[KB 3150513](https://catalog.update.microsoft.com/v7/site/Search.aspx?q=3150513)
Provides updated configuration and definitions for compatibility diagnostics performed on the system.
For more information about this KB, see
NOTE: KB2976978 must be installed before you can download and install KB3150513. | +| Windows 7 SP1 | [KB2952664](http://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB2952664)
Performs diagnostics on the Windows 7 SP1 systems that participate in the Windows Customer Experience Improvement Program. These diagnostics help determine whether compatibility issues may be encountered when the latest Windows operating system is installed.
For more information about this KB, see
[KB 3150513](https://catalog.update.microsoft.com/v7/site/Search.aspx?q=3150513)
Provides updated configuration and definitions for compatibility diagnostics performed on the system.
For more information about this KB, see
NOTE: KB2976978 must be installed before you can download and install KB3150513. | + +IMPORTANT: Restart user computers after you install the compatibility update KBs for the first time. + +### Automate data collection + +To ensure that user computers are receiving the most up to date data from Microsoft, we recommend that you establish the following data sharing and analysis processes. + +- Enable automatic updates for the compatibility update and related KBs. These KBs are updated frequently to include the latest application and driver issue information as we discover it during testing. + +- Schedule the Upgrade Analytics deployment script to automatically run so that you don’t have to manually initiate an inventory scan each time the compatibility update KBs are updated. Computers are re-scanned only when the compatibility KBs are updated, so if your inventory changes significantly between KB releases you won’t see the changes in Upgrade Analytics until you run the script again. + +- Schedule monthly user computer scans to view monthly active computer and usage information. + +## Run the Upgrade Analytics deployment script + +To automate many of the steps outlined above and to troubleshoot data sharing issues, you can run the Upgrade Analytics deployment script, developed by Microsoft. + +The Upgrade Analytics deployment script does the following: + +1. Sets commercial ID key + CommercialDataOptIn + RequestAllAppraiserVersions keys. + +2. Verifies that user computers can send data to Microsoft. + +3. Checks whether the computer has a pending restart. + +4. Verifies that the latest version of KB package 10.0.x is installed (requires 10.0.14348 or subsequent releases). + +5. If enabled, turns on verbose mode for troubleshooting. + +6. Initiates the collection of the telemetry data that Microsoft needs to assess your organization’s upgrade readiness. + +7. If enabled, displays the script’s progress in a cmd window, providing you immediate visibility into issues (success or fail for each step) and/or writes to log file. + +To run the Upgrade Analytics deployment script: + +1. Download the [Upgrade Analytics deployment script](http://go.microsoft.com/fwlink/?LinkID=822966&clcid=0x409) and extract UpgradeAnalytics.zip. The files in the Diagnostics folder are necessary only if you plan to run the script in troubleshooting mode. + +2. Edit the following parameters in RunConfig.bat: + + 1. Provide a storage location for log information. Example: %SystemDrive%\\UADiagnostics + + 2. You can store log information on a remote file share or a local directory. If the script is blocked from creating the log file for the given path, it creates the log files in the drive with the Windows directory. + + 3. Input your commercial ID key. + + 4. By default, the script sends log information to both the console and the log file. To change the default behavior, use one of the following options: + + > *logMode = 0 log to console only* +> + > *logMode = 1 log to file and console* +> + > *logMode = 2 log to file only* + +3. For troubleshooting, set isVerboseLogging to $true to generate log information that can help with diagnosing issues. By default, isVerboseLogging is set to $false. Ensure the Diagnostics folder is installed in the same directory as the script to use this mode. + +4. Notify users if they need to restart their computers. By default, this is set to off. + +5. After you finish editing the parameters in RunConfig.bat, run the script as an administrator. + +## Seeing data from computers in Upgrade Analytics + +After data is sent from computers to Microsoft, it generally takes 48 hours for the data to populate in Upgrade Analytics. The compatibility update KB takes several minutes to run. If the KB does not get a chance to finish running or if the computers are inaccessible (turned off or sleeping for example), data will take longer to populate in Upgrade Analytics. For this reason, you can expect most your computers to be populated in OMS in about 1-2 weeks after deploying the KB and configuration to user computers. + diff --git a/windows/deploy/upgrade-analytics-prepare-your-environment.md b/windows/deploy/upgrade-analytics-prepare-your-environment.md new file mode 100644 index 0000000000..a73829de5b --- /dev/null +++ b/windows/deploy/upgrade-analytics-prepare-your-environment.md @@ -0,0 +1,116 @@ +--- +title: Upgrade Analytics - Prepare your environment (Windows 10) +description: Describes how to prepare your environment so that you can use Upgrade Analytics to manage Windows upgrades. +ms.prod: w10 +author: MaggiePucciEvans +--- + +# Upgrade Analytics - Prepare your environment + +This section of the Upgrade Analytics workflow reports your computer and application inventory and lists computers that you can use in a pilot with no known issues or with fixable driver issues. Additionally, you can determine the priority level of applications to indicate which applications the team should focus on to get them upgrade ready. + +The blades in the **Prepare your environment** section are: + +## Upgrade overview + +Displays the total count of computers sharing data with Microsoft and the count of computers upgraded. As you successfully upgrade computers, the count of computers upgraded increases. + +Check this blade for data refresh status, including the date and time of the most recent data update and whether user changes are reflected. If a user change is pending when changing the upgrade assessment or importance level of an application or driver, **Data refresh pending** is displayed in orange. User changes are processed once every 24 hours and read **Up to date** in green when there are no pending changes. + + + + + +Select **Total computers** for a list of computers and details about them, including: + +- Computer ID and computer name + +- Computer manufacturer + +- Computer model + +- Operating system version and build + +- Count of system requirement, application, and driver issues per computer + +- Upgrade assessment based on analysis of computer telemetry data + +- Upgrade decision status + +Select **Total applications** for a list of applications discovered on user computers and details about them, including: + +- Application vendor + +- Application version + +- Count of computers the application is installed on + +- Count of computers that opened the application at least once in the past 30 days + +- Percentage of computers in your total computer inventory that opened the application in the past 30 days + +- Issues detected, if any + +- Upgrade assessment based on analysis of application data + +- Roll up level + +## Run a pilot + +Computers with no known issues and computers with fixable driver issues are listed, grouped by upgrade assessment. We recommend that you use these computers to test the impact of upgrading. + + + + + +Before you start your pilot project, be sure to review upgrade assessment and guidance details, explained in more detail in the table below. + +| Upgrade assessment | Action required before or after upgrade pilot? | Issue | What it means | Guidance | +|-----------------------|------------------------------------------------|----------|-----------------|---------------| +| No known issues | No | None | Computers will upgrade seamlessly.
| OK to use as-is in pilot. | +| OK to pilot, fixed during upgrade | No, for awareness only | Application or driver will not migrate to new OS | The currently installed version of an application or driver won’t migrate to the new operating system; however, a compatible version is installed with the new operating system. | OK to use as-is in pilot. | +| OK to pilot with new driver from Windows Update | Yes | Driver will not migrate to new OS | The currently installed version of a driver won’t migrate to the new operating system; however, a newer, compatible version is available from Windows Update. | Although a compatible version of the driver is installed during upgrade, a newer version is available from Windows Update.
If the computer automatically receives updates from Windows Update, no action is required. Otherwise, replace the new in-box driver with the Windows Update version after upgrading.
| + +Select **Export computers** to view pilot-ready computers organized by operating system. After you select the computers you want to use in a pilot, click Export to generate and save a comma-separated value (csv) file. + +>**Important**> When viewing inventory items in table view, the maximum number of rows that can be viewed and exported is limited to 5,000. If you need to view or export more than 5,000 items, reduce the scope of the query so you can export fewer items at a time. + +See [Plan for Windows 10 deployment](http://technet.microsoft.com/itpro/windows/plan/index) for more information about ways to deploy Windows in your organization. Read about [how Microsoft IT deployed Windows as an in-place upgrade](https://www.microsoft.com/itshowcase/Article/Content/668/Deploying-Windows-10-at-Microsoft-as-an-inplace-upgrade) for best practices using the in-place upgrade method. + +## Prioritize applications + +Applications are listed, grouped by importance level. Prioritizing your applications allows you to identify the ones that you will focus on preparing for upgrade. + + + + + +Select **Assign importance** to change an application’s importance level. By default, applications are marked **Not reviewed** or **Low install count** until you assign a different importance level to them. + +To change an application’s importance level: + +1. Select **Not reviewed** or **Low install count** on the **Prioritize applications** blade to view the list of applications with that importance level. Select **Table** to view the list in a table. + +2. Select **User changes** to enable user input. + +3. Select the applications you want to change to a specific importance level and then select the appropriate option from the **Select importance level** list. + +4. Click **Save** when finished. + +Importance levels include: + +| Importance level | When to use it | Recommendation | +|--------------------|------------------|------------------| +| Low install count | We give you a head start by identifying applications that are installed on 2% or less of your total computer inventory. \[Number of computers application is installed on/total number of computers in your inventory.\]
Low install count applications are automatically marked as **Ready to upgrade** in the **UpgradeDecision** column unless they have issues that need attention.
| Be sure to review low install count applications for any business critical or important applications that are not yet upgrade-ready, despite their low installation rates.
| +| Not reviewed | Applications that are installed on more than 2% of your total computer inventory are marked not reviewed until you change the importance level.
These applications are also marked as **Not reviewed** in the **UpgradeDecision** column.
| Once you’ve started to investigate an application to determine its importance level and upgrade readiness, change its status to **Review in progress** in both the **Importance** and **UpgradeDecision** columns. | +| Business critical | By default, no applications are marked as business critical because only you can make that determination. If you know that an application is critical to your organization’s functioning, mark it **Business critical**.
| You may also want to change the application’s status to **Review in progress** in the **UpgradeDecision** column to let other team members know that you’re working on getting this business critical application upgrade-ready. Once you’ve fixed any issues and validated that the application will migrate successfully, change the upgrade decision to **Ready to upgrade**.
| +| Important | By default, no applications are marked as important because only you can make that determination. If the application is important but not critical to your organization’s functioning, mark it **Important**. | You may also want to change the application’s status to **Review in progress** in the **UpgradeDecision** column to let other team members know that you’re working on getting this important application upgrade-ready. Once you’ve fixed any issues and validated that the application will migrate successfully, change the upgrade decision to **Ready to upgrade**.
| +| Ignore | By default, no applications are marked as ignore because only you can make that determination. If the application is not important to your organization’s functioning, such as user-installed applications and games, you may not want to spend time and money validating that these applications will migrate successfully. Mark these applications **Ignore**.
| Set the application’s importance level to **Ignore** to let other team members know that it can be left as-is with no further investigation or testing.
You may also want to change the application’s status to **Not reviewed** or **Ready to upgrade** in the **UpgradeDecision** column.
| +| Review in progress | Once you’ve started to investigate an application to determine its importance level and upgrade readiness, change its status to **Review in progress** in both the **Importance** and **UpgradeDecision** columns.
| As you learn more about the application’s importance to your organization’s functioning, change the importance level to **Business critical**, **Important**, or **Ignore**.
Until you’ve determined that priority applications will migrate successfully, leave the upgrade decision status as **Review in progress**.
