diff --git a/windows/application-management/app-v/appv-deploy-the-appv-server-with-a-script.md b/windows/application-management/app-v/appv-deploy-the-appv-server-with-a-script.md index 9ee527503b..728f4943a1 100644 --- a/windows/application-management/app-v/appv-deploy-the-appv-server-with-a-script.md +++ b/windows/application-management/app-v/appv-deploy-the-appv-server-with-a-script.md @@ -1,6 +1,6 @@ --- title: How to Deploy the App-V Server Using a Script (Windows 10) -description: How to Deploy the App-V Server Using a Script +description: Information, lists, and tables that can help you deploy the App-V server using a script author: lomayor ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy diff --git a/windows/application-management/app-v/appv-deploying-appv.md b/windows/application-management/app-v/appv-deploying-appv.md index d71a0f0476..14493f0b25 100644 --- a/windows/application-management/app-v/appv-deploying-appv.md +++ b/windows/application-management/app-v/appv-deploying-appv.md @@ -1,6 +1,6 @@ --- title: Deploying App-V (Windows 10) -description: Deploying App-V +description: App-V supports several different deployment options. Learn how to complete App-V deployment at different stages in your App-V deployment. author: lomayor ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy diff --git a/windows/application-management/app-v/appv-publish-a-packages-with-the-management-console.md b/windows/application-management/app-v/appv-publish-a-packages-with-the-management-console.md index cd4469abe5..565f150699 100644 --- a/windows/application-management/app-v/appv-publish-a-packages-with-the-management-console.md +++ b/windows/application-management/app-v/appv-publish-a-packages-with-the-management-console.md @@ -1,6 +1,6 @@ --- title: How to publish a package by using the Management console (Windows 10) -description: How to publish a package by using the Management console. +description: Learn how the Management console in App-V can help you enable admin controls as well as publish App-V packages. author: lomayor ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy diff --git a/windows/application-management/change-history-for-application-management.md b/windows/application-management/change-history-for-application-management.md index fdb6834a7a..e7e6041a1d 100644 --- a/windows/application-management/change-history-for-application-management.md +++ b/windows/application-management/change-history-for-application-management.md @@ -1,6 +1,6 @@ --- title: Change history for Application management in Windows 10 (Windows 10) -description: View changes to documentation for application management in Windows 10. +description: View new release information and updated topics in the documentation for application management in Windows 10. keywords: ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/index.md b/windows/configuration/index.md index ca42852107..6d72ff398f 100644 --- a/windows/configuration/index.md +++ b/windows/configuration/index.md @@ -1,6 +1,6 @@ --- title: Configure Windows 10 (Windows 10) -description: Learn about configuring Windows 10. +description: Apply custom accessibility configurations to devices for their users using the all the features and methods available with Windows 10. keywords: Windows 10, MDM, WSUS, Windows update ms.prod: w10 ms.mktglfcycl: manage diff --git a/windows/configuration/stop-employees-from-using-microsoft-store.md b/windows/configuration/stop-employees-from-using-microsoft-store.md index 23189fa891..e665d37ba5 100644 --- a/windows/configuration/stop-employees-from-using-microsoft-store.md +++ b/windows/configuration/stop-employees-from-using-microsoft-store.md @@ -78,7 +78,7 @@ You can also use Group Policy to manage access to Microsoft Store. 1. Type gpedit in the search bar to find and start Group Policy Editor. -2. In the console tree of the snap-in, click **Computer Configuration**, click **Administrative Templates** , click **Windows Components**, and then click **Store**. +2. In the console tree of the snap-in, click **Computer Configuration**, click **Administrative Templates**, click **Windows Components**, and then click **Store**. 3. In the Setting pane, click **Turn off the Store application**, and then click **Edit policy setting**. diff --git a/windows/deployment/volume-activation/add-remove-computers-vamt.md b/windows/deployment/volume-activation/add-remove-computers-vamt.md index 0784cbb98a..4e2248db96 100644 --- a/windows/deployment/volume-activation/add-remove-computers-vamt.md +++ b/windows/deployment/volume-activation/add-remove-computers-vamt.md @@ -1,63 +1,64 @@ ---- -title: Add and Remove Computers (Windows 10) -description: Add and Remove Computers -ms.assetid: cb6f3a78-ece0-4dc7-b086-cb003d82cd52 -ms.reviewer: -manager: laurawi -ms.author: greglin -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -audience: itpro author: greg-lindsay -ms.pagetype: activation -ms.date: 04/25/2017 -ms.topic: article ---- - -# Add and Remove