were applied to the device. - -- Email - - **To apply a provisioning package sent in email** - - 1. Send the provisioning package in email to an account on the device. - - 2. Open the email on the device, and then double-tap the attached file. - - 3. You will see a message that tells you what the package will do the device, such as **Adding it will: Lock down the user interface**. Tap **Yes, add it**. - - 4. Restart the device and verify that the runtime settings that were configured in the provisioning package were applied to the device. - -- USB tether - - **To apply a provisioning package using USB tether** - - 1. Connect the device to your PC by USB. - - 2. Select the provisioning package that you want to use to provision the device, and then drag and drop the file to your device. - - 3. The provisioning package installation dialog will appear on the phone. - - 4. You will see a message that tells you what the package will do the device, such as **Adding it will: Lock down the user interface**. Tap **Yes, add it**. - - 5. Restart the device and verify that the runtime settings that were configured in the provisioning package were applied to the device. - - - -## Apps Corner - ->[!NOTE] ->For Windows 10, versions 1507, 1511, and 1607 only. - -Apps Corner lets you set up a custom Start screen on your Windows 10 Mobile or Windows 10 Mobile Enterprise device, where you can share only the apps you choose with the people you let use your device. You configure a device for kiosk mode by selecting a single app to use in Apps Corner. - -**To set up Apps Corner** - -1. On Start ![start.](../images/starticon.png), swipe over to the App list, then tap **Settings** ![settings](../images/settingsicon.png) > **Accounts** > **Apps Corner**. - -2. Tap **Apps**, tap to select the app that you want people to use in the kiosk mode, and then tap done ![done icon.](images/doneicon.png). - -3. If your phone doesn't already have a lock screen password, you can set one now to ensure that people can't get to your Start screen from Apps Corner. Tap **Protect my phone with a password**, click **Add**, type a PIN in the **New PIN** box, type it again in the **Confirm PIN** box, and then tap **OK**. Press **Back** ![back.](../images/backicon.png) to the Apps Corner settings. - -4. Turn **Action center** on or off, depending on whether you want people to be able to use these features when using the device in kiosk mode. - -5. Tap **advanced**, and then turn features on or off, depending on whether you want people to be able to use them. - -6. Press **Back** ![back.](../images/backicon.png) when you're done. - -**To use Apps Corner** - -1. On Start ![start.](../images/starticon.png), swipe over to the App list, then tap **Settings** ![settings](../images/settingsicon.png) > **Accounts** > **Apps Corner** > launch ![launch](../images/launchicon.png). - - >[!TIP] - >Want to get to Apps Corner with one tap? In **Settings**, tap **Apps Corner** > **pin** to pin the Apps Corner tile to your Start screen. - -2. Give the device to someone else, so they can use the device and only the one app you chose. - -3. When they're done and you get the device back, press and hold Power ![power.](../images/powericon.png), and then swipe right to exit Apps Corner. - -## Related topics - - -[Set up a kiosk on Windows 10 Pro, Enterprise, or Education](../kiosk-single-app.md) - -[Configure Windows 10 Mobile using Lockdown XML](lockdown-xml.md) - -[Product IDs in Windows 10 Mobile](product-ids-in-windows-10-mobile.md) - diff --git a/windows/configuration/mobile-devices/settings-that-can-be-locked-down.md b/windows/configuration/mobile-devices/settings-that-can-be-locked-down.md deleted file mode 100644 index c616794f43..0000000000 --- a/windows/configuration/mobile-devices/settings-that-can-be-locked-down.md +++ /dev/null @@ -1,499 +0,0 @@ ---- -title: Lock down settings and quick actions in Windows 10 Mobile -description: This topic lists the settings and quick actions that can be locked down in Windows 10 Mobile. -ms.assetid: 69E2F202-D32B-4FAC-A83D-C3051DF02185 -ms.reviewer: -manager: dansimp -keywords: ["lockdown"] -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -ms.pagetype: mobile -author: greg-lindsay -ms.author: greglin -ms.topic: article -ms.localizationpriority: medium -ms.date: 07/27/2017 ---- - -# Settings and quick actions that can be locked down in Windows 10 Mobile - - -**Applies to** - -- Windows 10 Mobile - -This topic lists the settings and quick actions that can be locked down in Windows 10 Mobile. - -## Settings lockdown in Windows 10, version 1703 - -In earlier versions of Windows 10, you used the page name to define allowed settings. Starting in Windows 10, version 1703, you use the settings URI. - -For example, in place of **SettingsPageDisplay**, you would use **ms-settings:display**. - -See the [ms-settings: URI scheme reference](/windows/uwp/launch-resume/launch-settings-app#ms-settings-uri-scheme-reference) to find the URI for each Settings page. - -## Settings lockdown in Windows 10, version 1607 and earlier - - -You can use Lockdown.xml to configure lockdown settings. - -The following table lists the settings pages and page groups. Use the page name in the Settings section of Lockdown.xml. The Settings section contains an allow list of pages in the Settings app. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Main menuSub-menuPage name
SystemSettingsPageGroupPCSystem
DisplaySettingsPageDisplay
Notifications & actionsSettingsPageAppsNotifications
PhoneSettingsPageCalls
MessagingSettingsPageMessaging
BatterySettingsPageBatterySaver
Apps for websitesSettingsPageAppsForWebsites
StorageSettingsPageStorageSenseStorageOverview
Driving modeSettingsPageDrivingMode
Offline mapsSettingsPageMaps
AboutSettingsPagePCSystemInfo
DevicesSettingsPageGroupDevices
Default cameraSettingsPagePhotos
BluetoothSettingsPagePCSystemBluetooth
NFCSettingsPagePhoneNFC
MouseSettingsPageMouseTouchpad
USBSettingsPageUsb
Network and wirelessSettingsPageGroupNetwork
Cellular & SIMSettingsPageNetworkCellular
Wi-FiSettingsPageNetworkWiFi
Airplane modeSettingsPageNetworkAirplaneMode
Data usageSettingsPageDataSenseOverview
Mobile hotspotSettingsPageNetworkMobileHotspot
VPNSettingsPageNetworkVPN
PersonalizationSettingsPageGroupPersonalization
StartSettingsPageBackGround
ColorsSettingsPageColors
SoundsSettingsPageSounds
Lock screenSettingsPageLockscreen
Glance screenSettingsPageGlance
Navigation barSettingsNagivationBar
AccountsSettingsPageGroupAccounts
Your infoSettingsPageAccountsPicture
Sign-in optionsSettingsPageAccountsSignInOptions
Email & app accountsSettingsPageAccountsEmailApp
Access work or schoolSettingsPageWorkAccess
Sync your settingsSettingsPageAccountsSync

Apps corner

-

(disabled in Assigned Access)

SettingsPageAppsCorner
Time & languageSettingsPageGroupTimeRegion
Date & timeSettingsPageTimeRegionDateTime
LanguageSettingsPageTimeLanguage
RegionSettingsPageTimeRegion
KeyboardSettingsPageKeyboard
SpeechSettingsPageSpeech
Ease of accessSettingsPageGroupEaseOfAccess
NarratorSettingsPageEaseOfAccessNarrator
MagnifierSettingsPageEaseOfAccessMagnifier
High contrastSettingsPageEaseOfAccessHighContrast
Closed captionsSettingsPageEaseOfAccessClosedCaptioning
More optionsSettingsPageEaseOfAccessMoreOptions
PrivacySettingsPageGroupPrivacy
LocationSettingsPagePrivacyLocation
CameraSettingsPagePrivacyWebcam
MicrophoneSettingsPagePrivacyMicrophone
MotionSettingsPagePrivacyMotionData
NotificationsSettingsPagePrivacyNotifications
Speech. inking, & typingSettingsPagePrivacyPersonalization
Account infoSettingsPagePrivacyAccountInfo
ContactsSettingsPagePrivacyContacts
CalendarSettingsPagePrivacyCalendar
Phone callsSettingsPagePrivacyPhoneCall
Call historySettingsPagePrivacyCallHistory
EmailSettingsPagePrivacyEmail
MessagingSettingsPagePrivacyMessaging
RadiosSettingsPagePrivacyRadios
Continue App ExperiencesSettingsPagePrivacyCDP
Background appsSettingsPagePrivacyBackgroundApps
Accessory appsSettingsPageAccessories
Advertising IDSettingsPagePrivacyAdvertisingId
Other devicesSettingsPagePrivacyCustomPeripherals
Feedback and diagnosticsSettingsPagePrivacySIUFSettings
Update and securitySettingsPageGroupRestore
Phone updateSettingsPageRestoreMusUpdate
Windows Insider ProgramSettingsPageFlights
Device encryptionSettingsPageGroupPCSystemDeviceEncryption
BackupSettingsPageRestoreOneBackup
Find my phoneSettingsPageFindMyDevice
For developersSettingsPageSystemDeveloperOptions
OEMSettingsPageGroupExtensibility
ExtensibilitySettingsPageExtensibility
- -  - -## Quick actions lockdown - - -Quick action buttons are locked down in exactly the same way as Settings pages/groups. By default they are always conditional. - -You can specify the quick actions as follows: - -```xml - - - - - - - - - - - - - - - - - - -``` - - - -  - -## Related topics - - -[Configure Windows 10 Mobile using Lockdown XML](lockdown-xml.md) - -[Product IDs in Windows 10 Mobile](product-ids-in-windows-10-mobile.md) - -  - -  \ No newline at end of file diff --git a/windows/configuration/mobile-devices/start-layout-xml-mobile.md b/windows/configuration/mobile-devices/start-layout-xml-mobile.md deleted file mode 100644 index 858de39174..0000000000 --- a/windows/configuration/mobile-devices/start-layout-xml-mobile.md +++ /dev/null @@ -1,393 +0,0 @@ ---- -title: Start layout XML for mobile editions of Windows 10 (Windows 10) -description: This topic describes the options for customizing Start layout in LayoutModification.xml for Windows 10 mobile editions. -keywords: ["start screen"] -ms.prod: w10 -ms.mktglfcycl: manage -ms.sitesec: library -author: greg-lindsay -ms.author: greglin -ms.topic: article -ms.localizationpriority: medium -ms.date: 07/27/2017 -ms.reviewer: -manager: dansimp ---- - -# Start layout XML for mobile editions of Windows 10 (reference) - - -**Applies to** - -- Windows 10 - ->**Looking for consumer information?** See [Customize the Start menu](https://go.microsoft.com/fwlink/p/?LinkId=623630) - - -On Windows 10 Mobile, you can use the XML-based layout to modify the Start screen and provide the most robust and complete Start customization experience. - -On Windows 10 Mobile, the customized Start works by: - -- Windows 10 performs checks to determine the correct base default layout. The checks include the mobile edition, whether the device is dual SIM, the column width, and whether Cortana is supported for the country/region. -- Windows 10 ensures that it does not overwrite the layout that you have set and will sequence the level checks and read the file layout such that any multivariant settings that you have set is not overwritten. -- Windows 10 reads the LayoutModification.xml file and appends the group to the Start screen. - -## Default Start layouts - -The following diagrams show the default Windows 10, version 1607 Start layouts for single SIM and dual SIM devices with Cortana support, and single SIM and dual SIM devices with no Cortana support. - -![Start layout for Windows 10 Mobile.](../images/mobile-start-layout.png) - -The diagrams show: - -- Tile coordinates - These are determined by the row number and the column number. -- Fold - Tiles "above the fold" are visible when users first navigate to the Start screen. Tiles "below the fold" are visible after users scroll up. -- Partner-customizable tiles - OEM and mobile operator partners can customize these areas of the Start screen by prepinning content. The partner configurable slots are: - - Rows 6-9 - - Rows 16-19 - -## LayoutModification XML - -IT admins can provision the Start layout by creating a LayoutModification.xml file. This file supports several mechanisms to modify or replace the default Start layout and its tiles. - ->[!NOTE] ->To make sure the Start layout XML parser processes your file correctly, follow these guidelines when writing your LayoutModification.xml file: ->- Do not leave spaces or white lines in between each element. ->- Do not add comments inside the StartLayout node or any of its children elements. ->- Do not add multiple rows of comments. - -The following table lists the supported elements and attributes for the LayoutModification.xml file. - -| Element | Attributes | Description | -| --- | --- | --- | -| LayoutModificationTemplate | xmlns
xmlns:defaultlayout
xmlns:start
Version | Use to describe the changes to the default Start layout. | -| DefaultLayoutOverride

Parent:
LayoutModificationTemplate | n/a | Use to specify the customized Start layout for mobile devices. | -| StartLayoutCollection

Parent:
DefaultLayoutOverride | n/a | Use to contain a collection of Start layouts. | -| StartLayout

Parent:
StartLayoutCollection | n/a | Use to specify the tile groups that will be appended to the Start screen. | -| start:Group

Parent:
StartLayout | Name | Use to specify the tiles that need to be appended to the default Start layout. | -| start:Tile

Parent:
start:Group | AppUserModelID
Size
Row
Column | Use to specify any Universal Windows app that has a valid **AppUserModelID** attribute. | -| start:SecondaryTile

Parent:
start:Group | AppUserModelID
TileID
Arguments
DisplayName
Square150x150LogoUri
ShowNameOnSquare150x150Logo
ShowNameOnWide310x150Logo
Wide310x150LogoUri
BackgroundColor
ForegroundText
IsSuggestedApp
Size
Row
Column | Use to pin a Web link through a Microsoft Edge secondary tile. | -| start:PhoneLegacyTile

Parent:
start:Group | ProductID
Size
Row
Column | Use to add a mobile app that has a valid **ProductID** attribute. | -| start:Folder

Parent:
start:Group | Name
Size
Row
Column | Use to add a folder to the mobile device's Start screen. | -| RequiredStartTiles

Parent:
LayoutModificationTemplate | n/a | Use to specify the tiles that will be pinned to the bottom of the Start screen even if a restored Start screen does not have the tiles during backup or restore. | - -### start:Group - -**start:Group** tags specify a group of tiles that will be appended to Start. You can set the **Name** attribute to specify a name for the Start group. - ->[!NOTE] ->Windows 10 Mobile only supports one Start group. - - For Windows 10 Mobile, **start:Group** tags can contain the following tags or elements: - -- **start:Tile** -- **start:SecondaryTile** -- **start:PhoneLegacyTile** -- **start:Folder** - -### Specify Start tiles - -To pin tiles to Start, you must use the right kind of tile depending on what you want to pin. - -#### Tile size and coordinates - -All tile types require a size (**Size**) and coordinates (**Row** and **Column**) attributes regardless of the tile type that you use when prepinning items to Start. - -The following table describes the attributes that you must use to specify the size and location for the tile. - -| Attribute | Description | -| --- | --- | -| Size | Determines how large the tile will be.
- 1x1 - small tile
- 2x2 - medium tile
- 4x2 - wide tile
- 4x4 - large tile | -| Row | Specifies the row where the tile will appear. | -| Column | Specifies the column where the tile will appear. | - -For example, a tile with Size="2x2", Row="2", and Column="2" results in a tile located at (2,2) where (0,0) is the top-left corner of a group. - -#### start:Tile - -You can use the **start:Tile** tag to pin a Universal Windows app to Start. - -To specify an app, you must set the **AppUserModelID** attribute to the application user model ID that's associated with the corresponding app. - -The following example shows how to pin the Microsoft Edge Universal Windows app: - -```XML - -``` - -#### start:SecondaryTile - -You can use the **start:SecondaryTile** tag to pin a Web link through a Microsoft Edge secondary tile. - -The following example shows how to create a tile of the Web site's URL using the Microsoft Edge secondary tile: - -```XML - -``` - -The following table describes the other attributes that you can use with the **start:SecondaryTile** tag in addition to **Size**, **Row**, and **Column**. - -| Attribute | Required/optional | Description | -| --- | --- | --- | -| AppUserModelID | Required | Must point to Microsoft Edge. | -| TileID | Required | Must uniquely identify your Web site tile. | -| Arguments | Required | Must contain the URL of your Web site. | -| DisplayName | Required | Must specify the text that you want users to see. | -| Square150x150LogoUri | Required | Specifies the logo to use on the 2x2 tile. | -| Wide310x150LogoUri | Optional | Specifies the logo to use on the 4x2 tile. | -| ShowNameOnSquare150x150Logo | Optional | Specifies whether the display name is shown on the 2x2 tile. You can set the value for this attribute to true or false. By default, this is set to false. | -| ShowNameOnWide310x150Logo | Optional | Specifies whether the display name is shown on the 4x2 tile. You can set the value for this attribute to true or false. By default, this is set to false. | -| BackgroundColor | Optional | Specifies the color of the tile. You can specify the value in ARGB hexadecimal (for example, #FF112233) or specify "transparent". | -| ForegroundText | Optional | Specifies the color of the foreground text. Set the value to either "light" or "dark". | - - Secondary Microsoft Edge tiles have the same size and location behavior as a Universal Windows app. - -#### start:PhoneLegacyTile - -You can use the **start:PhoneLegacyTile** tag to add a mobile app that has a valid ProductID, which you can find in the app's manifest file. The **ProductID** attribute must be set to the GUID of the app. - -The following example shows how to add a mobile app with a valid ProductID using the start:PhoneLegacyTile tag: - -```XML - -``` - -#### start:Folder - -You can use the **start:Folder** tag to add a folder to the mobile device's Start screen. - -You must set these attributes to specify the size and location of the folder: **Size**, **Row**, and **Column**. - -Optionally, you can also specify a folder name by using the **Name** attribute. If you specify a name, set the value to a string. - -The position of the tiles inside a folder is relative to the folder. You can add any of the following tile types to the folder: - -- Tile - Use to pin a Universal Windows app to Start. -- SecondaryTile - Use to pin a Web link through a Microsoft Edge secondary tile. -- PhoneLegacyTile - Use to pin a mobile app that has a valid ProductID. - -The following example shows how to add a medium folder that contains two apps inside it: - -```XML - - - - -``` - -#### RequiredStartTiles - -You can use the **RequiredStartTiles** tag to specify the tiles that will be pinned to the bottom of the Start screen even if a restored Start screen does not have the tiles during backup or restore. - ->[!NOTE] ->Enabling this Start customization may be disruptive to the user experience. - -For Windows 10 Mobile, **RequiredStartTiles** tags can contain the following tags or elements. These are similar to the tiles supported in **start:Group**. - -- Tile - Use to pin a Universal Windows app to Start. -- SecondaryTile - Use to pin a Web link through a Microsoft Edge secondary tile. -- PhoneLegacyTile - Use to pin a mobile app that has a valid ProductID. -- Folder - Use to pin a folder to the mobile device's Start screen. - -Tiles specified within the **RequiredStartTiles** tag have the following behavior: - -- The partner-pinned tiles will begin in a new row at the end of the user-restored Start screen. -- If there’s a duplicate tile between what the user has in their Start screen layout and what the OEM has pinned to the Start screen, only the app or tile shown in the user-restored Start screen layout will be shown and the duplicate tile will be omitted from the pinned partner tiles at the bottom of the Start screen. - -The lack of duplication only applies to pinned apps. Pinned Web links may be duplicated. - -- If partners have prepinned folders to the Start screen, Windows 10 treats these folders in the same way as appended apps on the Start screen. Duplicate folders will be removed. -- All partner tiles that are appended to the bottom of the user-restored Start screen will be medium-sized. There will be no gaps in the appended partner Start screen layout. Windows 10 will shift tiles accordingly to prevent gaps. - -## Sample LayoutModification.xml - -The following sample LayoutModification.xml shows how you can configure the Start layout for devices running Windows 10 Mobile: - -```XML - - - - - - - - - - - - - - - - - - - -``` - -## Use Windows Provisioning multivariant support - -The Windows Provisioning multivariant capability allows you to declare target conditions that, when met, supply specific customizations for each variant condition. For Start customization, you can create specific layouts for each variant that you have. To do this, you must create a separate LayoutModification.xml file for each variant that you want to support and then include these in your provisioning package. For more information on how to do this, see Create a provisioning package with multivariant settings. - -The provisioning engine chooses the right customization file based on the target conditions that were met, adds the file in the location that's specified for the setting, and then uses the specific file to customize Start. To differentiate between layouts, you can add modifiers to the LayoutModification.xml filename such as "LayoutCustomization1". Regardless of the modifier that you use, the provsioning engine will always output "LayoutCustomization.xml" so that the OS has a consistent file name to query against. - -For example, if you want to ensure that there's a specific layout for a certain mobile operator in a certain country/region, you can: -1. Create a specific layout customization file and then name it LayoutCustomization1.xml. -2. Include the file as part of your provisioning package. -3. Create your multivariant target and reference the XML file within the target condition in the main customization XML file. - -The following example shows what the overall customization file might look like with multivariant support for Start: - -```XML - - - - {6aaa4dfa-00d7-4aaa-8adf-73c6a7e2501e} - My Provisioning Package - 1.0 - OEM - 50 - - - - - - - - - - - - - - - - - - - - - - - 1 - 1 - 1 - - - 1 - - - - - - - - - c:\users\\appdata\local\Microsoft\Windows\Shell\LayoutCustomization1.XML - - 1 - - - - - - -``` - -When the condition is met, the provisioning engine takes the XML file and places it in the location that Windows 10 has set and then the Start subsystem reads the file and applies the specific customized layout. - -You must repeat this process for all variants that you want to support so that each variant can have a distinct layout for each of the conditions and targets that need to be supported. For example, if you add a **Language** condition, you can create a Start layout that has it's own localized group or folder titles. - -## Add the LayoutModification.xml file to the image - -Once you have created your LayoutModification.xml file to customize devices that will run Windows 10 Mobile, you can use Windows ICD to add the XML file to the device: - -1. In the **Available customizations** pane, expand **Runtime settings**, select **Start** and then click the **StartLayout** setting. -2. In the middle pane, click **Browse** to open File Explorer. -3. In the File Explorer window, navigate to the location where you saved your LayoutModification.xml file. -4. Select the file and then click **Open**. - -This should set the value of **StartLayout**. The setting appears in the **Selected customizations** pane. - - - - - - - - - - - - - - - - - - - -## Related topics - - -- [Manage Windows 10 Start layout options](../windows-10-start-layout-options-and-policies.md) -- [Configure Windows 10 taskbar](../configure-windows-10-taskbar.md) -- [Customize Windows 10 Start and taskbar with Group Policy](../customize-windows-10-start-screens-by-using-group-policy.md) -- [Customize Windows 10 Start and taskbar with ICD and provisioning packages](../customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md) -- [Customize Windows 10 Start with mobile device management (MDM)](../customize-windows-10-start-screens-by-using-mobile-device-management.md) -- [Changes to Group Policy settings for Windows 10 Start](../changes-to-start-policies-in-windows-10.md) -- [Start layout XML for desktop editions of Windows 10 (reference)](../start-layout-xml-desktop.md) - -  - -  - - - - - diff --git a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md index 65eac1c2a8..05bf795440 100644 --- a/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md +++ b/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers.md @@ -70,8 +70,6 @@ When a CSP is available but is not explicitly included in your MDM solution, you ### CSPs in Lockdown XML -Starting with Windows 10 version 1703, you can use the [Lockdown Designer app](../mobile-devices/mobile-lockdown-designer.md) to configure your Lockdown XML. - ## How do you use the CSP documentation? All CSPs are documented in the [Configuration service provider reference](/windows/client-management/mdm/configuration-service-provider-reference). diff --git a/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md b/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md index f4325299ce..49a51ea3c2 100644 --- a/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md +++ b/windows/configuration/provisioning-packages/provision-pcs-for-initial-deployment.md @@ -159,7 +159,5 @@ After you're done, click **Create**. It only takes a few seconds. When the packa - [Settings changed when you uninstall a provisioning package](provisioning-uninstall-package.md) - [Use a script to install a desktop app in provisioning packages](provisioning-script-to-install-app.md) - [PowerShell cmdlets for provisioning Windows client (reference)](provisioning-powershell.md) -- [NFC-based device provisioning](../mobile-devices/provisioning-nfc.md) -- [Use the package splitter tool](../mobile-devices/provisioning-package-splitter.md) - [Windows Configuration Designer command-line interface (reference)](provisioning-command-line.md) - [Create a provisioning package with multivariant settings](provisioning-multivariant.md) \ No newline at end of file diff --git a/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates.md b/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates.md index 68cfcc37af..cc911deee6 100644 --- a/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates.md +++ b/windows/configuration/provisioning-packages/provision-pcs-with-apps-and-certificates.md @@ -194,8 +194,6 @@ For details about the settings you can customize in provisioning packages, see [ - [Settings changed when you uninstall a provisioning package](provisioning-uninstall-package.md) - [Provision PCs with common settings for initial deployment (simple provisioning)](provision-pcs-for-initial-deployment.md) - [Use a script to install a desktop app in provisioning packages](provisioning-script-to-install-app.md) -- [NFC-based device provisioning](../mobile-devices/provisioning-nfc.md) -- [Use the package splitter tool](../mobile-devices/provisioning-package-splitter.md) - [Windows Configuration Designer command-line interface (reference)](provisioning-command-line.md) - [Create a provisioning package with multivariant settings](provisioning-multivariant.md) diff --git a/windows/configuration/provisioning-packages/provision-pcs-with-apps.md b/windows/configuration/provisioning-packages/provision-pcs-with-apps.md index 182d0e0207..976d93c4b8 100644 --- a/windows/configuration/provisioning-packages/provision-pcs-with-apps.md +++ b/windows/configuration/provisioning-packages/provision-pcs-with-apps.md @@ -203,7 +203,5 @@ For details about the settings you can customize in provisioning packages, see [ - [Provision PCs with common settings for initial deployment (simple provisioning)](provision-pcs-for-initial-deployment.md) - [Use a script to install a desktop app in provisioning packages](provisioning-script-to-install-app.md) - [PowerShell cmdlets for provisioning Windows client (reference)](provisioning-powershell.md) -- [NFC-based device provisioning](../mobile-devices/provisioning-nfc.md) -- [Use the package splitter tool](../mobile-devices/provisioning-package-splitter.md) - [Windows Configuration Designer command-line interface (reference)](provisioning-command-line.md) - [Create a provisioning package with multivariant settings](provisioning-multivariant.md) diff --git a/windows/configuration/provisioning-packages/provisioning-packages.md b/windows/configuration/provisioning-packages/provisioning-packages.md index b7a5d07216..0a4cc16ed5 100644 --- a/windows/configuration/provisioning-packages/provisioning-packages.md +++ b/windows/configuration/provisioning-packages/provisioning-packages.md @@ -43,7 +43,6 @@ Windows Configuration Designer is available as an [app in the Microsoft Store](h - ## Benefits of provisioning packages diff --git a/windows/configuration/start-layout-xml-desktop.md b/windows/configuration/start-layout-xml-desktop.md index 49a2494418..64b68fb707 100644 --- a/windows/configuration/start-layout-xml-desktop.md +++ b/windows/configuration/start-layout-xml-desktop.md @@ -1,6 +1,6 @@ --- title: Start layout XML for desktop editions of Windows 10 (Windows 10) -description: This topic describes the options for customizing Start layout in LayoutModification.xml for Windows 10 desktop editions. +description: This article describes the options for customizing Start layout in LayoutModification.xml for Windows 10 desktop editions. keywords: ["start screen"] ms.prod: w10 ms.mktglfcycl: manage @@ -28,9 +28,9 @@ On Windows 10 for desktop editions, the customized Start works by: - Windows 10 checks the chosen base default layout, such as the desktop edition and whether Cortana is supported for the country/region. - Windows 10 reads the LayoutModification.xml file and allows groups to be appended to Start. The groups have the following constraints: - - 2 groups that are 6 columns wide, or equivalent to the width of 3 medium tiles. - - 2 medium-sized tile rows in height. Windows 10 ignores any tiles that are pinned beyond the second row. - - No limit to the number of apps that can be pinned. There is a theoretical limit of 24 tiles per group (4 small tiles per medium square x 3 columns x 2 rows). + - Two groups that are six columns wide, or equivalent to the width of three medium tiles. + - Two medium-sized tile rows in height. Windows 10 ignores any tiles that are pinned beyond the second row. + - No limit to the number of apps that can be pinned. There's a theoretical limit of 24 tiles per group (four small tiles per medium square x 3 columns x 2 rows). >[!NOTE] >To use the layout modification XML to configure Start with roaming user profiles, see [Deploying Roaming User Profiles](/windows-server/storage/folder-redirection/deploy-roaming-user-profiles#step-7-optionally-specify-a-start-layout-for-windows-10-pcs). @@ -78,18 +78,18 @@ The following table lists the supported elements and attributes for the LayoutMo | [RequiredStartGroups](#requiredstartgroups)

Parent:
RequiredStartGroupsCollection | Region | Use to contain the AppendGroup tags, which represent groups that can be appended to the default Start layout | | [AppendGroup](#appendgroup)

Parent:
RequiredStartGroups | Name | Use to specify the tiles that need to be appended to the default Start layout | | [start:Tile](#specify-start-tiles)

Parent:
AppendGroup | AppUserModelID
Size
Row
Column | Use to specify any of the following:
- A Universal Windows app
- A Windows 8 or Windows 8.1 app

Note that AppUserModelID is case-sensitive. | -start:Folder

Parent:
start:Group | Name (in Windows 10, version 1809 and later only)
Size
Row
Column
LocalizedNameResourcetag | Use to specify a folder of icons; can include [Tile](#start-tile), [SecondaryTile](#start-secondarytile), and [DesktopApplicationTile](#start-desktopapplicationtile). -| start:DesktopApplicationTile

Parent:
AppendGroup | DesktopApplicationID
DesktopApplicationLinkPath
Size
Row
Column | Use to specify any of the following:
- A Windows desktop application with a known AppUserModelID
- An application in a known folder with a link in a legacy Start Menu folder
- A Windows desktop application link in a legacy Start Menu folder
- A Web link tile with an associated .url file that is in a legacy Start Menu folder | +| start:Folder

Parent:
start:Group | Name (in Windows 10, version 1809 and later only)
Size
Row
Column
LocalizedNameResourcetag | Use to specify a folder of icons; can include [Tile](#start-tile), [SecondaryTile](#start-secondarytile), and [DesktopApplicationTile](#start-desktopapplicationtile). | +| start:DesktopApplicationTile

Parent:
AppendGroup | DesktopApplicationID
DesktopApplicationLinkPath
Size
Row
Column | Use to specify any of the following:
- A Windows desktop application with a known AppUserModelID
- An application in a known folder with a link in a legacy Start Menu folder
- A Windows desktop application link in a legacy Start Menu folder
- A Web link tile with an associated `.url` file that is in a legacy Start Menu folder | | start:SecondaryTile

Parent:
AppendGroup | AppUserModelID
TileID
Arguments
DisplayName
Square150x150LogoUri
ShowNameOnSquare150x150Logo
ShowNameOnWide310x150Logo
Wide310x150LogoUri
BackgroundColor
ForegroundText
IsSuggestedApp
Size
Row
Column | Use to pin a Web link through a Microsoft Edge secondary tile. Note that AppUserModelID is case-sensitive. | -| TopMFUApps

Parent:
LayoutModificationTemplate | n/a | Use to add up to 3 default apps to the frequently used apps section in the system area.

**Note**: Only applies to versions of Windows 10 earlier than version 1709. In Windows 10, version 1709, you can no longer pin apps to the Most Frequently Used apps list in Start. | +| TopMFUApps

Parent:
LayoutModificationTemplate | n/a | Use to add up to three default apps to the frequently used apps section in the system area.

**Note**: Only applies to versions of Windows 10 earlier than version 1709. In Windows 10, version 1709, you can no longer pin apps to the Most Frequently Used apps list in Start. | | Tile

Parent:
TopMFUApps | AppUserModelID | Use with the TopMFUApps tags to specify an app with a known AppUserModelID.

**Note**: Only applies to versions of Windows 10 earlier than version 1709. In Windows 10, version 1709, you can no longer pin apps to the Most Frequently Used apps list in Start. | | DesktopApplicationTile

Parent:
TopMFUApps | LinkFilePath | Use with the TopMFUApps tags to specify an app without a known AppUserModelID.

**Note**: Only applies to versions of Windows 10 earlier than version 1709. In Windows 10, version 1709, you can no longer pin apps to the Most Frequently Used apps list in Start. | -| AppendOfficeSuite

Parent:
LayoutModificationTemplate | n/a | Use to add the in-box installed Office suite to Start. For more information, see [Customize the Office suite of tiles](/windows-hardware/customize/desktop/customize-start-layout#customize-the-office-suite-of-tiles).

Do not use this tag with AppendDownloadOfficeTile | +| AppendOfficeSuite

Parent:
LayoutModificationTemplate | n/a | Use to add the in-box installed Office suite to Start. For more information, see [Customize the Office suite of tiles](/windows-hardware/customize/desktop/customize-start-layout#customize-the-office-suite-of-tiles).