| + diff --git a/windows/deploy/upgrade-analytics-release-notes.md b/windows/deploy/upgrade-analytics-release-notes.md new file mode 100644 index 0000000000..dd1959b0e1 --- /dev/null +++ b/windows/deploy/upgrade-analytics-release-notes.md @@ -0,0 +1,5 @@ +--- +title: Upgrade Analytics release notes (Windows 10) +description: Provides tips and limitations about Upgrade Analytics. +redirect_url: https://technet.microsoft.com/itpro/windows/deploy/upgrade-analytics-requirements +--- \ No newline at end of file diff --git a/windows/deploy/upgrade-analytics-requirements.md b/windows/deploy/upgrade-analytics-requirements.md new file mode 100644 index 0000000000..58fb28d579 --- /dev/null +++ b/windows/deploy/upgrade-analytics-requirements.md @@ -0,0 +1,88 @@ +--- +title: Upgrade Analytics requirements (Windows 10) +description: Provides requirements for Upgrade Analytics. +ms.prod: w10 +author: MaggiePucciEvans +--- + +# Upgrade Analytics requirements + +This article introduces concepts and steps needed to get up and running with Upgrade Analytics. We recommend that you review this list of requirements before getting started as you may need to collect information, such as account credentials, and get approval from internal IT groups, such as your network security group, before you can start using Upgrade Analytics. + +## Supported upgrade paths + +To perform an in-place upgrade, user computers must be running the latest version of either Windows 7 SP1 or Windows 8.1. After you enable Windows telemetry, Upgrade Analytics performs a full inventory of computers so that you can see which version of Windows is installed on each computer. + +The compatibility update KB that sends telemetry data from user computers to Microsoft data centers works with Windows 7 SP1 and Windows 8.1 only. Upgrade Analytics cannot evaluate Windows XP or Windows Vista for upgrade eligibility. + + + +If you need to update user computers to Windows 7 SP1 or Windows 8.1, use Windows Update or download and deploy the applicable package from the Microsoft Download Center. + +Note: Upgrade Analytics is designed to best support in-place upgrades. In-place upgrades do not support migrations from BIOS to UEFI or from 32-bit to 64-bit architecture. If you need to migrate computers in these scenarios, use the wipe-and-reload method. Upgrade Analytics insights are still valuable in this scenario, however, you can ignore in-place upgrade specific guidance. + +See [Windows 10 Specifications](http://www.microsoft.com/en-US/windows/windows-10-specifications) for additional information about computer system requirements. + +## Operations Management Suite + +Upgrade Analytics is offered as a solution in the Microsoft Operations Management Suite (OMS), a collection of cloud based services for managing on premise and cloud computing environments. For more information about OMS, see [Operations Management Suite overview](http://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/). + +If you’re already using OMS, you’ll find Upgrade Analytics in the Solutions Gallery. Click the Upgrade Analytics tile in the gallery and then click Add on the solution’s details page. Upgrade Analytics is now visible in your workspace. + +If you are not using OMS, go to \[link to new Upgrade Analytics Web page on Microsoft.com\] and select **Upgrade Analytics Service** to kick off the OMS onboarding process. During the onboarding process, you’ll create an OMS workspace and add the Upgrade Analytics solution to it. + +Important: You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory, use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS. + +## Telemetry and data sharing + +After you’ve signed in to Operations Management Suite and added the Upgrade Analytics solution to your workspace, you’ll need to complete the following tasks to allow user computer data to be shared with and assessed by Upgrade Analytics. + +See \[link to Steve May’s PDF doc when it’s published\] for more information about what user computer data Upgrade Analytics collects and assesses. See [Configure Windows telemetry in your organization](https://technet.microsoft.com/itpro/windows/manage/configure-windows-telemetry-in-your-organization) for more information about how Microsoft uses Windows telemetry data. + +**Whitelist telemetry endpoints.** To enable telemetry data to be sent to Microsoft, you’ll need to whitelist the following Microsoft telemetry endpoints on your proxy server or firewall. You may need to get approval from your security group to do this. + +`https://v10.vortex-win.data.microsoft.com/collect/v1` + +`https://settings-win.data.microsoft.com/settings` + +`https://vortex.data.microsoft.com/health/keepalive` + +`https://settings.data.microsoft.com/qos` + +`http://go.microsoft.com/fwlink/?LinkID=544713` + +`https://compatexchange1.trafficmanager.net/CompatibilityExchangeService.svc/extended` + +>**Note** The compatibility update KB runs under the computer’s system account and does not support user authentication in this release. + +**Generate your commercial ID key.** Microsoft uses a unique commercial ID GUID to map data from your computers to your OMS workspace. You’ll need to generate your commercial ID key in OMS. We recommend that you save your commercial ID key as you’ll need it later. + +**Subscribe your OMS workspace to Upgrade Analytics.** For Upgrade Analytics to receive and display upgrade readiness data from Microsoft, you’ll need to subscribe your OMS workspace to Upgrade Analytics. + +**Enable telemetry and connect data sources.** To allow Upgrade Analytics to collect system, application, and driver data and assess your organization’s upgrade readiness, communication must be established between Upgrade Analytics and user computers. You’ll need to connect Upgrade Analytics to your data sources and enable telemetry to establish communication. + +**Deploy compatibility update and related KBs.** The compatibility update KB scans your systems and enables application usage tracking. If you don’t already have this KB installed, you can download the applicable version from the Microsoft Update Catalog or deploy it using Windows Server Update Services (WSUS) or your software distribution solution, such as System Center Configuration Manager. + +>**Important**
The compatibility update and related KBs are updated frequently to include new compatibility issues as they become known to Microsoft. We recommend that you use a deployment system that allows for automatic updates of these KBs. The compatibility update KB collects inventory information from computers only when it is updated. + +**Configure and deploy Upgrade Analytics deployment script.** Configure and deploy the Upgrade Analytics deployment script to user computers to finish setting up. + +## Important information about this release + +Before you get started configuring Upgrade Anatlyics, review the following tips and limitations about this release. + +**User authenticated proxies are not supported in this release.** User computers communicate with Microsoft through Windows telemetry. The Windows telemetry client runs in System context and requires a connection to various Microsoft telemetry endpoints. User authenticated proxies are not supported at this time. Work with your Network Administrator to ensure that user computers can communicate with telemetry endpoints. + +**Upgrade Analytics does not support on-premise Windows deployments.** Upgrade Analytics is built as a cloud service, which allows Upgrade Analytics to provide you with insights based on the data from user computers and other Microsoft compatibility services. Cloud services are easy to get up and running and are cost-effective because there is no requirement to physically implement and maintain services on-premise. + +**In-region data storage requirements.** Windows telemetry data from user computers is encrypted, sent to, and processed at Microsoft-managed secure data centers located in the US. Our analysis of the upgrade readiness-related data is then provided to you through the Upgrade Analytics solution in the Microsoft Operations Management Suite (OMS) portal. At the time this topic is being published, only OMS workspaces created in the East US and West Europe are supported. We’re adding support for additional regions and we’ll update this information when new international regions are supported. + +### Tips + +- When viewing inventory items in table view, the maximum number of rows that can be viewed and exported is limited to 5,000. If you need to view or export more than 5,000 items, reduce the scope of the query so you can export a list with fewer items. + +- Sorting data by clicking a column heading may not sort your complete list of items. For information about how to sort data in OMS, see [Sorting DocumentDB data using Order By](https://azure.microsoft.com/documentation/articles/documentdb-orderby). + +## Get started + +See [Get started with Upgrade Analytics](upgrade-analytics-get-started.md) for detailed, step-by-step instructions for configuring Upgrade Analytics and getting started on your Windows upgrade project. diff --git a/windows/deploy/upgrade-analytics-resolve-issues.md b/windows/deploy/upgrade-analytics-resolve-issues.md new file mode 100644 index 0000000000..31bd19b03a --- /dev/null +++ b/windows/deploy/upgrade-analytics-resolve-issues.md @@ -0,0 +1,122 @@ +--- +title: Upgrade Analytics - Resolve application and driver issues (Windows 10) +description: Describes how to resolve application and driver issues that can occur during an upgrade with Upgrade Analytics. +ms.prod: w10 +author: MaggiePucciEvans +--- + +# Upgrade Analytics - Resolve application and driver issues + +This section of the Upgrade Analytics workflow reports application and driver inventory and shows you which applications have known issues, which applications have no known issues, and which drivers have issues. We identify applications and drivers that need attention and suggest fixes when we know about them. + +You can change an application’s upgrade decision and a driver’s upgrade decision from the blades in this section. To change an application’s or a driver’s importance level, select **User changes**. Select the item you want to change and then select the appropriate option from the **Select upgrade decision** list. + +Upgrade decisions include: + +| Upgrade decision | When to use it | Guidance | +|--------------------|-------------------|-------------| +| Not reviewed | When you start to investigate an application or a driver to determine upgrade readiness, change their upgrade decision to **Review in progress.**
| Some applications are automatically assigned upgrade decisions based on information known to Microsoft.
All drivers are marked not reviewed by default.
| +| Review in progress | When you start to investigate an application or a driver to determine upgrade readiness, change their upgrade decision to **Review in progress**.
Until you’ve determined that applications and drivers will migrate successfully or you’ve resolved blocking issues, leave the upgrade decision status as **Review in progress**.
| Once you’ve fixed any issues and validated that the application or driver will migrate successfully, change the upgrade decision to **Ready to upgrade**.
| +| Ready to upgrade | Mark applications and drivers **Ready to upgrade** once you’ve resolved all blocking issues and you’re confident that they will upgrade successfully, or if you’ve decided to upgrade them as-is. | Applications with no known issues or with low installation rates are marked **Ready to upgrade** by default.
Be sure to review low install count applications for any business critical or important applications that are not yet upgrade-ready, despite their low installation rates.
All drivers are marked **Not reviewed** by default.
| +| Won’t upgrade | By default, no applications or drivers are marked **Won’t upgrade** because only you can make that determination.
Use **Won’t upgrade** for computers you don’t want to upgrade.
| If, during your investigation into an application or driver, you determine that they should not be upgraded, mark them **Won’t upgrade**.
| + +The blades in the **Resolve issues** section are: + +## Review applications with known issues + +Applications with issues known to Microsoft are listed, grouped by upgrade assessment into **Attention needed** or **Fix available**. + + + + + +To change an application's upgrade decision: + +1. Select **Decide upgrade readiness** to view applications with issues. + +2. In the table view, sort on **UpgradeAssessment** to group applications into **Attention needed** and **Fix available**. + +3. Select **User changes** to change the upgrade decision for each application. + +4. Select the applications you want to change to a specific upgrade decision and then then select the appropriate option from the **Select upgrade decision** list. + +5. Click **Save** when finished. + +IMORTANT: Ensure that you have the most recent versions of the compatibility update and related KBs installed to get the most up-to-date compatibility information. + +For applications assessed as **Attention needed**, review the table below for details about known issues and for guidance about how to resolve them, when possible. + +| Upgrade Assessment | Action required prior to upgrade? | Issue | What it means | Guidance | +|--------------------|-----------------------------------|-----------|-----------------|------------| +| Attention needed | No | Application is removed during upgrade | Compatibility issues were detected and the application will not migrate to the new operating system.
| No action is required for the upgrade to proceed. | +| Attention needed | Yes | Blocking upgrade | Blocking issues were detected and Upgrade Analytics is not able to remove the application during upgrade.
The application may work on the new operating system.
| Remove the application before upgrading, and reinstall and test on new operating system. | +| Attention needed | No | Evaluate application on new OS | The application will migrate, but issues were detected that may impact its performance on the new operating system. | No action is required for the upgrade to proceed, but be sure to test the application on the new operating system.
| +| Attention needed | No | Does not work with new OS, but won’t block upgrade | The application is not compatible with the new operating system, but won’t block the upgrade. | No action is required for the upgrade to proceed, however, you’ll have to install a compatible version of the application on the new operating system.
| +| Attention needed | Yes | Does not work with new OS, and will block upgrade | The application is not compatible with the new operating system and will block the upgrade. | Remove the application before upgrading.
A compatible version of the application may be available.
| +| Attention needed | Yes | May block upgrade, test application | Issues were detected that may interfere with the upgrade, but need to be investigated further.
| Test the application’s behavior during upgrade. If it blocks the upgrade, remove it before upgrading and reinstall and test it on the new operating system.
| +| Attention needed | Maybe | Multiple | Multiple issues are affecting the application. See detailed view for more information.| When you see Multiple in the query detailed view, click **Query** to see details about what issues were detected with the different versions of the application. | + +For applications assessed as **Fix available**, review the table below for details about known issues and ways to fix them that are known to Microsoft. + +| Upgrade Assessment | Action required prior to upgrade? | Issue | What it means | Guidance | +|--------------------|-----------------------------------|----------|-----------------|-------------| +| Fix available | Yes | Blocking upgrade, update application to newest version | The existing version of the application is not compatible with the new operating system and won’t migrate. A compatible version of the application is available. | Update the application before upgrading. | +| Fix available | No | Reinstall application after upgrading | The application is compatible with the new operating system, but must be reinstalled after upgrading. The application is removed during the upgrade process.
| No action is required for the upgrade to proceed. Reinstall application on the new operating system. | +| Fix available | Yes | Blocking upgrade, but can be reinstalled after upgrading | The application is compatible with the new operating system, but won’t migrate. | Remove the application before upgrading and reinstall on the new operating system.
| +| Fix available | Yes | Disk encryption blocking upgrade | The application’s encryption features are blocking the upgrade. | Disable the encryption feature before upgrading and enable it again after upgrading.
| + +## Review applications with no known issues + +Applications with no issues known to Microsoft are listed, grouped by upgrade decision. + + + + + +Applications with no known issues that are installed on 2% or less of your total computer inventory \[number of computers application is installed on/total number of computers in your inventory\] are automatically marked **Ready to upgrade** and included in the applications reviewed count. Applications with no known issues that are installed on more than 2% of your total computer inventory are automatically marked **Not reviewed**. + +Be sure to review low install count applications for any business critical or important applications that may not yet be upgrade-ready, despite their low installation rates. + +To change an application's upgrade decision: + +1. Select **Decide upgrade readiness** to view applications with issues. Select **Table** to view the list in a table. + +2. Select **User changes** to change the upgrade decision for each application. + +3. Select the applications you want to change to a specific upgrade decision and then then select the appropriate option from the **Select upgrade decision** list. + +4. Click **Save** when finished. + +## Review drivers with known issues + +Drivers that won’t migrate to the new operating system are listed, grouped by availability. + + + + + +Availability categories are explained in the table below. + +| Driver availability | Action required before or after upgrade? | What it means | Guidance | +|-----------------------|------------------------------------------|----------------|--------------| +| Available in-box | No, for awareness only | The currently installed version of an application or driver won’t migrate to the new operating system; however, a compatible version is installed with the new operating system.
| No action is required for the upgrade to proceed. | +| Import from Windows Update | Yes | The currently installed version of a driver won’t migrate to the new operating system; however, a compatible version is available from Windows Update.
| If the computer automatically receives updates from Windows Update, no action is required. Otherwise, import a new driver from Windows Update after upgrading.
| +| Available in-box and from Windows Update | Yes | The currently installed version of a driver won’t migrate to the new operating system.