Computers - -You can add computers that have any of the supported Windows or Office products installed to a Volume Activation Management Tool (VAMT) database by using the **Discover products** function. You can search for computers in an Active Directory domain, by individual computer name or IP address, in a workgroup, or by a general LDAP query. You can remove computers from a VAMT database by using the **Delete** function. After you add the computers, you can add the products that are installed on the computers by running the **Update license status** function. - -Before adding computers, ensure that the Windows Management Instrumentation (WMI) firewall exception required by VAMT has been enabled on all target computers. For more information see [Configure Client Computers](configure-client-computers-vamt.md). - -## To add computers to a VAMT database - -1. Open VAMT. -2. Click **Discover products** in the **Actions** menu in the right-side pane to open the **Discover Products** dialog box. -3. In the **Discover products** dialog box, click **Search for computers in the Active Directory** to display the search options, then click the search option you want to use. You can search for computers in an Active Directory domain, by individual computer name or IP address, in a workgroup, or by a general LDAP query. - - To search for computers in an Active Directory domain, click **Search for computers in the Active Directory**, then under **Domain Filter Criteria**, in the list of domain names click the name of the domain you want to search. You can narrow the search further by typing a name in the **Filter by computer name** field to search for a specific computer within the domain. This filter supports the asterisk (\*) wildcard. For example, typing "a\*" will display only computer names that start with the letter "a". - - To search by individual computer name or IP address, click **Manually enter name or IP address**, then enter the full name or IP address in the **One or more computer names or IP addresses separated by commas** text box. Separate multiple entries with a comma. Note that VAMT supports both IPv4 and IPV6 addressing. - - To search for computers in a workgroup, click **Search for computers in the workgroup**, then under **Workgroup Filter Criteria**, in the list of workgroup names click the name of the workgroup you want to search. You can narrow the search further by typing a name in the **Filter by computer name** field to search for a specific computer within the workgroup. This filter supports the asterisk (\*) wildcard. For example, typing "a\*" will display only computer names that start with the letter "a". - - To search for computers by using a general LDAP query, click **Search with LDAP query** and enter your query in the text box provided. VAMT will validate only the LDAP query syntax, but will otherwise run the query without further checks. -4. Click **Search**. -5. VAMT searches for the specified computers and adds them to the VAMT database. During the search, VAMT displays the **Finding computers** message shown below. - To cancel the search, click **Cancel**. When the search is complete the names of the newly-discovered computers appear in the product list view in the center pane. - - ![VAMT, Finding computers dialog box](images/dep-win8-l-vamt-findingcomputerdialog.gif) - - **Important**   - This step adds only the computers to the VAMT database, and not the products that are installed on the computers. To add the products, you need to run the **Update license status** function. - -## To add products to VAMT - -1. In the **Products** list, select the computers that need to have their product information added to the VAMT database. -2. You can use the **Filter** function to narrow your search for computers by clicking **Filter** in the right-side pane to open the **Filter Products** dialog box. -3. In the **Filter Products** dialog box, you can filter the list by computer name, product name, product key type, license status, or by any combination of these options. - - To filter the list by computer name, enter a name in the **Computer Name** box. - - To filter the list by Product Name, Product Key Type, or License Status, click the list you want to use for the filter and select an option. If necessary, click **clear all filters** to create a new filter. -4. Click **Filter**. VAMT displays the filtered list in the center pane. -5. In the right-side **Actions** pane, click **Update license status** and then click a credential option. Choose **Alternate Credentials** only if you are updating products that require administrator credentials different from the ones you used to log into the computer. If you are supplying alternate credentials, in the **Windows Security** dialog box type the appropriate user name and password and click **OK**. -6. VAMT displays the **Collecting product information** dialog box while it collects the licensing status of all supported products on