Don't use this tag with AppendDownloadOfficeTile. | | AppendDownloadOfficeTile

Parent:
LayoutModificationTemplate | n/a | Use to add a specific **Download Office** tile to a specific location in Start

Do not use this tag with AppendOfficeSuite | ### LayoutOptions -New devices running Windows 10 for desktop editions will default to a Start menu with 2 columns of tiles unless boot to tablet mode is enabled. Devices with screens that are under 10" have boot to tablet mode enabled by default. For these devices, users see the full screen Start on the desktop. You can adjust the following features: +New devices running Windows 10 for desktop editions will default to a Start menu with two columns of tiles unless boot to tablet mode is enabled. Devices with screens that are under 10" have boot to tablet mode enabled by default. For these devices, users see the full screen Start on the desktop. You can adjust the following features: - Boot to tablet mode can be set on or off. - Set full screen Start on desktop to on or off. @@ -97,7 +97,7 @@ New devices running Windows 10 for desktop editions will default to a Start menu - Specify the number of columns in the Start menu to 1 or 2. To do this, add the LayoutOptions element in your LayoutModification.xml file and set the StartTileGroupsColumnCount attribute to 1 or 2. -The following example shows how to use the LayoutOptions element to specify full screen Start on the desktop and to use 1 column in the Start menu: +The following example shows how to use the LayoutOptions element to specify full screen Start on the desktop and to use one column in the Start menu: ```XML [!IMPORTANT] >For Windows 10 for desktop editions, you can add a maximum of two (2) **AppendGroup** tags per **RequiredStartGroups** tag. -You can also assign regions to the append groups in the **RequiredStartGroups** tag's using the optional **Region** attribute or you can use the multivariant capabilities in Windows provisioning. If you are using the **Region** attribute, you must use a two-letter country code to specify the country/region that the append group(s) apply to. To specify more than one country/region, use a pipe ("|") delimiter as shown in the following example: +You can also assign regions to the append groups in the **RequiredStartGroups** tag's using the optional **Region** attribute or you can use the multivariant capabilities in Windows provisioning. If you're using the **Region** attribute, you must use a two-letter country code to specify the country/region that the append group(s) apply to. To specify more than one country/region, use a pipe ("|") delimiter as shown in the following example: ```XML [!NOTE] >In Start layouts for Windows 10, version 1703, you should use **DesktopApplicationID** rather than **DesktopApplicationLinkPath** if you are using Group Policy or MDM to apply the start layout and the application was installed after the user's first sign-in. @@ -210,7 +210,7 @@ You can use the **start:DesktopApplicationTile** tag to pin a Windows desktop ap If you are pointing to a third-party Windows desktop application and the layout is being applied before the first boot, you must put the .lnk file in a legacy Start Menu directory before first boot; for example, "%APPDATA%\Microsoft\Windows\Start Menu\Programs\" or the all users profile "%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\". -- By using the application's application user model ID, if this is known. If the Windows desktop application doesn't have one, use the shortcut link option. +- Use the application's application user model ID, if this is known. If the Windows desktop application doesn't have one, use the shortcut link option. You can use the [Get-StartApps cmdlet](/powershell/module/startlayout/get-startapps) on a PC that has the application pinned to Start to obtain the app ID. @@ -230,7 +230,7 @@ You can use the **start:DesktopApplicationTile** tag to pin a Windows desktop ap You can also use the **start:DesktopApplicationTile** tag as one of the methods for pinning a Web link to Start. The other method is to use a Microsoft Edge secondary tile. -To pin a legacy .url shortcut to Start, you must create .url file (right-click on the desktop, select **New** > **Shortcut**, and then type a Web URL). You must add this .url file in a legacy Start Menu directory before first boot; for example, `%APPDATA%\Microsoft\Windows\Start Menu\Programs\` or the all users profile `%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\`. +To pin a legacy `.url` shortcut to Start, you must create a `.url` file (right-click on the desktop, select **New** > **Shortcut**, and then type a Web URL). You must add this `.url` file in a legacy Start Menu directory before first boot; for example, `%APPDATA%\Microsoft\Windows\Start Menu\Programs\` or the all users profile `%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\`. The following example shows how to create a tile of the Web site's URL, which you can treat similarly to a Windows desktop application tile: @@ -248,7 +248,7 @@ The following example shows how to create a tile of the Web site's URL, which yo #### start:SecondaryTile -You can use the **start:SecondaryTile** tag to pin a Web link through a Microsoft Edge secondary tile. This method doesn't require any additional action compared to the method of using legacy .url shortcuts (through the start:DesktopApplicationTile tag). +You can use the **start:SecondaryTile** tag to pin a Web link through a Microsoft Edge secondary tile. This method doesn't require any additional action compared to the method of using legacy `.url` shortcuts (through the start:DesktopApplicationTile tag). The following example shows how to create a tile of the Web site's URL using the Microsoft Edge secondary tile: @@ -444,7 +444,7 @@ The following sample LayoutModification.xml shows how you can configure the Star The Windows Provisioning multivariant capability allows you to declare target conditions that, when met, supply specific customizations for each variant condition. For Start customization, you can create specific layouts for each variant that you have. To do this, you must create a separate LayoutModification.xml file for each variant that you want to support and then include these in your provisioning package. For more information on how to do this, see [Create a provisioning package with multivariant settings](./provisioning-packages/provisioning-multivariant.md). -The provisioning engine chooses the right customization file based on the target conditions that were met, adds the file in the location that's specified for the setting, and then uses the specific file to customize Start. To differentiate between layouts, you can add modifiers to the LayoutModification.xml filename such as "LayoutCustomization1". Regardless of the modifier that you use, the provsioning engine will always output "LayoutCustomization.xml" so that the operating system has a consistent file name to query against. +The provisioning engine chooses the right customization file based on the target conditions that were met, adds the file in the location that's specified for the setting, and then uses the specific file to customize Start. To differentiate between layouts, you can add modifiers to the LayoutModification.xml filename such as "LayoutCustomization1". Regardless of the modifier that you use, the provisioning engine will always output "LayoutCustomization.xml" so that the operating system has a consistent file name to query against. For example, if you want to ensure that there's a specific layout for a certain condition, you can: 1. Create a specific layout customization file and then name it LayoutCustomization1.xml. @@ -511,7 +511,7 @@ You must repeat this process for all variants that you want to support so that e Once you have created your LayoutModification.xml file to customize devices that will run Windows 10 for desktop editions, you can use Windows ICD methods to add the XML file to the device. -1. In the **Available customizations** pane, expand **Runtime settings**, select **Start** and then click the **StartLayout** setting. +1. In the **Available customizations** pane, expand **Runtime settings**, select **Start** > Select the **StartLayout** setting. 2. In the middle pane, click **Browse** to open File Explorer. 3. In the File Explorer window, navigate to the location where you saved your LayoutModification.xml file. 4. Select the file and then click **Open**. @@ -524,16 +524,6 @@ This should set the value of **StartLayout**. The setting appears in the **Selec Once you have created the LayoutModification.xml file and it is present in the device, the system overrides the base default layout and any Unattend settings used to customize Start. - - - - - - - - - - ## Related topics - [Manage Windows 10 Start and taskbar layout](windows-10-start-layout-options-and-policies.md) @@ -542,9 +532,5 @@ Once you have created the LayoutModification.xml file and it is present in the d - [Add image for secondary tiles](start-secondary-tiles.md) - [Customize Windows 10 Start and taskbar with Group Policy](customize-windows-10-start-screens-by-using-group-policy.md) - [Customize Windows 10 Start and taskbar with provisioning packages](customize-windows-10-start-screens-by-using-provisioning-packages-and-icd.md) -- [Customize Windows 10 Start and tasbkar with mobile device management (MDM)](customize-windows-10-start-screens-by-using-mobile-device-management.md) +- [Customize Windows 10 Start and taskbar with mobile device management (MDM)](customize-windows-10-start-screens-by-using-mobile-device-management.md) - [Changes to Start policies in Windows 10](changes-to-start-policies-in-windows-10.md) -- [Start layout XML for mobile editions of Windows 10 (reference)](mobile-devices/start-layout-xml-mobile.md) - - - diff --git a/windows/configuration/wcd/wcd-accounts.md b/windows/configuration/wcd/wcd-accounts.md index 2e172a122e..f5ef92247d 100644 --- a/windows/configuration/wcd/wcd-accounts.md +++ b/windows/configuration/wcd/wcd-accounts.md @@ -19,19 +19,18 @@ Use these settings to join a device to an Active Directory domain or an Azure Ac ## Applies to -| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | -| --- | :---: | :---: | :---: | :---: | :---: | -| [Azure](#azure) | X | X | X | X | | -| [ComputerAccount](#computeraccount) | X | | X | | X | -| [Users](#users) | X | | X | X | | +| Setting groups | Desktop editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | +| [Azure](#azure) | ✔️ | ✔️ | ✔️ | | +| [ComputerAccount](#computeraccount) | ✔️ | ✔️ | | ✔️ | +| [Users](#users) | ✔️ | ✔️ | ✔️ | | ## Azure -The **Azure > Authority** and **Azure > BPRT** settings for bulk Azure Active Directory (Azure AD) enrollment can only be configured using one of the provisioning wizards. After you get a bulk token for Azure AD enrollment in a wizard, you can switch to the advanced editor to configure additional provisioning settings. For information about using the wizards, see: +The **Azure > Authority** and **Azure > BPRT** settings for bulk Azure Active Directory (Azure AD) enrollment can only be configured using one of the provisioning wizards. After you get a bulk token for Azure AD enrollment in a wizard, you can switch to the advanced editor to configure more provisioning settings. For information about using the wizards, see: - [Instructions for desktop wizard](../provisioning-packages/provision-pcs-for-initial-deployment.md) -- [Instructions for the mobile wizard](../mobile-devices/provisioning-configure-mobile.md) - [Instructions for the kiosk wizard](../kiosk-single-app.md#wizard) ## ComputerAccount @@ -43,11 +42,11 @@ Specifies the settings you can configure when joining a device to a domain, incl | Setting | Value | Description | | --- | --- | --- | -| Account | string | Account to use to join computer to domain | +| Account | String | Account to use to join computer to domain | | AccountOU | Enter the full path for the organizational unit. For example: OU=testOU,DC=domain,DC=Domain,DC=com. | Name of organizational unit for the computer account | -| ComputerName | On desktop PCs, this setting specifies the DNS hostname of the computer (Computer Name) up to 63 characters. Use `%RAND:x%` to generate x number of random digits in the name, where x must be a number less than 63. For domain-joined computers, the unique name must use `%RAND:x%`. Use `%SERIAL%` to generate the name with the `computer's` serial number embedded. If the serial number exceeds the character limit, it will be truncated from the beginning of the sequence. The character restriction limit does not count the length of the macros, `%RAND:x%` and `%SERIAL%`. This setting is supported only in Windows 10, version 1803 and later. To change this setting in Windows 10, version 1709 and earlier releases, use the **ComputerName** setting under **Accounts**. | Specifies the name of the Windows device (computer name on PCs) | -| DomainName | string (cannot be empty) | Specify the name of the domain that the device will join | -| Password | string (cannot be empty) | Corresponds to the password of the user account that's authorized to join the computer account to the domain. | +| ComputerName | On desktop PCs, this setting specifies the DNS hostname of the computer (Computer Name) up to 63 characters. Use `%RAND:x%` to generate x number of random digits in the name, where x must be a number less than 63. For domain-joined computers, the unique name must use `%RAND:x%`. Use `%SERIAL%` to generate the name with the `computer's` serial number embedded. If the serial number exceeds the character limit, it will be truncated from the beginning of the sequence. The character restriction limit doesn't count the length of the macros, including `%RAND:x%` and `%SERIAL%`. This setting is supported only in Windows 10, version 1803 and later. To change this setting in Windows 10 version 1709 and earlier releases, use the **ComputerName** setting under **Accounts**. | Specifies the name of the Windows device (computer name on PCs) | +| DomainName | String (cannot be empty) | Specify the name of the domain that the device will join | +| Password | String (cannot be empty) | Corresponds to the password of the user account that's authorized to join the computer account to the domain. | ## Users @@ -55,7 +54,7 @@ Use these settings to add local user accounts to the device. | Setting | Value | Description | | --- | --- | --- | -| UserName | string (cannot be empty) | Specify a name for the local user account | -| HomeDir | string (cannot be empty) | Specify the path of the home directory for the user | -| Password | string (cannot be empty) | Specify the password for the user account | -| UserGroup | string (cannot be empty) | Specify the local user group for the user | +| UserName | String (cannot be empty) | Specify a name for the local user account | +| HomeDir | String (cannot be empty) | Specify the path of the home directory for the user | +| Password | String (cannot be empty) | Specify the password for the user account | +| UserGroup | String (cannot be empty) | Specify the local user group for the user | diff --git a/windows/configuration/wcd/wcd-embeddedlockdownprofiles.md b/windows/configuration/wcd/wcd-embeddedlockdownprofiles.md deleted file mode 100644 index fe3e097ba5..0000000000 --- a/windows/configuration/wcd/wcd-embeddedlockdownprofiles.md +++ /dev/null @@ -1,32 +0,0 @@ ---- -title: EmbeddedLockdownProfiles (Windows 10) -description: This section describes the EmbeddedLockdownProfiles setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -author: greg-lindsay -ms.localizationpriority: medium -ms.author: greglin -ms.topic: article -ms.date: 09/06/2017 -ms.reviewer: -manager: dansimp ---- - -# EmbeddedLockdownProfiles (Windows Configuration Designer reference) - -Use to apply an XML configuration to a mobile device that locks down the device, configures custom layouts, and define multiple roles. - -## Applies to - -| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | -| --- | :---: | :---: | :---: | :---: | :---: | -| AssignedAccessXml | | X | | | | - -1. Create a lockdown XML file, either by using [the Lockdown Designer app](../mobile-devices/mobile-lockdown-designer.md) or [manually](../mobile-devices/lockdown-xml.md). -2. In the **AssignedAccessXml** setting, browse to and select the lockdown XML file that you created. - - -## Related topics - -- [EnterpriseAssignedAccess configuration service provider (CSP)](/windows/client-management/mdm/enterpriseassignedaccess-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-start.md b/windows/configuration/wcd/wcd-start.md index 743151817b..8ac49fc3d0 100644 --- a/windows/configuration/wcd/wcd-start.md +++ b/windows/configuration/wcd/wcd-start.md @@ -19,10 +19,9 @@ Use Start settings to apply a customized Start screen to devices. ## Applies to -| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | -| --- | :---: | :---: | :---: | :---: | :---: | -| StartLayout | X | X | | | | -| StartLayoutFilePath | | X | | | | +| Setting | Desktop editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | +| StartLayout | X | | | | >[!IMPORTANT] >The StartLayout setting is available in the advanced provisioning for Windows 10 desktop editions, but should only be used to apply a layout to Windows 10 Mobile devices. For desktop editions, use [Policies > StartLayout](wcd-policies.md#start). @@ -31,11 +30,3 @@ Use Start settings to apply a customized Start screen to devices. Use StartLayout to select the `LayoutModification.xml` file that applies a customized Start screen to a mobile device. ->[!NOTE] ->The XML file that defines the Start layout for Windows 10 Mobile must be named `LayoutModification.xml`. - -For more information, see [Start layout XML for mobile editions of Windows 10](../mobile-devices/lockdown-xml.md)). - -## StartLayoutFilePath - -Do not use. diff --git a/windows/configuration/wcd/wcd.md b/windows/configuration/wcd/wcd.md index f1e1091bc6..8d75210e45 100644 --- a/windows/configuration/wcd/wcd.md +++ b/windows/configuration/wcd/wcd.md @@ -18,74 +18,74 @@ This section describes the settings that you can configure in [provisioning pack ## Edition that each group of settings applies to -| Setting group | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | -| --- | :---: | :---: | :---: | :---: | :---: | -[AccountManagement](wcd-accountmanagement.md) | | | | X | | -| [Accounts](wcd-accounts.md) | X | X | X | X | X | -| [ADMXIngestion](wcd-admxingestion.md) | X | | | | | -| [AssignedAccess](wcd-assignedaccess.md) | X | | | X | | -| [AutomaticTime](wcd-automatictime.md) | | X | | | | -| [Browser](wcd-browser.md) | X | X | X | | | -| [CallAndMessagingEnhancement](wcd-callandmessagingenhancement.md) | | X | | | | -| [Calling](wcd-calling.md) | | X | | | | -| [CellCore](wcd-cellcore.md) | X | X | | | | -| [Cellular](wcd-cellular.md) | X | | | | | -| [Certificates](wcd-certificates.md) | X | X | X | X | X | -| [CleanPC](wcd-cleanpc.md) | X | | | | | -| [Connections](wcd-connections.md) | X | X | X | | | -| [ConnectivityProfiles](wcd-connectivityprofiles.md) | X | X | X | X | | -| [CountryAndRegion](wcd-countryandregion.md) | X | X | X | | | -| [DesktopBackgroundAndColors](wcd-desktopbackgroundandcolors.md) | X | | | | | -| [DeveloperSetup](wcd-developersetup.md) | | | | X | | -| [DeviceFormFactor](wcd-deviceformfactor.md) | X | X | X | | | -| [DeviceInfo](wcd-deviceinfo.md) | | X | | | | -| [DeviceManagement](wcd-devicemanagement.md) | X | X | X | X | | -| [DeviceUpdateCenter](wcd-deviceupdatecenter.md) | X | | | | | -| [DMClient](wcd-dmclient.md) | X | X | X | | X | -| [EditionUpgrade](wcd-editionupgrade.md) | X | X | | X | | -| [EmbeddedLockdownProfiles](wcd-embeddedlockdownprofiles.md) | | X | | | | -| [FirewallConfiguration](wcd-firewallconfiguration.md) | | | | | X | -| [FirstExperience](wcd-firstexperience.md) | | | | X | | -| [Folders](wcd-folders.md) |X | X | X | | | -| [InitialSetup](wcd-initialsetup.md) | | X | | | | -| [InternetExplorer](wcd-internetexplorer.md) | | X | | | | -| [KioskBrowser](wcd-kioskbrowser.md) | | | | | X | -| [Licensing](wcd-licensing.md) | X | | | | | -| [Location](wcd-location.md) | | | | | X | -| [Maps](wcd-maps.md) |X | X | X | | | -| [Messaging](wcd-messaging.md) | | X | | | | -| [ModemConfigurations](wcd-modemconfigurations.md) | | X | | | | -| [Multivariant](wcd-multivariant.md) | | X | | | | -| [NetworkProxy](wcd-networkproxy.md) | | | X | | | -| [NetworkQOSPolicy](wcd-networkqospolicy.md) | | | X | | | -| [NFC](wcd-nfc.md) | | X | | | | -| [OOBE](wcd-oobe.md) | X | X | | | | -| [OtherAssets](wcd-otherassets.md) | | X | | | | -| [Personalization](wcd-personalization.md) | X | | | | | -| [Policies](wcd-policies.md) | X | X | X | X | X | -| [Privacy](wcd-folders.md) |X | X | X | | X | -| [ProvisioningCommands](wcd-provisioningcommands.md) | X | | | | | -| [RcsPresence](wcd-rcspresence.md) | | X | | | | -| [SharedPC](wcd-sharedpc.md) | X | | | | | -| [Shell](wcd-shell.md) | | X | | | | -| [SMISettings](wcd-smisettings.md) | X | | | | | -| [Start](wcd-start.md) | X | X | | | | -| [StartupApp](wcd-startupapp.md) | | | | | X | -| [StartupBackgroundTasks](wcd-startupbackgroundtasks.md) | | | | | X | -| [StorageD3InModernStandby](wcd-storaged3inmodernstandby.md) |X | X | X | | X | -| [SurfaceHubManagement](wcd-surfacehubmanagement.md) | | | X | | | -| [TabletMode](wcd-tabletmode.md) |X | X | X | | | -| [TakeATest](wcd-takeatest.md) | X | | | | | -| [TextInput](wcd-textinput.md) | | X | | | | -| [Theme](wcd-theme.md) | | X | | | | -| [Time](wcd-time.md) | X | | | | | -| [UnifiedWriteFilter](wcd-unifiedwritefilter.md) | X | | | | X | -| [UniversalAppInstall](wcd-universalappinstall.md) | X | X | X | | X | -| [UniversalAppUninstall](wcd-universalappuninstall.md) | X | X | X | | X | -| [UsbErrorsOEMOverride](wcd-usberrorsoemoverride.md) | X | X | X | | | -| [WeakCharger](wcd-weakcharger.md) |X | X | X | | | -| [WindowsHelloForBusiness](wcd-windowshelloforbusiness.md) | X | | | | | -| [WindowsTeamSettings](wcd-windowsteamsettings.md) | | | X | | | -| [Workplace](wcd-workplace.md) |X | X | X | | X | +| Setting group | Desktop editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | +| [AccountManagement](wcd-accountmanagement.md) | | | ✔️ | | +| [Accounts](wcd-accounts.md) | ✔️ | ✔️ | ✔️ | ✔️ | +| [ADMXIngestion](wcd-admxingestion.md) | ✔️ | | | | +| [AssignedAccess](wcd-assignedaccess.md) | ✔️ | | ✔️ | | +| [AutomaticTime](wcd-automatictime.md) | | | | | +| [Browser](wcd-browser.md) | ✔️ | ✔️ | | | +| [CallAndMessagingEnhancement](wcd-callandmessagingenhancement.md) | | | | | +| [Calling](wcd-calling.md) | | | | | +| [CellCore](wcd-cellcore.md) | ✔️ | | | | +| [Cellular](wcd-cellular.md) | ✔️ | | | | +| [Certificates](wcd-certificates.md) | ✔️ | ✔️ | ✔️ | ✔️ | +| [CleanPC](wcd-cleanpc.md) | ✔️ | | | | +| [Connections](wcd-connections.md) | ✔️ | ✔️ | | | +| [ConnectivityProfiles](wcd-connectivityprofiles.md) | ✔️ | ✔️ | ✔️ | | +| [CountryAndRegion](wcd-countryandregion.md) | ✔️ | ✔️ | | | +| [DesktopBackgroundAndColors](wcd-desktopbackgroundandcolors.md) | ✔️ | | | | +| [DeveloperSetup](wcd-developersetup.md) | | | ✔️ | | +| [DeviceFormFactor](wcd-deviceformfactor.md) | ✔️ | ✔️ | | | +| [DeviceInfo](wcd-deviceinfo.md) | | | | | +| [DeviceManagement](wcd-devicemanagement.md) | ✔️ | ✔️ | ✔️ | | +| [DeviceUpdateCenter](wcd-deviceupdatecenter.md) | ✔️ | | | | +| [DMClient](wcd-dmclient.md) | ✔️ | ✔️ | | ✔️ | +| [EditionUpgrade](wcd-editionupgrade.md) | ✔️ | | ✔️ | | +| [EmbeddedLockdownProfiles](wcd-embeddedlockdownprofiles.md) | | | | | +| [FirewallConfiguration](wcd-firewallconfiguration.md) | | | | ✔️ | +| [FirstExperience](wcd-firstexperience.md) | | | ✔️ | | +| [Folders](wcd-folders.md) |✔️ | ✔️ | | | +| [InitialSetup](wcd-initialsetup.md) | | | | | +| [InternetExplorer](wcd-internetexplorer.md) | | | | | +| [KioskBrowser](wcd-kioskbrowser.md) | | | | ✔️ | +| [Licensing](wcd-licensing.md) | ✔️ | | | | +| [Location](wcd-location.md) | | | | ✔️ | +| [Maps](wcd-maps.md) |✔️ | ✔️ | | | +| [Messaging](wcd-messaging.md) | | | | | +| [ModemConfigurations](wcd-modemconfigurations.md) | | | | | +| [Multivariant](wcd-multivariant.md) | | | | | +| [NetworkProxy](wcd-networkproxy.md) | | ✔️ | | | +| [NetworkQOSPolicy](wcd-networkqospolicy.md) | | ✔️ | | | +| [NFC](wcd-nfc.md) | | | | | +| [OOBE](wcd-oobe.md) | ✔️ | | | | +| [OtherAssets](wcd-otherassets.md) | | | | | +| [Personalization](wcd-personalization.md) | ✔️ | | | | +| [Policies](wcd-policies.md) | ✔️ | ✔️ | ✔️ | ✔️ | +| [Privacy](wcd-folders.md) |✔️ | ✔️ | | ✔️ | +| [ProvisioningCommands](wcd-provisioningcommands.md) | ✔️ | | | | +| [RcsPresence](wcd-rcspresence.md) | | | | | +| [SharedPC](wcd-sharedpc.md) | ✔️ | | | | +| [Shell](wcd-shell.md) | | | | | +| [SMISettings](wcd-smisettings.md) | ✔️ | | | | +| [Start](wcd-start.md) | ✔️ | | | | +| [StartupApp](wcd-startupapp.md) | | | | ✔️ | +| [StartupBackgroundTasks](wcd-startupbackgroundtasks.md) | | | | ✔️ | +| [StorageD3InModernStandby](wcd-storaged3inmodernstandby.md) |✔️ | ✔️ | | ✔️ | +| [SurfaceHubManagement](wcd-surfacehubmanagement.md) | | ✔️ | | | +| [TabletMode](wcd-tabletmode.md) |✔️ | ✔️ | | | +| [TakeATest](wcd-takeatest.md) | ✔️ | | | | +| [TextInput](wcd-textinput.md) | | | | | +| [Theme](wcd-theme.md) | | | | | +| [Time](wcd-time.md) | ✔️ | | | | +| [UnifiedWriteFilter](wcd-unifiedwritefilter.md) | ✔️ | | | ✔️ | +| [UniversalAppInstall](wcd-universalappinstall.md) | ✔️ | ✔️ | | ✔️ | +| [UniversalAppUninstall](wcd-universalappuninstall.md) | ✔️ | ✔️ | | ✔️ | +| [UsbErrorsOEMOverride](wcd-usberrorsoemoverride.md) | ✔️ | ✔️ | | | +| [WeakCharger](wcd-weakcharger.md) |✔️ | ✔️ | | | +| [WindowsHelloForBusiness](wcd-windowshelloforbusiness.md) | ✔️ | | | | +| [WindowsTeamSettings](wcd-windowsteamsettings.md) | | ✔️ | | | +| [Workplace](wcd-workplace.md) |✔️ | ✔️ | | ✔️ | diff --git a/windows/security/threat-protection/auditing/audit-file-share.md b/windows/security/threat-protection/auditing/audit-file-share.md index 97c2332179..7d9f3c613e 100644 --- a/windows/security/threat-protection/auditing/audit-file-share.md +++ b/windows/security/threat-protection/auditing/audit-file-share.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit File Share diff --git a/windows/security/threat-protection/auditing/audit-file-system.md b/windows/security/threat-protection/auditing/audit-file-system.md index 17787cf470..1d2aa49bd8 100644 --- a/windows/security/threat-protection/auditing/audit-file-system.md +++ b/windows/security/threat-protection/auditing/audit-file-system.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit File System diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md b/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md index 7e0478f79f..16b00b3889 100644 --- a/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md +++ b/windows/security/threat-protection/auditing/audit-filtering-platform-connection.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Filtering Platform Connection diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md b/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md index dae76cc66f..40a667e051 100644 --- a/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md +++ b/windows/security/threat-protection/auditing/audit-filtering-platform-packet-drop.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Filtering Platform Packet Drop diff --git a/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md b/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md index 8a77aee208..ffefdd58cb 100644 --- a/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md +++ b/windows/security/threat-protection/auditing/audit-filtering-platform-policy-change.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Filtering Platform Policy Change diff --git a/windows/security/threat-protection/auditing/audit-group-membership.md b/windows/security/threat-protection/auditing/audit-group-membership.md index 904bc669cb..97bb5b57e1 100644 --- a/windows/security/threat-protection/auditing/audit-group-membership.md +++ b/windows/security/threat-protection/auditing/audit-group-membership.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Group Membership diff --git a/windows/security/threat-protection/auditing/audit-handle-manipulation.md b/windows/security/threat-protection/auditing/audit-handle-manipulation.md index 1003455f12..b64ddae053 100644 --- a/windows/security/threat-protection/auditing/audit-handle-manipulation.md +++ b/windows/security/threat-protection/auditing/audit-handle-manipulation.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Handle Manipulation diff --git a/windows/security/threat-protection/auditing/audit-ipsec-driver.md b/windows/security/threat-protection/auditing/audit-ipsec-driver.md index 108d9f2155..1cdb6f9140 100644 --- a/windows/security/threat-protection/auditing/audit-ipsec-driver.md +++ b/windows/security/threat-protection/auditing/audit-ipsec-driver.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit IPsec Driver diff --git a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md index 502f29b57d..7e372d5a0e 100644 --- a/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md +++ b/windows/security/threat-protection/auditing/audit-ipsec-extended-mode.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit IPsec Extended Mode diff --git a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md index c3f71a182d..675299ef05 100644 --- a/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md +++ b/windows/security/threat-protection/auditing/audit-ipsec-main-mode.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit IPsec Main Mode diff --git a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md index 0424935c98..982e294c4c 100644 --- a/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md +++ b/windows/security/threat-protection/auditing/audit-ipsec-quick-mode.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit IPsec Quick Mode diff --git a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md index ac184cba5f..c4245be658 100644 --- a/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md +++ b/windows/security/threat-protection/auditing/audit-kerberos-authentication-service.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Kerberos Authentication Service diff --git a/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md b/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md index 788a0eccd6..71f4e995c9 100644 --- a/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md +++ b/windows/security/threat-protection/auditing/audit-kerberos-service-ticket-operations.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Kerberos Service Ticket Operations diff --git a/windows/security/threat-protection/auditing/audit-kernel-object.md b/windows/security/threat-protection/auditing/audit-kernel-object.md index f0329f57a4..7262c46dd7 100644 --- a/windows/security/threat-protection/auditing/audit-kernel-object.md +++ b/windows/security/threat-protection/auditing/audit-kernel-object.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Kernel Object diff --git a/windows/security/threat-protection/auditing/audit-logoff.md b/windows/security/threat-protection/auditing/audit-logoff.md index eadeed6ed8..92a4bed8a5 100644 --- a/windows/security/threat-protection/auditing/audit-logoff.md +++ b/windows/security/threat-protection/auditing/audit-logoff.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Logoff diff --git a/windows/security/threat-protection/auditing/audit-logon.md b/windows/security/threat-protection/auditing/audit-logon.md index b6b71c23f6..f3450fc499 100644 --- a/windows/security/threat-protection/auditing/audit-logon.md +++ b/windows/security/threat-protection/auditing/audit-logon.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Logon diff --git a/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md b/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md index ff61afa77f..aac15f25fa 100644 --- a/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md +++ b/windows/security/threat-protection/auditing/audit-mpssvc-rule-level-policy-change.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit MPSSVC Rule-Level Policy Change diff --git a/windows/security/threat-protection/auditing/audit-network-policy-server.md b/windows/security/threat-protection/auditing/audit-network-policy-server.md index 016e6d53d7..97911ece3f 100644 --- a/windows/security/threat-protection/auditing/audit-network-policy-server.md +++ b/windows/security/threat-protection/auditing/audit-network-policy-server.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Network Policy Server diff --git a/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md b/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md index 7ef4be2fc3..67ef50a903 100644 --- a/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md +++ b/windows/security/threat-protection/auditing/audit-non-sensitive-privilege-use.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Non-Sensitive Privilege Use diff --git a/windows/security/threat-protection/auditing/audit-other-account-logon-events.md b/windows/security/threat-protection/auditing/audit-other-account-logon-events.md index 774bedd202..fa4413dbb7 100644 --- a/windows/security/threat-protection/auditing/audit-other-account-logon-events.md +++ b/windows/security/threat-protection/auditing/audit-other-account-logon-events.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Other Account Logon Events diff --git a/windows/security/threat-protection/auditing/audit-other-account-management-events.md b/windows/security/threat-protection/auditing/audit-other-account-management-events.md index bab6689283..dfa2678034 100644 --- a/windows/security/threat-protection/auditing/audit-other-account-management-events.md +++ b/windows/security/threat-protection/auditing/audit-other-account-management-events.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Other Account Management Events diff --git a/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md b/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md index 032d65589e..9314db237d 100644 --- a/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md +++ b/windows/security/threat-protection/auditing/audit-other-logonlogoff-events.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Other Logon/Logoff Events diff --git a/windows/security/threat-protection/auditing/audit-other-object-access-events.md b/windows/security/threat-protection/auditing/audit-other-object-access-events.md index 1a82bd54e1..9131eff82e 100644 --- a/windows/security/threat-protection/auditing/audit-other-object-access-events.md +++ b/windows/security/threat-protection/auditing/audit-other-object-access-events.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Other Object Access Events diff --git a/windows/security/threat-protection/auditing/audit-other-policy-change-events.md b/windows/security/threat-protection/auditing/audit-other-policy-change-events.md index 61ed449132..9119efbc58 100644 --- a/windows/security/threat-protection/auditing/audit-other-policy-change-events.md +++ b/windows/security/threat-protection/auditing/audit-other-policy-change-events.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Other Policy Change Events diff --git a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md index ed0e6fde50..46f053cae3 100644 --- a/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md +++ b/windows/security/threat-protection/auditing/audit-other-privilege-use-events.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Other Privilege Use Events diff --git a/windows/security/threat-protection/auditing/audit-other-system-events.md b/windows/security/threat-protection/auditing/audit-other-system-events.md index 8762fb22fc..5d7042e1dc 100644 --- a/windows/security/threat-protection/auditing/audit-other-system-events.md +++ b/windows/security/threat-protection/auditing/audit-other-system-events.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Other System Events diff --git a/windows/security/threat-protection/auditing/audit-pnp-activity.md b/windows/security/threat-protection/auditing/audit-pnp-activity.md index 23779f6a95..fa29bfac6d 100644 --- a/windows/security/threat-protection/auditing/audit-pnp-activity.md +++ b/windows/security/threat-protection/auditing/audit-pnp-activity.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit PNP Activity diff --git a/windows/security/threat-protection/auditing/audit-process-creation.md b/windows/security/threat-protection/auditing/audit-process-creation.md index 1e0c857ede..b61b00d478 100644 --- a/windows/security/threat-protection/auditing/audit-process-creation.md +++ b/windows/security/threat-protection/auditing/audit-process-creation.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Process Creation diff --git a/windows/security/threat-protection/auditing/audit-process-termination.md b/windows/security/threat-protection/auditing/audit-process-termination.md index 7206647a67..72e92a74e0 100644 --- a/windows/security/threat-protection/auditing/audit-process-termination.md +++ b/windows/security/threat-protection/auditing/audit-process-termination.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Process Termination diff --git a/windows/security/threat-protection/auditing/audit-registry.md b/windows/security/threat-protection/auditing/audit-registry.md index b942488455..3c6407d9f5 100644 --- a/windows/security/threat-protection/auditing/audit-registry.md +++ b/windows/security/threat-protection/auditing/audit-registry.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Registry diff --git a/windows/security/threat-protection/auditing/audit-removable-storage.md b/windows/security/threat-protection/auditing/audit-removable-storage.md index 9a0d27b1c2..1b527f37be 100644 --- a/windows/security/threat-protection/auditing/audit-removable-storage.md +++ b/windows/security/threat-protection/auditing/audit-removable-storage.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Removable Storage diff --git a/windows/security/threat-protection/auditing/audit-rpc-events.md b/windows/security/threat-protection/auditing/audit-rpc-events.md index 6be5c9a222..087ff6ed52 100644 --- a/windows/security/threat-protection/auditing/audit-rpc-events.md +++ b/windows/security/threat-protection/auditing/audit-rpc-events.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit RPC Events diff --git a/windows/security/threat-protection/auditing/audit-sam.md b/windows/security/threat-protection/auditing/audit-sam.md index 020c87b6c0..df74e9eb71 100644 --- a/windows/security/threat-protection/auditing/audit-sam.md +++ b/windows/security/threat-protection/auditing/audit-sam.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit SAM diff --git a/windows/security/threat-protection/auditing/audit-security-group-management.md b/windows/security/threat-protection/auditing/audit-security-group-management.md index 045ce6d2cd..db3bc5689b 100644 --- a/windows/security/threat-protection/auditing/audit-security-group-management.md +++ b/windows/security/threat-protection/auditing/audit-security-group-management.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Security Group Management diff --git a/windows/security/threat-protection/auditing/audit-security-state-change.md b/windows/security/threat-protection/auditing/audit-security-state-change.md index 81d52226a4..88a21e9a8b 100644 --- a/windows/security/threat-protection/auditing/audit-security-state-change.md +++ b/windows/security/threat-protection/auditing/audit-security-state-change.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Security State Change diff --git a/windows/security/threat-protection/auditing/audit-security-system-extension.md b/windows/security/threat-protection/auditing/audit-security-system-extension.md index 06a62bc211..057d504bc1 100644 --- a/windows/security/threat-protection/auditing/audit-security-system-extension.md +++ b/windows/security/threat-protection/auditing/audit-security-system-extension.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Security System Extension diff --git a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md index d2929dbc8b..e54927afd1 100644 --- a/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md +++ b/windows/security/threat-protection/auditing/audit-sensitive-privilege-use.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Sensitive Privilege Use diff --git a/windows/security/threat-protection/auditing/audit-special-logon.md b/windows/security/threat-protection/auditing/audit-special-logon.md index a2c7e6fe4c..7cf389f177 100644 --- a/windows/security/threat-protection/auditing/audit-special-logon.md +++ b/windows/security/threat-protection/auditing/audit-special-logon.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit Special Logon diff --git a/windows/security/threat-protection/auditing/audit-system-integrity.md b/windows/security/threat-protection/auditing/audit-system-integrity.md index d88432587a..e4b357fa00 100644 --- a/windows/security/threat-protection/auditing/audit-system-integrity.md +++ b/windows/security/threat-protection/auditing/audit-system-integrity.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit System Integrity diff --git a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md index 51362e65a8..3d85c00f81 100644 --- a/windows/security/threat-protection/auditing/audit-token-right-adjusted.md +++ b/windows/security/threat-protection/auditing/audit-token-right-adjusted.md @@ -6,7 +6,7 @@ author: dansimp ms.author: dansimp ms.pagetype: security ms.prod: m365-security -ms.technology: mde +ms.technology: windows-sec --- # Audit Token Right Adjusted diff --git a/windows/security/threat-protection/auditing/audit-user-account-management.md b/windows/security/threat-protection/auditing/audit-user-account-management.md index 97b551d31a..e958273064 100644 --- a/windows/security/threat-protection/auditing/audit-user-account-management.md +++ b/windows/security/threat-protection/auditing/audit-user-account-management.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit User Account Management diff --git a/windows/security/threat-protection/auditing/audit-user-device-claims.md b/windows/security/threat-protection/auditing/audit-user-device-claims.md index f5b3b71fa8..9b92a3022e 100644 --- a/windows/security/threat-protection/auditing/audit-user-device-claims.md +++ b/windows/security/threat-protection/auditing/audit-user-device-claims.md @@ -12,7 +12,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit User/Device Claims diff --git a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md index 9e83b22f8e..e8f37ef2fc 100644 --- a/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md +++ b/windows/security/threat-protection/auditing/basic-audit-account-logon-events.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit account logon events diff --git a/windows/security/threat-protection/auditing/basic-audit-account-management.md b/windows/security/threat-protection/auditing/basic-audit-account-management.md index e438366e30..1656e7f0eb 100644 --- a/windows/security/threat-protection/auditing/basic-audit-account-management.md +++ b/windows/security/threat-protection/auditing/basic-audit-account-management.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit account management diff --git a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md index fb18731a64..37ea6c6cb7 100644 --- a/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md +++ b/windows/security/threat-protection/auditing/basic-audit-directory-service-access.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit directory service access diff --git a/windows/security/threat-protection/auditing/basic-audit-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-logon-events.md index 569a8335dd..01b1068234 100644 --- a/windows/security/threat-protection/auditing/basic-audit-logon-events.md +++ b/windows/security/threat-protection/auditing/basic-audit-logon-events.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit logon events diff --git a/windows/security/threat-protection/auditing/basic-audit-object-access.md b/windows/security/threat-protection/auditing/basic-audit-object-access.md index 3cc432b64b..713700f0c2 100644 --- a/windows/security/threat-protection/auditing/basic-audit-object-access.md +++ b/windows/security/threat-protection/auditing/basic-audit-object-access.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit object access diff --git a/windows/security/threat-protection/auditing/basic-audit-policy-change.md b/windows/security/threat-protection/auditing/basic-audit-policy-change.md index 3e7cc6a8ea..ab4eb9ba52 100644 --- a/windows/security/threat-protection/auditing/basic-audit-policy-change.md +++ b/windows/security/threat-protection/auditing/basic-audit-policy-change.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit policy change diff --git a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md index ff6e5dff98..9949cfab8d 100644 --- a/windows/security/threat-protection/auditing/basic-audit-privilege-use.md +++ b/windows/security/threat-protection/auditing/basic-audit-privilege-use.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit privilege use diff --git a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md index a7f08b9c20..a1234e42c5 100644 --- a/windows/security/threat-protection/auditing/basic-audit-process-tracking.md +++ b/windows/security/threat-protection/auditing/basic-audit-process-tracking.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit process tracking diff --git a/windows/security/threat-protection/auditing/basic-audit-system-events.md b/windows/security/threat-protection/auditing/basic-audit-system-events.md index 4201c2447f..0f97e6acd1 100644 --- a/windows/security/threat-protection/auditing/basic-audit-system-events.md +++ b/windows/security/threat-protection/auditing/basic-audit-system-events.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Audit system events diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policies.md b/windows/security/threat-protection/auditing/basic-security-audit-policies.md index 012b98550f..252459caae 100644 --- a/windows/security/threat-protection/auditing/basic-security-audit-policies.md +++ b/windows/security/threat-protection/auditing/basic-security-audit-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Basic security audit policies diff --git a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md index 0b56e07522..37f8dddc0f 100644 --- a/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md +++ b/windows/security/threat-protection/auditing/basic-security-audit-policy-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/06/2021 -ms.technology: mde +ms.technology: windows-sec --- # Basic security audit policy settings diff --git a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md index 054ff9b595..45befb2420 100644 --- a/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md +++ b/windows/security/threat-protection/auditing/create-a-basic-audit-policy-settings-for-an-event-category.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create a basic audit policy for an event category diff --git a/windows/security/threat-protection/auditing/event-1100.md b/windows/security/threat-protection/auditing/event-1100.md index c8ac91b393..1a67e3d958 100644 --- a/windows/security/threat-protection/auditing/event-1100.md +++ b/windows/security/threat-protection/auditing/event-1100.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 1100(S): The event logging service has shut down. diff --git a/windows/security/threat-protection/auditing/event-1102.md b/windows/security/threat-protection/auditing/event-1102.md index 02ac9384e5..51ff35f0c9 100644 --- a/windows/security/threat-protection/auditing/event-1102.md +++ b/windows/security/threat-protection/auditing/event-1102.