Although a new driver is installed during upgrade, a newer version is available from Windows Update.
| If the computer automatically receives updates from Windows Update, no action is required. Otherwise, import a new driver from Windows Update after upgrading.
| +| Check with vendor | Yes | The driver won’t migrate to the new operating system and we are unable to locate a compatible version.
| Check with the independent hardware vendor (IHV) who manufactures the driver for a solution. | + +To change a driver’s upgrade decision: + +1. Select **Decide upgrade readiness** and then select the group of drivers you want to review. Select **Table** to view the list in a table. + +2. Select **User changes** to enable user input. + +3. Select the drivers you want to change to a specific upgrade decision and then select the appropriate option from the **Select upgrade decision** list. + +4. Click **Save** when finished. + diff --git a/windows/deploy/use-upgrade-analytics-to-manage-windows-upgrades.md b/windows/deploy/use-upgrade-analytics-to-manage-windows-upgrades.md new file mode 100644 index 0000000000..0f14199f76 --- /dev/null +++ b/windows/deploy/use-upgrade-analytics-to-manage-windows-upgrades.md @@ -0,0 +1,26 @@ +--- +title: Use Upgrade Analytics to manage Windows upgrades (Windows 10) +description: Describes how to use Upgrade Analytics to manage Windows upgrades. +ms.prod: w10 +author: MaggiePucciEvans +--- + +# Use Upgrade Analytics to manage Windows upgrades + +This topic explains how to use the Upgrade Analytics solution to plan, manage, and deploy Windows upgrades. + +Based on telemetry data from user computers, Upgrade Analytics identifies application and driver compatibility issues that may block Windows upgrades, allowing you to make data-driven decisions about your organization’s upgrade readiness. + +You and your IT team can use the Upgrade Analytics workflow to prioritize and work through application and driver issues, assign and track issue resolution status, and identify computers that are ready to upgrade. You can then export the list of upgrade-ready computers and start deploying Windows with confidence, knowing that you’ve addressed potential blocking issues. + +Information is refreshed daily so you can monitor upgrade progress. Any changes your team makes, such as assigning application importance and marking applications as ready to upgrade, are reflected 24 hours after you make them. + +The Upgrade Analytics workflow gives you compatibility and usage information about computers, applications, and drivers and walks you through these high-level tasks. Each task is described in more detail in the topics that follow. + +1. [Preparing your environment](upgrade-analytics-prepare-your-environment.md) + +2. [Resolving application and driver issues](upgrade-analytics-resolve-issues.md) + +3. [Identifying computers that are upgrade ready](upgrade-analytics-deploy-windows.md) + + diff --git a/windows/deploy/windows-10-upgrade-paths.md b/windows/deploy/windows-10-upgrade-paths.md index 3d7f0d96e9..2503ea6a25 100644 --- a/windows/deploy/windows-10-upgrade-paths.md +++ b/windows/deploy/windows-10-upgrade-paths.md @@ -1,6 +1,6 @@ --- title: Windows 10 upgrade paths (Windows 10) -description: You can upgrade to Windows 10 from a previous version of Windows, providing the upgrade path is supported. +description: You can upgrade to Windows 10 from a previous version of Windows if the upgrade path is supported. ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library @@ -31,7 +31,6 @@ D = Edition downgrade; personal data is maintained, applications and settings ar
```Add-MsolRoleMember -RoleName "Security Reader" -RoleMemberEmailAddress “reader@Contoso.onmicrosoft.com”``` +- Read only access:
```Add-MsolRoleMember -RoleName "Security Administrator" -RoleMemberEmailAddress "secadmin@Contoso.onmicrosoft.com"``` + +For more information see, [Manage Azure AD group and role membership](https://technet.microsoft.com/en-us/library/321d532e-407d-4e29-a00a-8afbe23008dd#BKMK_ManageGroups). \ No newline at end of file diff --git a/windows/keep-secure/change-history-for-keep-windows-10-secure.md b/windows/keep-secure/change-history-for-keep-windows-10-secure.md index a6a9d44da7..43f2a07b2b 100644 --- a/windows/keep-secure/change-history-for-keep-windows-10-secure.md +++ b/windows/keep-secure/change-history-for-keep-windows-10-secure.md @@ -23,8 +23,10 @@ The topics in this library have been updated for Windows 10, version 1607 (also |New or changed topic | Description | |----------------------|-------------| -|[Create an enterprise data protection (EDP) policy using System Center Configuration Manager](create-edp-policy-using-sccm.md) |New | +|[Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate](create-and-verify-an-efs-dra-certificate.md) |New | +|[Mandatory settings for Windows Information Protection (WIP)](mandatory-settings-for-wip.md) |New | |[Create an enterprise data protection (EDP) policy using Microsoft Intune](create-edp-policy-using-intune.md) |New | +|[Create an enterprise data protection (EDP) policy using System Center Configuration Manager](create-edp-policy-using-sccm.md) |New | |[Windows Defender Advanced Threat Protection](windows-defender-advanced-threat-protection.md) (multiple topics) | Updated | |[Device Guard deployment guide](device-guard-deployment-guide.md) (multiple topics) | Updated | diff --git a/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md new file mode 100644 index 0000000000..d8db5694c4 --- /dev/null +++ b/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md @@ -0,0 +1,111 @@ +--- +title: Configure Windows Defender ATP endpoints using Group Policy +description: Use Group Policy to deploy the configuration package on endpoints so that they are onboarded to the service. +keywords: configure endpoints using group policy, endpoint management, configure Windows ATP endpoints, configure Windows Defender Advanced Threat Protection endpoints, group policy +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +author: mjcaparas +--- + +# Configure endpoints using Group Policy + +**Applies to:** + +- Windows 10 Insider Preview Build 14332 or later +- Windows Defender Advanced Threat Protection (Windows Defender ATP) + +[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] + +> **Note** To use Group Policy (GP) updates to deploy the package, you must be on Windows Server 2008 R2 or later. + +### Onboard endpoints +1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): + + a. Click **Endpoint Management** on the **Navigation pane**. + + b. Select **Group Policy**, click **Download package** and save the .zip file. + +2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the endpoints. You should have a folder called *OptionalParamsPolicy* and the file *WindowsDefenderATPOnboardingScript.cmd*. + +3. Open the [Group Policy Management Console](https://technet.microsoft.com/en-us/library/cc731212.aspx) (GPMC), right-click the Group Policy Object (GPO) you want to configure and click **Edit**. + +4. In the **Group Policy Management Editor**, go to **Computer configuration**, then **Preferences**, and then **Control panel settings**. + +5. Right-click **Scheduled tasks**, point to **New**, and then click **Immediate task**. + +6. In the **Task** window that opens, go to the **General** tab. Choose the local SYSTEM user account under **Security options**. + +7. Select **Run whether user is logged on or not** and check the **Run with highest privileges** check box. + +8. Go to the **Actions** tab and click **New...** Ensure that **Start a program** is selected in the **Action** field. Enter the file name and location of the shared *WindowsDefenderATPOnboardingScript.cmd* file. + +9. Click **OK** and close any open GPMC windows. + +## Additional Windows Defender ATP configuration settings + +You can use Group Policy (GP) to configure settings, such as settings for the sample sharing used in the deep analysis feature. + +### Configure sample collection settings +1. On your GP management machine, copy the following files from the + configuration package: + + a. Copy _AtpConfiguration.admx_ into _C:\\Windows\\PolicyDefinitions_ + + b. Copy _AtpConfiguration.adml_ into _C:\\Windows\\PolicyDefinitions\\en-US_ + +2. Open the [Group Policy Management Console](https://technet.microsoft.com/en-us/library/cc731212.aspx), right-click the GPO you want to configure and click **Edit**. + +3. In the **Group Policy Management Editor**, go to **Computer configuration**. + +4. Click **Policies**, then **Administrative templates**. + +5. Click **Windows components** and then **Windows Advanced Threat Protection**. + +6. Choose to enable or disable sample sharing from your endpoints. + +### Offboard endpoints +For security reasons, the package used to offboard endpoints will expire 30 days after the date it was downloaded. Expired offboarding packages sent to an endpoint will be rejected. When downloading an offboarding package you will be notified of the packages expiry date and it will also be included in the package name. + +> **Note** Onboarding and offboarding policies must not be deployed on the same endpoint at the same time, otherwise this will cause unpredictable collisions. + +1. Get the offboarding package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): + + a. Click **Endpoint Management** on the **Navigation pane**. + + b. Under **Endpoint offboarding** section, select **Group Policy**, click **Download package** and save the .zip file. + +2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the endpoints. You should have a file named *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd*. + +3. Open the [Group Policy Management Console](https://technet.microsoft.com/en-us/library/cc731212.aspx) (GPMC), right-click the Group Policy Object (GPO) you want to configure and click Edit. + +4. In the **Group Policy Management Editor**, go to **Computer configuration,** then **Preferences**, and then **Control panel settings**. + +5. Right-click **Scheduled tasks**, point to **New**, and then click **Immediate task**. + +6. In the **Task** window that opens, go to the **General** tab. Choose the local SYSTEM user account under **Security options**. + +7. Select **Run whether user is logged on or not** and check the **Run with highest privileges** check-box. + +8. Go to the **Actions** tab and click **New...**. Ensure that **Start a program** is selected in the **Action** field. Enter the file name and location of the shared *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd* file. + +9. Click **OK** and close any open GPMC windows. + +## Monitor endpoint configuration +With Group Policy there isn’t an option to monitor deployment of policies on the endpoints. Monitoring can be done directly on the portal, or by using the different deployment tools. + +## Monitor endpoints using the portal +1. Go to the [Windows Defender ATP portal](https://securitycenter.windows.com/). +2. Click **Machines view**. +3. Verify that endpoints are appearing. + +> **Note** It can take several days for endpoints to start showing on the **Machines view**. This includes the time it takes for the policies to be distributed to the endpoint, the time it takes before the user logs on, and the time it takes for the endpoint to start reporting. + + +## Related topics +- [Configure endpoints using System Center Configuration Manager](configure-endpoints-sccm-windows-defender-advanced-threat-protection.md) +- [Configure endpoints using Mobile Device Management tools](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md) +- [Configure endpoints using a local script](configure-endpoints-script-windows-defender-advanced-threat-protection.md) +- [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) diff --git a/windows/keep-secure/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md new file mode 100644 index 0000000000..699d49c7ec --- /dev/null +++ b/windows/keep-secure/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md @@ -0,0 +1,92 @@ +--- +title: Configure Windows Defender ATP endpoints using Mobile Device Management tools +description: Use Mobile Device Management tools to deploy the configuration package on endpoints so that they are onboarded to the service. +keywords: configure endpoints using mdm, endpoint management, configure Windows ATP endpoints, configure Windows Defender Advanced Threat Protection endpoints, mdm +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +author: mjcaparas +--- + +# Configure endpoints using Mobile Device Management tools + +**Applies to:** + +- Windows 10 Insider Preview Build 14379 or later +- Windows Defender Advanced Threat Protection (Windows Defender ATP) + +[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] + +You can use mobile device management (MDM) solutions to configure endpoints. Windows Defender ATP supports MDMs by providing OMA-URIs to create policies to manage endpoints. + +For more information on using Windows Defender ATP CSP see, [WindowsAdvancedThreatProtection CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723296(v=vs.85).aspx) and [WindowsAdvancedThreatProtection DDF file](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723297(v=vs.85).aspx). + +## Configure endpoints using Microsoft Intune + +For more information on using Windows Defender ATP CSP see, [WindowsAdvancedThreatProtection CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723296(v=vs.85).aspx) and [WindowsAdvancedThreatProtection DDF file](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723297(v=vs.85).aspx). + +### Onboard and monitor endpoints + +1. Open the Microsoft Intune configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): + + a. Click **Endpoint Management** on the **Navigation pane**. + + b. Select **Mobile Device Management/Microsoft Intune**, click **Download package** and save the .zip file. + +2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file called *WindowsDefenderATP.onboarding*. + +3. Use the Microsoft Intune custom configuration policy to deploy the following supported OMA-URI settings. For more information on Microsoft Intune policy settings see, [Windows 10 policy settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune). + +Onboarding - Use the onboarding policies to deploy configuration settings on endpoints. These policies can be sub-categorized to: +- Onboarding +- Health Status for onboarded machines +- Configuration for onboarded machines + +Policy | OMA-URI | Type | Value | Description +:---|:---|:---|:---|:--- +Onboarding | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Onboarding | String | Copy content from onboarding MDM file | Onboarding +Health Status for onboarded machines | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/SenseIsRunning | Boolean | TRUE | Windows Defender ATP service is running + | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/OnBoardingState | Integer | 1 | Onboarded to Windows Defender ATP + | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/OrgId | String | Use OrgID from onboarding file | Onboarded to Organization ID + Configuration for onboarded machines | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Configuration/SampleSharing | Integer | 0 or 1