the selected computers. When the process is finished, the updated licensing status of each product will appear in the product list view in the center pane. - - **Note**   - If a computer has more than one supported product installed, VAMT adds an entry for each product. The entry appears under the appropriate product heading. - -## To remove computers from a VAMT database - -You can delete a computer by clicking on it in the product list view, and then clicking **Delete** in the **Selected Item** menu in the right-hand pane. In the **Confirm Delete Selected Products** dialog box that appears, click **Yes** to delete the computer. If a computer has multiple products listed, you must delete each product to completely remove the computer from the VAMT database. - -## Related topics - -- [Add and Manage Products](add-manage-products-vamt.md) - - +--- +title: Add and Remove Computers (Windows 10) +description: The Discover products function on the Volume Activation Management Tool (VAMT) allows you to search the Active Directory domain or a general LDAP query. +ms.assetid: cb6f3a78-ece0-4dc7-b086-cb003d82cd52 +ms.reviewer: +manager: laurawi +ms.author: greglin +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +audience: itpro +author: greg-lindsay +ms.pagetype: activation +ms.date: 04/25/2017 +ms.topic: article +--- + +# Add and Remove Computers + +You can add computers that have any of the supported Windows or Office products installed to a Volume Activation Management Tool (VAMT) database by using the **Discover products** function. You can search for computers in an Active Directory domain, by individual computer name or IP address, in a workgroup, or by a general LDAP query. You can remove computers from a VAMT database by using the **Delete** function. After you add the computers, you can add the products that are installed on the computers by running the **Update license status** function. + +Before adding computers, ensure that the Windows Management Instrumentation (WMI) firewall exception required by VAMT has been enabled on all target computers. For more information see [Configure Client Computers](configure-client-computers-vamt.md). + +## To add computers to a VAMT database + +1. Open VAMT. +2. Click **Discover products** in the **Actions** menu in the right-side pane to open the **Discover Products** dialog box. +3. In the **Discover products** dialog box, click **Search for computers in the Active Directory** to display the search options, then click the search option you want to use. You can search for computers in an Active Directory domain, by individual computer name or IP address, in a workgroup, or by a general LDAP query. + - To search for computers in an Active Directory domain, click **Search for computers in the Active Directory**, then under **Domain Filter Criteria**, in the list of domain names click the name of the domain you want to search. You can narrow the search further by typing a name in the **Filter by computer name** field to search for a specific computer within the domain. This filter supports the asterisk (\*) wildcard. For example, typing "a\*" will display only computer names that start with the letter "a". + - To search by individual computer name or IP address, click **Manually enter name or IP address**, then enter the full name or IP address in the **One or more computer names or IP addresses separated by commas** text box. Separate multiple entries with a comma. Note that VAMT supports both IPv4 and IPV6 addressing. + - To search for computers in a workgroup, click **Search for computers in the workgroup**, then under **Workgroup Filter Criteria**, in the list of workgroup names click the name of the workgroup you want to search. You can narrow the search further by typing a name in the **Filter by computer name** field to search for a specific computer within the workgroup. This filter supports the asterisk (\*) wildcard. For example, typing "a\*" will display only computer names that start with the letter "a". + - To search for computers by using a general LDAP query, click **Search with LDAP query** and enter your query in the text box provided. VAMT will validate only the LDAP query syntax, but will otherwise run the query without further checks. +4. Click **Search**. +5. VAMT searches for the specified computers and adds them to the VAMT database. During the search, VAMT displays the **Finding computers** message shown below. + To cancel the search, click **Cancel**. When the search is complete the names of the newly-discovered computers appear in the product list view in the center pane. + + ![VAMT, Finding computers dialog box](images/dep-win8-l-vamt-findingcomputerdialog.gif) + + **Important**   + This step adds only the computers to the VAMT database, and not the products that are installed on the computers. To add the products, you need to run the **Update license status** function. + +## To add products to VAMT + +1. In the **Products** list, select