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 1102(S): The audit log was cleared. diff --git a/windows/security/threat-protection/auditing/event-1104.md b/windows/security/threat-protection/auditing/event-1104.md index 0c5e2917af..53c67d234b 100644 --- a/windows/security/threat-protection/auditing/event-1104.md +++ b/windows/security/threat-protection/auditing/event-1104.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 1104(S): The security log is now full. diff --git a/windows/security/threat-protection/auditing/event-1105.md b/windows/security/threat-protection/auditing/event-1105.md index 1aeaa58c8e..ae939ee4ca 100644 --- a/windows/security/threat-protection/auditing/event-1105.md +++ b/windows/security/threat-protection/auditing/event-1105.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 1105(S): Event log automatic backup diff --git a/windows/security/threat-protection/auditing/event-1108.md b/windows/security/threat-protection/auditing/event-1108.md index 1a7f0cbd1e..7e9e4a1dd4 100644 --- a/windows/security/threat-protection/auditing/event-1108.md +++ b/windows/security/threat-protection/auditing/event-1108.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 1108(S): The event logging service encountered an error while processing an incoming event published from %1. diff --git a/windows/security/threat-protection/auditing/event-4608.md b/windows/security/threat-protection/auditing/event-4608.md index 255036037d..955c45883a 100644 --- a/windows/security/threat-protection/auditing/event-4608.md +++ b/windows/security/threat-protection/auditing/event-4608.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4608(S): Windows is starting up. diff --git a/windows/security/threat-protection/auditing/event-4610.md b/windows/security/threat-protection/auditing/event-4610.md index 2249612819..4248720724 100644 --- a/windows/security/threat-protection/auditing/event-4610.md +++ b/windows/security/threat-protection/auditing/event-4610.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4610(S): An authentication package has been loaded by the Local Security Authority. diff --git a/windows/security/threat-protection/auditing/event-4611.md b/windows/security/threat-protection/auditing/event-4611.md index b4ce0a9d8d..fe6ba0faa7 100644 --- a/windows/security/threat-protection/auditing/event-4611.md +++ b/windows/security/threat-protection/auditing/event-4611.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4611(S): A trusted logon process has been registered with the Local Security Authority. diff --git a/windows/security/threat-protection/auditing/event-4612.md b/windows/security/threat-protection/auditing/event-4612.md index aa8b9ecc61..151c9f9d71 100644 --- a/windows/security/threat-protection/auditing/event-4612.md +++ b/windows/security/threat-protection/auditing/event-4612.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4612(S): Internal resources allocated for the queuing of audit messages have been exhausted, leading to the loss of some audits. diff --git a/windows/security/threat-protection/auditing/event-4614.md b/windows/security/threat-protection/auditing/event-4614.md index 959ef959e9..9b4a55bf5e 100644 --- a/windows/security/threat-protection/auditing/event-4614.md +++ b/windows/security/threat-protection/auditing/event-4614.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4614(S): A notification package has been loaded by the Security Account Manager. diff --git a/windows/security/threat-protection/auditing/event-4615.md b/windows/security/threat-protection/auditing/event-4615.md index 82dbd7d648..ffcc91a1f2 100644 --- a/windows/security/threat-protection/auditing/event-4615.md +++ b/windows/security/threat-protection/auditing/event-4615.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4615(S): Invalid use of LPC port. diff --git a/windows/security/threat-protection/auditing/event-4616.md b/windows/security/threat-protection/auditing/event-4616.md index 2fc4b43b2c..4e13fb8824 100644 --- a/windows/security/threat-protection/auditing/event-4616.md +++ b/windows/security/threat-protection/auditing/event-4616.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4616(S): The system time was changed. diff --git a/windows/security/threat-protection/auditing/event-4618.md b/windows/security/threat-protection/auditing/event-4618.md index baa0727774..f67334d36a 100644 --- a/windows/security/threat-protection/auditing/event-4618.md +++ b/windows/security/threat-protection/auditing/event-4618.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4618(S): A monitored security event pattern has occurred. diff --git a/windows/security/threat-protection/auditing/event-4621.md b/windows/security/threat-protection/auditing/event-4621.md index d3475dbb08..e4188be9df 100644 --- a/windows/security/threat-protection/auditing/event-4621.md +++ b/windows/security/threat-protection/auditing/event-4621.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4621(S): Administrator recovered system from CrashOnAuditFail. diff --git a/windows/security/threat-protection/auditing/event-4622.md b/windows/security/threat-protection/auditing/event-4622.md index 5404c4491b..150ef448af 100644 --- a/windows/security/threat-protection/auditing/event-4622.md +++ b/windows/security/threat-protection/auditing/event-4622.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4622(S): A security package has been loaded by the Local Security Authority. diff --git a/windows/security/threat-protection/auditing/event-4624.md b/windows/security/threat-protection/auditing/event-4624.md index 6a36fda6d7..985c5b0e59 100644 --- a/windows/security/threat-protection/auditing/event-4624.md +++ b/windows/security/threat-protection/auditing/event-4624.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4624(S): An account was successfully logged on. diff --git a/windows/security/threat-protection/auditing/event-4625.md b/windows/security/threat-protection/auditing/event-4625.md index ec92960ecc..380cc917cd 100644 --- a/windows/security/threat-protection/auditing/event-4625.md +++ b/windows/security/threat-protection/auditing/event-4625.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4625(F): An account failed to log on. diff --git a/windows/security/threat-protection/auditing/event-4626.md b/windows/security/threat-protection/auditing/event-4626.md index 1aba2f1f3b..be7bf13b02 100644 --- a/windows/security/threat-protection/auditing/event-4626.md +++ b/windows/security/threat-protection/auditing/event-4626.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4626(S): User/Device claims information. diff --git a/windows/security/threat-protection/auditing/event-4627.md b/windows/security/threat-protection/auditing/event-4627.md index 8ad79efcb2..b484de7d2d 100644 --- a/windows/security/threat-protection/auditing/event-4627.md +++ b/windows/security/threat-protection/auditing/event-4627.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4627(S): Group membership information. diff --git a/windows/security/threat-protection/auditing/event-4634.md b/windows/security/threat-protection/auditing/event-4634.md index 16bf3e049d..71887eccc4 100644 --- a/windows/security/threat-protection/auditing/event-4634.md +++ b/windows/security/threat-protection/auditing/event-4634.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4634(S): An account was logged off. diff --git a/windows/security/threat-protection/auditing/event-4647.md b/windows/security/threat-protection/auditing/event-4647.md index 01428dba45..b30de5ea3f 100644 --- a/windows/security/threat-protection/auditing/event-4647.md +++ b/windows/security/threat-protection/auditing/event-4647.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4647(S): User initiated logoff. diff --git a/windows/security/threat-protection/auditing/event-4648.md b/windows/security/threat-protection/auditing/event-4648.md index 8d81d41573..7f4517f3d0 100644 --- a/windows/security/threat-protection/auditing/event-4648.md +++ b/windows/security/threat-protection/auditing/event-4648.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4648(S): A logon was attempted using explicit credentials. diff --git a/windows/security/threat-protection/auditing/event-4649.md b/windows/security/threat-protection/auditing/event-4649.md index 75f1bf3c96..f3b32117be 100644 --- a/windows/security/threat-protection/auditing/event-4649.md +++ b/windows/security/threat-protection/auditing/event-4649.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4649(S): A replay attack was detected. diff --git a/windows/security/threat-protection/auditing/event-4656.md b/windows/security/threat-protection/auditing/event-4656.md index 7aee847e93..4da92be0ed 100644 --- a/windows/security/threat-protection/auditing/event-4656.md +++ b/windows/security/threat-protection/auditing/event-4656.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4656(S, F): A handle to an object was requested. diff --git a/windows/security/threat-protection/auditing/event-4657.md b/windows/security/threat-protection/auditing/event-4657.md index 39cb4e6052..9e788eb845 100644 --- a/windows/security/threat-protection/auditing/event-4657.md +++ b/windows/security/threat-protection/auditing/event-4657.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4657(S): A registry value was modified. diff --git a/windows/security/threat-protection/auditing/event-4658.md b/windows/security/threat-protection/auditing/event-4658.md index 0acb8a0b2f..8f88502248 100644 --- a/windows/security/threat-protection/auditing/event-4658.md +++ b/windows/security/threat-protection/auditing/event-4658.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4658(S): The handle to an object was closed. diff --git a/windows/security/threat-protection/auditing/event-4660.md b/windows/security/threat-protection/auditing/event-4660.md index 871435d568..0be89f17f1 100644 --- a/windows/security/threat-protection/auditing/event-4660.md +++ b/windows/security/threat-protection/auditing/event-4660.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4660(S): An object was deleted. diff --git a/windows/security/threat-protection/auditing/event-4661.md b/windows/security/threat-protection/auditing/event-4661.md index 77da9a1780..2485aae2b6 100644 --- a/windows/security/threat-protection/auditing/event-4661.md +++ b/windows/security/threat-protection/auditing/event-4661.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4661(S, F): A handle to an object was requested. diff --git a/windows/security/threat-protection/auditing/event-4662.md b/windows/security/threat-protection/auditing/event-4662.md index 7950f49912..5e9f6832a9 100644 --- a/windows/security/threat-protection/auditing/event-4662.md +++ b/windows/security/threat-protection/auditing/event-4662.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4662(S, F): An operation was performed on an object. diff --git a/windows/security/threat-protection/auditing/event-4663.md b/windows/security/threat-protection/auditing/event-4663.md index d85a14bddf..8001bded3b 100644 --- a/windows/security/threat-protection/auditing/event-4663.md +++ b/windows/security/threat-protection/auditing/event-4663.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4663(S): An attempt was made to access an object. diff --git a/windows/security/threat-protection/auditing/event-4664.md b/windows/security/threat-protection/auditing/event-4664.md index 36c3d8aa08..e998b508ce 100644 --- a/windows/security/threat-protection/auditing/event-4664.md +++ b/windows/security/threat-protection/auditing/event-4664.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4664(S): An attempt was made to create a hard link. diff --git a/windows/security/threat-protection/auditing/event-4670.md b/windows/security/threat-protection/auditing/event-4670.md index 0f070cd8f8..059fde7e55 100644 --- a/windows/security/threat-protection/auditing/event-4670.md +++ b/windows/security/threat-protection/auditing/event-4670.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4670(S): Permissions on an object were changed. diff --git a/windows/security/threat-protection/auditing/event-4671.md b/windows/security/threat-protection/auditing/event-4671.md index cc53508b8f..c1374cae22 100644 --- a/windows/security/threat-protection/auditing/event-4671.md +++ b/windows/security/threat-protection/auditing/event-4671.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4671(-): An application attempted to access a blocked ordinal through the TBS. diff --git a/windows/security/threat-protection/auditing/event-4672.md b/windows/security/threat-protection/auditing/event-4672.md index 3e563025ba..af47315a26 100644 --- a/windows/security/threat-protection/auditing/event-4672.md +++ b/windows/security/threat-protection/auditing/event-4672.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4672(S): Special privileges assigned to new logon. diff --git a/windows/security/threat-protection/auditing/event-4673.md b/windows/security/threat-protection/auditing/event-4673.md index 82e7ac1332..6252059b6d 100644 --- a/windows/security/threat-protection/auditing/event-4673.md +++ b/windows/security/threat-protection/auditing/event-4673.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4673(S, F): A privileged service was called. diff --git a/windows/security/threat-protection/auditing/event-4674.md b/windows/security/threat-protection/auditing/event-4674.md index 7a4b1a3654..9f1b9914da 100644 --- a/windows/security/threat-protection/auditing/event-4674.md +++ b/windows/security/threat-protection/auditing/event-4674.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4674(S, F): An operation was attempted on a privileged object. diff --git a/windows/security/threat-protection/auditing/event-4675.md b/windows/security/threat-protection/auditing/event-4675.md index f2a5d0c97e..47a81b9444 100644 --- a/windows/security/threat-protection/auditing/event-4675.md +++ b/windows/security/threat-protection/auditing/event-4675.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4675(S): SIDs were filtered. diff --git a/windows/security/threat-protection/auditing/event-4688.md b/windows/security/threat-protection/auditing/event-4688.md index 12b9206a7f..fd44f24170 100644 --- a/windows/security/threat-protection/auditing/event-4688.md +++ b/windows/security/threat-protection/auditing/event-4688.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4688(S): A new process has been created. diff --git a/windows/security/threat-protection/auditing/event-4689.md b/windows/security/threat-protection/auditing/event-4689.md index 49ec3f5924..74412386d9 100644 --- a/windows/security/threat-protection/auditing/event-4689.md +++ b/windows/security/threat-protection/auditing/event-4689.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4689(S): A process has exited. diff --git a/windows/security/threat-protection/auditing/event-4690.md b/windows/security/threat-protection/auditing/event-4690.md index 14d2dcb02d..f588b637ce 100644 --- a/windows/security/threat-protection/auditing/event-4690.md +++ b/windows/security/threat-protection/auditing/event-4690.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4690(S): An attempt was made to duplicate a handle to an object. diff --git a/windows/security/threat-protection/auditing/event-4691.md b/windows/security/threat-protection/auditing/event-4691.md index 30a869d7fc..45e0209fc6 100644 --- a/windows/security/threat-protection/auditing/event-4691.md +++ b/windows/security/threat-protection/auditing/event-4691.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4691(S): Indirect access to an object was requested. diff --git a/windows/security/threat-protection/auditing/event-4692.md b/windows/security/threat-protection/auditing/event-4692.md index 7e1e0b5ab9..f68457c377 100644 --- a/windows/security/threat-protection/auditing/event-4692.md +++ b/windows/security/threat-protection/auditing/event-4692.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4692(S, F): Backup of data protection master key was attempted. diff --git a/windows/security/threat-protection/auditing/event-4693.md b/windows/security/threat-protection/auditing/event-4693.md index 1bf4eef838..21e769eae0 100644 --- a/windows/security/threat-protection/auditing/event-4693.md +++ b/windows/security/threat-protection/auditing/event-4693.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4693(S, F): Recovery of data protection master key was attempted. diff --git a/windows/security/threat-protection/auditing/event-4694.md b/windows/security/threat-protection/auditing/event-4694.md index c6e3ca0a8c..1f64dc3491 100644 --- a/windows/security/threat-protection/auditing/event-4694.md +++ b/windows/security/threat-protection/auditing/event-4694.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4694(S, F): Protection of auditable protected data was attempted. diff --git a/windows/security/threat-protection/auditing/event-4695.md b/windows/security/threat-protection/auditing/event-4695.md index 55d37910f6..f4c77584c7 100644 --- a/windows/security/threat-protection/auditing/event-4695.md +++ b/windows/security/threat-protection/auditing/event-4695.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4695(S, F): Unprotection of auditable protected data was attempted. diff --git a/windows/security/threat-protection/auditing/event-4696.md b/windows/security/threat-protection/auditing/event-4696.md index c426f2bd9e..37ca02dd04 100644 --- a/windows/security/threat-protection/auditing/event-4696.md +++ b/windows/security/threat-protection/auditing/event-4696.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4696(S): A primary token was assigned to process. diff --git a/windows/security/threat-protection/auditing/event-4697.md b/windows/security/threat-protection/auditing/event-4697.md index 4c6103a175..16ace0c0a6 100644 --- a/windows/security/threat-protection/auditing/event-4697.md +++ b/windows/security/threat-protection/auditing/event-4697.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4697(S): A service was installed in the system. diff --git a/windows/security/threat-protection/auditing/event-4698.md b/windows/security/threat-protection/auditing/event-4698.md index e3f0385c69..fae37ea9f2 100644 --- a/windows/security/threat-protection/auditing/event-4698.md +++ b/windows/security/threat-protection/auditing/event-4698.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4698(S): A scheduled task was created. diff --git a/windows/security/threat-protection/auditing/event-4699.md b/windows/security/threat-protection/auditing/event-4699.md index b48820c643..dcea15f17d 100644 --- a/windows/security/threat-protection/auditing/event-4699.md +++ b/windows/security/threat-protection/auditing/event-4699.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4699(S): A scheduled task was deleted. diff --git a/windows/security/threat-protection/auditing/event-4700.md b/windows/security/threat-protection/auditing/event-4700.md index 6c44dbfa8d..2a46c16d19 100644 --- a/windows/security/threat-protection/auditing/event-4700.md +++ b/windows/security/threat-protection/auditing/event-4700.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4700(S): A scheduled task was enabled. diff --git a/windows/security/threat-protection/auditing/event-4701.md b/windows/security/threat-protection/auditing/event-4701.md index 0fa78f8923..e7bc488cc8 100644 --- a/windows/security/threat-protection/auditing/event-4701.md +++ b/windows/security/threat-protection/auditing/event-4701.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4701(S): A scheduled task was disabled. diff --git a/windows/security/threat-protection/auditing/event-4702.md b/windows/security/threat-protection/auditing/event-4702.md index 2ae3e2b5e3..78fee18be6 100644 --- a/windows/security/threat-protection/auditing/event-4702.md +++ b/windows/security/threat-protection/auditing/event-4702.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4702(S): A scheduled task was updated. diff --git a/windows/security/threat-protection/auditing/event-4703.md b/windows/security/threat-protection/auditing/event-4703.md index a2d0ea1520..938491bf3a 100644 --- a/windows/security/threat-protection/auditing/event-4703.md +++ b/windows/security/threat-protection/auditing/event-4703.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4703(S): A user right was adjusted. diff --git a/windows/security/threat-protection/auditing/event-4704.md b/windows/security/threat-protection/auditing/event-4704.md index 04357bb664..b76c240efe 100644 --- a/windows/security/threat-protection/auditing/event-4704.md +++ b/windows/security/threat-protection/auditing/event-4704.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4704(S): A user right was assigned. diff --git a/windows/security/threat-protection/auditing/event-4705.md b/windows/security/threat-protection/auditing/event-4705.md index 0da39782ac..b4ecb04b99 100644 --- a/windows/security/threat-protection/auditing/event-4705.md +++ b/windows/security/threat-protection/auditing/event-4705.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4705(S): A user right was removed. diff --git a/windows/security/threat-protection/auditing/event-4706.md b/windows/security/threat-protection/auditing/event-4706.md index 5bceee43f2..5d2f62ef77 100644 --- a/windows/security/threat-protection/auditing/event-4706.md +++ b/windows/security/threat-protection/auditing/event-4706.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4706(S): A new trust was created to a domain. diff --git a/windows/security/threat-protection/auditing/event-4707.md b/windows/security/threat-protection/auditing/event-4707.md index 66c5a3a235..be0c79ea65 100644 --- a/windows/security/threat-protection/auditing/event-4707.md +++ b/windows/security/threat-protection/auditing/event-4707.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4707(S): A trust to a domain was removed. diff --git a/windows/security/threat-protection/auditing/event-4713.md b/windows/security/threat-protection/auditing/event-4713.md index 1fc0eda8ae..d54358f133 100644 --- a/windows/security/threat-protection/auditing/event-4713.md +++ b/windows/security/threat-protection/auditing/event-4713.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4713(S): Kerberos policy was changed. diff --git a/windows/security/threat-protection/auditing/event-4714.md b/windows/security/threat-protection/auditing/event-4714.md index c95647f342..6ff804511a 100644 --- a/windows/security/threat-protection/auditing/event-4714.md +++ b/windows/security/threat-protection/auditing/event-4714.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4714(S): Encrypted data recovery policy was changed. diff --git a/windows/security/threat-protection/auditing/event-4715.md b/windows/security/threat-protection/auditing/event-4715.md index 54836c643a..6b6faa90fa 100644 --- a/windows/security/threat-protection/auditing/event-4715.md +++ b/windows/security/threat-protection/auditing/event-4715.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4715(S): The audit policy (SACL) on an object was changed. diff --git a/windows/security/threat-protection/auditing/event-4716.md b/windows/security/threat-protection/auditing/event-4716.md index 3b035321b0..7f058962db 100644 --- a/windows/security/threat-protection/auditing/event-4716.md +++ b/windows/security/threat-protection/auditing/event-4716.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4716(S): Trusted domain information was modified. diff --git a/windows/security/threat-protection/auditing/event-4717.md b/windows/security/threat-protection/auditing/event-4717.md index 0d79674053..33d3817929 100644 --- a/windows/security/threat-protection/auditing/event-4717.md +++ b/windows/security/threat-protection/auditing/event-4717.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4717(S): System security access was granted to an account. diff --git a/windows/security/threat-protection/auditing/event-4718.md b/windows/security/threat-protection/auditing/event-4718.md index 22f9f3a64a..a7e1307af2 100644 --- a/windows/security/threat-protection/auditing/event-4718.md +++ b/windows/security/threat-protection/auditing/event-4718.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4718(S): System security access was removed from an account. diff --git a/windows/security/threat-protection/auditing/event-4719.md b/windows/security/threat-protection/auditing/event-4719.md index dc67d391cf..1a2dabdc7e 100644 --- a/windows/security/threat-protection/auditing/event-4719.md +++ b/windows/security/threat-protection/auditing/event-4719.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4719(S): System audit policy was changed. diff --git a/windows/security/threat-protection/auditing/event-4720.md b/windows/security/threat-protection/auditing/event-4720.md index 1500cd23c9..7e6fc9cb68 100644 --- a/windows/security/threat-protection/auditing/event-4720.md +++ b/windows/security/threat-protection/auditing/event-4720.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4720(S): A user account was created. diff --git a/windows/security/threat-protection/auditing/event-4722.md b/windows/security/threat-protection/auditing/event-4722.md index 6b10efb7c8..c29e7669bc 100644 --- a/windows/security/threat-protection/auditing/event-4722.md +++ b/windows/security/threat-protection/auditing/event-4722.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4722(S): A user account was enabled. diff --git a/windows/security/threat-protection/auditing/event-4723.md b/windows/security/threat-protection/auditing/event-4723.md index 2208f2ae0e..1246930e5a 100644 --- a/windows/security/threat-protection/auditing/event-4723.md +++ b/windows/security/threat-protection/auditing/event-4723.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4723(S, F): An attempt was made to change an account's password. diff --git a/windows/security/threat-protection/auditing/event-4724.md b/windows/security/threat-protection/auditing/event-4724.md index 104704dc32..02d75f0b1d 100644 --- a/windows/security/threat-protection/auditing/event-4724.md +++ b/windows/security/threat-protection/auditing/event-4724.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4724(S, F): An attempt was made to reset an account's password. diff --git a/windows/security/threat-protection/auditing/event-4725.md b/windows/security/threat-protection/auditing/event-4725.md index 0b6ed0593a..f5f7dac0af 100644 --- a/windows/security/threat-protection/auditing/event-4725.md +++ b/windows/security/threat-protection/auditing/event-4725.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4725(S): A user account was disabled. diff --git a/windows/security/threat-protection/auditing/event-4726.md b/windows/security/threat-protection/auditing/event-4726.md index 03f7cab6c8..0b050a132b 100644 --- a/windows/security/threat-protection/auditing/event-4726.md +++ b/windows/security/threat-protection/auditing/event-4726.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4726(S): A user account was deleted. diff --git a/windows/security/threat-protection/auditing/event-4731.md b/windows/security/threat-protection/auditing/event-4731.md index ecbe498b31..b4faf3a540 100644 --- a/windows/security/threat-protection/auditing/event-4731.md +++ b/windows/security/threat-protection/auditing/event-4731.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4731(S): A security-enabled local group was created. diff --git a/windows/security/threat-protection/auditing/event-4732.md b/windows/security/threat-protection/auditing/event-4732.md index b837e2da3a..f81e218a6c 100644 --- a/windows/security/threat-protection/auditing/event-4732.md +++ b/windows/security/threat-protection/auditing/event-4732.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4732(S): A member was added to a security-enabled local group. diff --git a/windows/security/threat-protection/auditing/event-4733.md b/windows/security/threat-protection/auditing/event-4733.md index 1ff01f46dd..a0d46b343b 100644 --- a/windows/security/threat-protection/auditing/event-4733.md +++ b/windows/security/threat-protection/auditing/event-4733.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4733(S): A member was removed from a security-enabled local group. diff --git a/windows/security/threat-protection/auditing/event-4734.md b/windows/security/threat-protection/auditing/event-4734.md index 7fc762a800..1e677a0bdc 100644 --- a/windows/security/threat-protection/auditing/event-4734.md +++ b/windows/security/threat-protection/auditing/event-4734.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4734(S): A security-enabled local group was deleted. diff --git a/windows/security/threat-protection/auditing/event-4735.md b/windows/security/threat-protection/auditing/event-4735.md index ebd05f8b62..a545b2f85b 100644 --- a/windows/security/threat-protection/auditing/event-4735.md +++ b/windows/security/threat-protection/auditing/event-4735.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4735(S): A security-enabled local group was changed. diff --git a/windows/security/threat-protection/auditing/event-4738.md b/windows/security/threat-protection/auditing/event-4738.md index 1beea8a564..d78373e561 100644 --- a/windows/security/threat-protection/auditing/event-4738.md +++ b/windows/security/threat-protection/auditing/event-4738.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4738(S): A user account was changed. diff --git a/windows/security/threat-protection/auditing/event-4739.md b/windows/security/threat-protection/auditing/event-4739.md index d8417cef87..23b0cf6823 100644 --- a/windows/security/threat-protection/auditing/event-4739.md +++ b/windows/security/threat-protection/auditing/event-4739.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4739(S): Domain Policy was changed. diff --git a/windows/security/threat-protection/auditing/event-4740.md b/windows/security/threat-protection/auditing/event-4740.md index 095b90641e..834f4b9ed5 100644 --- a/windows/security/threat-protection/auditing/event-4740.md +++ b/windows/security/threat-protection/auditing/event-4740.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4740(S): A user account was locked out. diff --git a/windows/security/threat-protection/auditing/event-4741.md b/windows/security/threat-protection/auditing/event-4741.md index c09ba86137..b35fb7facd 100644 --- a/windows/security/threat-protection/auditing/event-4741.md +++ b/windows/security/threat-protection/auditing/event-4741.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4741(S): A computer account was created. diff --git a/windows/security/threat-protection/auditing/event-4742.md b/windows/security/threat-protection/auditing/event-4742.md index b838e77a00..1f1d3bee7a 100644 --- a/windows/security/threat-protection/auditing/event-4742.md +++ b/windows/security/threat-protection/auditing/event-4742.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4742(S): A computer account was changed. diff --git a/windows/security/threat-protection/auditing/event-4743.md b/windows/security/threat-protection/auditing/event-4743.md index 064855d936..76be20055b 100644 --- a/windows/security/threat-protection/auditing/event-4743.md +++ b/windows/security/threat-protection/auditing/event-4743.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4743(S): A computer account was deleted. diff --git a/windows/security/threat-protection/auditing/event-4749.md b/windows/security/threat-protection/auditing/event-4749.md index e1990c4f1e..71f28544ca 100644 --- a/windows/security/threat-protection/auditing/event-4749.md +++ b/windows/security/threat-protection/auditing/event-4749.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4749(S): A security-disabled global group was created. diff --git a/windows/security/threat-protection/auditing/event-4750.md b/windows/security/threat-protection/auditing/event-4750.md index 9ebd361c00..28a17fc94c 100644 --- a/windows/security/threat-protection/auditing/event-4750.md +++ b/windows/security/threat-protection/auditing/event-4750.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4750(S): A security-disabled global group was changed. diff --git a/windows/security/threat-protection/auditing/event-4751.md b/windows/security/threat-protection/auditing/event-4751.md index c187c0da6a..d698721321 100644 --- a/windows/security/threat-protection/auditing/event-4751.md +++ b/windows/security/threat-protection/auditing/event-4751.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4751(S): A member was added to a security-disabled global group. diff --git a/windows/security/threat-protection/auditing/event-4752.md b/windows/security/threat-protection/auditing/event-4752.md index 642eb6b948..2aa9dcd01a 100644 --- a/windows/security/threat-protection/auditing/event-4752.md +++ b/windows/security/threat-protection/auditing/event-4752.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4752(S): A member was removed from a security-disabled global group. diff --git a/windows/security/threat-protection/auditing/event-4753.md b/windows/security/threat-protection/auditing/event-4753.md index cf4ada677c..d8bb64a34a 100644 --- a/windows/security/threat-protection/auditing/event-4753.md +++ b/windows/security/threat-protection/auditing/event-4753.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4753(S): A security-disabled global group was deleted. diff --git a/windows/security/threat-protection/auditing/event-4764.md b/windows/security/threat-protection/auditing/event-4764.md index 073049f2bf..2cd0957d10 100644 --- a/windows/security/threat-protection/auditing/event-4764.md +++ b/windows/security/threat-protection/auditing/event-4764.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4764(S): A group’s type was changed. diff --git a/windows/security/threat-protection/auditing/event-4765.md b/windows/security/threat-protection/auditing/event-4765.md index 472f9a92d0..f171b29603 100644 --- a/windows/security/threat-protection/auditing/event-4765.md +++ b/windows/security/threat-protection/auditing/event-4765.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4765(S): SID History was added to an account. diff --git a/windows/security/threat-protection/auditing/event-4766.md b/windows/security/threat-protection/auditing/event-4766.md index bf5820689e..9b0d0db5fe 100644 --- a/windows/security/threat-protection/auditing/event-4766.md +++ b/windows/security/threat-protection/auditing/event-4766.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4766(F): An attempt to add SID History to an account failed. diff --git a/windows/security/threat-protection/auditing/event-4767.md b/windows/security/threat-protection/auditing/event-4767.md index 4b580f7dc0..a7b6929712 100644 --- a/windows/security/threat-protection/auditing/event-4767.md +++ b/windows/security/threat-protection/auditing/event-4767.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4767(S): A user account was unlocked. diff --git a/windows/security/threat-protection/auditing/event-4768.md b/windows/security/threat-protection/auditing/event-4768.md index c53ca50d19..6846561482 100644 --- a/windows/security/threat-protection/auditing/event-4768.md +++ b/windows/security/threat-protection/auditing/event-4768.md @@ -11,7 +11,7 @@ ms.date: 10/20/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4768(S, F): A Kerberos authentication ticket (TGT) was requested. diff --git a/windows/security/threat-protection/auditing/event-4769.md b/windows/security/threat-protection/auditing/event-4769.md index 1790274e2c..c3ad787f9e 100644 --- a/windows/security/threat-protection/auditing/event-4769.md +++ b/windows/security/threat-protection/auditing/event-4769.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4769(S, F): A Kerberos service ticket was requested. diff --git a/windows/security/threat-protection/auditing/event-4770.md b/windows/security/threat-protection/auditing/event-4770.md index 6a1627d7df..40f752135e 100644 --- a/windows/security/threat-protection/auditing/event-4770.md +++ b/windows/security/threat-protection/auditing/event-4770.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4770(S): A Kerberos service ticket was renewed. diff --git a/windows/security/threat-protection/auditing/event-4771.md b/windows/security/threat-protection/auditing/event-4771.md index 9891a617a0..e2b66d8905 100644 --- a/windows/security/threat-protection/auditing/event-4771.md +++ b/windows/security/threat-protection/auditing/event-4771.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4771(F): Kerberos pre-authentication failed. diff --git a/windows/security/threat-protection/auditing/event-4772.md b/windows/security/threat-protection/auditing/event-4772.md index c93994b2ed..384ea2a5e0 100644 --- a/windows/security/threat-protection/auditing/event-4772.md +++ b/windows/security/threat-protection/auditing/event-4772.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4772(F): A Kerberos authentication ticket request failed. diff --git a/windows/security/threat-protection/auditing/event-4773.md b/windows/security/threat-protection/auditing/event-4773.md index 3d4e1fe09b..35ad7f2c6e 100644 --- a/windows/security/threat-protection/auditing/event-4773.md +++ b/windows/security/threat-protection/auditing/event-4773.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4773(F): A Kerberos service ticket request failed. diff --git a/windows/security/threat-protection/auditing/event-4774.md b/windows/security/threat-protection/auditing/event-4774.md index 4c01962461..d7e73812a8 100644 --- a/windows/security/threat-protection/auditing/event-4774.md +++ b/windows/security/threat-protection/auditing/event-4774.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4774(S, F): An account was mapped for logon. diff --git a/windows/security/threat-protection/auditing/event-4775.md b/windows/security/threat-protection/auditing/event-4775.md index c9e4a319e8..b635329953 100644 --- a/windows/security/threat-protection/auditing/event-4775.md +++ b/windows/security/threat-protection/auditing/event-4775.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4775(F): An account could not be mapped for logon. diff --git a/windows/security/threat-protection/auditing/event-4776.md b/windows/security/threat-protection/auditing/event-4776.md index 4fde7cba9b..06430da291 100644 --- a/windows/security/threat-protection/auditing/event-4776.md +++ b/windows/security/threat-protection/auditing/event-4776.md @@ -11,7 +11,7 @@ ms.date: 09/13/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4776(S, F): The computer attempted to validate the credentials for an account. diff --git a/windows/security/threat-protection/auditing/event-4777.md b/windows/security/threat-protection/auditing/event-4777.md index f5b01ce6aa..74b68ee4d4 100644 --- a/windows/security/threat-protection/auditing/event-4777.md +++ b/windows/security/threat-protection/auditing/event-4777.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4777(F): The domain controller failed to validate the credentials for an account. diff --git a/windows/security/threat-protection/auditing/event-4778.md b/windows/security/threat-protection/auditing/event-4778.md index f7278c0017..085731bdc1 100644 --- a/windows/security/threat-protection/auditing/event-4778.md +++ b/windows/security/threat-protection/auditing/event-4778.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4778(S): A session was reconnected to a Window Station. diff --git a/windows/security/threat-protection/auditing/event-4779.md b/windows/security/threat-protection/auditing/event-4779.md index 3f34f106e4..ab9e18736c 100644 --- a/windows/security/threat-protection/auditing/event-4779.md +++ b/windows/security/threat-protection/auditing/event-4779.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4779(S): A session was disconnected from a Window Station. diff --git a/windows/security/threat-protection/auditing/event-4780.md b/windows/security/threat-protection/auditing/event-4780.md index 94b8733eab..eb96a39284 100644 --- a/windows/security/threat-protection/auditing/event-4780.md +++ b/windows/security/threat-protection/auditing/event-4780.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4780(S): The ACL was set on accounts which are members of administrators groups. diff --git a/windows/security/threat-protection/auditing/event-4781.md b/windows/security/threat-protection/auditing/event-4781.md index 0e7051d0c0..9cea675049 100644 --- a/windows/security/threat-protection/auditing/event-4781.md +++ b/windows/security/threat-protection/auditing/event-4781.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4781(S): The name of an account was changed. diff --git a/windows/security/threat-protection/auditing/event-4782.md b/windows/security/threat-protection/auditing/event-4782.md index 0d7d285e29..1079ddc301 100644 --- a/windows/security/threat-protection/auditing/event-4782.md +++ b/windows/security/threat-protection/auditing/event-4782.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4782(S): The password hash of an account was accessed. diff --git a/windows/security/threat-protection/auditing/event-4793.md b/windows/security/threat-protection/auditing/event-4793.md index d471201647..13abde059c 100644 --- a/windows/security/threat-protection/auditing/event-4793.md +++ b/windows/security/threat-protection/auditing/event-4793.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4793(S): The Password Policy Checking API was called. diff --git a/windows/security/threat-protection/auditing/event-4794.md b/windows/security/threat-protection/auditing/event-4794.md index 6901d09cbe..a96c2d8aa5 100644 --- a/windows/security/threat-protection/auditing/event-4794.md +++ b/windows/security/threat-protection/auditing/event-4794.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4794(S, F): An attempt was made to set the Directory Services Restore Mode administrator password. diff --git a/windows/security/threat-protection/auditing/event-4798.md b/windows/security/threat-protection/auditing/event-4798.md index 15a1328384..d3885f4283 100644 --- a/windows/security/threat-protection/auditing/event-4798.md +++ b/windows/security/threat-protection/auditing/event-4798.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4798(S): A user's local group membership was enumerated. diff --git a/windows/security/threat-protection/auditing/event-4799.md b/windows/security/threat-protection/auditing/event-4799.md index 92441ae64b..1bdc01b928 100644 --- a/windows/security/threat-protection/auditing/event-4799.md +++ b/windows/security/threat-protection/auditing/event-4799.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4799(S): A security-enabled local group membership was enumerated. diff --git a/windows/security/threat-protection/auditing/event-4800.md b/windows/security/threat-protection/auditing/event-4800.md index 2e468c9d92..205a90c987 100644 --- a/windows/security/threat-protection/auditing/event-4800.md +++ b/windows/security/threat-protection/auditing/event-4800.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4800(S): The workstation was locked. diff --git a/windows/security/threat-protection/auditing/event-4801.md b/windows/security/threat-protection/auditing/event-4801.md index 7da15cbbe7..0bfcfb1278 100644 --- a/windows/security/threat-protection/auditing/event-4801.md +++ b/windows/security/threat-protection/auditing/event-4801.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4801(S): The workstation was unlocked. diff --git a/windows/security/threat-protection/auditing/event-4802.md b/windows/security/threat-protection/auditing/event-4802.md index 7ea6add001..78cf0e5d14 100644 --- a/windows/security/threat-protection/auditing/event-4802.md +++ b/windows/security/threat-protection/auditing/event-4802.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4802(S): The screen saver was invoked. diff --git a/windows/security/threat-protection/auditing/event-4803.md b/windows/security/threat-protection/auditing/event-4803.md index 4971789fd3..94aed424ab 100644 --- a/windows/security/threat-protection/auditing/event-4803.md +++ b/windows/security/threat-protection/auditing/event-4803.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4803(S): The screen saver was dismissed. diff --git a/windows/security/threat-protection/auditing/event-4816.md b/windows/security/threat-protection/auditing/event-4816.md index a2c127435d..93576951c1 100644 --- a/windows/security/threat-protection/auditing/event-4816.md +++ b/windows/security/threat-protection/auditing/event-4816.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4816(S): RPC detected an integrity violation while decrypting an incoming message. diff --git a/windows/security/threat-protection/auditing/event-4817.md b/windows/security/threat-protection/auditing/event-4817.md index 3744b68704..dc9c07fb24 100644 --- a/windows/security/threat-protection/auditing/event-4817.md +++ b/windows/security/threat-protection/auditing/event-4817.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4817(S): Auditing settings on object were changed. diff --git a/windows/security/threat-protection/auditing/event-4818.md b/windows/security/threat-protection/auditing/event-4818.md index c71a145e05..5ced098023 100644 --- a/windows/security/threat-protection/auditing/event-4818.md +++ b/windows/security/threat-protection/auditing/event-4818.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4818(S): Proposed Central Access Policy does not grant the same access permissions as the current Central Access Policy. diff --git a/windows/security/threat-protection/auditing/event-4819.md b/windows/security/threat-protection/auditing/event-4819.md index f3acc685b2..882622efa4 100644 --- a/windows/security/threat-protection/auditing/event-4819.md +++ b/windows/security/threat-protection/auditing/event-4819.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4819(S): Central Access Policies on the machine have been changed. diff --git a/windows/security/threat-protection/auditing/event-4826.md b/windows/security/threat-protection/auditing/event-4826.md index 27f8cbeb41..136684f355 100644 --- a/windows/security/threat-protection/auditing/event-4826.md +++ b/windows/security/threat-protection/auditing/event-4826.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4826(S): Boot Configuration Data loaded. diff --git a/windows/security/threat-protection/auditing/event-4864.md b/windows/security/threat-protection/auditing/event-4864.md index aec977eddd..ea84a736a0 100644 --- a/windows/security/threat-protection/auditing/event-4864.md +++ b/windows/security/threat-protection/auditing/event-4864.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4864(S): A namespace collision was detected. diff --git a/windows/security/threat-protection/auditing/event-4865.md b/windows/security/threat-protection/auditing/event-4865.md index 994d2407a3..a7e2a7189e 100644 --- a/windows/security/threat-protection/auditing/event-4865.md +++ b/windows/security/threat-protection/auditing/event-4865.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4865(S): A trusted forest information entry was added. diff --git a/windows/security/threat-protection/auditing/event-4866.md b/windows/security/threat-protection/auditing/event-4866.md index ad75bb1d68..bd5bfba999 100644 --- a/windows/security/threat-protection/auditing/event-4866.md +++ b/windows/security/threat-protection/auditing/event-4866.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4866(S): A trusted forest information entry was removed. diff --git a/windows/security/threat-protection/auditing/event-4867.md b/windows/security/threat-protection/auditing/event-4867.md index e82918ba71..170868681f 100644 --- a/windows/security/threat-protection/auditing/event-4867.md +++ b/windows/security/threat-protection/auditing/event-4867.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4867(S): A trusted forest information entry was modified. diff --git a/windows/security/threat-protection/auditing/event-4902.md b/windows/security/threat-protection/auditing/event-4902.md index 67d2817434..89eeb36eb6 100644 --- a/windows/security/threat-protection/auditing/event-4902.md +++ b/windows/security/threat-protection/auditing/event-4902.