Default value: 1 | Windows Defender ATP Sample sharing is enabled + + +> **Note** The **Health Status for onboarded machines** policy uses read-only properties and can't be remediated. + +### Offboard and monitor endpoints + +For security reasons, the package used to offboard endpoints will expire 30 days after the date it was downloaded. Expired offboarding packages sent to an endpoint will be rejected. When downloading an offboarding package you will be notified of the packages expiry date and it will also be included in the package name. + +> **Note** Onboarding and offboarding policies must not be deployed on the same endpoint at the same time, otherwise this will cause unpredictable collisions. + +1. Get the offboarding package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): + + a. Click **Endpoint Management** on the **Navigation pane**. + + b. Under **Endpoint offboarding** section, select **Mobile Device Management /Microsoft Intune**, click **Download package** and save the .zip file. + +2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named *WindowsDefenderATP_valid_until_YYYY-MM-DD.offboarding*. + +3. Use the Microsoft Intune custom configuration policy to deploy the following supported OMA-URI settings. For more information on Microsoft Intune policy settings see, [Windows 10 policy settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune). + +Offboarding - Use the offboarding policies to remove configuration settings on endpoints. These policies can be sub-categorized to: +- Offboarding +- Health Status for offboarded machines +- Configuration for offboarded machines + +Policy | OMA-URI | Type | Value | Description +:---|:---|:---|:---|:--- +Offboarding | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Offboarding | String | Copy content from offboarding MDM file | Offboarding + Health Status for offboarded machines | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/SenseIsRunning | Boolean | FALSE |Windows Defender ATP service is not running + | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/OnBoardingState | Integer | 0 | Offboarded from Windows Defender ATP + +> **Note** The **Health Status for offboarded machines** policy uses read-only properties and can't be remediated. + + +## Related topics +- [Configure endpoints using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md) +- [Configure endpoints using System Center Configuration Manager](configure-endpoints-sccm-windows-defender-advanced-threat-protection.md) +- [Configure endpoints using a local script](configure-endpoints-script-windows-defender-advanced-threat-protection.md) +- [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) diff --git a/windows/keep-secure/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md new file mode 100644 index 0000000000..3f7fac27dc --- /dev/null +++ b/windows/keep-secure/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md @@ -0,0 +1,94 @@ +--- +title: Configure Windows Defender ATP endpoints using System Center Configuration Manager +description: Use System Center Configuration Manager to deploy the configuration package on endpoints so that they are onboarded to the service. +keywords: configure endpoints using sccm, endpoint management, configure Windows ATP endpoints, configure Windows Defender Advanced Threat Protection endpoints, sccm +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +author: mjcaparas +--- + +# Configure endpoints using System Center Configuration Manager + + +**Applies to:** + +- Windows 10 Insider Preview Build 14332 or later +- Windows Defender Advanced Threat Protection (Windows Defender ATP) + +[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] + + +## Configure endpoints using System Center Configuration Manager (current branch) version 1606 +System Center Configuration Manager (current branch) version 1606, currently in technical preview, has UI integrated support for configuring and managing Windows Defender ATP on endpoints. For more information, see the [Support for Windows Defender Advanced Threat Protection service](https://technet.microsoft.com/en-us/library/mt706220.aspx#BKMK_ATP) section. + +> **Note** If you intend to use this deployment tool, ensure that you are on Windows 10 Insider Preview Build 14379 or later. This deployment method is only available from that build or later. + + +## Configure endpoints using System Center Configuration Manager (current branch) version 1602 or earlier versions +You can use System Center Configuration Manager’s existing functionality to create a policy to configure your endpoints. This is supported in System Center Configuration Manager (current branch), version 1602 or earlier, including: System Center 2012 R2 Configuration Manager and System Center 2012 Configuration Manager. + +### Onboard endpoints + +1. Open the SCCM configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): + + a. Click **Endpoint Management** on the **Navigation pane**. + + b. Select **System Center Configuration Manager (current branch) version 1602 or earlier**, click **Download package**, and save the .zip file. + +2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file called *WindowsDefenderATPOnboardingScript.cmd*. + +3. Import the configuration package by following the steps in the [How to Create Packages and Programs in Configuration Manager](https://technet.microsoft.com/en-us/library/gg682112.aspx#BKMK_Import) topic. + +4. Deploy the package by following the steps in the [How to Deploy Packages and Programs in Configuration Manager](https://technet.microsoft.com/en-us/library/gg682178.aspx) topic. + + a. Choose a predefined device collection to deploy the package to. + +### Offboard endpoints + +For security reasons, the package used to offboard endpoints will expire 30 days after the date it was downloaded. Expired offboarding packages sent to an endpoint will be rejected. When downloading an offboarding package you will be notified of the packages expiry date and it will also be included in the package name. + +> **Note** Onboarding and offboarding policies must not be deployed on the same endpoint at the same time, otherwise this will cause unpredictable collisions. + +1. Get the offboarding package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): + + a. Click **Endpoint Management** on the **Navigation pane**. + + b. Under **Endpoint offboarding** section, select **System Center Configuration Manager (current branch) version 1602 or earlier**, click **Download package**, and save the .zip file. + +2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd*. + +3. Import the configuration package by following the steps in the [How to Create Packages and Programs in Configuration Manager](https://technet.microsoft.com/en-us/library/gg682112.aspx#BKMK_Import) topic. + +4. Deploy the package by following the steps in the [How to Deploy Packages and Programs in Configuration Manager](https://technet.microsoft.com/en-us/library/gg682178.aspx) topic. + + a. Choose a predefined device collection to deploy the package to. + +### Monitor endpoint configuration +Monitoring with SCCM consists of two parts: + +1. Confirming the configuration package has been correctly deployed and is running (or has successfully run) on the endpoints in your network. + +2. Checking that the endpoints are compliant with the Windows Defender ATP service (this ensures the endpoint can complete the onboarding process and can continue to report data to the service). + +**To confirm the configuration package has been correctly deployed:** + +1. In the SCCM console, click **Monitoring** at the bottom of the navigation pane. + +2. Click **Overview** and then **Deployments**. + +3. Click on the deployment with the package name. + +4. Review the status indicators under **Completion Statistics** and **Content Status**. + +If there are failed deployments (endpoints with **Error**, **Requirements Not Met**, or **Failed statuses**), you may need to troubleshoot the endpoints. See the [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) topic for more information. + + + +## Related topics +- [Configure endpoints using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md) +- [Configure endpoints using Mobile Device Management tools](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md) +- [Configure endpoints using a local script](configure-endpoints-script-windows-defender-advanced-threat-protection.md) +- [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) \ No newline at end of file diff --git a/windows/keep-secure/configure-endpoints-script-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-endpoints-script-windows-defender-advanced-threat-protection.md new file mode 100644 index 0000000000..9d4a39eccc --- /dev/null +++ b/windows/keep-secure/configure-endpoints-script-windows-defender-advanced-threat-protection.md @@ -0,0 +1,70 @@ +--- +title: Configure Windows Defender ATP endpoints using a local script +description: Use a local script to deploy the configuration package on endpoints so that they are onboarded to the service. +keywords: configure endpoints using a local script, endpoint management, configure Windows ATP endpoints, configure Windows Defender Advanced Threat Protection endpoints +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +author: mjcaparas +--- + +# Configure endpoints using a local script +You can also manually onboard individual endpoints to Windows Defender ATP. You might want to do this first when testing the service before you commit to onboarding all endpoints in your network. + + +1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): + + a. Click **Endpoint Management** on the **Navigation pane**. + + b. Select **Local Script**, click **Download package** and save the .zip file. + + +2. Extract the contents of the configuration package to a location on the endpoint you want to onboard (for example, the Desktop). You should have a file called *WindowsDefenderATPOnboardingScript.cmd*. + +3. Open an elevated command-line prompt on the endpoint and run the script: + + a. Click **Start** and type **cmd**. + + b. Right-click **Command prompt** and select **Run as administrator**. + +  + +4. Type the location of the script file. If you copied the file to the desktop, type: *%userprofile%\Desktop\WindowsDefenderATPOnboardingScript.cmd* + +5. Press the **Enter** key or click **OK**. + +See the [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) topic for details on how you can manually validate that the endpoint is compliant and correctly reports telemetry. + +## Offboard endpoints using a local script +For security reasons, the package used to offboard endpoints will expire 30 days after the date it was downloaded. Expired offboarding packages sent to an endpoint will be rejected. When downloading an offboarding package you will be notified of the packages expiry date and it will also be included in the package name. + +> **Note** Onboarding and offboarding policies must not be deployed on the same endpoint at the same time, otherwise this will cause unpredictable collisions. + +1. Get the offboarding package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): + + a. Click **Endpoint Management** on the **Navigation pane**. + + b. Under **Endpoint offboarding** section, select **Group Policy**, click **Download package** and save the .zip file. + +2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the endpoints. You should have a file named *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd*. + +3. Open an elevated command-line prompt on the endpoint and run the script: + + a. Click **Start** and type **cmd**. + + b. Right-click **Command prompt** and select **Run as administrator**. + +  + +4. Type the location of the script file. If you copied the file to the desktop, type: *%userprofile%\Desktop\WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd* + +5. Press the **Enter** key or click **OK**. + + +## Related topics +- [Configure endpoints using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md) +- [Configure endpoints using System Center Configuration Manager](configure-endpoints-sccm-windows-defender-advanced-threat-protection.md) +- [Configure endpoints using Mobile Device Management tools](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md) +- [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) diff --git a/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md index d2cc59754d..0028b5478b 100644 --- a/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md @@ -24,140 +24,14 @@ Endpoints in your organization must be configured so that the Windows Defender A Windows Defender ATP supports the following deployment tools and methods: - Group Policy -- System Center Configuration Manager (current branch) version 1606 -- System Center 2012 Configuration manager or later versions -- Mobile Device Management -- Microsoft Intune +- System Center Configuration Manager +- Mobile Device Management (including Microsoft Intune) - Local script -## Configure endpoints with Group Policy - -> **Note** To use GP updates to deploy the package, you must be on Windows Server 2008 R2 or later. - -1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): - - a. Click **Endpoint Management** on the **Navigation pane**. - - b. Select **Group Policy**, click **Download package** and save the .zip file. - -2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the endpoints. You should have a folder called *OptionalParamsPolicy* and the file *WindowsDefenderATPOnboardingScript.cmd*. - -3. Open the [Group Policy Management Console](https://technet.microsoft.com/en-us/library/cc731212.aspx) (GPMC), right-click the Group Policy Object (GPO) you want to configure and click **Edit**. - -4. In the **Group Policy Management Editor**, go to **Computer configuration**, then **Preferences**, and then **Control panel settings**. - -5. Right-click **Scheduled tasks**, point to **New**, and then click **Immediate task**. - -6. In the **Task** window that opens, go to the **General** tab. Choose the local SYSTEM user account under **Security options**. - -7. Select **Run whether user is logged on or not** and check the **Run with highest privileges** check box. - -8. Go to the **Actions** tab and click **New...** Ensure that **Start a program** is selected in the **Action** field. Enter the file name and location of the shared *WindowsDefenderATPOnboardingScript.cmd* file. - -9. Click **OK** and close any open GPMC windows. - -For additional settings, see the [Additional configuration settings section](additional-configuration-windows-defender-advanced-threat-protection.md). - -## Configure endpoints with System Center Configuration Manager (current branch) version 1606 -System Center Configuration Manager (current branch) version 1606, currently in technical preview, has UI integrated support for configuring and managing Windows Defender ATP on endpoints. For more information, see the [Support for Windows Defender Advanced Threat Protection service](https://technet.microsoft.com/en-us/library/mt706220.aspx#BKMK_ATP) section. - -> **Note** If you intend to use this deployment tool, ensure that you are on Windows 10 Insider Preview Build 14379 or later. This deployment method is only available from that build or later. - -## Configure endpoints with System Center 2012 Configuration Manager or later versions -You can use System Center Configuration Manager’s existing functionality to create a policy to configure your endpoints. This is supported in System Center 2012 Configuration Manager or later versions, including: System Center 2012 R2 Configuration Manager, System Center Configuration Manager and System Center Configuration Manager (current branch), version 1602 or earlier. - -1. Open the SCCM configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): - - a. Click **Endpoint Management** on the **Navigation pane**. - - b. Select **System Center Configuration Manager**, click **Download package**, and save the .zip file. - -2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file called *WindowsDefenderATPOnboardingScript.cmd*. - -3. Import the configuration package by following the steps in the [How to Create Packages and Programs in Configuration Manager](https://technet.microsoft.com/en-us/library/gg682112.aspx#BKMK_Import) topic. - -4. Deploy the package by following the steps in the [How to Deploy Packages and Programs in Configuration Manager](https://technet.microsoft.com/en-us/library/gg682178.aspx) topic. - - a. Choose a predefined device collection to deploy the package to. - -## Configure endpoints with Mobile Device Management tools -You can use mobile device management (MDM) solutions to configure endpoints. Windows Defender ATP supports MDMs by providing OMA-URIs to create policies to manage endpoints. - -For more information on using Windows Defender ATP CSP see, [WindowsAdvancedThreatProtection CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723296(v=vs.85).aspx) and [WindowsAdvancedThreatProtection DDF file](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723297(v=vs.85).aspx). - -> **Note** If you intend to use this deployment tool, ensure that you are on Windows 10 Insider Preview Build 14379 or later. This deployment method is only available from that build or later. - -## Configure endpoints with Microsoft Intune - -For more information on using Windows Defender ATP CSP see, [WindowsAdvancedThreatProtection CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723296(v=vs.85).aspx) and [WindowsAdvancedThreatProtection DDF file](https://msdn.microsoft.com/en-us/library/windows/hardware/mt723297(v=vs.85).aspx). - -> **Note** If you intend to use this deployment tool, ensure that you are on Windows 10 Insider Preview Build 14379 or later. This deployment method is only available from that build or later. - -1. Open the Microsoft Intune configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): - - a. Click **Endpoint Management** on the **Navigation pane**. - - b. Select **Microsoft Intune**, click **Download package** and save the .zip file. - -2. Extract the contents of the configuration package to a location on the endpoint you want to onboard (for example, the Desktop). You should have a file called *WindowsDefenderATP.onboarding*. - -3. Use the Microsoft Intune custom configuration policy to deploy the following supported OMA-URI settings. For more information on Microsoft Intune policy settings see, [Windows 10 policy settings in Microsoft Intune](https://docs.microsoft.com/en-us/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune). - -These policies are categorized into two groups: -- Onboarding - Use the onboarding policies to deploy configuration settings on endpoints. These policies can be sub-categorized to: - - Onboarding - - Health Status for onboarded machines - - Configuration for onboarded machines -- Offboarding - Use the offboarding policies to remove configuration settings on endpoints. These policies can be sub-categorized to: - - Offboarding - - Health Status for offboarded machines - - Configuration for offboarded machines - -> **Warning** These two groups must not be deployed on the same machine at same time, otherwise this will cause unpredictable collisions. - -Policy | OMA-URI | Type | Description | Value -:---|:---|:---|:---|:--- -Onboarding | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Onboarding | String | Onboarding | Copy content from onboarding MDM file -Health Status for onboarded machines | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/SenseIsRunning | Boolean | Windows Defender ATP service is running | TRUE - | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/OnBoardingState | Integer | Onboarded to Windows Defender ATP | 1 - | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/OrgId | String | Onboarded to Organization ID | Use OrgID from onboarding file - Configuration for onboarded machines | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Configuration/SampleSharing | Integer | Windows Defender ATP Sample sharing is enabled | 0 or 1