the computers that need to have their product information added to the VAMT database. +2. You can use the **Filter** function to narrow your search for computers by clicking **Filter** in the right-side pane to open the **Filter Products** dialog box. +3. In the **Filter Products** dialog box, you can filter the list by computer name, product name, product key type, license status, or by any combination of these options. + - To filter the list by computer name, enter a name in the **Computer Name** box. + - To filter the list by Product Name, Product Key Type, or License Status, click the list you want to use for the filter and select an option. If necessary, click **clear all filters** to create a new filter. +4. Click **Filter**. VAMT displays the filtered list in the center pane. +5. In the right-side **Actions** pane, click **Update license status** and then click a credential option. Choose **Alternate Credentials** only if you are updating products that require administrator credentials different from the ones you used to log into the computer. If you are supplying alternate credentials, in the **Windows Security** dialog box type the appropriate user name and password and click **OK**. +6. VAMT displays the **Collecting product information** dialog box while it collects the licensing status of all supported products on the selected computers. When the process is finished, the updated licensing status of each product will appear in the product list view in the center pane. + + **Note**   + If a computer has more than one supported product installed, VAMT adds an entry for each product. The entry appears under the appropriate product heading. + +## To remove computers from a VAMT database + +You can delete a computer by clicking on it in the product list view, and then clicking **Delete** in the **Selected Item** menu in the right-hand pane. In the **Confirm Delete Selected Products** dialog box that appears, click **Yes** to delete the computer. If a computer has multiple products listed, you must delete each product to completely remove the computer from the VAMT database. + +## Related topics + +- [Add and Manage Products](add-manage-products-vamt.md) + + diff --git a/windows/deployment/windows-autopilot/user-driven.md b/windows/deployment/windows-autopilot/user-driven.md index 5041b3afc6..1a9d30eb2e 100644 --- a/windows/deployment/windows-autopilot/user-driven.md +++ b/windows/deployment/windows-autopilot/user-driven.md @@ -67,11 +67,11 @@ For each device that will be deployed using user-driven deployment, these additi ## User-driven mode for hybrid Azure Active Directory join -Windows Autopilot requires that devices be Azure Active Directory joined. If you have an on-premises Active Directory environment and want to also join devices to your on-premises domain, you can accomplish this by configuring Autopilot devices to be [hybrid Azure Active Directory (AAD) joined](https://docs.microsoft.com/azure/active-directory/devices/hybrid-azuread-join-plan). +Windows Autopilot requires that devices be Azure Active Directory joined. If you have an on-premises Active Directory environment and want to also join devices to your on-premises domain, you can accomplish this by configuring Autopilot devices to be [hybrid-joined to Azure Active Directory (Azure AD)](https://docs.microsoft.com/azure/active-directory/devices/hybrid-azuread-join-plan). ### Requirements -To perform a user-driven hybrid AAD joined deployment using Windows Autopilot: +To perform a user-driven hybrid Azure AD joined deployment using Windows Autopilot: - A Windows Autopilot profile for user-driven mode must be created and - **Hybrid Azure AD joined** must be specified as the selected option under **Join to Azure AD as** in the Autopilot profile. @@ -83,7 +83,7 @@ To perform a user-driven hybrid AAD joined deployment using Windows Autopilot: - Note: The Intune Connector will perform an on-prem AD join, therefore users do not need on-prem AD-join permission, assuming the Connector is [configured to perform this action](https://docs.microsoft.com/intune/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit) on the user's behalf. - If using Proxy, WPAD Proxy settings option must be enabled and configured. -**AAD device join**: The hybrid AAD join process uses the system context to perform device AAD join, therefore it is not affected by user based AAD join permission settings. In addition, all users are enabled to join devices to AAD by default. +**Azure AD device join**: The hybrid Azure AD join process uses the system context to perform device Azure AD join, therefore it is not affected by user based Azure AD join permission settings. In addition, all users are enabled to join devices to Azure AD by default. ### Step by step instructions diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md index cb90cee7fe..4b26c6d836 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md @@ -1,7 +1,7 @@ --- title: OData queries with Microsoft Defender ATP ms.reviewer: -description: OData queries with Microsoft Defender ATP +description: Use these examples of Open Data Protocol (OData) queries to help with data access protocols in Microsoft Defender ATP keywords: apis, supported apis, odata, query search.product: eADQiWindows 10XVcnh ms.prod: w10 @@ -35,7 +35,7 @@ Not all properties are filterable. ### Example 1 -- Get all the machines with the tag 'ExampleTag' +Get all the machines with the tag 'ExampleTag' ``` HTTP GET https://api.securitycenter.windows.com/api/machines?