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4902(S): The Per-user audit policy table was created. diff --git a/windows/security/threat-protection/auditing/event-4904.md b/windows/security/threat-protection/auditing/event-4904.md index 0a72ca6e45..02109612fd 100644 --- a/windows/security/threat-protection/auditing/event-4904.md +++ b/windows/security/threat-protection/auditing/event-4904.md @@ -11,7 +11,7 @@ ms.date: 09/07/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4904(S): An attempt was made to register a security event source. diff --git a/windows/security/threat-protection/auditing/event-4905.md b/windows/security/threat-protection/auditing/event-4905.md index 2bc2194af3..ead69b632a 100644 --- a/windows/security/threat-protection/auditing/event-4905.md +++ b/windows/security/threat-protection/auditing/event-4905.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4905(S): An attempt was made to unregister a security event source. diff --git a/windows/security/threat-protection/auditing/event-4906.md b/windows/security/threat-protection/auditing/event-4906.md index 5f8556c594..676c32fbcc 100644 --- a/windows/security/threat-protection/auditing/event-4906.md +++ b/windows/security/threat-protection/auditing/event-4906.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4906(S): The CrashOnAuditFail value has changed. diff --git a/windows/security/threat-protection/auditing/event-4907.md b/windows/security/threat-protection/auditing/event-4907.md index 54960760dd..3ae2c8793f 100644 --- a/windows/security/threat-protection/auditing/event-4907.md +++ b/windows/security/threat-protection/auditing/event-4907.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4907(S): Auditing settings on object were changed. diff --git a/windows/security/threat-protection/auditing/event-4908.md b/windows/security/threat-protection/auditing/event-4908.md index 4b00b7dc48..e59ae0559b 100644 --- a/windows/security/threat-protection/auditing/event-4908.md +++ b/windows/security/threat-protection/auditing/event-4908.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4908(S): Special Groups Logon table modified. diff --git a/windows/security/threat-protection/auditing/event-4909.md b/windows/security/threat-protection/auditing/event-4909.md index 77f5ddd123..f85c02b5ec 100644 --- a/windows/security/threat-protection/auditing/event-4909.md +++ b/windows/security/threat-protection/auditing/event-4909.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4909(-): The local policy settings for the TBS were changed. diff --git a/windows/security/threat-protection/auditing/event-4910.md b/windows/security/threat-protection/auditing/event-4910.md index 0c3e27cbcd..0cdca35e3e 100644 --- a/windows/security/threat-protection/auditing/event-4910.md +++ b/windows/security/threat-protection/auditing/event-4910.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4910(-): The group policy settings for the TBS were changed. diff --git a/windows/security/threat-protection/auditing/event-4911.md b/windows/security/threat-protection/auditing/event-4911.md index 34506e27c7..aeeaa0fdc0 100644 --- a/windows/security/threat-protection/auditing/event-4911.md +++ b/windows/security/threat-protection/auditing/event-4911.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4911(S): Resource attributes of the object were changed. diff --git a/windows/security/threat-protection/auditing/event-4912.md b/windows/security/threat-protection/auditing/event-4912.md index cd13c3c6ed..614b73a93f 100644 --- a/windows/security/threat-protection/auditing/event-4912.md +++ b/windows/security/threat-protection/auditing/event-4912.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4912(S): Per User Audit Policy was changed. diff --git a/windows/security/threat-protection/auditing/event-4913.md b/windows/security/threat-protection/auditing/event-4913.md index 88f5b9912c..bcc4c7eeee 100644 --- a/windows/security/threat-protection/auditing/event-4913.md +++ b/windows/security/threat-protection/auditing/event-4913.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4913(S): Central Access Policy on the object was changed. diff --git a/windows/security/threat-protection/auditing/event-4928.md b/windows/security/threat-protection/auditing/event-4928.md index c771de77c7..2899b77a51 100644 --- a/windows/security/threat-protection/auditing/event-4928.md +++ b/windows/security/threat-protection/auditing/event-4928.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4928(S, F): An Active Directory replica source naming context was established. diff --git a/windows/security/threat-protection/auditing/event-4929.md b/windows/security/threat-protection/auditing/event-4929.md index 8befaf8042..8d4802ca42 100644 --- a/windows/security/threat-protection/auditing/event-4929.md +++ b/windows/security/threat-protection/auditing/event-4929.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4929(S, F): An Active Directory replica source naming context was removed. diff --git a/windows/security/threat-protection/auditing/event-4930.md b/windows/security/threat-protection/auditing/event-4930.md index 9b7133cbec..ad5d6086a1 100644 --- a/windows/security/threat-protection/auditing/event-4930.md +++ b/windows/security/threat-protection/auditing/event-4930.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4930(S, F): An Active Directory replica source naming context was modified. diff --git a/windows/security/threat-protection/auditing/event-4931.md b/windows/security/threat-protection/auditing/event-4931.md index 9be2c0b308..39a7be5a64 100644 --- a/windows/security/threat-protection/auditing/event-4931.md +++ b/windows/security/threat-protection/auditing/event-4931.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4931(S, F): An Active Directory replica destination naming context was modified. diff --git a/windows/security/threat-protection/auditing/event-4932.md b/windows/security/threat-protection/auditing/event-4932.md index 2fe1488145..b686a7b13c 100644 --- a/windows/security/threat-protection/auditing/event-4932.md +++ b/windows/security/threat-protection/auditing/event-4932.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4932(S): Synchronization of a replica of an Active Directory naming context has begun. diff --git a/windows/security/threat-protection/auditing/event-4933.md b/windows/security/threat-protection/auditing/event-4933.md index 763c17876e..7fb4991241 100644 --- a/windows/security/threat-protection/auditing/event-4933.md +++ b/windows/security/threat-protection/auditing/event-4933.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4933(S, F): Synchronization of a replica of an Active Directory naming context has ended. diff --git a/windows/security/threat-protection/auditing/event-4934.md b/windows/security/threat-protection/auditing/event-4934.md index edfe9bb645..65521bb868 100644 --- a/windows/security/threat-protection/auditing/event-4934.md +++ b/windows/security/threat-protection/auditing/event-4934.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4934(S): Attributes of an Active Directory object were replicated. diff --git a/windows/security/threat-protection/auditing/event-4935.md b/windows/security/threat-protection/auditing/event-4935.md index 6473cffbe6..c939bc09ed 100644 --- a/windows/security/threat-protection/auditing/event-4935.md +++ b/windows/security/threat-protection/auditing/event-4935.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4935(F): Replication failure begins. diff --git a/windows/security/threat-protection/auditing/event-4936.md b/windows/security/threat-protection/auditing/event-4936.md index e87cf4d53e..37b1c8ca83 100644 --- a/windows/security/threat-protection/auditing/event-4936.md +++ b/windows/security/threat-protection/auditing/event-4936.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4936(S): Replication failure ends. diff --git a/windows/security/threat-protection/auditing/event-4937.md b/windows/security/threat-protection/auditing/event-4937.md index 6c1f85f0a7..f80f44586e 100644 --- a/windows/security/threat-protection/auditing/event-4937.md +++ b/windows/security/threat-protection/auditing/event-4937.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4937(S): A lingering object was removed from a replica. diff --git a/windows/security/threat-protection/auditing/event-4944.md b/windows/security/threat-protection/auditing/event-4944.md index 046a35e163..34ca3f9e47 100644 --- a/windows/security/threat-protection/auditing/event-4944.md +++ b/windows/security/threat-protection/auditing/event-4944.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4944(S): The following policy was active when the Windows Firewall started. diff --git a/windows/security/threat-protection/auditing/event-4945.md b/windows/security/threat-protection/auditing/event-4945.md index c76d313b14..f5581407ab 100644 --- a/windows/security/threat-protection/auditing/event-4945.md +++ b/windows/security/threat-protection/auditing/event-4945.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4945(S): A rule was listed when the Windows Firewall started. diff --git a/windows/security/threat-protection/auditing/event-4946.md b/windows/security/threat-protection/auditing/event-4946.md index 4279a425ff..505cec18fb 100644 --- a/windows/security/threat-protection/auditing/event-4946.md +++ b/windows/security/threat-protection/auditing/event-4946.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4946(S): A change has been made to Windows Firewall exception list. A rule was added. diff --git a/windows/security/threat-protection/auditing/event-4947.md b/windows/security/threat-protection/auditing/event-4947.md index 48613fd427..7d09cf4d23 100644 --- a/windows/security/threat-protection/auditing/event-4947.md +++ b/windows/security/threat-protection/auditing/event-4947.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4947(S): A change has been made to Windows Firewall exception list. A rule was modified. diff --git a/windows/security/threat-protection/auditing/event-4948.md b/windows/security/threat-protection/auditing/event-4948.md index 6d0290f772..65c71e3cd4 100644 --- a/windows/security/threat-protection/auditing/event-4948.md +++ b/windows/security/threat-protection/auditing/event-4948.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4948(S): A change has been made to Windows Firewall exception list. A rule was deleted. diff --git a/windows/security/threat-protection/auditing/event-4949.md b/windows/security/threat-protection/auditing/event-4949.md index 50b400ce2d..617b780983 100644 --- a/windows/security/threat-protection/auditing/event-4949.md +++ b/windows/security/threat-protection/auditing/event-4949.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4949(S): Windows Firewall settings were restored to the default values. diff --git a/windows/security/threat-protection/auditing/event-4950.md b/windows/security/threat-protection/auditing/event-4950.md index 90fdd4b72d..69db4a04e2 100644 --- a/windows/security/threat-protection/auditing/event-4950.md +++ b/windows/security/threat-protection/auditing/event-4950.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4950(S): A Windows Firewall setting has changed. diff --git a/windows/security/threat-protection/auditing/event-4951.md b/windows/security/threat-protection/auditing/event-4951.md index 65357fc8cf..060b9c4b83 100644 --- a/windows/security/threat-protection/auditing/event-4951.md +++ b/windows/security/threat-protection/auditing/event-4951.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4951(F): A rule has been ignored because its major version number was not recognized by Windows Firewall. diff --git a/windows/security/threat-protection/auditing/event-4952.md b/windows/security/threat-protection/auditing/event-4952.md index abd1012a90..3c9322ae26 100644 --- a/windows/security/threat-protection/auditing/event-4952.md +++ b/windows/security/threat-protection/auditing/event-4952.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4952(F): Parts of a rule have been ignored because its minor version number was not recognized by Windows Firewall. The other parts of the rule will be enforced. diff --git a/windows/security/threat-protection/auditing/event-4953.md b/windows/security/threat-protection/auditing/event-4953.md index d35205d2e8..2d31faae0c 100644 --- a/windows/security/threat-protection/auditing/event-4953.md +++ b/windows/security/threat-protection/auditing/event-4953.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4953(F): Windows Firewall ignored a rule because it could not be parsed. diff --git a/windows/security/threat-protection/auditing/event-4954.md b/windows/security/threat-protection/auditing/event-4954.md index f671cef1ef..67a7f024aa 100644 --- a/windows/security/threat-protection/auditing/event-4954.md +++ b/windows/security/threat-protection/auditing/event-4954.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4954(S): Windows Firewall Group Policy settings have changed. The new settings have been applied. diff --git a/windows/security/threat-protection/auditing/event-4956.md b/windows/security/threat-protection/auditing/event-4956.md index c56a466f9f..bc90d17945 100644 --- a/windows/security/threat-protection/auditing/event-4956.md +++ b/windows/security/threat-protection/auditing/event-4956.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4956(S): Windows Firewall has changed the active profile. diff --git a/windows/security/threat-protection/auditing/event-4957.md b/windows/security/threat-protection/auditing/event-4957.md index a34de9e92f..b83701e32b 100644 --- a/windows/security/threat-protection/auditing/event-4957.md +++ b/windows/security/threat-protection/auditing/event-4957.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4957(F): Windows Firewall did not apply the following rule. diff --git a/windows/security/threat-protection/auditing/event-4958.md b/windows/security/threat-protection/auditing/event-4958.md index 7bb37f579a..3fc2c85a83 100644 --- a/windows/security/threat-protection/auditing/event-4958.md +++ b/windows/security/threat-protection/auditing/event-4958.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4958(F): Windows Firewall did not apply the following rule because the rule referred to items not configured on this computer. diff --git a/windows/security/threat-protection/auditing/event-4964.md b/windows/security/threat-protection/auditing/event-4964.md index b83f63788a..969c9e219b 100644 --- a/windows/security/threat-protection/auditing/event-4964.md +++ b/windows/security/threat-protection/auditing/event-4964.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4964(S): Special groups have been assigned to a new logon. diff --git a/windows/security/threat-protection/auditing/event-4985.md b/windows/security/threat-protection/auditing/event-4985.md index ee97d237fc..6af088c0bd 100644 --- a/windows/security/threat-protection/auditing/event-4985.md +++ b/windows/security/threat-protection/auditing/event-4985.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 4985(S): The state of a transaction has changed. diff --git a/windows/security/threat-protection/auditing/event-5024.md b/windows/security/threat-protection/auditing/event-5024.md index 6f42905b26..46c44da725 100644 --- a/windows/security/threat-protection/auditing/event-5024.md +++ b/windows/security/threat-protection/auditing/event-5024.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5024(S): The Windows Firewall Service has started successfully. diff --git a/windows/security/threat-protection/auditing/event-5025.md b/windows/security/threat-protection/auditing/event-5025.md index 51c4600f15..fbc702ac8e 100644 --- a/windows/security/threat-protection/auditing/event-5025.md +++ b/windows/security/threat-protection/auditing/event-5025.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5025(S): The Windows Firewall Service has been stopped. diff --git a/windows/security/threat-protection/auditing/event-5027.md b/windows/security/threat-protection/auditing/event-5027.md index 85afaa1f92..47a348cf77 100644 --- a/windows/security/threat-protection/auditing/event-5027.md +++ b/windows/security/threat-protection/auditing/event-5027.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5027(F): The Windows Firewall Service was unable to retrieve the security policy from the local storage. The service will continue enforcing the current policy. diff --git a/windows/security/threat-protection/auditing/event-5028.md b/windows/security/threat-protection/auditing/event-5028.md index 8835c0a855..65d5204a98 100644 --- a/windows/security/threat-protection/auditing/event-5028.md +++ b/windows/security/threat-protection/auditing/event-5028.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5028(F): The Windows Firewall Service was unable to parse the new security policy. The service will continue with currently enforced policy. diff --git a/windows/security/threat-protection/auditing/event-5029.md b/windows/security/threat-protection/auditing/event-5029.md index 6e8bfab573..89b6ca69bb 100644 --- a/windows/security/threat-protection/auditing/event-5029.md +++ b/windows/security/threat-protection/auditing/event-5029.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5029(F): The Windows Firewall Service failed to initialize the driver. The service will continue to enforce the current policy. diff --git a/windows/security/threat-protection/auditing/event-5030.md b/windows/security/threat-protection/auditing/event-5030.md index 175e125235..9216275f2d 100644 --- a/windows/security/threat-protection/auditing/event-5030.md +++ b/windows/security/threat-protection/auditing/event-5030.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5030(F): The Windows Firewall Service failed to start. diff --git a/windows/security/threat-protection/auditing/event-5031.md b/windows/security/threat-protection/auditing/event-5031.md index 8a10a69008..b54933cde7 100644 --- a/windows/security/threat-protection/auditing/event-5031.md +++ b/windows/security/threat-protection/auditing/event-5031.md @@ -11,7 +11,7 @@ ms.sitesec: library ms.localizationpriority: none author: dansimp ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # 5031(F): The Windows Firewall Service blocked an application from accepting incoming connections on the network. diff --git a/windows/security/threat-protection/auditing/event-5032.md b/windows/security/threat-protection/auditing/event-5032.md index 235d9fd8d3..c8b0bff151 100644 --- a/windows/security/threat-protection/auditing/event-5032.md +++ b/windows/security/threat-protection/auditing/event-5032.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5032(F): Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network. diff --git a/windows/security/threat-protection/auditing/event-5033.md b/windows/security/threat-protection/auditing/event-5033.md index e664ac846b..dfbbcae025 100644 --- a/windows/security/threat-protection/auditing/event-5033.md +++ b/windows/security/threat-protection/auditing/event-5033.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5033(S): The Windows Firewall Driver has started successfully. diff --git a/windows/security/threat-protection/auditing/event-5034.md b/windows/security/threat-protection/auditing/event-5034.md index e447aeb0e7..e0815c5bd1 100644 --- a/windows/security/threat-protection/auditing/event-5034.md +++ b/windows/security/threat-protection/auditing/event-5034.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5034(S): The Windows Firewall Driver was stopped. diff --git a/windows/security/threat-protection/auditing/event-5035.md b/windows/security/threat-protection/auditing/event-5035.md index 0bc400131b..c6a382c517 100644 --- a/windows/security/threat-protection/auditing/event-5035.md +++ b/windows/security/threat-protection/auditing/event-5035.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5035(F): The Windows Firewall Driver failed to start. diff --git a/windows/security/threat-protection/auditing/event-5037.md b/windows/security/threat-protection/auditing/event-5037.md index c36c375902..d3542cd1d7 100644 --- a/windows/security/threat-protection/auditing/event-5037.md +++ b/windows/security/threat-protection/auditing/event-5037.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5037(F): The Windows Firewall Driver detected critical runtime error. Terminating. diff --git a/windows/security/threat-protection/auditing/event-5038.md b/windows/security/threat-protection/auditing/event-5038.md index 996a74d7b5..dbb32f1459 100644 --- a/windows/security/threat-protection/auditing/event-5038.md +++ b/windows/security/threat-protection/auditing/event-5038.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5038(F): Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error. diff --git a/windows/security/threat-protection/auditing/event-5039.md b/windows/security/threat-protection/auditing/event-5039.md index 09baf51880..7194197d62 100644 --- a/windows/security/threat-protection/auditing/event-5039.md +++ b/windows/security/threat-protection/auditing/event-5039.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5039(-): A registry key was virtualized. diff --git a/windows/security/threat-protection/auditing/event-5051.md b/windows/security/threat-protection/auditing/event-5051.md index e9e1bea6c6..67f25e7071 100644 --- a/windows/security/threat-protection/auditing/event-5051.md +++ b/windows/security/threat-protection/auditing/event-5051.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5051(-): A file was virtualized. diff --git a/windows/security/threat-protection/auditing/event-5056.md b/windows/security/threat-protection/auditing/event-5056.md index 96af867108..59e64af10b 100644 --- a/windows/security/threat-protection/auditing/event-5056.md +++ b/windows/security/threat-protection/auditing/event-5056.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5056(S): A cryptographic self-test was performed. diff --git a/windows/security/threat-protection/auditing/event-5057.md b/windows/security/threat-protection/auditing/event-5057.md index 5d686b4510..625c998826 100644 --- a/windows/security/threat-protection/auditing/event-5057.md +++ b/windows/security/threat-protection/auditing/event-5057.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5057(F): A cryptographic primitive operation failed. diff --git a/windows/security/threat-protection/auditing/event-5058.md b/windows/security/threat-protection/auditing/event-5058.md index 319ffe99f0..7d3c14f3cc 100644 --- a/windows/security/threat-protection/auditing/event-5058.md +++ b/windows/security/threat-protection/auditing/event-5058.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5058(S, F): Key file operation. diff --git a/windows/security/threat-protection/auditing/event-5059.md b/windows/security/threat-protection/auditing/event-5059.md index ff33eba467..3c79abb5d0 100644 --- a/windows/security/threat-protection/auditing/event-5059.md +++ b/windows/security/threat-protection/auditing/event-5059.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5059(S, F): Key migration operation. diff --git a/windows/security/threat-protection/auditing/event-5060.md b/windows/security/threat-protection/auditing/event-5060.md index 23fa5c78d9..9497f26ebf 100644 --- a/windows/security/threat-protection/auditing/event-5060.md +++ b/windows/security/threat-protection/auditing/event-5060.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5060(F): Verification operation failed. diff --git a/windows/security/threat-protection/auditing/event-5061.md b/windows/security/threat-protection/auditing/event-5061.md index 919d66a79c..f90e6fd02e 100644 --- a/windows/security/threat-protection/auditing/event-5061.md +++ b/windows/security/threat-protection/auditing/event-5061.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5061(S, F): Cryptographic operation. diff --git a/windows/security/threat-protection/auditing/event-5062.md b/windows/security/threat-protection/auditing/event-5062.md index 242721afc4..3ac8412240 100644 --- a/windows/security/threat-protection/auditing/event-5062.md +++ b/windows/security/threat-protection/auditing/event-5062.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5062(S): A kernel-mode cryptographic self-test was performed. diff --git a/windows/security/threat-protection/auditing/event-5063.md b/windows/security/threat-protection/auditing/event-5063.md index 020b7ebc4c..7fc9f07b38 100644 --- a/windows/security/threat-protection/auditing/event-5063.md +++ b/windows/security/threat-protection/auditing/event-5063.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5063(S, F): A cryptographic provider operation was attempted. diff --git a/windows/security/threat-protection/auditing/event-5064.md b/windows/security/threat-protection/auditing/event-5064.md index 2532a3b70b..0640bde11a 100644 --- a/windows/security/threat-protection/auditing/event-5064.md +++ b/windows/security/threat-protection/auditing/event-5064.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5064(S, F): A cryptographic context operation was attempted. diff --git a/windows/security/threat-protection/auditing/event-5065.md b/windows/security/threat-protection/auditing/event-5065.md index 0bbc9ae5c7..99731361a2 100644 --- a/windows/security/threat-protection/auditing/event-5065.md +++ b/windows/security/threat-protection/auditing/event-5065.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5065(S, F): A cryptographic context modification was attempted. diff --git a/windows/security/threat-protection/auditing/event-5066.md b/windows/security/threat-protection/auditing/event-5066.md index eebc61873d..a0faa27390 100644 --- a/windows/security/threat-protection/auditing/event-5066.md +++ b/windows/security/threat-protection/auditing/event-5066.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5066(S, F): A cryptographic function operation was attempted. diff --git a/windows/security/threat-protection/auditing/event-5067.md b/windows/security/threat-protection/auditing/event-5067.md index a3ca03be65..82bd2b643c 100644 --- a/windows/security/threat-protection/auditing/event-5067.md +++ b/windows/security/threat-protection/auditing/event-5067.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5067(S, F): A cryptographic function modification was attempted. diff --git a/windows/security/threat-protection/auditing/event-5068.md b/windows/security/threat-protection/auditing/event-5068.md index 645868eeca..54cfae4b8f 100644 --- a/windows/security/threat-protection/auditing/event-5068.md +++ b/windows/security/threat-protection/auditing/event-5068.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5068(S, F): A cryptographic function provider operation was attempted. diff --git a/windows/security/threat-protection/auditing/event-5069.md b/windows/security/threat-protection/auditing/event-5069.md index 50d95a9aff..6a762e71a3 100644 --- a/windows/security/threat-protection/auditing/event-5069.md +++ b/windows/security/threat-protection/auditing/event-5069.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5069(S, F): A cryptographic function property operation was attempted. diff --git a/windows/security/threat-protection/auditing/event-5070.md b/windows/security/threat-protection/auditing/event-5070.md index e279ab685d..2a77163002 100644 --- a/windows/security/threat-protection/auditing/event-5070.md +++ b/windows/security/threat-protection/auditing/event-5070.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5070(S, F): A cryptographic function property modification was attempted. diff --git a/windows/security/threat-protection/auditing/event-5136.md b/windows/security/threat-protection/auditing/event-5136.md index d83424aac5..5e7db9c0ed 100644 --- a/windows/security/threat-protection/auditing/event-5136.md +++ b/windows/security/threat-protection/auditing/event-5136.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5136(S): A directory service object was modified. diff --git a/windows/security/threat-protection/auditing/event-5137.md b/windows/security/threat-protection/auditing/event-5137.md index 65f8370ad0..eea8bf1a17 100644 --- a/windows/security/threat-protection/auditing/event-5137.md +++ b/windows/security/threat-protection/auditing/event-5137.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5137(S): A directory service object was created. diff --git a/windows/security/threat-protection/auditing/event-5138.md b/windows/security/threat-protection/auditing/event-5138.md index 4fa35c7f07..d9f97a7475 100644 --- a/windows/security/threat-protection/auditing/event-5138.md +++ b/windows/security/threat-protection/auditing/event-5138.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5138(S): A directory service object was undeleted. diff --git a/windows/security/threat-protection/auditing/event-5139.md b/windows/security/threat-protection/auditing/event-5139.md index 43eacd93d9..3333139144 100644 --- a/windows/security/threat-protection/auditing/event-5139.md +++ b/windows/security/threat-protection/auditing/event-5139.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5139(S): A directory service object was moved. diff --git a/windows/security/threat-protection/auditing/event-5140.md b/windows/security/threat-protection/auditing/event-5140.md index eb389fe767..29641fcca5 100644 --- a/windows/security/threat-protection/auditing/event-5140.md +++ b/windows/security/threat-protection/auditing/event-5140.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5140(S, F): A network share object was accessed. diff --git a/windows/security/threat-protection/auditing/event-5141.md b/windows/security/threat-protection/auditing/event-5141.md index 8da8b7d590..11cada8ab0 100644 --- a/windows/security/threat-protection/auditing/event-5141.md +++ b/windows/security/threat-protection/auditing/event-5141.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5141(S): A directory service object was deleted. diff --git a/windows/security/threat-protection/auditing/event-5142.md b/windows/security/threat-protection/auditing/event-5142.md index b72ef6d776..c5503ee4fa 100644 --- a/windows/security/threat-protection/auditing/event-5142.md +++ b/windows/security/threat-protection/auditing/event-5142.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5142(S): A network share object was added. diff --git a/windows/security/threat-protection/auditing/event-5143.md b/windows/security/threat-protection/auditing/event-5143.md index d173059b23..bf370fffc3 100644 --- a/windows/security/threat-protection/auditing/event-5143.md +++ b/windows/security/threat-protection/auditing/event-5143.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5143(S): A network share object was modified. diff --git a/windows/security/threat-protection/auditing/event-5144.md b/windows/security/threat-protection/auditing/event-5144.md index 937bc39ce4..6d117910a1 100644 --- a/windows/security/threat-protection/auditing/event-5144.md +++ b/windows/security/threat-protection/auditing/event-5144.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5144(S): A network share object was deleted. diff --git a/windows/security/threat-protection/auditing/event-5145.md b/windows/security/threat-protection/auditing/event-5145.md index 1bf796cf9f..8584f3f782 100644 --- a/windows/security/threat-protection/auditing/event-5145.md +++ b/windows/security/threat-protection/auditing/event-5145.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5145(S, F): A network share object was checked to see whether client can be granted desired access. diff --git a/windows/security/threat-protection/auditing/event-5148.md b/windows/security/threat-protection/auditing/event-5148.md index 1946129b9b..094f91e5f3 100644 --- a/windows/security/threat-protection/auditing/event-5148.md +++ b/windows/security/threat-protection/auditing/event-5148.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5148(F): The Windows Filtering Platform has detected a DoS attack and entered a defensive mode; packets associated with this attack will be discarded. diff --git a/windows/security/threat-protection/auditing/event-5149.md b/windows/security/threat-protection/auditing/event-5149.md index 467c7145cc..3be32e2a0c 100644 --- a/windows/security/threat-protection/auditing/event-5149.md +++ b/windows/security/threat-protection/auditing/event-5149.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5149(F): The DoS attack has subsided and normal processing is being resumed. diff --git a/windows/security/threat-protection/auditing/event-5150.md b/windows/security/threat-protection/auditing/event-5150.md index 9d9c830f21..fd48f85788 100644 --- a/windows/security/threat-protection/auditing/event-5150.md +++ b/windows/security/threat-protection/auditing/event-5150.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5150(-): The Windows Filtering Platform blocked a packet. diff --git a/windows/security/threat-protection/auditing/event-5151.md b/windows/security/threat-protection/auditing/event-5151.md index 6601b86883..ea0b6f1ba5 100644 --- a/windows/security/threat-protection/auditing/event-5151.md +++ b/windows/security/threat-protection/auditing/event-5151.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5151(-): A more restrictive Windows Filtering Platform filter has blocked a packet. diff --git a/windows/security/threat-protection/auditing/event-5152.md b/windows/security/threat-protection/auditing/event-5152.md index d4bcbf8042..1e2cec8711 100644 --- a/windows/security/threat-protection/auditing/event-5152.md +++ b/windows/security/threat-protection/auditing/event-5152.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5152(F): The Windows Filtering Platform blocked a packet. diff --git a/windows/security/threat-protection/auditing/event-5153.md b/windows/security/threat-protection/auditing/event-5153.md index eee4621b4d..f9e60da5a0 100644 --- a/windows/security/threat-protection/auditing/event-5153.md +++ b/windows/security/threat-protection/auditing/event-5153.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5153(S): A more restrictive Windows Filtering Platform filter has blocked a packet. diff --git a/windows/security/threat-protection/auditing/event-5154.md b/windows/security/threat-protection/auditing/event-5154.md index 6d0b939b64..4cd691deaf 100644 --- a/windows/security/threat-protection/auditing/event-5154.md +++ b/windows/security/threat-protection/auditing/event-5154.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5154(S): The Windows Filtering Platform has permitted an application or service to listen on a port for incoming connections. diff --git a/windows/security/threat-protection/auditing/event-5155.md b/windows/security/threat-protection/auditing/event-5155.md index 166520ef13..b4626b59c1 100644 --- a/windows/security/threat-protection/auditing/event-5155.md +++ b/windows/security/threat-protection/auditing/event-5155.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5155(F): The Windows Filtering Platform has blocked an application or service from listening on a port for incoming connections. diff --git a/windows/security/threat-protection/auditing/event-5156.md b/windows/security/threat-protection/auditing/event-5156.md index d0af703c34..f19c968a01 100644 --- a/windows/security/threat-protection/auditing/event-5156.md +++ b/windows/security/threat-protection/auditing/event-5156.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5156(S): The Windows Filtering Platform has permitted a connection. diff --git a/windows/security/threat-protection/auditing/event-5157.md b/windows/security/threat-protection/auditing/event-5157.md index c20c64f670..e860f2729c 100644 --- a/windows/security/threat-protection/auditing/event-5157.md +++ b/windows/security/threat-protection/auditing/event-5157.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5157(F): The Windows Filtering Platform has blocked a connection. diff --git a/windows/security/threat-protection/auditing/event-5158.md b/windows/security/threat-protection/auditing/event-5158.md index f35938a490..f2a088807e 100644 --- a/windows/security/threat-protection/auditing/event-5158.md +++ b/windows/security/threat-protection/auditing/event-5158.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5158(S): The Windows Filtering Platform has permitted a bind to a local port. diff --git a/windows/security/threat-protection/auditing/event-5159.md b/windows/security/threat-protection/auditing/event-5159.md index 95ac21b41a..c66d53025f 100644 --- a/windows/security/threat-protection/auditing/event-5159.md +++ b/windows/security/threat-protection/auditing/event-5159.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5159(F): The Windows Filtering Platform has blocked a bind to a local port. diff --git a/windows/security/threat-protection/auditing/event-5168.md b/windows/security/threat-protection/auditing/event-5168.md index 5d1e8bf0d8..2fcad0a7f5 100644 --- a/windows/security/threat-protection/auditing/event-5168.md +++ b/windows/security/threat-protection/auditing/event-5168.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5168(F): SPN check for SMB/SMB2 failed. diff --git a/windows/security/threat-protection/auditing/event-5376.md b/windows/security/threat-protection/auditing/event-5376.md index 1b77d59d7e..bc903c2a89 100644 --- a/windows/security/threat-protection/auditing/event-5376.md +++ b/windows/security/threat-protection/auditing/event-5376.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5376(S): Credential Manager credentials were backed up. diff --git a/windows/security/threat-protection/auditing/event-5377.md b/windows/security/threat-protection/auditing/event-5377.md index 82af29b1d7..0041df606e 100644 --- a/windows/security/threat-protection/auditing/event-5377.md +++ b/windows/security/threat-protection/auditing/event-5377.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5377(S): Credential Manager credentials were restored from a backup. diff --git a/windows/security/threat-protection/auditing/event-5378.md b/windows/security/threat-protection/auditing/event-5378.md index 7880067fb3..10f783e194 100644 --- a/windows/security/threat-protection/auditing/event-5378.md +++ b/windows/security/threat-protection/auditing/event-5378.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5378(F): The requested credentials delegation was disallowed by policy. diff --git a/windows/security/threat-protection/auditing/event-5447.md b/windows/security/threat-protection/auditing/event-5447.md index c7e89a3513..e20265f6c6 100644 --- a/windows/security/threat-protection/auditing/event-5447.md +++ b/windows/security/threat-protection/auditing/event-5447.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5447(S): A Windows Filtering Platform filter has been changed. diff --git a/windows/security/threat-protection/auditing/event-5632.md b/windows/security/threat-protection/auditing/event-5632.md index fd3345a565..565ff56e44 100644 --- a/windows/security/threat-protection/auditing/event-5632.md +++ b/windows/security/threat-protection/auditing/event-5632.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5632(S, F): A request was made to authenticate to a wireless network. diff --git a/windows/security/threat-protection/auditing/event-5633.md b/windows/security/threat-protection/auditing/event-5633.md index d72afb75da..8c8496f31b 100644 --- a/windows/security/threat-protection/auditing/event-5633.md +++ b/windows/security/threat-protection/auditing/event-5633.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5633(S, F): A request was made to authenticate to a wired network. diff --git a/windows/security/threat-protection/auditing/event-5712.md b/windows/security/threat-protection/auditing/event-5712.md index 48363c3beb..f3b0737f54 100644 --- a/windows/security/threat-protection/auditing/event-5712.md +++ b/windows/security/threat-protection/auditing/event-5712.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5712(S): A Remote Procedure Call (RPC) was attempted. diff --git a/windows/security/threat-protection/auditing/event-5888.md b/windows/security/threat-protection/auditing/event-5888.md index 4a22ab0013..13679d5290 100644 --- a/windows/security/threat-protection/auditing/event-5888.md +++ b/windows/security/threat-protection/auditing/event-5888.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5888(S): An object in the COM+ Catalog was modified. diff --git a/windows/security/threat-protection/auditing/event-5889.md b/windows/security/threat-protection/auditing/event-5889.md index d0d9842512..afcf23ffbe 100644 --- a/windows/security/threat-protection/auditing/event-5889.md +++ b/windows/security/threat-protection/auditing/event-5889.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5889(S): An object was deleted from the COM+ Catalog. diff --git a/windows/security/threat-protection/auditing/event-5890.md b/windows/security/threat-protection/auditing/event-5890.md index f7bf90b524..8bf8b1a673 100644 --- a/windows/security/threat-protection/auditing/event-5890.md +++ b/windows/security/threat-protection/auditing/event-5890.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 5890(S): An object was added to the COM+ Catalog. diff --git a/windows/security/threat-protection/auditing/event-6144.md b/windows/security/threat-protection/auditing/event-6144.md index 0ed126dc60..045943bcdf 100644 --- a/windows/security/threat-protection/auditing/event-6144.md +++ b/windows/security/threat-protection/auditing/event-6144.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6144(S): Security policy in the group policy objects has been applied successfully. diff --git a/windows/security/threat-protection/auditing/event-6145.md b/windows/security/threat-protection/auditing/event-6145.md index ff67ad627d..17484bcaf1 100644 --- a/windows/security/threat-protection/auditing/event-6145.md +++ b/windows/security/threat-protection/auditing/event-6145.md @@ -11,7 +11,7 @@ ms.date: 09/08/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6145(F): One or more errors occurred while processing security policy in the group policy objects. diff --git a/windows/security/threat-protection/auditing/event-6281.md b/windows/security/threat-protection/auditing/event-6281.md index 28b9c2e509..a4404d8d5d 100644 --- a/windows/security/threat-protection/auditing/event-6281.md +++ b/windows/security/threat-protection/auditing/event-6281.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6281(F): Code Integrity determined that the page hashes of an image file are not valid. The file could be improperly signed without page hashes or corrupt due to unauthorized modification. The invalid hashes could indicate a potential disk device error. diff --git a/windows/security/threat-protection/auditing/event-6400.md b/windows/security/threat-protection/auditing/event-6400.md index 214d0c5b93..4579bf3a3f 100644 --- a/windows/security/threat-protection/auditing/event-6400.md +++ b/windows/security/threat-protection/auditing/event-6400.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6400(-): BranchCache: Received an incorrectly formatted response while discovering availability of content. diff --git a/windows/security/threat-protection/auditing/event-6401.md b/windows/security/threat-protection/auditing/event-6401.md index 7ae7c5a3ab..b7e9be68fc 100644 --- a/windows/security/threat-protection/auditing/event-6401.md +++ b/windows/security/threat-protection/auditing/event-6401.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6401(-): BranchCache: Received invalid data from a peer. Data discarded. diff --git a/windows/security/threat-protection/auditing/event-6402.md b/windows/security/threat-protection/auditing/event-6402.md index ca0ea21dbe..43c3c34353 100644 --- a/windows/security/threat-protection/auditing/event-6402.md +++ b/windows/security/threat-protection/auditing/event-6402.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6402(-): BranchCache: The message to the hosted cache offering it data is incorrectly formatted. diff --git a/windows/security/threat-protection/auditing/event-6403.md b/windows/security/threat-protection/auditing/event-6403.md index dfa11c62ac..d2fdd63838 100644 --- a/windows/security/threat-protection/auditing/event-6403.md +++ b/windows/security/threat-protection/auditing/event-6403.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6403(-): BranchCache: The hosted cache sent an incorrectly formatted response to the client. diff --git a/windows/security/threat-protection/auditing/event-6404.md b/windows/security/threat-protection/auditing/event-6404.md index fb4bccd26f..8398476eb6 100644 --- a/windows/security/threat-protection/auditing/event-6404.md +++ b/windows/security/threat-protection/auditing/event-6404.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6404(-): BranchCache: Hosted cache could not be authenticated using the provisioned SSL certificate. diff --git a/windows/security/threat-protection/auditing/event-6405.md b/windows/security/threat-protection/auditing/event-6405.md index 557c8ebabe..e8efbf0ec1 100644 --- a/windows/security/threat-protection/auditing/event-6405.md +++ b/windows/security/threat-protection/auditing/event-6405.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6405(-): BranchCache: %2 instance(s) of event id %1 occurred. diff --git a/windows/security/threat-protection/auditing/event-6406.md b/windows/security/threat-protection/auditing/event-6406.md index dbaeb0e873..5f556714d7 100644 --- a/windows/security/threat-protection/auditing/event-6406.md +++ b/windows/security/threat-protection/auditing/event-6406.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6406(-): %1 registered to Windows Firewall to control filtering for the following: %2. diff --git a/windows/security/threat-protection/auditing/event-6407.md b/windows/security/threat-protection/auditing/event-6407.md index 28612dacba..a5d377eb0e 100644 --- a/windows/security/threat-protection/auditing/event-6407.md +++ b/windows/security/threat-protection/auditing/event-6407.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6407(-): 1%. diff --git a/windows/security/threat-protection/auditing/event-6408.md b/windows/security/threat-protection/auditing/event-6408.md index c36f520a60..24596eef2a 100644 --- a/windows/security/threat-protection/auditing/event-6408.md +++ b/windows/security/threat-protection/auditing/event-6408.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6408(-): Registered product %1 failed and Windows Firewall is now controlling the filtering for %2. diff --git a/windows/security/threat-protection/auditing/event-6409.md b/windows/security/threat-protection/auditing/event-6409.md index 1ac08c75f1..776b12553b 100644 --- a/windows/security/threat-protection/auditing/event-6409.md +++ b/windows/security/threat-protection/auditing/event-6409.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6409(-): BranchCache: A service connection point object could not be parsed. diff --git a/windows/security/threat-protection/auditing/event-6410.md b/windows/security/threat-protection/auditing/event-6410.md index a9f5e5111f..bc2da0e57f 100644 --- a/windows/security/threat-protection/auditing/event-6410.md +++ b/windows/security/threat-protection/auditing/event-6410.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6410(F): Code integrity determined that a file does not meet the security requirements to load into a process. diff --git a/windows/security/threat-protection/auditing/event-6416.md b/windows/security/threat-protection/auditing/event-6416.md index 337a5395be..add5982ef7 100644 --- a/windows/security/threat-protection/auditing/event-6416.md +++ b/windows/security/threat-protection/auditing/event-6416.