Default value: 1 - Offboarding | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Offboarding | String | Offboarding | Copy content from offboarding MDM file - Health Status for offboarded machines | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/SenseIsRunning | Boolean | Windows Defender ATP service is not running | FALSE - | ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/HealthState/OnBoardingState | Integer | Offboarded from Windows Defender ATP | 0 - -> **Note** Policies **Health Status for onboarded machines** and **Health Status for offboarded machines** use read-only properties and can't be remediated. - -## Configure endpoints individually with a local script - -You can also manually onboard individual endpoints to Windows Defender ATP. You might want to do this first when testing the service before you commit to onboarding all endpoints in your network. - - -1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/): - - a. Click **Endpoint Management** on the **Navigation pane**. - - b. Select **Local Script**, click **Download package** and save the .zip file. - - -2. Extract the contents of the configuration package to a location on the endpoint you want to onboard (for example, the Desktop). You should have a file called *WindowsDefenderATPOnboardingScript.cmd*. - -3. Open an elevated command-line prompt on the endpoint and run the script: - - a. Click **Start** and type **cmd**. - - b. Right-click **Command prompt** and select **Run as administrator**. - -  - -4. Type the location of the script file. If you copied the file to the desktop, type: *`%userprofile%\Desktop\WindowsDefenderATPOnboardingScript.cmd`* - -5. Press the **Enter** key or click **OK**. - -See the [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) topic for details on how you can manually validate that the endpoint is compliant and correctly reports telemetry. - -## Related topics -- [Configure endpoint proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md) -- [Additional Windows Defender ATP configuration settings](additional-configuration-windows-defender-advanced-threat-protection.md) -- [Monitor the Windows Defender ATP onboarding](monitor-onboarding-windows-defender-advanced-threat-protection.md) -- [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) +## In this section +Topic | Description +:---|:--- +[Configure endpoints using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md) | Use Group Policy to deploy the configuration package on endpoints. +[Configure endpoints using System Center Configuration Manager](configure-endpoints-sccm-windows-defender-advanced-threat-protection.md) | You can use either use System Center Configuration Manager (current branch) version 1606 or System Center Configuration Manager(current branch) version 1602 or earlier to deploy the configuration package on endpoints. +[Configure endpoints using Mobile Device Management tools](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md) | Use Mobile Device Managment tools or Microsoft Intune to deploy the configuration package on endpoints. +[Configure endpoints using a local script](configure-endpoints-script-windows-defender-advanced-threat-protection.md) | Learn how to use the local script to deploy the configuration package on endpoints. diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 0c31cc5832..27177d0829 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -179,8 +179,5 @@ Verify the proxy configuration completed successfully, that WinHTTP can discover If the any of the verification steps indicate a fail, then verify that you have performed the proxy configuration steps to enable server discovery and access to the service URLs. ## Related topics - - [Configure Windows Defender ATP endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md) -- [Additional Windows Defender ATP configuration settings](additional-configuration-windows-defender-advanced-threat-protection.md) -- [Monitor the Windows Defender ATP onboarding](monitor-onboarding-windows-defender-advanced-threat-protection.md) - [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) diff --git a/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md b/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md new file mode 100644 index 0000000000..5f9b52ebf2 --- /dev/null +++ b/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md @@ -0,0 +1,109 @@ +--- +title: Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate (Windows 10) +description: Follow these steps to create, verify, and perform a quick recovery by using a Encrypting File System (EFS) Data Recovery Agent (DRA) certificate. +keywords: Windows Information Protection, WIP, WIP, Enterprise Data Protection +ms.prod: w10 +ms.mktglfcycl: explore +ms.sitesec: library +ms.pagetype: security +--- + +# Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate +**Applies to:** + +- Windows 10 Insider Preview +- Windows 10 Mobile Preview + +[Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] + +If you don’t already have an EFS DRA certificate, you’ll need to create and extract one from your system before you can use Windows Information Protection (WIP), formerly known as enterprise data protection (EDP), in your organization. For the purposes of this section, we’ll use the file name EFSDRA; however, this name can be replaced with anything that makes sense to you. + +The recovery process included in this topic only works for desktop devices. WIP deletes the data on Windows 10 Mobile devices. + +>**Important**
+If you already have an EFS DRA certificate for your organization, you can skip creating a new one. Just use your current EFS DRA certificate in your policy. For more info about when to use a PKI and the general strategy you should use to deploy DRA certificates, see the [Security Watch Deploying EFS: Part 1](https://technet.microsoft.com/en-us/magazine/2007.02.securitywatch.aspx) article on TechNet. For more general info about EFS protection, see [Protecting Data by Using EFS to Encrypt Hard Drives](https://msdn.microsoft.com/en-us/library/cc875821.aspx).
If your DRA certificate has expired, you won’t be able to encrypt your files with it. To fix this, you'll need to create a new certificate, using the steps in this topic, and then deploy it through policy.
+
+**To manually create an EFS DRA certificate**
+
+1. On a computer without an EFS DRA certificate installed, open a command prompt with elevated rights, and then navigate to where you want to store the certificate.
+
+2. Run this command:
+
+ `cipher /r: Care must be taken to get a support statement from the software provider that their app is safe with EDP before adding it to your **App Rules** list. If you don’t get this statement, it’s possible that you could experience app compat issues due to an app losing the ability to access a necessary file after revocation.
+EDP-aware apps are expected to prevent enterprise data from going to unprotected network locations and to avoid encrypting personal data. On the other hand, EDP-unaware apps might not respect the corporate network boundary, and EDP-unaware apps will encrypt all files they create or modify. This means that they could encrypt personal data and cause data loss during the revocation process. Care must be taken to get a support statement from the software provider that their app is safe with EDP before adding it to your **App rules** list. If you don’t get this statement, it’s possible that you could experience app compat issues due to an app losing the ability to access a necessary file after revocation.
#### Add a store app rule to your policy
For this example, we’re going to add Microsoft OneNote, a store app, to the **App Rules** list.
**To add a store app**
-1. From the **App Rules** area, click **Add**.
+1. From the **App rules** area, click **Add**.
The **Add app rule** box appears.
@@ -153,7 +153,7 @@ If you don't know the publisher or product name, you can find them for both desk
For this example, we’re going to add Internet Explorer, a desktop app, to the **App Rules** list.
**To add a desktop app to your policy**
-1. From the **App Rules** area, click **Add**.
+1. From the **App rules** area, click **Add**.
The **Add app rule** box appears.
@@ -293,7 +293,7 @@ For this example, we’re going to add an AppLocker XML file to the **App Rules*
12. After you’ve created your XML file, you need to import it by using System Center Configuration Manager.
**To import your Applocker policy file app rule using 1System Center Configuration Manager**
-1. From the **App Rules** area, click **Add**.
+1. From the **App rules** area, click **Add**.
The **Add app rule** box appears.
@@ -318,7 +318,7 @@ If you're running into compatibility issues where your app is incompatible with
**To exempt a store app, a desktop app, or an AppLocker policy file app rule**
-1. From the **App Rules** area, click **Add**.
+1. From the **App rules** area, click **Add**.
The **Add app rule** box appears.
@@ -409,12 +409,12 @@ There are no default locations included with EDP, you must add each of your netw
Using this server type indicates that the cloud resources you’re connecting to are enterprise resources. This list shouldn’t include any servers listed in the Enterprise Proxy Servers list, which are used for non-EDP-protected traffic. If you have multiple resources, you must separate them using the ";" delimiter. If you have multiple ranges, you must separate them using the "," delimiter. If you have multiple ranges, you must separate them using the "," delimiter. Assign to employees X Add to private store X Remove from private store X View license details X View product details X X Download for offline use X Assign to employees X Add to private store X Remove from private store X View license details X View product details X X Download for offline use X **Note** **Important** **Important** **Important** **Note** **Important** **Important** **Note** **In Windows 10, version 1511** **In Windows 10, version 1607 and later** **In Windows 10, version 1511** **In Windows 10, version 1607 and later** Use this setting if you only want to support Azure AD in your organization. |
+|Computer Configuration\Administrative Templates\Windows Components\Search\Allow search and Cortana to use location |Search/AllowSearchToUseLocation |Specifies whether Cortana can use your current location during searches and for location reminders. |
+|Computer Configuration\Administrative Templates\Windows Components\Search\Set the SafeSearch setting for Search |Search/SafeSearchPermissions |Specifies what level of safe search (filtering adult content) is required. **Note** **In Windows 10 Pro edition** **In Windows 10 Enterprise edition** **Important** ACT Community An online environment that enables ACT users to share issues and solution data with other registered ACT users. ACT Log Processing Service (LPS) The service that processes the log files uploaded from your client computers, adding the information to your ACT database. AppHelp message A type of compatibility fix. An AppHelp message is designed to appear when a user starts an application that has compatibility issues. The message can prevent the application from starting, or simply provide information about compatibility issues in the application. Application Compatibility Manager (ACM) The user interface that enables you to view reports generated from the ACT database. This is also where you create data-collection packages. Compatibility Administrator A tool that enables you to create and deploy compatibility fixes, compatibility modes, and AppHelp messages, to resolve your compatibility issues. compatibility fix A small piece of code that intercepts API calls from applications, transforming them so that Windows will provide the same product support for the application as previous versions of the operating system. Previously known as a "shim". compatibility mode Group of compatibility fixes found to resolve many common application compatibility issues. compatibility solution The solution to a known compatibility issue, as entered by the user, Microsoft, or a vendor. data-collection package A Windows installer (.msi) file created by Application Compatibility Manager (ACM) for deploying to each of your client computers. Data-collection packages include inventory collection packages and runtime analysis packages. deployment The process of distributing and installing a software program throughout an entire organization. A deployment is not the same as a pilot, which is where you provide the software application to a smaller group of users to identify and evaluate problems that might occur during the actual deployment. independent software vendor (ISV) An individual or an organization that independently creates computer software. inventory-collector package A package that examines each of your organization's computers to identify the installed applications and system information. You can view the results on the Analyze screen in ACM. Microsoft Compatibility Exchange A web service that transfers compatibility information between Microsoft and the ACT database. runtime-analysis package A data-collection package that you deploy to computers in a test environment for compatibility testing. The runtime-analysis package includes tools for monitoring applications for compatibility issues and submitting compatibility feedback. session 0 The session that is used for all of the system services. Previously, users could run in Session 0 without issues; however, this was changed in Windows Vista so that all users are now required to run in Session 1 or later. shim See Other Term: compatibility fix User Account Control (UAC) A security feature that helps prevent unauthorized changes to a computer, by asking the user for permission or administrator credentials before performing actions that could potentially affect the computer's operation or that change settings that affect multiple users. [Welcome to ACT](welcome-to-act.md) The Application Compatibility Toolkit (ACT) helps you determine whether the applications, devices, and computers in your organization are compatible with versions of the Windows® operating system. With ACT, you can obtain compatibility information from Microsoft and software vendors, identify compatibility issues within your own organization, and share compatibility ratings with other ACT users. The tools in ACT help you analyze and mitigate compatibility issues before deploying a version of Windows to your organization. [Configuring ACT](configuring-act.md) This section provides information about setting up the Application Compatibility Toolkit (ACT) in your organization. [Using ACT](using-act.md) This section describes how to use the Application Compatibility Toolkit (ACT) in your organization. [Troubleshooting ACT](troubleshooting-act.md) This section provides troubleshooting information for the Application Compatibility Toolkit (ACT). [ACT User Interface Reference](act-user-interface-reference.md) This section contains information about the user interface for Application Compatibility Manager (ACM), which is a tool in the Application Compatibility Toolkit (ACT). [ACT Product and Documentation Resources](act-product-and-documentation-resources.md) The following sections provide links to resources and reference material for the Application Compatibility Toolkit (ACT). [ACT Glossary](act-glossary.md) The following table lists terms and definitions used by the Application Compatibility Toolkit (ACT). [Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md) You can fix some compatibility issues that are due to the changes made between Windows operating system versions. These issues can include User Account Control (UAC) restrictions. Opens the Application Compatibility Manager Overview screen. Collect toolbar Analyze toolbar Opens the New Data Collection Package dialog box. For more information, see [Creating a Runtime-Analysis Package](creating-a-runtime-analysis-package.md). Collect toolbar Exports your data-collection package settings. For more information, see [Exporting a Data-Collection Package](exporting-a-data-collection-package.md). Collect toolbar Deletes a data-collection package that has not yet run on your client computers. For more information, see [Deleting a Data-Collection Package](deleting-a-data-collection-package.md). Collect toolbar Imports an existing compatibility report. For more information, see [Saving, Opening, and Exporting Reports](saving-opening-and-exporting-reports.md). Analyze toolbar Saves a compatibility report, including your preferences and settings. For more information, see [Saving, Opening, and Exporting Reports](saving-opening-and-exporting-reports.md). Analyze toolbar Exports your report data to a Microsoft® Excel® spreadsheet (.xls) file. For more information, see [Saving, Opening, and Exporting Reports](saving-opening-and-exporting-reports.md). Analyze toolbar Synchronizes your compatibility data with the Microsoft Compatibility Exchange. For more information, see [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md). Analyze toolbar Turns the query builder on or off. For more information, see [Filtering Your Compatibility Data](filtering-your-compatibility-data.md). Analyze toolbar Opens the Set Assessment dialog box. For more information, see [Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md). Analyze toolbar Report Details toolbar Opens the Set Deployment Status dialog box. For more information, see [Selecting Your Deployment Status](selecting-your-deployment-status.md). Analyze toolbar Report Details toolbar Opens the Assign Categories dialog box. For more information, see [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md). Analyze toolbar Report Details toolbar Opens the Assign Priorities dialog box. For more