$filter=machineTags/any(tag: tag eq 'ExampleTag') @@ -76,7 +76,7 @@ Content-type: application/json ### Example 2 -- Get all the alerts that created after 2018-10-20 00:00:00 +Get all the alerts that created after 2018-10-20 00:00:00 ``` HTTP GET https://api.securitycenter.windows.com/api/alerts?$filter=alertCreationTime+gt+2018-11-22T00:00:00Z @@ -126,7 +126,7 @@ Content-type: application/json ### Example 3 -- Get all the machines with 'High' 'RiskScore' +Get all the machines with 'High' 'RiskScore' ``` HTTP GET https://api.securitycenter.windows.com/api/machines?$filter=riskScore+eq+'High' @@ -167,7 +167,7 @@ Content-type: application/json ### Example 4 -- Get top 100 machines with 'HealthStatus' not equals to 'Active' +Get top 100 machines with 'HealthStatus' not equals to 'Active' ``` HTTP GET https://api.securitycenter.windows.com/api/machines?$filter=healthStatus+ne+'Active'&$top=100 @@ -208,7 +208,7 @@ Content-type: application/json ### Example 5 -- Get all the machines that last seen after 2018-10-20 +Get all the machines that last seen after 2018-10-20 ``` HTTP GET https://api.securitycenter.windows.com/api/machines?$filter=lastSeen gt 2018-08-01Z @@ -249,7 +249,7 @@ Content-type: application/json ### Example 6 -- Get all the Anti-Virus scans that the user Analyst@examples.onmicrosoft.com created using Microsoft Defender ATP +Get all the Anti-Virus scans that the user Analyst@examples.onmicrosoft.com created using Microsoft Defender ATP ``` HTTP GET https://api.securitycenter.windows.com/api/machineactions?$filter=requestor eq 'Analyst@contoso.com' and type eq 'RunAntiVirusScan' @@ -283,7 +283,7 @@ Content-type: application/json ### Example 7 -- Get the count of open alerts for a specific machine: +Get the count of open alerts for a specific machine: ``` HTTP GET https://api.securitycenter.windows.com/api/machines/123321d0c675eaa415b8e5f383c6388bff446c62/alerts/$count?$filter=status ne 'Resolved' diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md index 89649bba47..33a756f573 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md +++ b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md @@ -1,6 +1,6 @@ --- title: Live response command examples -description: Learn about common commands and see examples on how it's used +description: Learn to run basic or advanced live response commands for Microsoft Defender Advanced Threat Protection (ATP) and see examples on how it's used keywords: example, command, cli, remote, shell, connection, live, response, real-time, command, script, remediate, hunt, export, log, drop, download, file search.product: eADQiWindows 10XVcnh search.appverid: met150 diff --git a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md b/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md index 0798ba72d5..2183c3f911 100644 --- a/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md +++ b/windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md @@ -1,6 +1,6 @@ --- title: Planning Isolation Groups for the Zones (Windows 10) -description: Planning Isolation Groups for the Zones +description: Learn about planning isolation groups for the zones in Microsoft Firewall, including information on universal groups and GPOs ms.assetid: be4b662d-c1ce-441e-b462-b140469a5695 ms.reviewer: ms.author: dansimp @@ -25,7 +25,8 @@ ms.date: 04/19/2017 Isolation groups in Active Directory are how you implement the various domain and server isolation zones. A device is assigned to a zone by adding its device account to the group which represents that zone. ->**Caution:**  Do not add devices to your groups yet. If a device is in a group when the GPO is activated then that GPO is applied to the device. If the GPO is one that requires authentication, and the other devices have not yet received their GPOs, the device that uses the new GPO might not be able to communicate with the others. +> [!CAUTION] +> Do not add devices to your groups yet. If a device is in a group when the GPO is activated then that GPO is applied to the device. If the GPO is one that requires authentication, and the other devices have not yet received their GPOs, the device that uses the new GPO might not be able to communicate with the others. Universal groups are the best option to use for GPO assignment because they apply to the whole forest and reduce the number of groups that must be managed. However, if universal groups are unavailable, you can use domain global groups instead.