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6416(S): A new external device was recognized by the System. diff --git a/windows/security/threat-protection/auditing/event-6419.md b/windows/security/threat-protection/auditing/event-6419.md index 69a6f30def..0e7f44d997 100644 --- a/windows/security/threat-protection/auditing/event-6419.md +++ b/windows/security/threat-protection/auditing/event-6419.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6419(S): A request was made to disable a device. diff --git a/windows/security/threat-protection/auditing/event-6420.md b/windows/security/threat-protection/auditing/event-6420.md index 3a2dc5c9d9..f8cccf22a7 100644 --- a/windows/security/threat-protection/auditing/event-6420.md +++ b/windows/security/threat-protection/auditing/event-6420.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6420(S): A device was disabled. diff --git a/windows/security/threat-protection/auditing/event-6421.md b/windows/security/threat-protection/auditing/event-6421.md index 8ac5372312..5b0e22342b 100644 --- a/windows/security/threat-protection/auditing/event-6421.md +++ b/windows/security/threat-protection/auditing/event-6421.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6421(S): A request was made to enable a device. diff --git a/windows/security/threat-protection/auditing/event-6422.md b/windows/security/threat-protection/auditing/event-6422.md index 7e577f25c3..70ba147ede 100644 --- a/windows/security/threat-protection/auditing/event-6422.md +++ b/windows/security/threat-protection/auditing/event-6422.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6422(S): A device was enabled. diff --git a/windows/security/threat-protection/auditing/event-6423.md b/windows/security/threat-protection/auditing/event-6423.md index 5f8278b20e..10cf86de89 100644 --- a/windows/security/threat-protection/auditing/event-6423.md +++ b/windows/security/threat-protection/auditing/event-6423.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6423(S): The installation of this device is forbidden by system policy. diff --git a/windows/security/threat-protection/auditing/event-6424.md b/windows/security/threat-protection/auditing/event-6424.md index ba3fcbffe7..13af19c639 100644 --- a/windows/security/threat-protection/auditing/event-6424.md +++ b/windows/security/threat-protection/auditing/event-6424.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # 6424(S): The installation of this device was allowed, after having previously been forbidden by policy. diff --git a/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md b/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md index 9c7941df2b..a5df9bf707 100644 --- a/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md +++ b/windows/security/threat-protection/auditing/file-system-global-object-access-auditing.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # File System (Global Object Access Auditing) diff --git a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md index cc3bf79488..b8cc2220c9 100644 --- a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md +++ b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # How to get a list of XML data name elements in EventData diff --git a/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md b/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md index c446bdec67..3dc75d64ed 100644 --- a/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md +++ b/windows/security/threat-protection/auditing/monitor-central-access-policy-and-rule-definitions.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Monitor central access policy and rule definitions diff --git a/windows/security/threat-protection/auditing/monitor-claim-types.md b/windows/security/threat-protection/auditing/monitor-claim-types.md index b9e1ea714f..643795c7e2 100644 --- a/windows/security/threat-protection/auditing/monitor-claim-types.md +++ b/windows/security/threat-protection/auditing/monitor-claim-types.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Monitor claim types diff --git a/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md b/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md index 791549bb4f..1be153db59 100644 --- a/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md +++ b/windows/security/threat-protection/auditing/monitor-resource-attribute-definitions.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Monitor resource attribute definitions diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md index ece759aeb6..83ab6f2561 100644 --- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md +++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-associated-with-files-and-folders.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Monitor the central access policies associated with files and folders diff --git a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md index 2d50a5c7db..a1780808e5 100644 --- a/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md +++ b/windows/security/threat-protection/auditing/monitor-the-central-access-policies-that-apply-on-a-file-server.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Monitor the central access policies that apply on a file server diff --git a/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md b/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md index f223b3433d..20be28d785 100644 --- a/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md +++ b/windows/security/threat-protection/auditing/monitor-the-resource-attributes-on-files-and-folders.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Monitor the resource attributes on files and folders diff --git a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md index af897bbd62..ac76e18a1a 100644 --- a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md +++ b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Monitor the use of removable storage devices diff --git a/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md b/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md index 7f950dd7b1..865b1b5aaf 100644 --- a/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md +++ b/windows/security/threat-protection/auditing/monitor-user-and-device-claims-during-sign-in.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Monitor user and device claims during sign-in diff --git a/windows/security/threat-protection/auditing/other-events.md b/windows/security/threat-protection/auditing/other-events.md index a54f6a6f1c..12044634fd 100644 --- a/windows/security/threat-protection/auditing/other-events.md +++ b/windows/security/threat-protection/auditing/other-events.md @@ -11,7 +11,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Other Events diff --git a/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md b/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md index d47efbedbf..4f9f9b93e8 100644 --- a/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md +++ b/windows/security/threat-protection/auditing/planning-and-deploying-advanced-security-audit-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Plan and deploy advanced security audit policies diff --git a/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md b/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md index a01a3a3514..cd2acc181e 100644 --- a/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md +++ b/windows/security/threat-protection/auditing/registry-global-object-access-auditing.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Registry (Global Object Access Auditing) diff --git a/windows/security/threat-protection/auditing/security-auditing-overview.md b/windows/security/threat-protection/auditing/security-auditing-overview.md index fb1184eed7..1c305a4439 100644 --- a/windows/security/threat-protection/auditing/security-auditing-overview.md +++ b/windows/security/threat-protection/auditing/security-auditing-overview.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Security auditing diff --git a/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md b/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md index dd8bb6516d..fe06c5d1a4 100644 --- a/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md +++ b/windows/security/threat-protection/auditing/using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Using advanced security auditing options to monitor dynamic access control objects diff --git a/windows/security/threat-protection/auditing/view-the-security-event-log.md b/windows/security/threat-protection/auditing/view-the-security-event-log.md index 5b89a3802e..e934463906 100644 --- a/windows/security/threat-protection/auditing/view-the-security-event-log.md +++ b/windows/security/threat-protection/auditing/view-the-security-event-log.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # View the security event log diff --git a/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md b/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md index 8e1db3e1b0..7917a249c2 100644 --- a/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md +++ b/windows/security/threat-protection/auditing/which-editions-of-windows-support-advanced-audit-policy-configuration.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/09/2021 -ms.technology: mde +ms.technology: windows-sec --- # Which editions of Windows support advanced audit policy configuration diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md index a7cdb8f8e9..ea7806d09a 100644 --- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -12,7 +12,7 @@ ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 07/30/2021 ms.reviewer: -ms.technology: mde +ms.technology: windows-sec --- # Enable virtualization-based protection of code integrity diff --git a/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md b/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md index 0ecb7c4e45..21f2516780 100644 --- a/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md +++ b/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md @@ -10,7 +10,7 @@ ms.author: deniseb ms.reviewer: manager: dansimp ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Application Control and virtualization-based protection of code integrity diff --git a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md index 3112632b29..bec34fe509 100644 --- a/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md @@ -13,7 +13,7 @@ ms.topic: conceptual ms.date: 10/20/2017 ms.reviewer: ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Baseline protections and additional qualifications for virtualization-based protection of code integrity diff --git a/windows/security/threat-protection/intelligence/coinminer-malware.md b/windows/security/threat-protection/intelligence/coinminer-malware.md index 2f9e582a64..5e3a895186 100644 --- a/windows/security/threat-protection/intelligence/coinminer-malware.md +++ b/windows/security/threat-protection/intelligence/coinminer-malware.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Coin miners diff --git a/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md b/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md index def1ec0b93..d765694f94 100644 --- a/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md +++ b/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.technology: mde +ms.technology: windows-sec --- # Coordinated Malware Eradication diff --git a/windows/security/threat-protection/intelligence/criteria.md b/windows/security/threat-protection/intelligence/criteria.md index 17980ae531..1f07f8975c 100644 --- a/windows/security/threat-protection/intelligence/criteria.md +++ b/windows/security/threat-protection/intelligence/criteria.md @@ -15,7 +15,7 @@ ms.collection: M365-security-compliance ms.topic: article ms.date: 10/04/2021 search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # How Microsoft identifies malware and potentially unwanted applications diff --git a/windows/security/threat-protection/intelligence/cybersecurity-industry-partners.md b/windows/security/threat-protection/intelligence/cybersecurity-industry-partners.md index 6df748d442..9ad598b76d 100644 --- a/windows/security/threat-protection/intelligence/cybersecurity-industry-partners.md +++ b/windows/security/threat-protection/intelligence/cybersecurity-industry-partners.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.technology: mde +ms.technology: windows-sec --- # Industry collaboration programs diff --git a/windows/security/threat-protection/intelligence/developer-faq.yml b/windows/security/threat-protection/intelligence/developer-faq.yml index 04300736d9..3a515be9fb 100644 --- a/windows/security/threat-protection/intelligence/developer-faq.yml +++ b/windows/security/threat-protection/intelligence/developer-faq.yml @@ -16,7 +16,7 @@ metadata: audience: ITPro ms.collection: M365-security-compliance ms.topic: article - ms.technology: mde + ms.technology: windows-sec title: Software developer FAQ summary: This page provides answers to common questions we receive from software developers. For general guidance about submitting malware or incorrectly detected files, read the submission guide. diff --git a/windows/security/threat-protection/intelligence/developer-resources.md b/windows/security/threat-protection/intelligence/developer-resources.md index 3b7d080b28..4f489bae80 100644 --- a/windows/security/threat-protection/intelligence/developer-resources.md +++ b/windows/security/threat-protection/intelligence/developer-resources.md @@ -15,7 +15,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.technology: mde +ms.technology: windows-sec --- # Software developer resources diff --git a/windows/security/threat-protection/intelligence/exploits-malware.md b/windows/security/threat-protection/intelligence/exploits-malware.md index 3a88ecaf55..41086f1308 100644 --- a/windows/security/threat-protection/intelligence/exploits-malware.md +++ b/windows/security/threat-protection/intelligence/exploits-malware.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Exploits and exploit kits diff --git a/windows/security/threat-protection/intelligence/fileless-threats.md b/windows/security/threat-protection/intelligence/fileless-threats.md index b125773d18..7f84b0446c 100644 --- a/windows/security/threat-protection/intelligence/fileless-threats.md +++ b/windows/security/threat-protection/intelligence/fileless-threats.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Fileless threats diff --git a/windows/security/threat-protection/intelligence/index.md b/windows/security/threat-protection/intelligence/index.md index 7fce4cc28d..48b0faad6b 100644 --- a/windows/security/threat-protection/intelligence/index.md +++ b/windows/security/threat-protection/intelligence/index.md @@ -12,7 +12,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.technology: mde +ms.technology: windows-sec --- # Security intelligence diff --git a/windows/security/threat-protection/intelligence/macro-malware.md b/windows/security/threat-protection/intelligence/macro-malware.md index 5bf655b20c..4421309156 100644 --- a/windows/security/threat-protection/intelligence/macro-malware.md +++ b/windows/security/threat-protection/intelligence/macro-malware.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Macro malware diff --git a/windows/security/threat-protection/intelligence/malware-naming.md b/windows/security/threat-protection/intelligence/malware-naming.md index 3b37bdf391..d8c17ef82c 100644 --- a/windows/security/threat-protection/intelligence/malware-naming.md +++ b/windows/security/threat-protection/intelligence/malware-naming.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Malware names diff --git a/windows/security/threat-protection/intelligence/phishing-trends.md b/windows/security/threat-protection/intelligence/phishing-trends.md index 1785d95a38..097dbd3120 100644 --- a/windows/security/threat-protection/intelligence/phishing-trends.md +++ b/windows/security/threat-protection/intelligence/phishing-trends.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Phishing trends and techniques diff --git a/windows/security/threat-protection/intelligence/phishing.md b/windows/security/threat-protection/intelligence/phishing.md index 01c216b8fe..215acf8c29 100644 --- a/windows/security/threat-protection/intelligence/phishing.md +++ b/windows/security/threat-protection/intelligence/phishing.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # How to protect against phishing attacks diff --git a/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md b/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md index ae7c0e8363..ebccd09195 100644 --- a/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md +++ b/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Troubleshooting malware submission errors caused by administrator block diff --git a/windows/security/threat-protection/intelligence/prevent-malware-infection.md b/windows/security/threat-protection/intelligence/prevent-malware-infection.md index 4b3b38c797..f5ee250869 100644 --- a/windows/security/threat-protection/intelligence/prevent-malware-infection.md +++ b/windows/security/threat-protection/intelligence/prevent-malware-infection.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Prevent malware infection diff --git a/windows/security/threat-protection/intelligence/rootkits-malware.md b/windows/security/threat-protection/intelligence/rootkits-malware.md index 3a795c9074..0fb53bc90f 100644 --- a/windows/security/threat-protection/intelligence/rootkits-malware.md +++ b/windows/security/threat-protection/intelligence/rootkits-malware.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Rootkits diff --git a/windows/security/threat-protection/intelligence/safety-scanner-download.md b/windows/security/threat-protection/intelligence/safety-scanner-download.md index 282c90bd86..b271e43bca 100644 --- a/windows/security/threat-protection/intelligence/safety-scanner-download.md +++ b/windows/security/threat-protection/intelligence/safety-scanner-download.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Microsoft Safety Scanner diff --git a/windows/security/threat-protection/intelligence/submission-guide.md b/windows/security/threat-protection/intelligence/submission-guide.md index 97dda7a1ad..44bcc3e46e 100644 --- a/windows/security/threat-protection/intelligence/submission-guide.md +++ b/windows/security/threat-protection/intelligence/submission-guide.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Submit files for analysis diff --git a/windows/security/threat-protection/intelligence/supply-chain-malware.md b/windows/security/threat-protection/intelligence/supply-chain-malware.md index edd8709cdf..69f77af00f 100644 --- a/windows/security/threat-protection/intelligence/supply-chain-malware.md +++ b/windows/security/threat-protection/intelligence/supply-chain-malware.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Supply chain attacks diff --git a/windows/security/threat-protection/intelligence/support-scams.md b/windows/security/threat-protection/intelligence/support-scams.md index ffb5104d6c..07250bbc9c 100644 --- a/windows/security/threat-protection/intelligence/support-scams.md +++ b/windows/security/threat-protection/intelligence/support-scams.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Tech support scams diff --git a/windows/security/threat-protection/intelligence/trojans-malware.md b/windows/security/threat-protection/intelligence/trojans-malware.md index f2b7fe2a80..52b3552843 100644 --- a/windows/security/threat-protection/intelligence/trojans-malware.md +++ b/windows/security/threat-protection/intelligence/trojans-malware.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Trojans diff --git a/windows/security/threat-protection/intelligence/understanding-malware.md b/windows/security/threat-protection/intelligence/understanding-malware.md index f98d44ceb7..04b637d62c 100644 --- a/windows/security/threat-protection/intelligence/understanding-malware.md +++ b/windows/security/threat-protection/intelligence/understanding-malware.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Understanding malware & other threats diff --git a/windows/security/threat-protection/intelligence/unwanted-software.md b/windows/security/threat-protection/intelligence/unwanted-software.md index 0083b9496c..9a26e42972 100644 --- a/windows/security/threat-protection/intelligence/unwanted-software.md +++ b/windows/security/threat-protection/intelligence/unwanted-software.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Unwanted software diff --git a/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md b/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md index 65a11f61ab..7d7b790bde 100644 --- a/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md +++ b/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.technology: mde +ms.technology: windows-sec --- # Virus Information Alliance diff --git a/windows/security/threat-protection/intelligence/virus-initiative-criteria.md b/windows/security/threat-protection/intelligence/virus-initiative-criteria.md index ccb2eb6624..0441e00ed4 100644 --- a/windows/security/threat-protection/intelligence/virus-initiative-criteria.md +++ b/windows/security/threat-protection/intelligence/virus-initiative-criteria.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.technology: mde +ms.technology: windows-sec --- # Microsoft Virus Initiative diff --git a/windows/security/threat-protection/intelligence/worms-malware.md b/windows/security/threat-protection/intelligence/worms-malware.md index 2aa32ed8f6..0fb215f6b9 100644 --- a/windows/security/threat-protection/intelligence/worms-malware.md +++ b/windows/security/threat-protection/intelligence/worms-malware.md @@ -14,7 +14,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article search.appverid: met150 -ms.technology: mde +ms.technology: windows-sec --- # Worms diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md index d3480738e7..725a653863 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md @@ -12,7 +12,7 @@ ms.date: 09/20/2021 ms.reviewer: manager: dansimp ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Configure Microsoft Defender Application Guard policy settings diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml index a34c5d900d..867be41703 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml +++ b/windows/security/threat-protection/microsoft-defender-application-guard/faq-md-app-guard.yml @@ -13,7 +13,7 @@ metadata: ms.reviewer: manager: dansimp ms.custom: asr - ms.technology: mde + ms.technology: windows-sec title: Frequently asked questions - Microsoft Defender Application Guard summary: | diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md index c16ce0700e..2994f3ab96 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md @@ -12,7 +12,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Prepare to install Microsoft Defender Application Guard diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-browser-extension.md b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-browser-extension.md index 90f1d07fca..2b7a3193ab 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-browser-extension.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-browser-extension.md @@ -12,7 +12,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Microsoft Defender Application Guard Extension diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md index 640f7eae00..879c15353b 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md @@ -12,7 +12,7 @@ ms.date: 09/09/2021 ms.reviewer: manager: dansimp ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Microsoft Defender Application Guard overview diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md index 9525a88395..d91da6e81c 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/reqs-md-app-guard.md @@ -12,7 +12,7 @@ ms.date: 10/20/2021 ms.reviewer: manager: dansimp ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # System requirements for Microsoft Defender Application Guard diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md index 292813b7c0..cf455c976a 100644 --- a/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md +++ b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md @@ -12,7 +12,7 @@ ms.reviewer: manager: dansimp ms.date: 09/09/2021 ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Application Guard testing scenarios diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md index 9229244aa8..14c78b9fa8 100644 --- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md +++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md @@ -11,7 +11,7 @@ ms.date: 09/28/2020 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Available Microsoft Defender SmartScreen Group Policy and mobile device management (MDM) settings **Applies to:** diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md index baf718b6fe..8b9946ec0d 100644 --- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md +++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md @@ -11,7 +11,7 @@ audience: ITPro ms.localizationpriority: high ms.reviewer: manager: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Microsoft Defender SmartScreen diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-set-individual-device.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-set-individual-device.md index 416b3ffd6e..a73abf03ff 100644 --- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-set-individual-device.md +++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-set-individual-device.md @@ -11,7 +11,7 @@ ms.date: 10/13/2017 ms.reviewer: manager: dansimp ms.author: macapara -ms.technology: mde +ms.technology: windows-sec --- # Set up and use Microsoft Defender SmartScreen on individual devices diff --git a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md index 152f6711fe..3cf960a19f 100644 --- a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md +++ b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Access Credential Manager as a trusted caller diff --git a/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md b/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md index 55c80b17f7..da17209420 100644 --- a/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md +++ b/windows/security/threat-protection/security-policy-settings/access-this-computer-from-the-network.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 06/11/2021 -ms.technology: mde +ms.technology: windows-sec --- # Access this computer from the network - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md index be2c2f115a..5111f06fe9 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 08/16/2021 -ms.technology: mde +ms.technology: windows-sec --- # Account lockout duration diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md b/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md index 26ba3362f0..5f8c91006d 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-policy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 10/11/2018 -ms.technology: mde +ms.technology: windows-sec --- # Account Lockout Policy diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md index 955b5f6e6f..fdbdef8e1e 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 11/02/2018 -ms.technology: mde +ms.technology: windows-sec --- # Account lockout threshold diff --git a/windows/security/threat-protection/security-policy-settings/account-policies.md b/windows/security/threat-protection/security-policy-settings/account-policies.md index 42f0509874..d3f03a9e97 100644 --- a/windows/security/threat-protection/security-policy-settings/account-policies.md +++ b/windows/security/threat-protection/security-policy-settings/account-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Account Policies diff --git a/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md b/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md index 983c8abe93..132ecaa9be 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-administrator-account-status.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 08/01/2017 -ms.technology: mde +ms.technology: windows-sec --- # Accounts: Administrator account status diff --git a/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md b/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md index 21943761e2..d390220428 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-block-microsoft-accounts.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 08/10/2017 -ms.technology: mde +ms.technology: windows-sec --- # Accounts: Block Microsoft accounts diff --git a/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md b/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md index 1828f74f0d..6f785de269 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Accounts: Guest account status - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md index 88adc7aa01..b630cc0ce5 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-limit-local-account-use-of-blank-passwords-to-console-logon-only.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Accounts: Limit local account use of blank passwords to console logon only diff --git a/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md b/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md index 1bf1c8e328..d865644cf8 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-rename-administrator-account.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Accounts: Rename administrator account diff --git a/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md b/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md index 5694b75065..7ce4a682bc 100644 --- a/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md +++ b/windows/security/threat-protection/security-policy-settings/accounts-rename-guest-account.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Accounts: Rename guest account - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md b/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md index dfd593bde8..4c794419c1 100644 --- a/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md +++ b/windows/security/threat-protection/security-policy-settings/act-as-part-of-the-operating-system.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Act as part of the operating system diff --git a/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md b/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md index c2cfbb9858..8e6a02b8ef 100644 --- a/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md +++ b/windows/security/threat-protection/security-policy-settings/add-workstations-to-domain.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Add workstations to domain diff --git a/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md b/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md index 154ecd7c75..c780868505 100644 --- a/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md +++ b/windows/security/threat-protection/security-policy-settings/adjust-memory-quotas-for-a-process.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Adjust memory quotas for a process diff --git a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md index fecacdacab..297de36841 100644 --- a/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/administer-security-policy-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Administer security policy settings diff --git a/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md b/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md index 3bb3d64326..62863b9009 100644 --- a/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md +++ b/windows/security/threat-protection/security-policy-settings/allow-log-on-locally.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Allow log on locally - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md b/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md index 044f3c2fe5..1ad9f2883f 100644 --- a/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md +++ b/windows/security/threat-protection/security-policy-settings/allow-log-on-through-remote-desktop-services.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Allow log on through Remote Desktop Services diff --git a/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md b/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md index d534cb14e3..f22bcd4c5d 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md +++ b/windows/security/threat-protection/security-policy-settings/audit-audit-the-access-of-global-system-objects.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Audit: Audit the access of global system objects diff --git a/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md b/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md index 6c2fec1dee..39535992d7 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md +++ b/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/01/2019 -ms.technology: mde +ms.technology: windows-sec --- # Audit: Audit the use of Backup and Restore privilege diff --git a/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md b/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md index 3c64ae947a..cc93c278b5 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md +++ b/windows/security/threat-protection/security-policy-settings/audit-force-audit-policy-subcategory-settings-to-override.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings diff --git a/windows/security/threat-protection/security-policy-settings/audit-policy.md b/windows/security/threat-protection/security-policy-settings/audit-policy.md index 351b357bb8..294edc4242 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-policy.md +++ b/windows/security/threat-protection/security-policy-settings/audit-policy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Audit Policy diff --git a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md index 6b2a642f91..dc462f0224 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md +++ b/windows/security/threat-protection/security-policy-settings/audit-shut-down-system-immediately-if-unable-to-log-security-audits.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Audit: Shut down system immediately if unable to log security audits diff --git a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md index 67a1efe7b8..2ecdea12d2 100644 --- a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md +++ b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Back up files and directories - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md index 34327028f6..239a32f7b1 100644 --- a/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md +++ b/windows/security/threat-protection/security-policy-settings/bypass-traverse-checking.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Bypass traverse checking diff --git a/windows/security/threat-protection/security-policy-settings/change-the-system-time.md b/windows/security/threat-protection/security-policy-settings/change-the-system-time.md index 611c4f29c6..c3d5940ecc 100644 --- a/windows/security/threat-protection/security-policy-settings/change-the-system-time.md +++ b/windows/security/threat-protection/security-policy-settings/change-the-system-time.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Change the system time - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md b/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md index f9251b7542..ac2ad49a7c 100644 --- a/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md +++ b/windows/security/threat-protection/security-policy-settings/change-the-time-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Change the time zone - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md index eaca0ecfbb..c5a8a0a8e1 100644 --- a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md +++ b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create a pagefile - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/create-a-token-object.md b/windows/security/threat-protection/security-policy-settings/create-a-token-object.md index 52fb6a0e53..b506e0c131 100644 --- a/windows/security/threat-protection/security-policy-settings/create-a-token-object.md +++ b/windows/security/threat-protection/security-policy-settings/create-a-token-object.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create a token object diff --git a/windows/security/threat-protection/security-policy-settings/create-global-objects.md b/windows/security/threat-protection/security-policy-settings/create-global-objects.md index c29a2716ee..fd0acee762 100644 --- a/windows/security/threat-protection/security-policy-settings/create-global-objects.md +++ b/windows/security/threat-protection/security-policy-settings/create-global-objects.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create global objects diff --git a/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md b/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md index 33b84b4ddd..a38990fd17 100644 --- a/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md +++ b/windows/security/threat-protection/security-policy-settings/create-permanent-shared-objects.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create permanent shared objects diff --git a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md index 70f390d16a..d5d9820efd 100644 --- a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md +++ b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create symbolic links diff --git a/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md b/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md index 8b5c1ba80d..cfed5fd439 100644 --- a/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md +++ b/windows/security/threat-protection/security-policy-settings/dcom-machine-access-restrictions-in-security-descriptor-definition-language-sddl-syntax.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax diff --git a/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md b/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md index 46bcee01d5..7142b1773f 100644 --- a/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md +++ b/windows/security/threat-protection/security-policy-settings/dcom-machine-launch-restrictions-in-security-descriptor-definition-language-sddl-syntax.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax diff --git a/windows/security/threat-protection/security-policy-settings/debug-programs.md b/windows/security/threat-protection/security-policy-settings/debug-programs.md index ee678fa038..0e70455139 100644 --- a/windows/security/threat-protection/security-policy-settings/debug-programs.md +++ b/windows/security/threat-protection/security-policy-settings/debug-programs.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Debug programs diff --git a/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md b/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md index 04844990fd..269c9d78ab 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md +++ b/windows/security/threat-protection/security-policy-settings/deny-access-to-this-computer-from-the-network.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 05/19/2021 -ms.technology: mde +ms.technology: windows-sec --- # Deny access to this computer from the network diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md index 33371b5594..3065d91365 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Deny log on as a batch job diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md index e93b14011b..3b48755935 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Deny log on as a service diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md index 16aac6c38f..e3663ffda4 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-locally.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Deny log on locally diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md index e618426e9d..ea9ba0f63a 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-through-remote-desktop-services.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Deny log on through Remote Desktop Services diff --git a/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md b/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md index 1c8ec83ad6..6f6a4ddb5f 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md +++ b/windows/security/threat-protection/security-policy-settings/devices-allow-undock-without-having-to-log-on.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Devices: Allow undock without having to log on diff --git a/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md b/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md index 4a2d451bd1..fccacdc413 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md +++ b/windows/security/threat-protection/security-policy-settings/devices-allowed-to-format-and-eject-removable-media.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Devices: Allowed to format and eject removable media diff --git a/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md b/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md index 15e9f97f5d..32a0ca45f2 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md +++ b/windows/security/threat-protection/security-policy-settings/devices-prevent-users-from-installing-printer-drivers.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Devices: Prevent users from installing printer drivers diff --git a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md index 14b745deaf..1bc52f9b73 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md +++ b/windows/security/threat-protection/security-policy-settings/devices-restrict-cd-rom-access-to-locally-logged-on-user-only.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Devices: Restrict CD-ROM access to locally logged-on user only diff --git a/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md b/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md index 0b64be01ad..2591b45b42 100644 --- a/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md +++ b/windows/security/threat-protection/security-policy-settings/devices-restrict-floppy-access-to-locally-logged-on-user-only.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Devices: Restrict floppy access to locally logged-on user only diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md b/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md index 6708f52037..ad7e4030e3 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md +++ b/windows/security/threat-protection/security-policy-settings/domain-controller-allow-server-operators-to-schedule-tasks.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Domain controller: Allow server operators to schedule tasks diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md index ba471b4b00..3c4bd32092 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md +++ b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Domain controller: LDAP server signing requirements diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md b/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md index 31325347d6..d0b2f91db5 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md +++ b/windows/security/threat-protection/security-policy-settings/domain-controller-refuse-machine-account-password-changes.md @@ -14,7 +14,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.technology: mde +ms.technology: windows-sec --- # Domain controller: Refuse machine account password changes diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md index 9c02ea6441..c48680bf77 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-or-sign-secure-channel-data-always.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Domain member: Digitally encrypt or sign secure channel data (always) diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md index cc788fbe2b..f07984917f 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-encrypt-secure-channel-data-when-possible.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Domain member: Digitally encrypt secure channel data (when possible) diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md index 5d0ee13652..b75a8767d9 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-digitally-sign-secure-channel-data-when-possible.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Domain member: Digitally sign secure channel data (when possible) diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md b/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md index 16e25c74bf..8c85b1ecee 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-disable-machine-account-password-changes.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 06/27/2019 -ms.technology: mde +ms.technology: windows-sec --- # Domain member: Disable machine account password changes diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md index ff2d29cc14..7a5f2b3e94 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-maximum-machine-account-password-age.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 05/29/2020 -ms.technology: mde +ms.technology: windows-sec --- # Domain member: Maximum machine account password age diff --git a/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md b/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md index 544c028497..24cdd01bd2 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md +++ b/windows/security/threat-protection/security-policy-settings/domain-member-require-strong-windows-2000-or-later-session-key.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Domain member: Require strong (Windows 2000 or later) session key diff --git a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md index 9dfa07237d..d60d7b9568 100644 --- a/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md +++ b/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Enable computer and user accounts to be trusted for delegation diff --git a/windows/security/threat-protection/security-policy-settings/enforce-password-history.md b/windows/security/threat-protection/security-policy-settings/enforce-password-history.md index 796779c714..e32f558d6c 100644 --- a/windows/security/threat-protection/security-policy-settings/enforce-password-history.md +++ b/windows/security/threat-protection/security-policy-settings/enforce-password-history.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Enforce password history diff --git a/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md b/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md index 71615ceabb..c1b6e0c09e 100644 --- a/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md +++ b/windows/security/threat-protection/security-policy-settings/enforce-user-logon-restrictions.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Enforce user logon restrictions diff --git a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md index e6585a09a3..ed338300e8 100644 --- a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md +++ b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Force shutdown from a remote system diff --git a/windows/security/threat-protection/security-policy-settings/generate-security-audits.md b/windows/security/threat-protection/security-policy-settings/generate-security-audits.md index 40e5ca7ef1..4f81ddbe37 100644 --- a/windows/security/threat-protection/security-policy-settings/generate-security-audits.md +++ b/windows/security/threat-protection/security-policy-settings/generate-security-audits.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Generate security audits diff --git a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md index 7ad1fc41a6..548dfc7385 100644 --- a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Configure security policy settings diff --git a/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md b/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md index 7c59f4013c..b7503031b7 100644 --- a/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md +++ b/windows/security/threat-protection/security-policy-settings/impersonate-a-client-after-authentication.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Impersonate a client after authentication diff --git a/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md b/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md index 4473a058bb..f6eda6e23e 100644 --- a/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md +++ b/windows/security/threat-protection/security-policy-settings/increase-a-process-working-set.