information, see [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md). Analyze toolbar Report Details toolbar Opens the Send and Receive Status dialog box. For more information, see [Selecting the Send and Receive Status for an Application](selecting-the-send-and-receive-status-for-an-application.md). Analyze toolbar Report Details toolbar Opens the Add Issue dialog box. For more information, see [Adding or Editing an Issue](adding-or-editing-an-issue.md). Report Details toolbar Opens the Add Solution dialog box. For more information, see [Adding or Editing a Solution](adding-or-editing-a-solution.md). Report Details toolbar Saves a compatibility issue. Add Issue dialog box Reactivates a resolved compatibility issue. For more information, see [Resolving an Issue](resolving-an-issue.md). Add Issue dialog box Refreshes the screen. If you are using the query builder, updates the screen with the query results. Collect toolbar Analyze toolbar Data Collection Package - Status toolbar Report Details toolbar Enables you to scroll up and down the screen or dialog box information, showing the related details. This button may not be available for all issues or information. Report Details toolbar Add Issue dialog box New Data Collection Package dialog box Data Collection Package - Status toolbar Opens the online Help system. All screens [Toolbar Icons in ACM](act-toolbar-icons-in-acm.md) The following table shows icons that appear on toolbars and navigational elements in Application Compatibility Manager (ACM). [Ratings Icons in ACM](ratings-icons-in-acm.md) Compatibility ratings can originate from Microsoft, the application vendor, your organization, and from the Application Compatibility Toolkit (ACT) community. [Activating and Closing Windows in ACM](activating-and-closing-windows-in-acm.md) The Windows dialog box shows the windows that are open in Application Compatibility Manager (ACM). [Settings for ACM](settings-for-acm.md) This section provides information about settings that you can configure in Application Compatibility Manager (ACM). Title Can be up to 100 characters in length. Solution Type You must select a value from the list. Solution Details Information about your solution, including the steps to reproduce your fix. Solution Details URL URL for a page that shows more information about the solution. Title Can be up to 256 characters in length. Priority You must select a value from the list. Severity You must select a value from the list. Symptom You must select a value from the list. Cause You must select a value from the list. Affected Operating Systems Operating systems on which the issue occurs. You must select at least one operating system. Issue Description Description of the issue, including the steps to reproduce the problem. Link to More Information URL for a page that shows more information about the issue. [Viewing Your Compatibility Reports](viewing-your-compatibility-reports.md) This section describes the compatibility reports in Application Compatibility Manager (ACM) and how you can work with the reports. [Organizing Your Compatibility Data](organizing-your-compatibility-data.md) This section provides step-by-step instructions for organizing your compatibility data in Application Compatibility Manager (ACM). [Filtering Your Compatibility Data](filtering-your-compatibility-data.md) You can use Query Builder to filter your compatibility-issue data or reports by selecting specific restriction criteria. [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md) The Microsoft® Compatibility Exchange is a web service that propagates application compatibility issues between various data sources, for example Microsoft Corporation, independent software vendors (ISVs) and the ACT Community. This process involves checking for updated compatibility information from Microsoft over the Internet. You can send and receive data to keep Application Compatibility Manager (ACM) updated with the latest compatibility information. Assessment Shows the compatibility ratings for the application from the application vendor, your internal organization, and the ACT Community. For more information, see [Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md). Issues For each issue associated with the selected application, shows: The issue status, either active (a red X) or resolved (a green check mark). The provider who created the record of the issue. The severity of the issue as entered by the provider. The symptom of the issue as entered by the provider. The date on which the issue was added to the ACT database. For more information, see [Creating and Editing Issues and Solutions](creating-and-editing-issues-and-solutions.md). Application Properties Shows the following properties for the selected application: MSI. Shows the installer name, vendor, version, language, and so on. Add/Remove Programs. Shows the application name that appears in Control Panel, vendor, registry path, and string for uninstalling. Shell. Shows the shortcuts for the application and where the shortcuts appear on the Start menu. Registry. Shows the registry name for the application, registry path, file name, and so on. Service Control Manager. Shows the entries in the Services console that correspond to the application. Computers Shows the following information for each of the computers that have the specified application installed: Computer name, domain, and operating system. Media Access Control (MAC) address for the computer. Manufacturer of the computer. Labels Shows the label for the selected application. For information about labels, see [Labeling Data in ACM](labeling-data-in-acm.md). Feedback Shows feedback that your testers have submitted to the ACT database for the selected application. [Using Compatibility Monitor to Send Feedback](using-compatibility-monitor-to-send-feedback.md) The Microsoft Compatibility Monitor tool is installed as part of the runtime-analysis package. From the computers in your test environment, you can use Compatibility Monitor to submit compatibility information to the Application Compatibility Toolkit (ACT) database for your organization. [Common Compatibility Issues](common-compatibility-issues.md) Compatibility issues tend to occur with the following technologies: Details Shows the following information for the selected computer: The computer name, operating system, architecture, and domain. The IP address, Media Access Control (MAC) address, and hardware identifier. The manufacturer, asset tag, and system number. The hardware specifications. Applications Shows the following information for each of the applications installed on the selected computer: The application name, version number, and application vendor. The compatibility rating for the application as determined by your organization. The compatibility information from the application vendor. The compatibility information from the ACT Community, which you can view if you are a member of the ACT Community. For more information, see [Settings Dialog Box - Preferences Tab](act-settings-dialog-box-preferences-tab.md). The issues that have been opened for the application. The count of computers in your organization on which the application is installed. Devices Shows the following information for each of the devices installed on the selected computer: The model and manufacturer of the device. An evaluation of whether the device works on a 32-bit operating system or a 64-bit operating system. The class of device, as reported by the device. The count of computers in your organization on which the device is installed. Labels Shows the label for the selected computer. For information about labels, see [Labeling Data in ACM](labeling-data-in-acm.md). [ACT Tools, Packages, and Services](act-tools-packages-and-services.md) The Application Compatibility Toolkit is included with the Windows ADK. [Download the Windows ADK.](http://go.microsoft.com/fwlink/p/?LinkId=526740) [ACT Deployment Options](act-deployment-options.md) While planning your deployment of the Application Compatibility Toolkit (ACT), consider which computers you want running the various tools, packages, and services for ACT. [ACT Database Configuration](act-database-configuration.md) The Application Compatibility Toolkit (ACT) uses a Microsoft® SQL Server® database for storing and sharing compatibility issue data. If you do not use Microsoft SQL Server, you can download and install Microsoft SQL Server Express. For information about creating Microsoft SQL Server databases, see [Administering the Database Engine](http://go.microsoft.com/fwlink/p/?LinkId=64169). [ACT Database Migration](act-database-migration.md) The schema for an ACT database can change when ACT is updated or when a new version of ACT is released. If the schema for an ACT database does not match the current schema, you can migrate the compatibility data to a new database. You can then use the current version of ACT to open the new database. [ACT LPS Share Permissions](act-lps-share-permissions.md) To upload log files to the ACT Log Processing Service (LPS) share, certain permissions must be set at the share level and folder level. Supports a large number of servers in a limited amount of physical space. You can run as many virtual servers as the physical computer’s resources allow. Easily shares your test environment between teams. For example, your test team can create a virtualized test environment and then provide a copy to your development team for use in its development processes. Supports multiple users performing simultaneous testing, mimicking the ability for each user to have a dedicated test environment. Easily restores your environment to a previous state. For example, you can revert to a previous state by using the Undo Disks option. May reduce performance. Virtualized servers may be slower than their physical counterparts. The performance of virtualized servers is reduced because physical resources such as disks are virtualized. May not support all applications and device drivers. Some hardware-specific device drivers and applications are not supported in virtualized servers. [Adding or Editing an Issue](adding-or-editing-an-issue.md) In Application Compatibility Manager (ACM), you can enter information about the compatibility issues that you discover. [Adding or Editing a Solution](adding-or-editing-a-solution.md) If you find your own solutions to compatibility issues, you can enter the solutions in Application Compatibility Manager (ACM). You can use the Microsoft Compatibility Exchange to upload solutions to Microsoft Corporation. [Resolving an Issue](resolving-an-issue.md) You can use Application Compatibility Manager (ACM) to flag issues as resolved. Resolving an issue changes the status of the issue from a red x to a green check mark on your report and report detail screens. [<OperatingSystem> - Application Report](act-operatingsystem-application-report.md) Application Name Version Company My Assessment User Assessment Send/Receive Status Vendor Assessment Community Assessment Active Issues Computers Resolved Issues Language Priority Deployment Status Issues with Solutions [<OperatingSystem> - Computer Report](act-operatingsystem-computer-report.md) Computer Name Applications with Issues Devices with Issues Operating System Domain Applications Devices Priority [<OperatingSystem> - Device Report](act-operatingsystem-device-report.md) Model Manufacturer Assessment Device Class Computers Assessment Priority [Internet Explorer - Web Site Report](internet-explorer-web-site-report.md) Web Site My Assessment Active Issues Resolved Issues None Risk assessment The determination of whether the application has compatibility issues. Symptom Behavior exhibited by the application. Cause Reason for the failure. Provider and subprovider Source of the compatibility issue. Issue ID A unique ID number for the compatibility issue. Severity Impact this issue has on the application experience. Priority Degree of impact that this issue has on your organization. Published Date Date that the source entered the data into the database. Operating system name Friendly name of the installed operating system. Major version Major version number of the operating system. Minor version Minor version number of the operating system. Locale Language ID of the application to which the compatibility issue applies. Title Short title of the compatibility issue. Summary Description of the compatibility issue. Service pack major Major version number of the operating system service pack. Service pack minor Minor version number of the operating system service pack. URL HREF URL of any links provided for the compatibility issue. Provider and subprovider IDs IDs for the source of the compatibility issue's solution. Solution type Type of solution provided for the compatibility issue. Locale Language ID of the application to which the solution applies. Title Short title of the solution. Details Description of the solution. URL HREF URL of any links provided for the compatibility issue solution. Works The count of Works ratings, for 32-bit and 64-bit operating systems. Works with Minor Issues or has Solutions The count of Works with Minor Issues or has Solutions ratings, for 32-bit and 64-bit operating systems. Does Not Work The count of Does Not Work ratings, for 32-bit and 64-bit operating systems.
### Create a source file that contains the user and group accounts
@@ -448,8 +448,8 @@ After you have selected your user and group account bulk import method, you’re
| Method | Source file format |
|--------| -------------------|
-|Ldifde.exe|Ldifde.exe requires a specific format for the source file. Use Ldifde.exe to export existing user and group accounts so that you can see the format. For examples of the format that Ldifde.exe requires, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com/en-us/library/bb727091.aspx), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/en-us/kb/555636), [Import or Export Directory Objects Using Ldifde](https://technet.microsoft.com/library/cc816781.aspx), and [LDIFDE](https://technet.microsoft.com/library/cc755456.aspx).|
-|VBScript | VBScript can use any .csv file format to create a source file for the bulk-import process. To create the .csv file, use software such as Excel. For examples of how to format your source file in comma-separated values (CSV) format, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com/en-us/library/bb727091.aspx).|
+|Ldifde.exe|Ldifde.exe requires a specific format for the source file. Use Ldifde.exe to export existing user and group accounts so that you can see the format. For examples of the format that Ldifde.exe requires, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com//library/bb727091.aspx), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/en-us/kb/555636), [Import or Export Directory Objects Using Ldifde](https://technet.microsoft.com/library/cc816781.aspx), and [LDIFDE](https://technet.microsoft.com/library/cc755456.aspx).|
+|VBScript | VBScript can use any .csv file format to create a source file for the bulk-import process. To create the .csv file, use software such as Excel. For examples of how to format your source file in comma-separated values (CSV) format, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com//library/bb727091.aspx).|
| Windows PowerShell| Windows PowerShell can use any .csv file format you want to create as a source file for the bulk-import process. To create the .csv file, use software such as Excel. For examples of how to format your source file in CSV format, see [Import Bulk Users to Active Directory](https://blogs.technet.microsoft.com/bettertogether/2011/01/09/import-bulk-users-to-active-directory/) and [PowerShell: Bulk create AD Users from CSV file](http://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx).|
### Import the user accounts into AD DS
@@ -460,8 +460,8 @@ With the bulk-import source file finished, you’re ready to import the user and
For more information about how to import user accounts into AD DS by using:
-- Ldifde.exe, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com/en-us/library/bb727091.aspx), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/en-us/kb/555636), [Import or Export Directory Objects Using Ldifde](https://technet.microsoft.com/library/cc816781.aspx), and [LDIFDE](https://technet.microsoft.com/library/cc755456.aspx).
-- VBScript, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com/en-us/library/bb727091.aspx).
+- Ldifde.exe, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com//library/bb727091.aspx), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/en-us/kb/555636), [Import or Export Directory Objects Using Ldifde](https://technet.microsoft.com/library/cc816781.aspx), and [LDIFDE](https://technet.microsoft.com/library/cc755456.aspx).
+- VBScript, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com//library/bb727091.aspx).
- Windows PowerShell, see [Import Bulk Users to Active Directory](https://blogs.technet.microsoft.com/bettertogether/2011/01/09/import-bulk-users-to-active-directory/) and [PowerShell: Bulk create AD Users from CSV file](http://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx).
### Summary
@@ -702,14 +702,14 @@ The first step in preparation for Windows 10 deployment is to configure—that i
The LTI boot images (.wim files) that you will add to Windows Deployment Services are in the MDT deployment share. Locate the .wim files in the Boot subfolder in the deployment share. For more information about how to perform this step, see [Add LTI Boot Images to Windows Deployment Services](https://technet.microsoft.com/en-us/library/dn759415.aspx#AddLTIBootImagestoWindowsDeploymentServices).