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Increase a process working set diff --git a/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md b/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md index 8ca263ed4f..e2e776a8be 100644 --- a/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md +++ b/windows/security/threat-protection/security-policy-settings/increase-scheduling-priority.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 2/6/2020 -ms.technology: mde +ms.technology: windows-sec --- # Increase scheduling priority diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md index ce251bc758..7c5ca6c4a7 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-display-user-information-when-the-session-is-locked.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Display user information when the session is locked diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md index dc34342e33..9994a60f7e 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-display-last-user-name.md @@ -14,7 +14,7 @@ ms.topic: conceptual ms.date: 04/19/2017 ms.reviewer: ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Don't display last signed-in diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md index e209f6f824..4131998946 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Do not require CTRL+ALT+DEL diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md index dc75f23f03..e0431252ef 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-dont-display-username-at-sign-in.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Don't display username at sign-in diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md index ea490bea9a..e9a1fea0ae 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-account-lockout-threshold.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Machine account lockout threshold diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md index b42c080ea0..737bfddba3 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/18/2018 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Machine inactivity limit diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md index 554fcc6d63..ec72b350f1 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-text-for-users-attempting-to-log-on.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Message text for users attempting to log on diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md index 3f2be2aad0..e5f5ce5eb8 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-message-title-for-users-attempting-to-log-on.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Message title for users attempting to log on diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md index 1e1a6c2d56..90773e0b18 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-number-of-previous-logons-to-cache-in-case-domain-controller-is-not-available.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 08/27/2018 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Number of previous logons to cache (in case domain controller is not available) diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md index 0eada407ca..0194532533 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-prompt-user-to-change-password-before-expiration.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive log on: Prompt the user to change passwords before expiration diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md index e08474cde8..88948dcc4f 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Require Domain Controller authentication to unlock workstation diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md index 1235ce1f89..1ef1627762 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-require-smart-card.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Require smart card - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md index 822699cbe5..8b8a23f14d 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-smart-card-removal-behavior.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Interactive logon: Smart card removal behavior diff --git a/windows/security/threat-protection/security-policy-settings/kerberos-policy.md b/windows/security/threat-protection/security-policy-settings/kerberos-policy.md index 4dde3dafa0..50e612ee9a 100644 --- a/windows/security/threat-protection/security-policy-settings/kerberos-policy.md +++ b/windows/security/threat-protection/security-policy-settings/kerberos-policy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Kerberos Policy diff --git a/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md b/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md index ece23d6a1b..a0534994d0 100644 --- a/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md +++ b/windows/security/threat-protection/security-policy-settings/load-and-unload-device-drivers.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Load and unload device drivers diff --git a/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md b/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md index 9f512271e5..17b2d7d0e6 100644 --- a/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md +++ b/windows/security/threat-protection/security-policy-settings/lock-pages-in-memory.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Lock pages in memory diff --git a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md index e4997ab361..4fb931974f 100644 --- a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md +++ b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Log on as a batch job diff --git a/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md b/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md index a170ea805c..dbcb0f1907 100644 --- a/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md +++ b/windows/security/threat-protection/security-policy-settings/log-on-as-a-service.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Log on as a service diff --git a/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md b/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md index 057b9c3219..5da39ee708 100644 --- a/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md +++ b/windows/security/threat-protection/security-policy-settings/manage-auditing-and-security-log.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Manage auditing and security log diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md index 4c5b767250..e3ed6c49c4 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-service-ticket.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Maximum lifetime for service ticket diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md index 4298be4ed3..0b5fddd3cd 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket-renewal.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Maximum lifetime for user ticket renewal diff --git a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md index c9f03e275f..b189dda660 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-lifetime-for-user-ticket.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Maximum lifetime for user ticket diff --git a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md index 18d09c4627..546b7de4f2 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-password-age.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-password-age.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Maximum password age diff --git a/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md b/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md index 98e58336ac..fe607f246f 100644 --- a/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md +++ b/windows/security/threat-protection/security-policy-settings/maximum-tolerance-for-computer-clock-synchronization.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Maximum tolerance for computer clock synchronization diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md index f2c0e59130..d6c198624a 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-always.md @@ -12,7 +12,7 @@ ms.pagetype: security ms.localizationpriority: medium author: dansimp ms.date: 06/28/2018 -ms.technology: mde +ms.technology: windows-sec --- # Microsoft network client: Digitally sign communications (always) diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md index 3fca806b68..0cc87e361e 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-client-send-unencrypted-password-to-third-party-smb-servers.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md index df04135ddb..abe6db2b33 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-amount-of-idle-time-required-before-suspending-session.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Microsoft network server: Amount of idle time required before suspending session diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md index bf80e3d066..1ef73b3a59 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-attempt-s4u2self-to-obtain-claim-information.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Microsoft network server: Attempt S4U2Self to obtain claim information diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md index aa8327994b..afb7ddfe20 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-digitally-sign-communications-always.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 06/21/2018 -ms.technology: mde +ms.technology: windows-sec --- # Microsoft network server: Digitally sign communications (always) diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md index c63ba1fa9c..5cf58f4daf 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-disconnect-clients-when-logon-hours-expire.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Microsoft network server: Disconnect clients when logon hours expire diff --git a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md index 934085e4f4..23c36d99fa 100644 --- a/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md +++ b/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Microsoft network server: Server SPN target name validation level diff --git a/windows/security/threat-protection/security-policy-settings/minimum-password-age.md b/windows/security/threat-protection/security-policy-settings/minimum-password-age.md index a36abdd6f7..960112af64 100644 --- a/windows/security/threat-protection/security-policy-settings/minimum-password-age.md +++ b/windows/security/threat-protection/security-policy-settings/minimum-password-age.md @@ -12,7 +12,7 @@ ms.pagetype: security ms.localizationpriority: medium author: dansimp ms.date: 11/13/2018 -ms.technology: mde +ms.technology: windows-sec --- # Minimum password age diff --git a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md index c14de4b2fc..7921cdcc37 100644 --- a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md +++ b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Minimum password length diff --git a/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md b/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md index baa5e9c04b..b320e305b8 100644 --- a/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md +++ b/windows/security/threat-protection/security-policy-settings/modify-an-object-label.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Modify an object label diff --git a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md index 6858bbce7e..8d28849453 100644 --- a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md +++ b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Modify firmware environment values diff --git a/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md b/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md index b78e43e706..82be9fa1ec 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-allow-anonymous-sidname-translation.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Allow anonymous SID/Name translation diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md index 23a4d0c815..aa56038e35 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts-and-shares.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Do not allow anonymous enumeration of SAM accounts and shares diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md index 3243d8261b..1e144a682f 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-anonymous-enumeration-of-sam-accounts.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Do not allow anonymous enumeration of SAM accounts diff --git a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md index 8cdbdc9908..160dbb22e8 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 07/01/2021 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Do not allow storage of passwords and credentials for network authentication diff --git a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md index 816f4d78b1..542bd046ed 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-let-everyone-permissions-apply-to-anonymous-users.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Let Everyone permissions apply to anonymous users diff --git a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md index bb01d6c117..78c22e2c43 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-named-pipes-that-can-be-accessed-anonymously.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Named Pipes that can be accessed anonymously diff --git a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md index 078753c170..1f5a821007 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths-and-subpaths.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Remotely accessible registry paths and subpaths diff --git a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md index ab9370f9dd..fe4a3d425e 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-remotely-accessible-registry-paths.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Remotely accessible registry paths diff --git a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md index 9fea7c3077..57dc9bbbb8 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-restrict-anonymous-access-to-named-pipes-and-shares.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Restrict anonymous access to Named Pipes and Shares diff --git a/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md b/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md index 66c3926643..e6ec3878c7 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md @@ -11,7 +11,7 @@ ms.date: 09/17/2018 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Network access: Restrict clients allowed to make remote calls to SAM diff --git a/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md b/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md index 125d609e61..0e8c62d1a3 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-shares-that-can-be-accessed-anonymously.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Shares that can be accessed anonymously diff --git a/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md b/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md index 359010211d..f4a400c044 100644 --- a/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md +++ b/windows/security/threat-protection/security-policy-settings/network-access-sharing-and-security-model-for-local-accounts.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network access: Sharing and security model for local accounts diff --git a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md index 69ecb0c119..619b009548 100644 --- a/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md +++ b/windows/security/threat-protection/security-policy-settings/network-list-manager-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network List Manager policies diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md index 605dfd0cfd..261dd0a213 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-local-system-to-use-computer-identity-for-ntlm.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 10/04/2021 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Allow Local System to use computer identity for NTLM diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md index 3f67d9dfbf..401a588948 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-localsystem-null-session-fallback.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Allow LocalSystem NULL session fallback diff --git a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md index 671eb87720..7b4fd7fe4b 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Allow PKU2U authentication requests to this computer to use online identities diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md index d6813adc8f..034a2762ea 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Configure encryption types allowed for Kerberos diff --git a/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md b/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md index 23140d7b81..ebf155ba56 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Do not store LAN Manager hash value on next password change diff --git a/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md b/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md index d82ba2d356..daab389419 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-force-logoff-when-logon-hours-expire.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Force logoff when logon hours expire diff --git a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md index 90ab68bf7a..fcd510671f 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: LAN Manager authentication level diff --git a/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md b/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md index deb400f637..006e925460 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-ldap-client-signing-requirements.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: LDAP client signing requirements diff --git a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md index 7da3832813..1ab941f6ae 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-clients.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 07/27/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Minimum session security for NTLM SSP based (including secure RPC) clients diff --git a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md index fd5bcf7731..d606dc935b 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-minimum-session-security-for-ntlm-ssp-based-including-secure-rpc-servers.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Minimum session security for NTLM SSP based (including secure RPC) servers diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md index 4f61542115..bf5804a540 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-remote-server-exceptions-for-ntlm-authentication.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md index ad33075c6d..5fb535995e 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-add-server-exceptions-in-this-domain.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Restrict NTLM: Add server exceptions in this domain diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md index 466fe77336..47b963ab2a 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-incoming-ntlm-traffic.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Restrict NTLM: Audit incoming NTLM traffic diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md index 595f2d660a..bdbf0e528d 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-audit-ntlm-authentication-in-this-domain.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Restrict NTLM: Audit NTLM authentication in this domain diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md index 1c4ca789c3..cbcc2e7d66 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Restrict NTLM: Incoming NTLM traffic diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md index 947f4ab587..ccaba0be7d 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Restrict NTLM: NTLM authentication in this domain diff --git a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md index 1a547615d6..f53a1e1665 100644 --- a/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md +++ b/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers diff --git a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md index 1a74bf2b3a..7928508380 100644 --- a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md +++ b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md @@ -14,7 +14,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.technology: mde +ms.technology: windows-sec --- # Password must meet complexity requirements diff --git a/windows/security/threat-protection/security-policy-settings/password-policy.md b/windows/security/threat-protection/security-policy-settings/password-policy.md index 697b00c255..11d69785c6 100644 --- a/windows/security/threat-protection/security-policy-settings/password-policy.md +++ b/windows/security/threat-protection/security-policy-settings/password-policy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Password Policy diff --git a/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md b/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md index 44ce6c881a..514e1a9ea7 100644 --- a/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md +++ b/windows/security/threat-protection/security-policy-settings/perform-volume-maintenance-tasks.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Perform volume maintenance tasks diff --git a/windows/security/threat-protection/security-policy-settings/profile-single-process.md b/windows/security/threat-protection/security-policy-settings/profile-single-process.md index fc3af3e372..599cb50810 100644 --- a/windows/security/threat-protection/security-policy-settings/profile-single-process.md +++ b/windows/security/threat-protection/security-policy-settings/profile-single-process.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Profile single process diff --git a/windows/security/threat-protection/security-policy-settings/profile-system-performance.md b/windows/security/threat-protection/security-policy-settings/profile-system-performance.md index 37a46be943..47f372d723 100644 --- a/windows/security/threat-protection/security-policy-settings/profile-system-performance.md +++ b/windows/security/threat-protection/security-policy-settings/profile-system-performance.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Profile system performance diff --git a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md index 8d560cc318..c188b74c08 100644 --- a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md +++ b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-automatic-administrative-logon.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Recovery console: Allow automatic administrative logon diff --git a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md index 2d90c0a80f..c06d6f180c 100644 --- a/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md +++ b/windows/security/threat-protection/security-policy-settings/recovery-console-allow-floppy-copy-and-access-to-all-drives-and-folders.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Recovery console: Allow floppy copy and access to all drives and folders diff --git a/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md b/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md index 099396d96b..4508560bdc 100644 --- a/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md +++ b/windows/security/threat-protection/security-policy-settings/remove-computer-from-docking-station.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Remove computer from docking station - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md b/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md index 497b00f4d5..dd1696b067 100644 --- a/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md +++ b/windows/security/threat-protection/security-policy-settings/replace-a-process-level-token.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Replace a process level token diff --git a/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md b/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md index b58d2f93b4..87951d31f4 100644 --- a/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md +++ b/windows/security/threat-protection/security-policy-settings/reset-account-lockout-counter-after.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 11/02/2018 -ms.technology: mde +ms.technology: windows-sec --- # Reset account lockout counter after diff --git a/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md b/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md index 56932252a4..08c30303cf 100644 --- a/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md +++ b/windows/security/threat-protection/security-policy-settings/restore-files-and-directories.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Restore files and directories - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md b/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md index 58e86eb700..fe3ba96d3f 100644 --- a/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/secpol-advanced-security-audit-policy-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Advanced security audit policy settings diff --git a/windows/security/threat-protection/security-policy-settings/security-options.md b/windows/security/threat-protection/security-policy-settings/security-options.md index b31d7a38cd..f7a90a01c0 100644 --- a/windows/security/threat-protection/security-policy-settings/security-options.md +++ b/windows/security/threat-protection/security-policy-settings/security-options.md @@ -12,7 +12,7 @@ ms.pagetype: security ms.localizationpriority: medium author: dansimp ms.date: 06/28/2018 -ms.technology: mde +ms.technology: windows-sec --- # Security Options diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md index 690b97fddb..a1d965558b 100644 --- a/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md +++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings-reference.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Security policy settings reference diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md index 7a58b942a4..a0a8270da7 100644 --- a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md +++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Security policy settings diff --git a/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md b/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md index 1b5d5a161d..57374f2aa8 100644 --- a/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md +++ b/windows/security/threat-protection/security-policy-settings/shut-down-the-system.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Shut down the system - security policy setting diff --git a/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md b/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md index 5f9aec2590..f80dd3b8cf 100644 --- a/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md +++ b/windows/security/threat-protection/security-policy-settings/shutdown-allow-system-to-be-shut-down-without-having-to-log-on.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Shutdown: Allow system to be shut down without having to log on diff --git a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md index b556412de2..4cada523db 100644 --- a/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md +++ b/windows/security/threat-protection/security-policy-settings/shutdown-clear-virtual-memory-pagefile.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 08/01/2017 -ms.technology: mde +ms.technology: windows-sec --- # Shutdown: Clear virtual memory pagefile diff --git a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md index 996a278b07..204a5206ba 100644 --- a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md +++ b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-always.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 01/04/2019 -ms.technology: mde +ms.technology: windows-sec --- # SMBv1 Microsoft network client: Digitally sign communications (always) diff --git a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md index 6b4331de2f..9ef171ea55 100644 --- a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md +++ b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 01/04/2019 -ms.technology: mde +ms.technology: windows-sec --- # SMBv1 Microsoft network client: Digitally sign communications (if server agrees) diff --git a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md index 0c427716aa..ffedfe0697 100644 --- a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md +++ b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-always.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 01/04/2019 -ms.technology: mde +ms.technology: windows-sec --- # SMB v1 Microsoft network server: Digitally sign communications (always) diff --git a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md index 032bb6d057..48bbab1f2f 100644 --- a/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md +++ b/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-server-digitally-sign-communications-if-client-agrees.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 01/04/2019 -ms.technology: mde +ms.technology: windows-sec --- # SMBv1 Microsoft network server: Digitally sign communications (if client agrees) diff --git a/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md b/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md index fa3693209f..ea2f55d403 100644 --- a/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md +++ b/windows/security/threat-protection/security-policy-settings/store-passwords-using-reversible-encryption.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Store passwords using reversible encryption diff --git a/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md b/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md index 04d2c905ec..88f07c4037 100644 --- a/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md +++ b/windows/security/threat-protection/security-policy-settings/synchronize-directory-service-data.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Synchronize directory service data diff --git a/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md b/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md index 0ab38e9139..d5dd1f683e 100644 --- a/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md +++ b/windows/security/threat-protection/security-policy-settings/system-cryptography-force-strong-key-protection-for-user-keys-stored-on-the-computer.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # System cryptography: Force strong key protection for user keys stored on the computer diff --git a/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md b/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md index 67de664cfc..e98291ef6b 100644 --- a/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md +++ b/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 11/16/2018 -ms.technology: mde +ms.technology: windows-sec --- # System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing diff --git a/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md b/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md index 7d3fdb17cd..3a9ceb4840 100644 --- a/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md +++ b/windows/security/threat-protection/security-policy-settings/system-objects-require-case-insensitivity-for-non-windows-subsystems.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # System objects: Require case insensitivity for non-Windows subsystems diff --git a/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md b/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md index 731ff816b1..abd9724c03 100644 --- a/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md +++ b/windows/security/threat-protection/security-policy-settings/system-objects-strengthen-default-permissions-of-internal-system-objects.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # System objects: Strengthen default permissions of internal system objects (for example, Symbolic Links) diff --git a/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md b/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md index 05dc5f7a16..a271d9f87f 100644 --- a/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md +++ b/windows/security/threat-protection/security-policy-settings/system-settings-optional-subsystems.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # System settings: Optional subsystems diff --git a/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md b/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md index 85d1c3a9c8..9791d8a12d 100644 --- a/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md +++ b/windows/security/threat-protection/security-policy-settings/system-settings-use-certificate-rules-on-windows-executables-for-software-restriction-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # System settings: Use certificate rules on Windows executables for Software Restriction Policies diff --git a/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md b/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md index 45985b786a..c4781f258c 100644 --- a/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md +++ b/windows/security/threat-protection/security-policy-settings/take-ownership-of-files-or-other-objects.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # Take ownership of files or other objects diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md b/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md index d7900e363c..16e00a82f8 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-admin-approval-mode-for-the-built-in-administrator-account.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Admin Approval Mode for the Built-in Administrator account diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md b/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md index 09f6411652..8526a457ae 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-allow-uiaccess-applications-to-prompt-for-elevation-without-using-the-secure-desktop.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md index 716ff6ad2d..e653550846 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md index 688bce1b38..48f2dfa8c7 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-standard-users.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 10/11/2021 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Behavior of the elevation prompt for standard users diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md b/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md index be33709e17..431ac04a15 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-detect-application-installations-and-prompt-for-elevation.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Detect application installations and prompt for elevation diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md index 62665872ff..242580312c 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-executables-that-are-signed-and-validated.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Only elevate executables that are signed and validated diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md index 06e3831a67..76a8bc97a2 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-only-elevate-uiaccess-applications-that-are-installed-in-secure-locations.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Only elevate UIAccess applications that are installed in secure locations diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md index da3fbca962..1ce02f4be2 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-run-all-administrators-in-admin-approval-mode.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Run all administrators in Admin Approval Mode diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md b/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md index 6b34c92be1..5eb4fbd4e9 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-switch-to-the-secure-desktop-when-prompting-for-elevation.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Switch to the secure desktop when prompting for elevation diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md b/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md index e8bf2f6497..dda6b18a18 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-virtualize-file-and-registry-write-failures-to-per-user-locations.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Account Control: Virtualize file and registry write failures to per-user locations diff --git a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md index 5efa422cb9..6760680ea6 100644 --- a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md +++ b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 04/19/2017 -ms.technology: mde +ms.technology: windows-sec --- # User Rights Assignment diff --git a/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md b/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md index 1fd7837df9..bea57dd3c8 100644 --- a/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md +++ b/windows/security/threat-protection/windows-defender-application-control/LOB-win32-apps-on-s.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 10/30/2019 -ms.technology: mde +ms.technology: windows-sec --- # Allow Line-of-Business Win32 Apps on Intune-Managed S Mode Devices diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.yml b/windows/security/threat-protection/windows-defender-application-control/TOC.yml index 6e2bbdd64b..024e87e042 100644 --- a/windows/security/threat-protection/windows-defender-application-control/TOC.yml +++ b/windows/security/threat-protection/windows-defender-application-control/TOC.yml @@ -108,6 +108,8 @@ href: querying-application-control-events-centrally-using-advanced-hunting.md - name: Known Issues href: operations/known-issues.md + - name: Managed installer and ISG technical reference and troubleshooting guide + href: configure-wdac-managed-installer.md - name: AppLocker href: applocker\applocker-overview.md items: diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md index f200b445bc..9e1b49b4c8 100644 --- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md @@ -14,7 +14,7 @@ author: dansimp ms.reviewer: isbrahm ms.author: dansimp manager: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Allow COM object registration in a Windows Defender Application Control policy @@ -26,7 +26,7 @@ ms.technology: mde - Windows Server 2016 and later > [!NOTE] -> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md). +> Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](feature-availability.md). The [Microsoft Component Object Model (COM)](/windows/desktop/com/the-component-object-model) is a platform-independent, distributed, object-oriented system for creating binary software components that can interact. COM specifies an object model and programming requirements that enable COM objects to interact with other objects. @@ -104,16 +104,16 @@ Example 3: Allows a specific COM object to register in PowerShell Here's an example of an error in the Event Viewer (**Application and Service Logs** > **Microsoft** > **Windows** > **AppLocker** > **MSI and Script**): -Log Name: Microsoft-Windows-AppLocker/MSI and Script
-Source: Microsoft-Windows-AppLocker
-Date: 11/11/2020 1:18:11 PM
-Event ID: 8036
-Task Category: None
-Level: Error
-Keywords:
-User: S-1-5-21-3340858017-3068726007-3466559902-3647
-Computer: contoso.com
-Description: {f8d253d9-89a4-4daa-87b6-1168369f0b21} was prevented from running due to Config CI policy.
+> Log Name: Microsoft-Windows-AppLocker/MSI and Script
+> Source: Microsoft-Windows-AppLocker
+> Date: 11/11/2020 1:18:11 PM
+> Event ID: 8036
+> Task Category: None
+> Level: Error
+> Keywords:
+> User: S-1-5-21-3340858017-3068726007-3466559902-3647
+> Computer: contoso.com
+> Description: {f8d253d9-89a4-4daa-87b6-1168369f0b21} was prevented from running due to Config CI policy. Event XML: @@ -155,10 +155,10 @@ To add this CLSID to the existing policy, follow these steps: Once the command has been run, you will find that the following section is added to the policy XML. ```XML - - - - true - - + + + + true + + ``` diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md b/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md index 727135ff89..d3d7b17207 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Add rules for packaged apps to existing AppLocker rule-set diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md index 9838e069b1..3c1120b48b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 02/28/2019 -ms.technology: mde +ms.technology: windows-sec --- # Administer AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md index f11b29225e..206a7b287c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # AppLocker architecture and components diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md index a095a49531..aa517a5505 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # AppLocker functions diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md index 45cbf5c074..af1cdbd2d8 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 10/16/2017 -ms.technology: mde +ms.technology: windows-sec --- # AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md index d5c03fc57e..8b61cc5f7c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md index d0df809923..5175d57766 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # AppLocker design guide diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md index 1314f32db2..32d003ef09 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # AppLocker policy use scenarios diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md index ccb2db435b..8460667499 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # AppLocker processes and interactions diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md index 504b6ddc8e..85ecf639ea 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # AppLocker settings diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md index 72e525eb33..7dc333ae22 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # AppLocker technical reference diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md index 0c75f461a6..8dbd16c51c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 06/08/2018 -ms.technology: mde +ms.technology: windows-sec --- # Configure an AppLocker policy for audit only diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md index 411f862d54..4ae757fa97 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Configure an AppLocker policy for enforce rules diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md index f349cab5c6..1eba7b9033 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Add exceptions for an AppLocker rule diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md index 1f654436af..0675c5fa73 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Configure the AppLocker reference device diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md index 37736b98e8..4db27c8710 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 07/01/2021 -ms.technology: mde +ms.technology: windows-sec --- # Configure the Application Identity service diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md index 6a921a1a9f..f983e81eba 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create a rule for packaged apps diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md index ae414198e7..0f78585339 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create a rule that uses a file hash condition diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md index 305a8f1f28..f935341e92 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create a rule that uses a path condition diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md index e54c7be041..60623baeae 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create a rule that uses a publisher condition diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md index 7d5cb87442..d130fe7233 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create AppLocker default rules diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md index ca15623e30..7daf4320eb 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create a list of apps deployed to each business group diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md index 3a1109a239..961dd4e3ff 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create Your AppLocker policies diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md index bbf2bbc5f2..cdda7822da 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Create Your AppLocker rules diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md b/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md index a76438913f..e5b26ce22e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 11/09/2020 -ms.technology: mde +ms.technology: windows-sec --- # Delete an AppLocker rule diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md index bd37f7dbd6..76c4ee127a 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Deploy AppLocker policies by using the enforce rules setting diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md index 801357a512..3c3692819b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Deploy the AppLocker policy into production diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md index 56fabec7f0..2d9fdbe7c2 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Determine the Group Policy structure and rule enforcement diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md index 0f79249eb4..656ab2805e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Determine which apps are digitally signed on a reference device diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md index f1a3d2fdb0..e4bdbbc2b7 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Determine your application control objectives diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md b/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md index 33e52bdb43..596ca4a50f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Display a custom URL message when users try to run a blocked app diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md index 90d0e55f8b..5c09c86d2e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # DLL rules in AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md index 28c6e63bf2..252fb96ede 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md @@ -15,7 +15,7 @@ ms.collection: M365-security-compliance ms.topic: conceptual ms.pagetype: security ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Document the Group Policy structure and AppLocker rule enforcement diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md index 19976bf113..33ffa59ce9 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Document your app list diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md index d456dd6197..2db8ca7042 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Document your AppLocker rules diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md index d3e0de4082..811e3ab499 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Edit an AppLocker policy diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md index 4a6c308d6c..742bb76aa9 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Edit AppLocker rules diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md b/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md index a4fda0421a..81877d328c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Enable the DLL rule collection diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md index d5979bfac8..67fa92f12c 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Enforce AppLocker rules diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md index 6737670f69..b8a51feeed 