+2. Add LTI boot images (Windows PE images) to Windows Deployment Services. The LTI boot images (.wim files) that you will add to Windows Deployment Services are in the MDT deployment share. Locate the .wim files in the Boot subfolder in the deployment share. For more information about how to perform this step, see [Add LTI Boot Images to Windows Deployment Services](https://technet.microsoft.com//library/dn759415.aspx#AddLTIBootImagestoWindowsDeploymentServices).
### Summary
@@ -897,7 +897,7 @@ Microsoft has several recommended settings for educational institutions. Table 1
Details Shows the following information for the selected device: The model and manufacturer of the device. The class of device, as reported by the device. An evaluation of whether the device works on a 32-bit operating system or a 64-bit operating system. Computers Shows the following information for each of the computers on which the device is installed: Computer name, domain, and operating system. The count of installed applications and devices. The count of installed applications and devices that have issues. And/Or If you select And, your data must match all query rows to appear as a returned result. If you select Or, your data can match any query row to appear as a returned result. Field Select filter criteria. Operator Select an operator. The available operators depend on the field that you choose. Value Type or select a value. [Deciding Whether to Fix an Application or Deploy a Workaround](deciding-whether-to-fix-an-application-or-deploy-a-workaround.md) You can fix a compatibility issue by changing the code for the application or by deploying a workaround. [SUA User's Guide](sua-users-guide.md) You can use Standard User Analyzer (SUA) to test your applications and monitor API calls to detect compatibility issues related to the User Account Control (UAC) feature in Windows. [Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md) The Compatibility Administrator tool helps you resolve potential application-compatibility issues before deploying a new version of Windows to your organization. Compatibility Administrator provides the following: [Log File Locations for Data-Collection Packages](log-file-locations-for-data-collection-packages.md) When you create a data-collection package in Application Compatibility Manager (ACM), you can select an output location for your log files. You have the following options: [Exporting a Data-Collection Package](exporting-a-data-collection-package.md) In Application Compatibility Manager (ACM), you can export a data-collection package as a Windows installer (.msi) file. You can then use the .msi file to install the data-collection package on the computers from which you want to gather data. [Deleting a Data-Collection Package](deleting-a-data-collection-package.md) In Application Compatibility Manager (ACM), you can delete any of your existing data-collection packages from the database. [Labeling Data in ACM](labeling-data-in-acm.md) Application data and its associated compatibility issues can vary within an organization. For example, the applications used by a Human Resources (HR) department might differ from the applications used by a Sales department. Even for applications that are used across an organization, different compatibility issues might be found for each business group because of the unique application use by each business group. [<OperatingSystem> - Application Report](act-operatingsystem-application-report.md) Yes Yes Yes Yes Yes Yes [<OperatingSystem> - Computer Report](act-operatingsystem-computer-report.md) No No Yes Yes No No [<OperatingSystem> - Device Report](act-operatingsystem-device-report.md) No No Yes Yes No No [<WebsiteURL> Dialog Box](websiteurl-dialog-box.md) Yes Yes Yes Yes Yes Yes [Organizational Tasks for Each Report Type](organizational-tasks-for-each-report-type.md) The following table shows which tasks can be performed for each report type. [Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md) You can rate the compatibility of your applications, installation packages, or websites, based on whether they run successfully on a 32-bit or 64-bit operating system. Your rating applies to your entire organization and is based on your own testing results and organizational requirements. [Selecting Your Deployment Status](selecting-your-deployment-status.md) In Application Compatibility Manager (ACM), you can track the deployment status of your applications and websites. [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md) To customize and filter your compatibility reports, you can create categories and subcategories to assign to your applications, computers, devices, and websites. By default, Microsoft provides the following categories: [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md) You can prioritize your applications, websites, computers, and devices to help customize and filter your compatibility reports. The priority levels are: [Selecting the Send and Receive Status for an Application](selecting-the-send-and-receive-status-for-an-application.md) For each application listed in Application Compatibility Manager (ACM), you can select whether to send and receive specific application data through the Microsoft Compatibility Exchange [Creating and Editing Issues and Solutions](creating-and-editing-issues-and-solutions.md) This section provides step-by-step instructions for adding and editing application compatibility issues and solutions. Your issue and solution data can be uploaded to Microsoft through the Microsoft® Compatibility Exchange. And Priority Equals Priority 1 - Business Critical Or Priority Equals Priority 2 - Important Application, device, or website functions as expected on a 32-bit operating system. Application, device, or website functions as expected on a 64-bit operating system. Application, device, or website with issues that are minor or have known solutions on a 32-bit operating system. Severity 3 issues are considered minor issues. Application, device, or website with issues that are minor or have known solutions on a 64-bit operating system. Application, device, or website with major issues, such as data loss or severely impaired functionality, on 32-bit operating systems. Severity 1 and Severity 2 issues are considered major issues. Application, device, or website with major issues, such as data loss or severely impaired functionality, on 64-bit operating systems. Application, device, or website that does not have any application assessment data for 32-bit operating systems. The item does not match any information in the database, or no assessments have been submitted. Application, device, or website that does not have any application assessment data for 64-bit operating systems. And Send and Receive Status Equals Do not send to Microsoft And My Assessment Equals Works Or My Assessment Equals Works with minor issues or has solutions And Deployment Status Equals Mitigating Or Deployment Status Equals Ready to Deploy [Settings Dialog Box - Settings Tab](act-settings-dialog-box-settings-tab.md) To display the Settings dialog box, in Application Compatibility Manager (ACM), on the Tools menu, click Settings. [Settings Dialog Box - Preferences Tab](act-settings-dialog-box-preferences-tab.md) To display the Settings dialog box, in Application Compatibility Manager (ACM), on the Tools menu, click Settings. [Identifying Computers for Inventory Collection](identifying-computers-for-inventory-collection.md) An inventory-collector package gathers inventory data from the computers on which it is installed. This data includes the following: [Creating an Inventory-Collector Package](creating-an-inventory-collector-package.md) You can use Application Compatibility Manager (ACM) to create an inventory-collector package. You can then deploy the inventory-collector package to other computers to gather inventory data. The package uploads inventory data to the Application Compatibility Toolkit (ACT) database. [Deploying an Inventory-Collector Package](deploying-an-inventory-collector-package.md) You can use the following methods to deploy an inventory-collector package to the destination computers: [Deciding Which Applications to Test](deciding-which-applications-to-test.md) Before starting your compatibility testing on the version of Windows that you want to deploy, you can use the Application Compatibility Toolkit (ACT) to identify which applications should be the focus of your testing. [Creating an Enterprise Environment for Compatibility Testing](creating-an-enterprise-environment-for-compatibility-testing.md) The goal of the test environment is to model the operating system that you want to deploy and assess compatibility before deploying the operating system to your production environment. Your test environment is composed of computers on which the new operating system is installed. Your test environment can be a long-term investment. Consider retaining the test environment after deployment to assist in future deployment projects. [Creating a Runtime-Analysis Package](creating-a-runtime-analysis-package.md) In Application Compatibility Manager (ACM), you can create runtime-analysis packages, which you can then deploy to computers for compatibility testing in your test environment. [Deploying a Runtime-Analysis Package](deploying-a-runtime-analysis-package.md) When you deploy a runtime-analysis package, you are deploying it to your test environment for compatibility testing. [Compatibility Monitor User's Guide](compatibility-monitor-users-guide.md) Compatibility Monitor is a tool in the runtime analysis package that you can use to monitor applications for compatibility issues. You can also use the Compatibility Monitor tool to submit compatibility feedback. [Troubleshooting the ACT Configuration Wizard](troubleshooting-the-act-configuration-wizard.md) When you start Application Compatibility Manager (ACM) for the first time, the Application Compatibility Toolkit (ACT) Configuration Wizard appears. The wizard helps you configure your ACT database, your shared folder for ACT log files, and your ACT Log Processing Service account. [Troubleshooting the ACT Log Processing Service](troubleshooting-the-act-log-processing-service.md) The following solutions may help you resolve issues that are related to the Application Compatibility Toolkit (ACT) Log Processing Service. [Troubleshooting ACT Database Issues](troubleshooting-act-database-issues.md) The following solutions may help you resolve issues that are related to your Microsoft® SQL Server® database for the Application Compatibility Toolkit (ACT). [Taking Inventory of Your Organization](taking-inventory-of-your-organization.md) This section provides information about how to use the Application Compatibility Toolkit (ACT) to identify applications and devices that are installed in your organization. [Testing Compatibility on the Target Platform](testing-compatibility-on-the-target-platform.md) This section provides information about setting up a test environment for compatibility testing, and about creating and deploying runtime-analysis packages to the test environment. [Managing Your Data-Collection Packages](managing-your-data-collection-packages.md) This section provides information about using Application Compatibility Manager (ACM) to manage your data-collection packages. Data-collection packages include inventory-collector packages and runtime-analysis packages. The following procedures apply to both package types. [Analyzing Your Compatibility Data](analyzing-your-compatibility-data.md) This section provides information about viewing and working with your compatibility data in Application Compatibility Manager (ACM). [Fixing Compatibility Issues](fixing-compatibility-issues.md) This section provides step-by-step instructions and describes development tools that you can use to help fix your compatibility issues. [<OperatingSystem> - Application Report](act-operatingsystem-application-report.md) This section describes the compatibility reports in Application Compatibility Manager (ACM) and how you can work with the reports. [<OperatingSystem> - Computer Report](act-operatingsystem-computer-report.md) The <OperatingSystem> - Computer Report screen shows the following information for each computer in your organization: [<OperatingSystem> - Device Report](act-operatingsystem-device-report.md) The <OperatingSystem> - Device Report screen shows the following information for each device installed in your organization: [Internet Explorer - Web Site Report](internet-explorer-web-site-report.md) The Internet Explorer - Web Site Report screen shows the following information for each of the websites visited in your organization: [Saving, Opening, and Exporting Reports](saving-opening-and-exporting-reports.md) You can perform several common reporting tasks from the Analyze screen, including saving a compatibility report, opening a saved compatibility report (.adq) file, and exporting your report data to a spreadsheet (.xls) file. [Customizing Your Report Views](customizing-your-report-views.md) You can customize how you view your report data in Application Compatibility Manager (ACM). [What's New in ACT 6.1](whats-new-in-act-60.md) Two major updates have been released since ACT 6.1. They are ACT 6.1 Update and ACT 6.1 Update 2. The following table lists changes made in the Application Compatibility Toolkit (ACT), which is included in the Windows Assessment and Deployment Kit (ADK) download. [Software Requirements for ACT](software-requirements-for-act.md) The Application Compatibility Toolkit (ACT) has the following software requirements. [Software Requirements for RAP](software-requirements-for-rap.md) The runtime-analysis package (RAP) has the following software requirements. Bug fixes: this version of ACT addresses the following bugs: Capability to create custom compatibility fixes for Windows versions other than the currently running version. Fixed issue where Inventory-Collector Package crashes when running on some Windows 7 x86 systems. Fixed issue where not specifying a tag for Inventory-Collector Package would cause an error in the log processing service. The result of this bug was that data collected by the Package would not be processed. Fixed issue where Standard User Analyzer (SUA) returns an error when trying to apply mitigations to an app on Windows 7. Fixed issue where ACT is unable to create custom compatibility fixes for 32-bit systems correctly.
+ Because the private keys in your DRA .pfx files can be used to decrypt any WIP file, you must protect them accordingly. We highly recommend storing these files offline, keeping copies on a smart card with strong protection for normal use and master copies in a secured physical location.
+
+4. Add your EFS DRA certificate to your WIP policy using a deployment tool, such as Microsoft Intune or System Center Configuration Manager.
+
+ >**Note**
+ To add your EFS DRA certificate to your policy by using Microsoft Intune, see the [Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-edp-policy-using-intune.md) topic. To add your EFS DRA certificate to your policy by using System Center Configuration Manager, see the [Create a Windows Information Protection (WIP) policy using System Center Configuration Manager](create-edp-policy-using-sccm.md) topic.
+
+**To verify your data recovery certificate is correctly set up on an WIP client computer**
+
+1. Find or create a file that's encrypted using Windows Information Protection. For example, you could open an app on your allowed app list, and then create and save a file so it’s encrypted by WIP.
+
+2. Open an app on your protected app list, and then create and save a file so that it’s encrypted by WIP.
+
+3. Open a command prompt with elevated rights, navigate to where you stored the file you just created, and then run this command:
+
+ `cipher /c
+It's possible that you might revoke data from an unenrolled device only to later want to restore it all. This can happen in the case of a missing device being returned or if an unenrolled employee enrolls again. If the employee enrolls again using the original user profile, and the revoked key store is still on the device, all of the revoked data can be restored at once, by following these steps.
+
+>**Important**
To maintain control over your enterprise data, and to be able to revoke again in the future, you must only perform this process after the employee has re-enrolled the device.
+
+1. Have your employee sign in to the unenrolled device, open a command prompt, and type:
+
+ `Robocopy “%localappdata%\Microsoft\WIP\Recovery” <“new_location”> /EFSRAW`
+
+ Where *<”new_location”>* is in a different directory. This can be on the employee’s device or on a Windows 8 or Windows Server 2012 or newer server file share that can be accessed while you're logged in as a data recovery agent.
+
+2. Sign in to a different device with administrator credentials that have access to your organization's DRA certificate, and perform the file decryption and recovery by typing:
+
+ `cipher.exe /D <“new_location”>`
+
+3. Have your employee sign in to the unenrolled device, and type:
+
+ `Robocopy <”new_location”> “%localappdata%\Microsoft\WIP\Recovery\Input”`
+
+4. Ask the employee to lock and unlock the device.
+
+ The Windows Credential service automatically recovers the employee’s previously revoked keys from the `Recovery\Input` location.