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Executable rules in AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md index 8069b0c488..aa08b6fce3 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Export an AppLocker policy from a GPO diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md index 13a340752a..25c099d3c3 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Export an AppLocker policy to an XML file diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md b/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md index f2f21ec59a..bcccdec697 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # How AppLocker works diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md index 2ca831ad61..eec6f18251 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Import an AppLocker policy from another computer diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md index ea0d11ab6b..9853f4b41f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Import an AppLocker policy into a GPO diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md index fbd1e8bf5b..04db4a506d 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies.md @@ -14,7 +14,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.technology: mde +ms.technology: windows-sec --- # Maintain AppLocker policies diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md index fb2455652e..6c12bd897b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Manage packaged apps with AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md index a054a02bd9..7737b4399b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Merge AppLocker policies by using Set-ApplockerPolicy diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md index 8e26890ee4..4063ae1e66 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Merge AppLocker policies manually diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md index 80d37a8614..a19c80618b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Monitor app usage with AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md b/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md index bda74906e4..e1bfa2e4a6 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Optimize AppLocker performance diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md index ca8932c6f8..c79be76e77 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 10/13/2017 -ms.technology: mde +ms.technology: windows-sec --- # Packaged apps and packaged app installer rules in AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md b/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md index 58c2a7e1aa..b114297f17 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Plan for AppLocker policy management diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md index 82a4c1e458..e4d36fb82e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Refresh an AppLocker policy diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md index 229cfda610..85f6eb11a3 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Requirements for deploying AppLocker policies diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md index 3c707b81d5..023753c944 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Requirements to use AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md b/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md index f17c70b80d..b45234c1a0 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Run the Automatically Generate Rules wizard diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md index 9076c55024..48095da0ce 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Script rules in AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md index 975f550c4a..3b58e12ab7 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Security considerations for AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md index d550e452bd..0e46c32873 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Select the types of rules to create diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md index d75ba70771..af4f2f86cc 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Test an AppLocker policy by using Test-AppLockerPolicy diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md index 389120fbf6..e94dd7e02a 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Test and update an AppLocker policy diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md index a2e61460e0..25bb78c4e1 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Tools to use with AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md index e675fb2869..9b7c321d4e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understand AppLocker enforcement settings diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md index 423a4d1362..2d5fca2ebb 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 10/13/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understand AppLocker policy design decisions diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md index 92387a5fd9..e7a565430e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understand AppLocker rules and enforcement setting inheritance in Group Policy diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md index 799df0904c..b0c0834967 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understand the AppLocker policy deployment process diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md index 73277f9b7e..3fe3cbccdc 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understanding AppLocker allow and deny actions on rules diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md index 5bf6447ed9..8c640a6c94 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understanding AppLocker default rules diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md index cace268255..92bd84efc4 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understanding AppLocker rule behavior diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md index 70106f07bf..23dd648c32 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understanding AppLocker rule collections diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md index 5e0876bc46..b56ba6c88d 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understanding AppLocker rule condition types diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md index a83a41aef9..295497d103 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understanding AppLocker rule exceptions diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md index 62751a55dd..2a8b980f8f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understanding the file hash rule condition in AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md index 365ad545e5..0eb3e887ba 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understanding the path rule condition in AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md index 6c68cb3be5..86cc3ed874 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Understanding the publisher rule condition in AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md index 9a97cd9a36..e054f32aa9 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md @@ -15,7 +15,7 @@ ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 ms.reviewer: -ms.technology: mde +ms.technology: windows-sec --- # Use a reference device to create and maintain AppLocker policies diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md index 41241819f1..a22f94b741 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Use AppLocker and Software Restriction Policies in the same domain diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md index a27af3c553..636ea5f18b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Use the AppLocker Windows PowerShell cmdlets diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md index d0a93e2296..aa10905181 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Using Event Viewer with AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md index 142eeb4cf9..47f5faeacd 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Use Software Restriction Policies and AppLocker policies diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md index 2bb5d4a07b..3629a929f5 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # What Is AppLocker? diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md index c5a2d513e3..fcc0f3b253 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Windows Installer rules in AppLocker diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md index 6e13cbce6e..211cdb2e62 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 -ms.technology: mde +ms.technology: windows-sec --- # Working with AppLocker policies diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md index f05e000e74..4379162473 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules.md @@ -13,7 +13,7 @@ author: dansimp ms.localizationpriority: medium msauthor: v-anbic ms.date: 08/27/2018 -ms.technology: mde +ms.technology: windows-sec --- # Working with AppLocker rules diff --git a/windows/security/threat-protection/windows-defender-application-control/audit-and-enforce-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/audit-and-enforce-windows-defender-application-control-policies.md index 62270b6e8e..7f1870c0b6 100644 --- a/windows/security/threat-protection/windows-defender-application-control/audit-and-enforce-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/audit-and-enforce-windows-defender-application-control-policies.md @@ -15,7 +15,7 @@ ms.reviewer: jogeurte ms.author: dansimp manager: dansimp ms.date: 05/03/2021 -ms.technology: mde +ms.technology: windows-sec --- # Use audit events to create WDAC policy rules and Convert **base** policy from audits to enforced @@ -27,7 +27,7 @@ ms.technology: mde - Windows Server 2016 and above >[!NOTE] ->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md). +>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](feature-availability.md). Running Application Control in audit mode lets you discover applications, binaries, and scripts that are missing from your WDAC policy but should be included. diff --git a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md index 0ca71721d8..37b1dd7a2a 100644 --- a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md @@ -15,7 +15,7 @@ ms.reviewer: jogeurte ms.author: dansimp manager: dansimp ms.date: 05/03/2018 -ms.technology: mde +ms.technology: windows-sec --- # Use audit events to create WDAC policy rules @@ -27,7 +27,7 @@ ms.technology: mde - Windows Server 2016 and above >[!NOTE] ->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md). +>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](feature-availability.md). Running Application Control in audit mode lets you discover applications, binaries, and scripts that are missing from your WDAC policy but should be included. diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md index a31d84c88e..df36d5aeb6 100644 --- a/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md +++ b/windows/security/threat-protection/windows-defender-application-control/configure-authorized-apps-deployed-with-a-managed-installer.md @@ -1,6 +1,6 @@ --- -title: Configure authorized apps deployed with a WDAC-managed installer (Windows) -description: Explains about how to configure a custom Manged Installer. +title: Allow apps deployed with a WDAC managed installer (Windows) +description: Explains how to configure a custom Managed Installer. keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: m365-security @@ -11,33 +11,31 @@ ms.localizationpriority: medium audience: ITPro ms.collection: M365-security-compliance author: jsuther1974 -ms.reviewer: isbrahm +ms.reviewer: jogeurte ms.author: dansimp manager: dansimp ms.date: 10/19/2021 -ms.technology: mde +ms.technology: windows-sec --- -# Configuring authorized apps deployed by a managed installer with AppLocker and Windows Defender Application Control +# Automatically allow apps deployed by a managed installer with Windows Defender Application Control **Applies to:** -- Windows 10 -- Windows 11 -- Windows Server 2016 and above +- Windows 10 +- Windows 11 +- Windows Server 2019 and above > [!NOTE] > Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md). -Windows 10, version 1703 introduced a new option for Windows Defender Application Control (WDAC), called _managed installer_, that helps balance security and manageability when enforcing application control policies. This option lets you automatically allow applications installed by a designated software distribution solution such as Microsoft Endpoint Configuration Manager. +With Windows Defender Application Control (WDAC), you can automatically allow applications installed by a software distribution solution, such as Microsoft Endpoint Configuration Manager, using a feature called _managed installer_. Managed installer can help you better balance security and manageability when enforcing application control policies. ## How does a managed installer work? -A new rule collection in AppLocker specifies binaries that are trusted by the organization as an authorized source for application deployment. When one of these trusted binaries runs, Windows will monitor the binary's process (and processes it launches), and then tag all files it writes as having originated from a managed installer. The managed installer rule collection is configured using Group Policy and can be applied with the Set-AppLockerPolicy PowerShell cmdlet. You can't currently set managed installers with the AppLocker CSP through MDM. +Managed installer uses a special rule collection in **AppLocker** to designate binaries that are trusted by your organization as an authorized source for application installation. When one of these trusted binaries runs, Windows monitors the binary's process (and processes it launches) and watches for files being written to disk. As files are written, they are tagged as originating from a managed installer. -Having defined your managed installers by using AppLocker, you can then configure WDAC to trust files that are installed by a managed installer. You do so by adding the "Enabled:Managed Installer" option to your WDAC policy. When that option is set, WDAC will check for managed installer origin information when determining whether or not to allow a binary to run. As long as there are no deny rules present for the file, WDAC will allow a file to run based on its managed installer origin. - -Ensure that the WDAC policy allows the system/boot components and any other authorized applications that can't be deployed through a managed installer. +You can then configure WDAC to trust files that are installed by a managed installer by adding the "Enabled:Managed Installer" option to your WDAC policy. When that option is set, WDAC will check for managed installer origin information when determining whether or not to allow a binary to run. As long as there are no deny rules for the binary, WDAC will allow it to run based purely on its managed installer origin. ## Security considerations with managed installer @@ -47,7 +45,7 @@ Users with administrator privileges, or malware running as an administrator user If a managed installer process runs in the context of a user with standard privileges, then it's possible that standard users or malware running as standard user may be able to circumvent the intent of Windows Defender Application Control. -Some application installers may automatically run the application at the end of the installation process. If this happens when the installer is run by a managed installer, then the managed installer's heuristic tracking and authorization will extend to all files that are created during the first run of the application. Extension of the installer's authorization could result in unintentional authorization of an executable. To avoid that outcome, ensure that the method of application deployment that is used as a managed installer limits running applications as part of installation. +Some application installers may automatically run the application at the end of the installation process. If this happens when the installer is run by a managed installer, then the managed installer's heuristic tracking and authorization will extend to all files that are created during the first run of the application. This could result in unintentional authorization of an executable. To avoid that, ensure that the method of application deployment that is used as a managed installer limits running applications as part of installation. ## Known limitations with managed installer @@ -59,126 +57,138 @@ Some application installers may automatically run the application at the end of - The managed installer heuristic doesn't authorize kernel drivers. The WDAC policy must have rules that allow the necessary drivers to run. -## Configuring the managed installer +## Configure managed installer tracking with AppLocker and WDAC -Setting up managed installer tracking and application execution enforcement requires applying both an AppLocker and WDAC policy, with specific rules and options enabled. -There are three primary steps to keep in mind: +To turn on managed installer tracking, you must: -- Specify managed installers, by using the Managed Installer rule collection in AppLocker policy. -- Enable service enforcement in AppLocker policy. -- Enable the managed installer option in a WDAC policy. +- Create and deploy an AppLocker policy that defines your managed installer rules and enables services enforcement for executables and DLLs. +- Enable AppLocker's Application Identity and AppLockerFltr services. -## Specify managed installers using the Managed Installer rule collection in AppLocker policy +### Create and deploy an AppLocker policy that defines your managed installer rules and enables services enforcement for executables and DLLs -The identity of the managed installer executable(s) is specified in an AppLocker policy, in a Managed Installer rule collection. +Currently, neither the AppLocker policy creation UI in GPO Editor nor the PowerShell cmdlets allow for directly specifying rules for the Managed Installer rule collection. However, you can use an XML or text editor to convert an EXE rule collection policy into a ManagedInstaller rule collection. +> [!NOTE] +> Only EXE file types can be designated as managed installers. -### Create Managed Installer rule collection - -Currently, neither the AppLocker policy creation UI in GPO Editor nor the PowerShell cmdlets allow for directly specifying rules for the Managed Installer rule collection. However, you can use a text editor to make the changes that are needed to an EXE or DLL rule collection policy, to specify Type="ManagedInstaller", so that the new rule can be imported into a GPO. - -1. Use [New-AppLockerPolicy](/powershell/module/applocker/new-applockerpolicy?view=win10-ps&preserve-view=true) to make an EXE rule for the file you are designating as a managed installer. Note that only EXE file types can be designated as managed installers. Below is an example using the rule type Publisher with a hash fallback but other rule types can be used as well. You may need to reformat the output for readability. +1. Use [New-AppLockerPolicy](/powershell/module/applocker/new-applockerpolicy?view=win10-ps&preserve-view=true) to make an EXE rule for the file you are designating as a managed installer. This example creates a rule for Microsoft's Intune Management Extension using the Publisher rule type, but any AppLocker rule type can be used. You may need to reformat the output for readability. ```powershell - Get-ChildItem | Get-AppLockerFileInformation | New-AppLockerPolicy -RuleType Publisher, Hash -User Everyone -Xml > AppLocker_MI_PS_ISE.xml + Get-ChildItem ${env:ProgramFiles(x86)}'\Microsoft Intune Management Extension\Microsoft.Management.Services.IntuneWindowsAgent.exe' | Get-AppLockerFileInformation | New-AppLockerPolicy -RuleType Publisher -User Everyone -Xml > AppLocker_MI_PS_ISE.xml ``` -2. Manually rename the rule collection to ManagedInstaller +2. Manually change the rule collection Type from "Exe" to "ManagedInstaller" and set EnforcementMode to "AuditOnly" Change: - ```powershell + ```XML ``` to: - ```powershell + ```XML ``` -An example of a valid Managed Installer rule collection, using Microsoft Endpoint Config Manager (MEMCM), MEM (Intune), PowerShell, and PowerShell ISE, is shown below. Remove any rules that you do not wish to designate as a Managed Installer. - -```xml - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +3. Manually edit your AppLocker policy and add the EXE and DLL rule collections with at least one rule for each. To ensure your policy can be safely applied on systems that may already have an active AppLocker policy, we recommend using a benign DENY rule to block a fake binary and set the rule collection's EnforcementMode to AuditOnly. Additionally, since many installation processes rely on services, you need to enable services tracking for each of those rule collections. The following example shows a partial AppLocker policy with the EXE and DLL rule collection configured as recommended. + + ```xml + + - - - + - - - - - - - - - - - - - - - - - - - - - - - - -``` + + + + + + + + + + + + + + + + + + + + ``` ->[!NOTE] ->Since many installation processes rely on services, it is typically necessary to enable tracking of services. Correct tracking of services requires the presence of at least one rule in the rule collection. So, a simple audit-only rule will suffice. +4. Verify your AppLocker policy. The following example shows a complete AppLocker policy that sets Microsoft Endpoint Config Manager (MEMCM)and Microsoft Endpoint Manager Intune as managed installers. Only those AppLocker rule collections that have actual rules defined are included in the final XML. This ensures the policy will merge successfully on devices which may already have an AppLocker policy in place. + + ```xml + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ``` + +5. Deploy your AppLocker managed installer configuration policy. You can either import your AppLocker policy and deploy with Group Policy or use a script to deploy the policy with the Set-AppLockerPolicy cmdlet as shown in the following PowerShell command. + + ```powershell + Set-AppLockerPolicy -XmlPolicy -Merge -ErrorAction SilentlyContinue + ``` + +6. If deploying your AppLocker policy via script, use appidtel.exe to configure the AppLocker Application Identity service and AppLocker filter driver. + + ```console + appidtel.exe start [-mionly] + ``` + + Specify "-mionly" if you don't plan to use the Intelligent Security Graph (ISG). + +> [!NOTE] +> Managed installer tracking will start the next time a process runs that matches your managed installer rules. If an intended process is already running, you must restart it. ## Enable the managed installer option in WDAC policy @@ -203,69 +213,11 @@ Below are steps to create a WDAC policy that allows Windows to boot and enables Set-RuleOption -FilePath -Option 13 ``` -## Set the AppLocker filter driver to autostart +4. Deploy your WDAC policy. See [Deploying Windows Defender Application Control (WDAC) policies](windows-defender-application-control-deployment-guide.md). -To enable the managed installer, you need to set the AppLocker filter driver to autostart, and start it. +> [!NOTE] +> Your WDAC policy must include rules for all system/boot components, kernel drivers, and any other authorized applications that can't be deployed through a managed installer. -To do so, run the following command as an Administrator: +## Related articles -```console -appidtel.exe start [-mionly] -``` - -Specify "-mionly" if you will not use the Intelligent Security Graph (ISG). - -## Using fsutil to query SmartLocker EA -Customers using Windows Defender Application Control (WDAC) with Managed Installer (MI) or Intelligent Security Graph enabled can use fsutil to determine whether a file was allowed to run by one of these features. This can be achieved by querying the EAs on a file using fsutil and looking for the KERNEL.SMARTLOCKER.ORIGINCLAIM EA. The presence of this EA indicates that either MI or ISG allowed the file to run. This can be used in conjunction with enabling the MI and ISG logging events. - -#### Example: -```powershell -fsutil file queryEA C:\Users\Temp\Downloads\application.exe - -Extended Attributes (EA) information for file C:\Users\Temp\Downloads\application.exe: - -Ea Buffer Offset: 410 -Ea Name: $KERNEL.SMARTLOCKER.ORIGINCLAIM -Ea Value Length: 7e -0000: 01 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 ................ -0010: b2 ff 10 66 bc a8 47 c7 00 d9 56 9d 3d d4 20 2a ...f..G...V.=. * -0020: 63 a3 80 e2 d8 33 8e 77 e9 5c 8d b0 d5 a7 a3 11 c....3.w.\...... -0030: 83 00 00 00 00 00 00 00 5c 00 00 00 43 00 3a 00 ........\...C.:. -0040: 5c 00 55 00 73 00 65 00 72 00 73 00 5c 00 6a 00 \.U.s.e.r.s.\.T. -0050: 6f 00 67 00 65 00 75 00 72 00 74 00 65 00 2e 00 e.m.p..\D.o.w.n... -0060: 52 00 45 00 44 00 4d 00 4f 00 4e 00 44 00 5c 00 l.o.a.d.\a.p.p.l. -0070: 44 00 6f 00 77 00 6e 00 6c 00 6f 00 61 00 64 i.c.a.t.i.o.n..e.x.e -``` - -## Enabling managed installer logging events - -Refer to [Understanding Application Control Events](event-id-explanations.md#optional-intelligent-security-graph-isg-or-managed-installer-mi-diagnostic-events) for information on enabling optional managed installer diagnostic events. - -## Deploying the Managed Installer rule collection - -Once you've completed configuring your chosen Managed Installer, by specifying which option to use in the AppLocker policy, enabling the service enforcement of it, and by enabling the Managed Installer option in a WDAC policy, you'll need to deploy it. - -1. Use the following command to deploy the policy. - ```powershell - $policyFile= - @" - Raw_AppLocker_Policy_XML - "@ - Set-AppLockerPolicy -XmlPolicy $policyFile -Merge -ErrorAction SilentlyContinue - ``` - -2. Verify Deployment of the ruleset was successful - ```powershell - Get-AppLockerPolicy -Local - - Version RuleCollections RuleCollectionTypes - ------- --------------- ------------------- - 1 {0, 0, 0, 0...} {Appx, Dll, Exe, ManagedInstaller...} - ``` - Verify the output shows the ManagedInstaller rule set. - -3. Get the policy XML (optional) using PowerShell: - ```powershell - Get-AppLockerPolicy -Effective -Xml -ErrorVariable ev -ErrorAction SilentlyContinue - ``` - This command will show the raw XML to verify the individual rules that were set. +- [Managed installer and ISG technical reference and troubleshooting guide](configure-wdac-managed-installer.md) diff --git a/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md b/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md index fb11f5cbf8..d0179f7f5e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md +++ b/windows/security/threat-protection/windows-defender-application-control/configure-wdac-managed-installer.md @@ -1,5 +1,5 @@ --- -title: Configure a WDAC managed installer (Windows) +title: Managed installer and ISG technical reference and troubleshooting guide (Windows) description: Explains how to configure a custom Manged Installer. keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb @@ -15,151 +15,78 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 08/14/2020 -ms.technology: mde +ms.technology: windows-sec --- -# Configuring a managed installer with AppLocker and Windows Defender Application Control +# Managed installer and ISG technical reference and troubleshooting guide **Applies to:** -- Windows 10 -- Windows 11 -- Windows Server 2016 and above +- Windows 10 +- Windows 11 +- Windows Server 2019 and above >[!NOTE] ->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](feature-availability.md). +>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](feature-availability.md). -Setting up managed installer tracking and application execution enforcement requires applying both an AppLocker and WDAC policy with specific rules and options enabled. -There are three primary steps to keep in mind: +## Using fsutil to query SmartLocker EA -- Specify managed installers by using the Managed Installer rule collection in AppLocker policy. -- Enable service enforcement in AppLocker policy. -- Enable the managed installer option in a WDAC policy. +Customers using Windows Defender Application Control (WDAC) with Managed Installer (MI) or Intelligent Security Graph enabled can use fsutil to determine whether a file was allowed to run by one of these features. This can be achieved by querying the EAs on a file using fsutil and looking for the KERNEL.SMARTLOCKER.ORIGINCLAIM EA. The presence of this EA indicates that either MI or ISG allowed the file to run. This can be used in conjunction with enabling the MI and ISG logging events. -## Specify managed installers using the Managed Installer rule collection in AppLocker policy +**Example:** -The identity of the managed installer executable(s) is specified in an AppLocker policy in a Managed Installer rule collection. +```powershell +fsutil file queryEA C:\Users\Temp\Downloads\application.exe -### Create Managed Installer rule collection +Extended Attributes (EA) information for file C:\Users\Temp\Downloads\application.exe: -Currently, neither the AppLocker policy creation UI in GPO Editor nor the PowerShell cmdlets allow for directly specifying rules for the Managed Installer rule collection. However, a text editor can be used to make the simple changes needed to an EXE or DLL rule collection policy to specify Type="ManagedInstaller", so that the new rule can be imported into a GPO. - -1. Use [New-AppLockerPolicy](/powershell/module/applocker/new-applockerpolicy?view=win10-ps&preserve-view=true) to make an EXE rule for the file you are designating as a managed installer. Note that only EXE file types can be designated as managed installers. Below is an example using the rule type Publisher with a hash fallback, but other rule types can be used as well. You may need to reformat the output for readability. - - ```powershell - Get-ChildItem | Get-AppLockerFileInformation | New-AppLockerPolicy -RuleType Publisher, Hash -User Everyone -Xml > AppLocker_MI_PS_ISE.xml - ``` - -2. Manually rename the rule collection to ManagedInstaller - - Change - - ```powershell - - ``` - - to - - ```powershell - - ``` - -An example of a valid Managed Installer rule collection using Microsoft Endpoint Config Manager (MEMCM) is shown below. - -```xml - - - - - - - - - - - - - - - - +Ea Buffer Offset: 410 +Ea Name: $KERNEL.SMARTLOCKER.ORIGINCLAIM +Ea Value Length: 7e +0000: 01 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 ................ +0010: b2 ff 10 66 bc a8 47 c7 00 d9 56 9d 3d d4 20 2a ...f..G...V.=. * +0020: 63 a3 80 e2 d8 33 8e 77 e9 5c 8d b0 d5 a7 a3 11 c....3.w.\...... +0030: 83 00 00 00 00 00 00 00 5c 00 00 00 43 00 3a 00 ........\...C.:. +0040: 5c 00 55 00 73 00 65 00 72 00 73 00 5c 00 6a 00 \.U.s.e.r.s.\.T. +0050: 6f 00 67 00 65 00 75 00 72 00 74 00 65 00 2e 00 e.m.p..\D.o.w.n... +0060: 52 00 45 00 44 00 4d 00 4f 00 4e 00 44 00 5c 00 l.o.a.d.\a.p.p.l. +0070: 44 00 6f 00 77 00 6e 00 6c 00 6f 00 61 00 64 i.c.a.t.i.o.n..e.x.e ``` -### Enable service enforcement in AppLocker policy - -Since many installation processes rely on services, it is typically necessary to enable tracking of services. -Correct tracking of services requires the presence of at least one rule in the rule collection, so a simple audit only rule will suffice. This can be added to the policy created above which specifies your managed installer rule collection. - -For example: - -```xml - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -``` - -## Enable the managed installer option in WDAC policy - -In order to enable trust for the binaries laid down by managed installers, the Enabled: Managed Installer option must be specified in your WDAC policy. -This can be done by using the [Set-RuleOption cmdlet](/powershell/module/configci/set-ruleoption) with Option 13. - -Below are steps to create a WDAC policy that allows Windows to boot and enables the managed installer option. - -1. Copy the DefaultWindows_Audit policy into your working folder from C:\Windows\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_Audit.xml - -2. Reset the policy ID to ensure it is in multiple policy format and give it a different GUID from the example policies. Also give it a friendly name to help with identification. - - Ex. - - ```powershell - Set-CIPolicyIdInfo -FilePath -PolicyName "" -ResetPolicyID - ``` - -3. Set Option 13 (Enabled:Managed Installer) - - ```powershell - Set-RuleOption -FilePath -Option 13 - ``` - -## Set the AppLocker filter driver to autostart - -To enable the managed installer, you need to set the AppLocker filter driver to autostart and start it. - -To do so, run the following command as an Administrator: - -```console -appidtel.exe start [-mionly] -``` - -Specify `-mionly` if you will not use the Intelligent Security Graph (ISG). - ## Enabling managed installer logging events -Refer to [Understanding Application Control Events](event-id-explanations.md#optional-intelligent-security-graph-isg-or-managed-installer-mi-diagnostic-events) for information on enabling optional managed installer diagnostic events. \ No newline at end of file +Refer to [Understanding Application Control Events](event-id-explanations.md#optional-intelligent-security-graph-isg-or-managed-installer-mi-diagnostic-events) for information on enabling optional managed installer diagnostic events. + +## Deploying the Managed Installer rule collection + +Once you've completed configuring your chosen Managed Installer, by specifying which option to use in the AppLocker policy, enabling the service enforcement of it, and by enabling the Managed Installer option in a WDAC policy, you'll need to deploy it. + +1. Use the following command to deploy the policy. + + ```powershell + $policyFile= + @" + Raw_AppLocker_Policy_XML + "@ + Set-AppLockerPolicy -XmlPolicy $policyFile -Merge -ErrorAction SilentlyContinue + ``` + +2. Verify Deployment of the ruleset was successful + + ```powershell + Get-AppLockerPolicy -Local + + Version RuleCollections RuleCollectionTypes + ------- --------------- ------------------- + 1 {0, 0, 0, 0...} {Appx, Dll, Exe, ManagedInstaller...} + ``` + + Verify the output shows the ManagedInstaller rule set. + +3. Get the policy XML (optional) using PowerShell: + + ```powershell + Get-AppLockerPolicy -Effective -Xml -ErrorVariable ev -ErrorAction SilentlyContinue + ``` + + This command will show the raw XML to verify the individual rules that were set. diff --git a/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md index 7f12604edc..26a241db0e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-code-signing-cert-for-windows-defender-application-control.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 02/28/2018 -ms.technology: mde +ms.technology: windows-sec --- # Optional: Create a code signing cert for Windows Defender Application Control diff --git a/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md b/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md index 4d96dd5039..72b3039271 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-initial-default-policy.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 05/03/2018 -ms.technology: mde +ms.technology: windows-sec --- # Create a WDAC policy for fixed-workload devices using a reference computer diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md index ae19d1e80f..f088c8d7f9 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md @@ -16,7 +16,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 11/20/2019 -ms.technology: mde +ms.technology: windows-sec --- # Create a WDAC policy for fully managed devices diff --git a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md index 98d4991e37..a173ced569 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-lightly-managed-devices.md @@ -16,7 +16,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 11/15/2019 -ms.technology: mde +ms.technology: windows-sec --- # Create a WDAC policy for lightly managed devices diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md index fbe13edbe5..0ea6e2d239 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-catalog-files-to-support-windows-defender-application-control.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 02/28/2018 -ms.technology: mde +ms.technology: windows-sec --- # Deploy catalog files to support Windows Defender Application Control diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md index 96abd74691..2738724087 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md @@ -15,7 +15,7 @@ ms.reviewer: jogeurte ms.author: dansimp manager: dansimp ms.date: 07/19/2021 -ms.technology: mde +ms.technology: windows-sec --- # Use multiple Windows Defender Application Control Policies diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md index 8482f5f1c0..73098a0cc4 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-group-policy.md @@ -15,7 +15,7 @@ ms.reviewer: jogeurte ms.author: dansimp manager: dansimp ms.date: 02/28/2018 -ms.technology: mde +ms.technology: windows-sec --- # Deploy Windows Defender Application Control policies by using Group Policy diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md index 7b44dba695..3572e0f5f3 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 04/29/2020 -ms.technology: mde +ms.technology: windows-sec --- # Deploy WDAC policies using Mobile Device Management (MDM) diff --git a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md index b8900a28dc..1ac9e541d2 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md +++ b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-memcm.md @@ -11,7 +11,7 @@ ms.author: jogeurte ms.manager: jsuther manager: dansimp ms.date: 07/19/2021 -ms.technology: mde +ms.technology: windows-sec ms.topic: article ms.localizationpriority: medium --- @@ -25,7 +25,7 @@ ms.localizationpriority: medium - Windows Server 2016 and above >[!NOTE] ->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability). +>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability). You can use Microsoft Endpoint Configuration Manager (MEMCM) to configure Windows Defender Application Control (WDAC) on client machines. @@ -41,7 +41,7 @@ MEMCM includes native support for WDAC, which allows you to configure Windows 10 Note that MEMCM does not remove policies once deployed. To stop enforcement, you should switch the policy to audit mode, which will produce the same effect. If you want to disable WDAC altogether (including audit mode), you can deploy a script to delete the policy file from disk, and either trigger a reboot or wait for the next reboot. -For more information on using MEMCM's native WDAC policies, see [Windows Defender Application Control management with Configuration Manager](/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager) +For more information on using MEMCM's native WDAC policies, see [Windows Defender Application Control management with Configuration Manager](/mem/configmgr/protect/deploy-use/use-device-guard-with-configuration-manager). ## Deploy custom WDAC policies using Packages/Programs or Task Sequences diff --git a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md index 67dadf4ccd..36243edbf3 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md +++ b/windows/security/threat-protection/windows-defender-application-control/deployment/deploy-wdac-policies-with-script.md @@ -11,7 +11,7 @@ ms.author: jogeurte ms.manager: jsuther manager: dansimp ms.date: 04/14/2021 -ms.technology: mde +ms.technology: windows-sec ms.topic: article ms.localizationpriority: medium --- @@ -25,7 +25,7 @@ ms.localizationpriority: medium - Windows Server 2016 and above >[!NOTE] ->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability). +>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability). This topic describes how to deploy Windows Defender Application Control (WDAC) policies using script. The instructions below use PowerShell but can work with any scripting host. @@ -61,13 +61,15 @@ This topic describes how to deploy Windows Defender Application Control (WDAC) p In addition to the steps outlined above, the binary policy file must also be copied to the device's EFI partition. Deploying your policy via [MEM](/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune) or the Application Control CSP will handle this step automatically. 1. Mount the EFI volume and make the directory, if it does not exist, in an elevated PowerShell prompt: -```powershell -mountvol J: /S -J: -mkdir J:\EFI\Microsoft\Boot\CiPolicies\Active -``` -2. Copy the signed policy binary as `{PolicyGUID}.cip` to J:\EFI\Microsoft\Boot\CiPolicies\Active + ```powershell + mountvol J: /S + J: + mkdir J:\EFI\Microsoft\Boot\CiPolicies\Active + ``` + +2. Copy the signed policy binary as `{PolicyGUID}.cip` to `J:\EFI\Microsoft\Boot\CiPolicies\Active`. + 3. Reboot the system. ## Script-based deployment process for Windows 10 versions earlier than 1903 diff --git a/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md index bff322daff..6fa1b84ec0 100644 --- a/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/disable-windows-defender-application-control-policies.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 05/03/2018 -ms.technology: mde +ms.technology: windows-sec --- # Disable Windows Defender Application Control policies diff --git a/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md index 685ffd83a1..e3969dba90 100644 --- a/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/enforce-windows-defender-application-control-policies.md @@ -11,7 +11,7 @@ ms.author: jogeurte ms.manager: jsuther manager: dansimp ms.date: 04/22/2021 -ms.technology: mde +ms.technology: windows-sec ms.topic: article ms.localizationpriority: medium --- diff --git a/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md b/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md index a87cd17fec..9acce652d1 100644 --- a/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md +++ b/windows/security/threat-protection/windows-defender-application-control/event-id-explanations.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 06/02/2021 -ms.technology: mde +ms.technology: windows-sec --- # Understanding Application Control events diff --git a/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md b/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md index f5d7d82e37..e78284ae26 100644 --- a/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md +++ b/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 07/13/2021 -ms.technology: mde +ms.technology: windows-sec --- # Understanding Application Control event tags diff --git a/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md b/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md index b12655562e..93c7ae9224 100644 --- a/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/example-wdac-base-policies.md @@ -16,7 +16,7 @@ ms.reviewer: jogeurte ms.author: dansimp manager: dansimp ms.date: 11/15/2019 -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Application Control (WDAC) example base policies diff --git a/windows/security/threat-protection/windows-defender-application-control/feature-availability.md b/windows/security/threat-protection/windows-defender-application-control/feature-availability.md index 8e813e308b..21ff82c26f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/feature-availability.md +++ b/windows/security/threat-protection/windows-defender-application-control/feature-availability.md @@ -16,7 +16,7 @@ ms.author: deniseb manager: dansimp ms.date: 07/29/2021 ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Application Control and AppLocker feature availability diff --git a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md index 5939c67fde..8a26cf9a33 100644 --- a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 05/29/2020 -ms.technology: mde +ms.technology: windows-sec --- # Manage Packaged Apps with Windows Defender Application Control diff --git a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md index 1c0bf07bd4..4bb130103f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/merge-windows-defender-application-control-policies.md @@ -11,7 +11,7 @@ ms.author: jogeurte ms.manager: jsuther manager: dansimp ms.date: 04/22/2021 -ms.technology: mde +ms.technology: windows-sec ms.topic: article ms.localizationpriority: medium --- diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md index 53d81d3ab1..0452284705 100644 --- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md @@ -4,7 +4,7 @@ description: View a list of recommended block rules, based on knowledge shared b keywords: security, malware ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb ms.prod: m365-security -ms.technology: mde +ms.technology: windows-sec ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security diff --git a/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md b/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md index 015e6b6e50..a54661c0b2 100644 --- a/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md +++ b/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md @@ -11,7 +11,7 @@ ms.author: jogeurte ms.manager: jsuther manager: dansimp ms.date: 04/14/2021 -ms.technology: mde +ms.technology: windows-sec ms.topic: article ms.localizationpriority: medium --- @@ -26,7 +26,7 @@ ms.localizationpriority: medium - Windows Server 2016 and above >[!NOTE] ->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability). +>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability). This topic covers tips and tricks for admins as well as known issues with WDAC. Test this configuration in your lab before enabling it in production. @@ -40,12 +40,12 @@ In some cases, the code integrity logs where WDAC errors and warnings are writte Installing .msi files directly from the internet to a computer protected by WDAC will fail. For example, this command will not work: -```code +```console msiexec –i https://download.microsoft.com/download/2/E/3/2E3A1E42-8F50-4396-9E7E-76209EA4F429/Windows10_Version_1511_ADMX.msi ``` As a workaround, download the MSI file and run it locally: -```code +```console msiexec –i c:\temp\Windows10_Version_1511_ADMX.msi ``` diff --git a/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md b/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md index bff9aace8e..5fb7949fb1 100644 --- a/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md +++ b/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 02/21/2018 -ms.technology: mde +ms.technology: windows-sec --- # Plan for Windows Defender Application Control lifecycle policy management diff --git a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md index 134acc8d1f..f5f01d8caa 100644 --- a/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md +++ b/windows/security/threat-protection/windows-defender-application-control/querying-application-control-events-centrally-using-advanced-hunting.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 12/06/2018 -ms.technology: mde +ms.technology: windows-sec --- # Querying Application Control events centrally using Advanced hunting diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md index 69855b69b3..6e90081708 100644 --- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 07/15/2021 -ms.technology: mde +ms.technology: windows-sec --- # Understand Windows Defender Application Control (WDAC) policy rules and file rules diff --git a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md index 024f7881f7..da525f4cf5 100644 --- a/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md +++ b/windows/security/threat-protection/windows-defender-application-control/types-of-devices.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 03/01/2018 -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Application Control deployment in different scenarios: types of devices diff --git a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md index e0abed5fef..1125c7c0ef 100644 --- a/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md +++ b/windows/security/threat-protection/windows-defender-application-control/understand-windows-defender-application-control-policy-design-decisions.md @@ -15,7 +15,7 @@ author: jsuther1974 ms.reviewer: isbrahm ms.author: dansimp ms.date: 02/08/2018 -ms.technology: mde +ms.technology: windows-sec --- # Understand Windows Defender Application Control policy design decisions diff --git a/windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md b/windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md index 392ab9a072..2f34416393 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-code-signing-to-simplify-application-control-for-classic-windows-applications.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 05/03/2018 -ms.technology: mde +ms.technology: windows-sec --- # Use code signing to simplify application control for classic Windows applications diff --git a/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md b/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md index 79b9e0a33c..7311563492 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-device-guard-signing-portal-in-microsoft-store-for-business.md @@ -15,7 +15,7 @@ author: jsuther1974 ms.reviewer: isbrahm manager: dansimp ms.date: 02/19/2019 -ms.technology: mde +ms.technology: windows-sec --- # Optional: Use the Device Guard Signing Portal in the Microsoft Store for Business diff --git a/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md b/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md index 224fa1dac5..b56df7608b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 05/03/2018 -ms.technology: mde +ms.technology: windows-sec --- # Use signed policies to protect Windows Defender Application Control against tampering diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md index 5ce6dec509..e00de62409 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md @@ -15,7 +15,7 @@ ms.collection: M365-security-compliance author: jsuther1974 ms.reviewer: isbrahm ms.date: 08/12/2021 -ms.technology: mde +ms.technology: windows-sec --- # Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md index fae9be2b42..b1ace98992 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 09/23/2021 -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Application Control and .NET hardening diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md index d1f5ea9591..36aa766318 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-intelligent-security-graph.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 07/15/2021 -ms.technology: mde +ms.technology: windows-sec --- # Authorize reputable apps with the Intelligent Security Graph (ISG) diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md b/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md index 37d3a19f84..bdb1f032a7 100644 --- a/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md +++ b/windows/security/threat-protection/windows-defender-application-control/wdac-and-applocker-overview.md @@ -16,7 +16,7 @@ ms.author: deniseb manager: dansimp ms.date: 09/30/2020 ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Application Control and AppLocker Overview diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md index eb2d098d4b..fa6ef6f807 100644 --- a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-base-policy.md @@ -16,7 +16,7 @@ ms.author: dansimp manager: dansimp ms.topic: conceptual ms.date: 10/14/2020 -ms.technology: mde +ms.technology: windows-sec --- # Creating a new Base Policy with the Wizard diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md index 71046d7308..c2b91d7090 100644 --- a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-create-supplemental-policy.md @@ -16,7 +16,7 @@ ms.author: dansimp manager: dansimp ms.topic: conceptual ms.date: 10/14/2020 -ms.technology: mde +ms.technology: windows-sec --- # Creating a new Supplemental Policy with the Wizard diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-editing-policy.md b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-editing-policy.md index 754f399a47..6de03178f8 100644 --- a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-editing-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-editing-policy.md @@ -16,7 +16,7 @@ ms.author: dansimp manager: dansimp ms.topic: conceptual ms.date: 10/14/2020 -ms.technology: mde +ms.technology: windows-sec --- # Editing existing base and supplemental WDAC policies with the Wizard diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-merging-policies.md b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-merging-policies.md index 66ad01329f..4c286095a7 100644 --- a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-merging-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard-merging-policies.md @@ -16,7 +16,7 @@ ms.author: dansimp manager: dansimp ms.topic: conceptual ms.date: 10/14/2020 -ms.technology: mde +ms.technology: windows-sec --- # Merging existing policies with the WDAC Wizard diff --git a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard.md b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard.md index 3143fd1d5c..8024e0f03b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/wdac-wizard.md +++ b/windows/security/threat-protection/windows-defender-application-control/wdac-wizard.md @@ -16,7 +16,7 @@ ms.author: dansimp manager: dansimp ms.topic: conceptual ms.date: 10/14/2020 -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Application Control Wizard diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md index b3d650b5e2..a247be4297 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide.md @@ -15,7 +15,7 @@ ms.reviewer: jogeurte ms.author: dansimp manager: dansimp ms.date: 05/16/2018 -ms.technology: mde +ms.technology: windows-sec --- # Deploying Windows Defender Application Control (WDAC) policies diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md index 6617b5581c..2d52ef271b 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-design-guide.md @@ -16,7 +16,7 @@ ms.author: dansimp manager: dansimp ms.topic: conceptual ms.date: 02/20/2018 -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Application Control design guide diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md index 8d5d8dda4a..00ab146f0a 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide.md @@ -15,7 +15,7 @@ ms.reviewer: isbrahm ms.author: dansimp manager: dansimp ms.date: 03/16/2020 -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Application Control operational guide diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md index 9d17eb7f30..4e7a69a494 100644 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md +++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md @@ -16,7 +16,7 @@ ms.author: deniseb manager: dansimp ms.date: 05/26/2020 ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Application Control for Windows diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-windows-10-in-s-mode.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-windows-10-in-s-mode.md index 7f3ef48df0..2b298178cb 100644 --- a/windows/security/threat-protection/windows-defender-security-center/wdsc-windows-10-in-s-mode.md +++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-windows-10-in-s-mode.md @@ -13,7 +13,7 @@ ms.author: dansimp ms.date: 04/30/2018 ms.reviewer: manager: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Manage Windows Security in Windows 10 in S mode diff --git a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md index 848345ef8b..128243e87c 100644 --- a/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md +++ b/windows/security/threat-protection/windows-defender-system-guard/how-hardware-based-root-of-trust-helps-protect-windows.md @@ -13,7 +13,7 @@ ms.pagetype: security ms.localizationpriority: medium author: dansimp ms.date: 03/01/2019 -ms.technology: mde +ms.technology: windows-sec --- diff --git a/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md b/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md index 55321967df..c234a83d1d 100644 --- a/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md +++ b/windows/security/threat-protection/windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md @@ -12,7 +12,7 @@ ms.date: 07/01/2021 ms.reviewer: manager: dansimp ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # System Guard Secure Launch and SMM protection diff --git a/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md b/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md index 22c00f87cc..0ffe9699ca 100644 --- a/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md +++ b/windows/security/threat-protection/windows-firewall/add-production-devices-to-the-membership-group-for-a-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Add Production Devices to the Membership Group for a Zone diff --git a/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md b/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md index 14eaf54184..e3a45c598a 100644 --- a/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md +++ b/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Add Test Devices to the Membership Group for a Zone diff --git a/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md b/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md index 7a8c114351..1a7d5dd07e 100644 --- a/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md +++ b/windows/security/threat-protection/windows-firewall/appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Appendix A: Sample GPO Template Files for Settings Used in this Guide diff --git a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md b/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md index 2fe271c315..221490f2e9 100644 --- a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md +++ b/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Assign Security Group Filters to the GPO diff --git a/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md b/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md index 0eda99ff36..2523d0ce01 100644 --- a/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/basic-firewall-policy-design.md @@ -14,7 +14,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.technology: mde +ms.technology: windows-sec --- # Basic Firewall Policy Design diff --git a/windows/security/threat-protection/windows-firewall/best-practices-configuring.md b/windows/security/threat-protection/windows-firewall/best-practices-configuring.md index fde3e3850b..aa02076a04 100644 --- a/windows/security/threat-protection/windows-firewall/best-practices-configuring.md +++ b/windows/security/threat-protection/windows-firewall/best-practices-configuring.md @@ -13,7 +13,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.technology: mde +ms.technology: windows-sec --- # Best practices for configuring Windows Defender Firewall diff --git a/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md b/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md index d17a0d6cac..e867dc86b4 100644 --- a/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md +++ b/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Boundary Zone GPOs diff --git a/windows/security/threat-protection/windows-firewall/boundary-zone.md b/windows/security/threat-protection/windows-firewall/boundary-zone.md index 9c0d1186eb..11c757ec1c 100644 --- a/windows/security/threat-protection/windows-firewall/boundary-zone.md +++ b/windows/security/threat-protection/windows-firewall/boundary-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Boundary Zone diff --git a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md index be336a726b..2904f65cb4 100644 --- a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Certificate-based Isolation Policy Design Example diff --git a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md index a59ba99025..f134b8f1db 100644 --- a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Certificate-based isolation policy design diff --git a/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md b/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md index eb09b78b9f..fe2aeb49e8 100644 --- a/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md +++ b/windows/security/threat-protection/windows-firewall/change-rules-from-request-to-require-mode.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Change Rules from Request to Require Mode diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md index ec2429b56d..18558ef571 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-basic-firewall-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Configuring Basic Firewall Settings diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md index 5e8cd7d149..296c1e7556 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Configuring Rules for an Isolated Server Zone diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md index c464183424..4c9332aa61 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Configuring Rules for Servers in a Standalone Isolated Server Zone diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md index 2a908f4267..4fa942aac8 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Configuring Rules for the Boundary Zone diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md index fc6329d478..f543b9606f 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Configuring Rules for the Encryption Zone diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md index 2a0fe73601..e5e7186579 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Configuring Rules for the Isolated Domain diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md b/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md index b5113224e7..1796cc336e 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Creating Group Policy Objects diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md b/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md index 53822035a9..cb5f132795 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Creating Inbound Firewall Rules diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md b/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md index 445f1e1eda..cc6976169c 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Creating Outbound Firewall Rules diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md b/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md index d57f7d5a5d..62905bf49e 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Creating Rules for Clients of a Standalone Isolated Server Zone diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md index 1d50c40f3d..c9c577bc2e 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-basic-firewall-policy-design.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Implementing a Basic Firewall Policy Design diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md index 1166334bca..a1183f3f52 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Implementing a Certificate-based Isolation Policy Design diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md index cf988d2a7d..6a6f01d952 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Implementing a Domain Isolation Policy Design diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md index b571f7dce4..3090ba97d5 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Checklist: Implementing a Standalone Server Isolation Policy Design diff --git a/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md b/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md index 1841e7d9f5..7522322a6f 100644 --- a/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md +++ b/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Configure Authentication Methods diff --git a/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md b/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md index 2ef49bcb9e..99a5795add 100644 --- a/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md +++ b/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Configure Data Protection (Quick Mode) Settings diff --git a/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md b/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md index 064de062cf..ef75edf628 100644 --- a/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md +++ b/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Configure Group Policy to Autoenroll and Deploy Certificates diff --git a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md b/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md index 3164f07dea..6e18c1001c 100644 --- a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md +++ b/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Configure Key Exchange (Main Mode) Settings diff --git a/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md b/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md index e3d4f8f8b6..c7c3f8fafc 100644 --- a/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md +++ b/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Configure the Rules to Require Encryption diff --git a/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md index a4a7b01573..c7d71a4f26 100644 --- a/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md +++ b/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Configure the Windows Defender Firewall with Advanced Security Log diff --git a/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md b/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md index 58fdd2dd8a..f0c5bb8bdf 100644 --- a/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md +++ b/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md @@ -12,7 +12,7 @@ ms.pagetype: security ms.localizationpriority: medium author: dansimp ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Configure the Workstation Authentication Certificate Template diff --git a/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md b/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md index ee29ef81e8..9a23ea1f28 100644 --- a/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md +++ b/windows/security/threat-protection/windows-firewall/configure-windows-firewall-to-suppress-notifications-when-a-program-is-blocked.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Configure Windows Defender Firewall with Advanced Security to Suppress Notifications When a Program Is Blocked diff --git a/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md b/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md index 6e1c2f5c0b..45aac5c3bd 100644 --- a/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md +++ b/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Confirm That Certificates Are Deployed Correctly diff --git a/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md b/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md index ac157cc912..16fa98ba4f 100644 --- a/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md +++ b/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Copy a GPO to Create a New GPO diff --git a/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md b/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md index 844bf1db69..7f5899e2f5 100644 --- a/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md +++ b/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create a Group Account in Active Directory diff --git a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md b/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md index b7b3944df5..c1f6da0c2a 100644 --- a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md +++ b/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create a Group Policy Object diff --git a/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md b/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md index c28612d61c..513807383f 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create an Authentication Exemption List Rule diff --git a/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md b/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md index b3a12b2ba9..037a451dee 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-authentication-request-rule.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create an Authentication Request Rule diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md index 53f49581bd..da5b7f7f20 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create an Inbound ICMP Rule diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md index 452b942ae5..93586077a2 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create an Inbound Port Rule diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md index c3db4fccfa..bb976db9c3 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create an Inbound Program or Service Rule diff --git a/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md b/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md index ebce547b94..e38e364c07 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create an Outbound Port Rule diff --git a/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md b/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md index d3c40f879a..15141a8aff 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create an Outbound Program or Service Rule diff --git a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md b/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md index 07e8a14728..9539084377 100644 --- a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md +++ b/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create Inbound Rules to Support RPC diff --git a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md index 587339f4f2..e8872fb1a3 100644 --- a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md +++ b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md @@ -14,7 +14,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.technology: mde +ms.technology: windows-sec --- # Create Windows Firewall rules in Intune diff --git a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md index 725f75af51..6d9896ef84 100644 --- a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md +++ b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Create WMI Filters for the GPO diff --git a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md b/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md index 52f4ad1566..bb72548e1a 100644 --- a/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md +++ b/windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Designing a Windows Defender Firewall with Advanced Security Strategy diff --git a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md b/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md index fe567b13bf..be0ce97138 100644 --- a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md +++ b/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Determining the Trusted State of Your Devices diff --git a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md b/windows/security/threat-protection/windows-firewall/documenting-the-zones.md index 990d2c4fec..6b8adafa56 100644 --- a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md +++ b/windows/security/threat-protection/windows-firewall/documenting-the-zones.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Documenting the Zones diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md index dffc684c37..ec6e6a670b 100644 --- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Domain Isolation Policy Design Example diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md index 6d6e93c035..0f112cdfa7 100644 --- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Domain Isolation Policy Design diff --git a/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md b/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md index e8cd903c18..cd420e5088 100644 --- a/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md +++ b/windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Enable Predefined Inbound Rules diff --git a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md b/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md index 8a3aa2796f..0102f9ee3a 100644 --- a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md +++ b/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/07/2021 -ms.technology: mde +ms.technology: windows-sec --- # Enable Predefined Outbound Rules diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md b/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md index c57c92edcd..6d909df105 100644 --- a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md +++ b/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Encryption Zone GPOs diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone.md b/windows/security/threat-protection/windows-firewall/encryption-zone.md index 31176e0204..fe2e9815a6 100644 --- a/windows/security/threat-protection/windows-firewall/encryption-zone.md +++ b/windows/security/threat-protection/windows-firewall/encryption-zone.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Encryption Zone diff --git a/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md b/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md index 4aea9e2010..0a1c8c3094 100644 --- a/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md +++ b/windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Evaluating Windows Defender Firewall with Advanced Security Design Examples diff --git a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md b/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md index 2dfe9fd103..686d6ff871 100644 --- a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md +++ b/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Exempt ICMP from Authentication diff --git a/windows/security/threat-protection/windows-firewall/exemption-list.md b/windows/security/threat-protection/windows-firewall/exemption-list.md index e4569e0cf8..c060789ce3 100644 --- a/windows/security/threat-protection/windows-firewall/exemption-list.md +++ b/windows/security/threat-protection/windows-firewall/exemption-list.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Exemption List diff --git a/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md b/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md index 718505a9d7..ca7cb954eb 100644 --- a/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md +++ b/windows/security/threat-protection/windows-firewall/filter-origin-documentation.md @@ -13,7 +13,7 @@ ms.collection: - m365-security-compliance - m365-initiative-windows-security ms.topic: troubleshooting -ms.technology: mde +ms.technology: windows-sec --- # Filter origin audit log improvements diff --git a/windows/security/threat-protection/windows-firewall/firewall-gpos.md b/windows/security/threat-protection/windows-firewall/firewall-gpos.md index 8482ee05ce..c6815864d5 100644 --- a/windows/security/threat-protection/windows-firewall/firewall-gpos.md +++ b/windows/security/threat-protection/windows-firewall/firewall-gpos.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Firewall GPOs diff --git a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md b/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md index 85ce84a2a9..e130a76c47 100644 --- a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Basic Firewall Policy Design Example diff --git a/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md b/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md index cb36df4ddd..562716bc3b 100644 --- a/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md +++ b/windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md @@ -13,7 +13,7 @@ ms.collection: - m365-security-compliance - m365-initiative-windows-security ms.topic: troubleshooting -ms.technology: mde +ms.technology: windows-sec --- # Troubleshooting Windows Firewall settings after a Windows upgrade diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md index 07fea715ef..32c6dd328f 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md +++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Gathering Information about Your Active Directory Deployment diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md index 08f2987678..65ecfd3af8 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md +++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Gathering Information about Your Current Network Infrastructure diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md index c5f34e8ce7..0e57c0e9a9 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md +++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Gathering Information about Your Devices diff --git a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md index a34c386f5c..3a143a59c5 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md +++ b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Gathering Other Relevant Information diff --git a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md b/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md index aad5e33e18..8482a7cd65 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md +++ b/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Gathering the Information You Need diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md index 3eb3e0fb2b..afa8e8f5cc 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # GPO\_DOMISO\_Boundary diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md index bf33747880..d1ca928d07 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md @@ -15,7 +15,7 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # GPO\_DOMISO\_Encryption\_WS2008 diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md index f625255685..662dd03f50 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # GPO\_DOMISO\_Firewall diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md index ce42bb0dd3..bed380f50e 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # GPO\_DOMISO\_IsolatedDomain\_Clients diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md index ca3da60412..fb40bad66f 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # GPO\_DOMISO\_IsolatedDomain\_Servers diff --git a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md b/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md index a3648e301a..6746a2c01c 100644 --- a/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md +++ b/windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Identifying Windows Defender Firewall with Advanced Security implementation goals diff --git a/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md b/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md index adb0db7bd9..9f16389687 100644 --- a/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md +++ b/windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Implementing Your Windows Defender Firewall with Advanced Security Design Plan diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md b/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md index 72632250e3..ccaefb1de6 100644 --- a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md +++ b/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Isolated Domain GPOs diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain.md b/windows/security/threat-protection/windows-firewall/isolated-domain.md index 037bf1f77b..af0a3cd985 100644 --- a/windows/security/threat-protection/windows-firewall/isolated-domain.md +++ b/windows/security/threat-protection/windows-firewall/isolated-domain.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Isolated Domain diff --git a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md b/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md index 6e2fcee3e3..642c968859 100644 --- a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md +++ b/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md @@ -14,7 +14,7 @@ ms.topic: conceptual ms.date: 09/08/2021 ms.reviewer: ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Isolating Microsoft Store Apps on Your Network diff --git a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md b/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md index c50865a29b..472e264155 100644 --- a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md +++ b/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Link the GPO to the Domain diff --git a/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md b/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md index 048875eafd..4d847f7055 100644 --- a/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md +++ b/windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Mapping your implementation goals to a Windows Firewall with Advanced Security design diff --git a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md index 037b3a66d6..e2e209ff07 100644 --- a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md +++ b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Modify GPO Filters to Apply to a Different Zone or Version of Windows diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md index 43485b62d6..7b4d920b83 100644 --- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md +++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Open the Group Policy Management Console to IP Security Policies diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md index 1239f18bf3..d55f5793ea 100644 --- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Group Policy Management of Windows Firewall with Advanced Security diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md index a4cba8e7c3..77e7c364b3 100644 --- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md +++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Group Policy Management of Windows Defender Firewall diff --git a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md index 8dda8bcf96..c46ba8f97f 100644 --- a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Open Windows Defender Firewall with Advanced Security diff --git a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md b/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md index 2291806174..c5d10098c9 100644 --- a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md +++ b/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning Certificate-based Authentication diff --git a/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md b/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md index 0a5d687d62..a5c690294e 100644 --- a/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md +++ b/windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning Domain Isolation Zones diff --git a/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md b/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md index fd986acbbd..81d3ffeabe 100644 --- a/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md +++ b/windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning GPO Deployment diff --git a/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md b/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md index 47d3282978..3002cef090 100644 --- a/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md +++ b/windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning Group Policy Deployment for Your Isolation Zones diff --git a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md b/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md index 6ac5c58afd..6cf3ebe60c 100644 --- a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md +++ b/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning Isolation Groups for the Zones diff --git a/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md b/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md index d767a7db71..9a897f0089 100644 --- a/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md +++ b/windows/security/threat-protection/windows-firewall/planning-network-access-groups.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning Network Access Groups diff --git a/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md b/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md index 2a5a06d873..9e87ee9790 100644 --- a/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md +++ b/windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning Server Isolation Zones diff --git a/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md b/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md index e843a202ac..ed55752803 100644 --- a/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md +++ b/windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning Settings for a Basic Firewall Policy diff --git a/windows/security/threat-protection/windows-firewall/planning-the-gpos.md b/windows/security/threat-protection/windows-firewall/planning-the-gpos.md index 67f3121c36..74e85fa1a0 100644 --- a/windows/security/threat-protection/windows-firewall/planning-the-gpos.md +++ b/windows/security/threat-protection/windows-firewall/planning-the-gpos.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning the GPOs diff --git a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md index 8d60afedaf..d651e8e71b 100644 --- a/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning to Deploy Windows Defender Firewall with Advanced Security diff --git a/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md b/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md index 8459640ec7..66140941f1 100644 --- a/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md +++ b/windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Planning Your Windows Defender Firewall with Advanced Security Design diff --git a/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md b/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md index 305d69aef6..e45fb6c5e6 100644 --- a/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md +++ b/windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Procedures Used in This Guide diff --git a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md index f0fc035973..c0a822af53 100644 --- a/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md +++ b/windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Protect devices from unwanted network traffic diff --git a/windows/security/threat-protection/windows-firewall/quarantine.md b/windows/security/threat-protection/windows-firewall/quarantine.md index 17ab51f503..83309d4b1b 100644 --- a/windows/security/threat-protection/windows-firewall/quarantine.md +++ b/windows/security/threat-protection/windows-firewall/quarantine.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Quarantine behavior diff --git a/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md b/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md index a3963db1f2..5ae57cd35b 100644 --- a/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md +++ b/windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Require Encryption When Accessing Sensitive Network Resources diff --git a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md index e546bbf39d..4e8ca4f98b 100644 --- a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md +++ b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Restrict Access to Only Specified Users or Computers diff --git a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md index d3d0f94001..287942862c 100644 --- a/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md +++ b/windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Restrict access to only trusted devices diff --git a/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md b/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md index c0d7282746..35882149d3 100644 --- a/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md +++ b/windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Restrict Server Access to Members of a Group Only diff --git a/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md b/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md index aa6d7c5117..70ebf3fd75 100644 --- a/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md +++ b/windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md @@ -14,7 +14,7 @@ ms.topic: conceptual ms.date: 09/08/2021 ms.reviewer: ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Securing End-to-End IPsec connections by using IKEv2 diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md b/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md index 74da744d30..9ec9d59a12 100644 --- a/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md +++ b/windows/security/threat-protection/windows-firewall/server-isolation-gpos.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Server Isolation GPOs diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md index fd8fad7308..59eb498be0 100644 --- a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Server Isolation Policy Design Example diff --git a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md index 3d5d5e9694..92ff6b97db 100644 --- a/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Server Isolation Policy Design diff --git a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md index 5e4d391f7f..3e3a5b108f 100644 --- a/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md +++ b/windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md @@ -13,7 +13,7 @@ ms.collection: - m365-security-compliance - m365-initiative-windows-security ms.topic: troubleshooting -ms.technology: mde +ms.technology: windows-sec --- # Troubleshooting UWP App Connectivity Issues diff --git a/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md b/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md index 8f2dd62bfc..0ae4b4f8dd 100644 --- a/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md +++ b/windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Turn on Windows Defender Firewall with Advanced Security and Configure Default Behavior diff --git a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md b/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md index 6f83b6d42d..d6dbf5fd5a 100644 --- a/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md +++ b/windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md @@ -14,7 +14,7 @@ ms.topic: conceptual ms.date: 09/08/2021 ms.reviewer: ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Understanding the Windows Defender Firewall with Advanced Security Design Process diff --git a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md b/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md index 633bcb4aed..61ffa9d578 100644 --- a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md +++ b/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Verify That Network Traffic Is Authenticated diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md index c4e919e41a..b00b59d00e 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md @@ -14,7 +14,7 @@ ms.topic: conceptual ms.date: 09/08/2021 ms.reviewer: ms.author: dansimp -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Firewall with Advanced Security Administration with Windows PowerShell diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md index 8e4af001ae..dfcf6cfc99 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Firewall with Advanced Security deployment overview diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md index 702acc0dcf..38545a3d40 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md @@ -15,7 +15,7 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/08/2021 -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Firewall with Advanced Security design guide diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md index 7a9d7305a5..989c1be1a1 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md @@ -15,7 +15,7 @@ ms.topic: conceptual ms.date: 09/08/2021 ms.reviewer: ms.custom: asr -ms.technology: mde +ms.technology: windows-sec --- # Windows Defender Firewall with Advanced Security diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md index 40ce6c2dea..544e0ab263 100644 --- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md +++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md @@ -11,7 +11,7 @@ ms.topic: article ms.localizationpriority: ms.date: ms.reviewer: -ms.technology: mde +ms.technology: windows-sec --- # Windows Sandbox architecture diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md index 1f1a23bd49..cd5f7a2082 100644 --- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md +++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md @@ -11,7 +11,7 @@ ms.topic: article ms.localizationpriority: medium ms.date: ms.reviewer: -ms.technology: mde +ms.technology: windows-sec --- # Windows Sandbox configuration diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md index 0fec75ee34..2a3f6d6dc3 100644 --- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md +++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md @@ -11,7 +11,7 @@ ms.topic: article ms.localizationpriority: ms.date: ms.reviewer: -ms.technology: mde +ms.technology: windows-sec --- # Windows Sandbox diff --git a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md index d86c9170f6..4881edff29 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md @@ -13,7 +13,7 @@ ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 06/25/2018 ms.reviewer: -ms.technology: mde +ms.technology: windows-sec --- # Get Support diff --git a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md index 9b329ccb64..46cc0e4626 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md @@ -13,7 +13,7 @@ ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 11/26/2018 ms.reviewer: -ms.technology: mde +ms.technology: windows-sec --- # Microsoft Security Compliance Toolkit 1.0 diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md index 435be7648b..7d1c42a7bb 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md @@ -13,7 +13,7 @@ ms.collection: M365-security-compliance ms.topic: conceptual ms.date: ms.reviewer: -ms.technology: mde +ms.technology: windows-sec --- # Windows security baselines diff --git a/windows/whats-new/whats-new-windows-10-version-1703.md b/windows/whats-new/whats-new-windows-10-version-1703.md index 48bf6b509b..2cc76a97e8 100644 --- a/windows/whats-new/whats-new-windows-10-version-1703.md +++ b/windows/whats-new/whats-new-windows-10-version-1703.md @@ -273,32 +273,6 @@ Learn about the new Group Policies that were added in Windows 10, version 1703. - [Group Policy Settings Reference for Windows and Windows Server](https://www.microsoft.com/download/details.aspx?id=25250) -## Windows 10 Mobile enhancements - -### Lockdown Designer - -The Lockdown Designer app helps you configure and create a lockdown XML file to apply to devices running Windows 10 Mobile, and includes a remote simulation to help you determine the layout for tiles on the Start screen. Using Lockdown Designer is easier than [manually creating a lockdown XML file](/windows/configuration/mobile-devices/lockdown-xml). - -![Lockdown Designer app in Store.](images/ldstore.png) - -[Learn more about the Lockdown Designer app.](/windows/configuration/mobile-devices/mobile-lockdown-designer) - -### Other enhancements - -Windows 10 Mobile, version 1703 also includes the following enhancements: - -- SD card encryption -- Remote PIN resets for Azure Active Directory accounts -- SMS text message archiving -- WiFi Direct management -- OTC update tool -- Continuum display management - - Individually turn off the monitor or phone screen when not in use - - individually adjust screen time-out settings -- Continuum docking solutions - - Set Ethernet port properties - - Set proxy properties for the Ethernet port - ## Miracast on existing wireless network or LAN In the Windows 10, version 1703, Microsoft has extended the ability to send a Miracast stream over a local network rather than over a direct wireless link. This functionality is based on the [Miracast over Infrastructure Connection Establishment Protocol (MS-MICE)](/openspecs/windows_protocols/ms-mice/9598ca72-d937-466c-95f6-70401bb10bdb).