+
+## Related topics
+- [Security Watch Deploying EFS: Part 1](https://technet.microsoft.com/en-us/magazine/2007.02.securitywatch.aspx)
+
+- [Protecting Data by Using EFS to Encrypt Hard Drives](https://msdn.microsoft.com/en-us/library/cc875821.aspx)
+
+- [Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-edp-policy-using-intune.md)
+
+- [Create a Windows Information Protection (WIP) policy using System Center Configuration Manager](create-edp-policy-using-sccm.md)
+
+- [Creating a Domain-Based Recovery Agent](https://msdn.microsoft.com/en-us/library/cc875821.aspx#EJAA)
+
+
+
diff --git a/windows/keep-secure/create-edp-policy-using-intune.md b/windows/keep-secure/create-edp-policy-using-intune.md
index 7ec9a9ab6d..49a3959cc2 100644
--- a/windows/keep-secure/create-edp-policy-using-intune.md
+++ b/windows/keep-secure/create-edp-policy-using-intune.md
@@ -422,7 +422,7 @@ There are no default locations included with EDP, you must add each of your netw
5. In the required **Upload a Data Recovery Agent (DRA) certificate to allow recovery of encrypted data** box, click **Browse** to add a data recovery certificate for your policy.
- 
+ 
After you create and deploy your EDP policy to your employees, Windows will begin to encrypt your corporate data on the employees’ local device drive. If somehow the employees’ local encryption keys get lost or revoked, the encrypted data can become unrecoverable. To help avoid this possibility, the DRA certificate lets Windows use an included public key to encrypt the local data, while you maintain the private key that can unencrypt the data.
diff --git a/windows/keep-secure/create-edp-policy-using-sccm.md b/windows/keep-secure/create-edp-policy-using-sccm.md
index aeb770bed1..ee26d44b41 100644
--- a/windows/keep-secure/create-edp-policy-using-sccm.md
+++ b/windows/keep-secure/create-edp-policy-using-sccm.md
@@ -15,14 +15,14 @@ author: eross-msft
- Windows 10 Insider Preview
- Windows 10 Mobile Preview
-- System Center Configuration Manager Technical Preview version 1605 or later
+- System Center Configuration Manager (version 1605 Tech Preview or later)
[Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]
-System Center Configuration Manager Technical Preview version 1605 or later helps you create and deploy your enterprise data protection (EDP) policy, including letting you choose your protected apps, your EDP-protection mode, and how to find enterprise data on the network.
+System Center Configuration Manager (version 1605 Tech Preview or later) helps you create and deploy your enterprise data protection (EDP) policy, including letting you choose your protected apps, your EDP-protection mode, and how to find enterprise data on the network.
>**Important**
-If you previously created an EDP policy using System Center Configuration Manager version 1511 or 1602, you’ll need to recreate it using Configuration Manager Technical Preview version 1605 or later. Editing an EDP policy created in version 1511 or 1602 is not supported in the Technical Preview version 1605 or later. There is no migration path between EDP policies across these versions.
+If you previously created an EDP policy using System Center Configuration Manager version 1511 or 1602, you’ll need to recreate it using version 1605 Tech Preview or later. Editing an EDP policy created in version 1511 or 1602 is not supported in version 1605 Tech Preview. There is no migration path between EDP policies across these versions.
## Add an EDP policy
After you’ve installed and set up System Center Configuration Manager for your organization, you must create a configuration item for EDP, which in turn becomes your EDP policy.
@@ -64,14 +64,14 @@ During the policy-creation process in System Center Configuration Manager, you c
The steps to add your app rules are based on the type of rule template being applied. You can add a store app (also known as a Universal Windows Platform (UWP) app), a signed desktop app (also known as a Classic Windows app), or an AppLocker policy file.
>**Important**
-EDP-aware apps are expected to prevent enterprise data from going to unprotected network locations and to avoid encrypting personal data. On the other hand, EDP-unaware apps might not respect the corporate network boundary, and EDP-unaware apps will encrypt all files they create or modify. This means that they could encrypt personal data and cause data loss during the revocation process. Specify the proxy servers your devices will go through to reach your cloud resources.
-
Enterprise IPv4 Range (Required, if not using IPv6)
+ Enterprise IPv4 Range (Required)
**Starting IPv4 Address:** 3.4.0.1
**Ending IPv4 Address:** 3.4.255.254
**Custom URI:** 3.4.0.1-3.4.255.254,
10.0.0.1-10.255.255.254Specify the addresses for a valid IPv4 value range within your intranet. These addresses, used with your Enterprise Network Domain Names, define your corporate network boundaries.
-
@@ -440,7 +440,7 @@ There are no default locations included with EDP, you must add each of your netw
- **Show the enterprise data protection icon overlay on your allowed apps that are EDP-unaware in the Windows Start menu and on corporate file icons in the File Explorer.** Click this box if you want the enterprise data protection icon overlay to appear on corporate files or in the Start menu, on top the tiles for your unenlightened protected apps.
5. In the required **Upload a Data Recovery Agent (DRA) certificate to allow recovery of encrypted data** box, click **Browse** to add a data recovery certificate for your policy.
-
+
After you create and deploy your EDP policy to your employees, Windows will begin to encrypt your corporate data on the employees’ local device drive. If somehow the employees’ local encryption keys get lost or revoked, the encrypted data can become unrecoverable. To help avoid this possibility, the DRA certificate lets Windows use an included public key to encrypt the local data, while you maintain the private key that can unencrypt the data.
diff --git a/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md b/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md
index 07afd4227c..024ddab8e2 100644
--- a/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md
@@ -45,7 +45,7 @@ See the [View and organize the Windows Defender Advanced Threat Protection Alert
The **Latest ATP alerts** section includes the latest active alerts in your network. Each row includes an alert severity category and a short description of the alert. Click an alert to see its detailed view, or **Alerts queue** at the top of the list to go directly to the Alerts queue. See the [Investigate Windows Defender Advanced Threat Protection alerts](investigate-alerts-windows-defender-advanced-threat-protection.md) and [View and organize the Windows Defender Advanced Threat Protection Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md) topics for more information.
## Machines at risk
-This tile shows you a list of machines with the highest number of active alerts. The total number of alerts for each machine is shown in a circle next to the machine name, and then further categorized by severity levels at the far end of the tile (hover over each severity bar to its label).
+This tile shows you a list of machines with the highest number of active alerts. The total number of alerts for each machine is shown in a circle next to the machine name, and then further categorized by severity levels at the far end of the tile (hover over each severity bar to see its label).
@@ -54,7 +54,7 @@ Click the name of the machine to see details about that machine. See the [Invest
You can also click **Machines view** at the top of the tile to go directly to the **Machines view**, sorted by the number of active alerts. See the [Investigate machines in the Windows Defender Advanced Threat Protection Machines view](investigate-machines-windows-defender-advanced-threat-protection.md) topic for more information.
## Status
-The **Status** tile informs you if the service is active and running and the specific number of machines (endpoints) reporting to Windows Defender ATP.
+The **Status** tile informs you if the service is active and running and the unique number of machines (endpoints) reporting over the past 30 days.
@@ -66,7 +66,7 @@ The **Machines reporting** tile shows a bar graph that represents the number of
## Machines with active malware detections
The **Machines with active malware detections** tile will only appear if your endpoints are using Windows Defender.
-Active malware is defined as threats that are actively executing at the time of detection.
+Active malware is defined as threats that were actively executing at the time of detection.
Hover over each bar to see the number of active malware detections (as **Malware detections**) and the number of endpoints with at least one active detection (as **Machines**) over the past 30 days.
diff --git a/windows/keep-secure/event-error-codes-windows-defender-advanced-threat-protection.md b/windows/keep-secure/event-error-codes-windows-defender-advanced-threat-protection.md
index 6e239a2aea..f019d14fdf 100644
--- a/windows/keep-secure/event-error-codes-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/event-error-codes-windows-defender-advanced-threat-protection.md
@@ -242,9 +242,6 @@ See [Configure Windows Defender ATP endpoints](configure-endpoints-windows-defen
## Related topics
-
- [Configure Windows Defender ATP endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md)
- [Configure endpoint proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)
-- [Additional Windows Defender ATP configuration settings](additional-configuration-windows-defender-advanced-threat-protection.md)
-- [Monitor the Windows Defender ATP onboarding](monitor-onboarding-windows-defender-advanced-threat-protection.md)
- [Troubleshoot Windows Defender ATP](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md)
diff --git a/windows/keep-secure/guidance-and-best-practices-edp.md b/windows/keep-secure/guidance-and-best-practices-edp.md
index 805ac84dfc..fd1ffe2dcd 100644
--- a/windows/keep-secure/guidance-and-best-practices-edp.md
+++ b/windows/keep-secure/guidance-and-best-practices-edp.md
@@ -23,6 +23,7 @@ This section includes info about the enlightened Microsoft apps, including how t
## In this section
|Topic |Description |
|------|------------|
+|[Mandatory settings for Windows Information Protection (WIP)](mandatory-settings-for-wip.md) |A list of all of the tasks and settings that are required for the operating system to turn on Windows Information Protection (WIP), formerly known as enterprise data protection (EDP), in your enterprise. |
|[Enlightened apps for use with enterprise data protection (EDP)](enlightened-microsoft-apps-and-edp.md) |Learn the difference between enlightened and unenlightened apps, and then review the list of enlightened apps provided by Microsoft along with the text you will need to use to add them to your **Protected Apps** list. |
|[Testing scenarios for enterprise data protection (EDP)](testing-scenarios-for-edp.md) |We've come up with a list of suggested testing scenarios that you can use to test EDP in your company. |
diff --git a/windows/keep-secure/images/timeline.png b/windows/keep-secure/images/timeline.png
index 83ac56f312..ac657b2a12 100644
Binary files a/windows/keep-secure/images/timeline.png and b/windows/keep-secure/images/timeline.png differ
diff --git a/windows/keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies.md b/windows/keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies.md
index 07a789467a..f0e196b799 100644
--- a/windows/keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies.md
+++ b/windows/keep-secure/introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies.md
@@ -27,11 +27,11 @@ The following table lists security threats and describes the corresponding Devic
| Security threat in the enterprise | How a Device Guard feature helps protect against the threat |
| --------------------------------- | ----------------------------------------------------------- |
-| **Exposure to new malware**, for which the "signature" is not yet known | **Code integrity policies**: You can maintain a whitelist of software that is allowed to run (a configurable code integrity policy), rather than trying to stay ahead of attackers by maintaining a constantly-updated list of "signatures" of software that should be blocked. This approach uses the trust-nothing model well known in mobile device operating systems.Enterprise IPv6 Range (Required, if not using IPv4)
+ Enterprise IPv6 Range
**Starting IPv6 Address:** 2a01:110::
**Ending IPv6 Address:** 2a01:110:7fff:ffff:ffff:ffff:ffff:ffff
**Custom URI:** 2a01:110:7fff:ffff:ffff:ffff:ffff:ffff,
fd00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffffSpecify the addresses for a valid IPv6 value range within your intranet. These addresses, used with your Enterprise Network Domain Names, define your corporate network boundaries.
**Specialized hardware required?** No security-related hardware features are required, although code integrity policies are strengthened by such features, as described in the last three rows of this table. |
+| **Exposure to new malware**, for which the "signature" is not yet known | **Code integrity policies**: You can maintain a whitelist of software that is allowed to run (a configurable code integrity policy), rather than trying to stay ahead of attackers by maintaining a constantly-updated list of "signatures" of software that should be blocked. This approach uses the trust-nothing model well known in mobile device operating systems.
Only code that is verified by Code Integrity, usually through the digital signature that you have identified as being from a trusted signer, is allowed to run. This allows full control over allowed code in both kernel and user mode.
**Specialized hardware required?** No security-related hardware features are required, although code integrity policies are strengthened by such features, as described in the last three rows of this table. |
| **Exposure to unsigned code** (most malware is unsigned) | **Code integrity policies, plus catalog files as needed**: Because most malware is unsigned, using a code integrity policy (which in most cases requires signed code) can immediately help protect against a large number of threats. However, many organizations use unsigned line-of-business (LOB) applications, for which the process of signing might be difficult. This has changed in Windows 10, because you can use a tool called Package Inspector to create a *catalog* of all deployed and executed binary files for your trusted applications. After you sign and distribute the catalog, your trusted applications can be handled by code integrity policies in the same way as any other signed application. With this foundation, you can more easily block all unsigned applications, allowing only signed applications to run.
**Specialized hardware required?** No security-related hardware features are required for creating and using code integrity policies and catalogs. However, code integrity policies and catalogs are strengthened by the hardware features, as described in later rows of this table. |
-| **Malware that gains access to the kernel** and then, from within the kernel, captures sensitive information or damages the system | **Virtualization-based security (VBS)**: This is protection that uses the hypervisor to help protect the kernel and other parts of the operating system. When VBS is enabled, it strengthens either the default kernel-mode code integrity policy (which protects against bad drivers or system files), or the configurable code integrity policy that you deploy. With VBS, even if malware gains access to the kernel, the effects can be severely limited, because the hypervisor can prevent the malware from executing code.
**Specialized hardware required?** Yes, VBS requires at least CPU virtualization extensions and SLAT, as described in [Hardware, firmware, and software requirements for Device Guard](requirements-and-deployment-planning-guidelines-for-device-guard.md#hardware-firmware-and-software-requirements-for-device-guard). |
+| **Malware that gains access to the kernel** and then, from within the kernel, captures sensitive information or damages the system | **Virtualization-based security (VBS)**: This is protection that uses the hypervisor to help protect the kernel and other parts of the operating system. When VBS is enabled, it strengthens either the default kernel-mode code integrity policy (which protects against bad drivers or system files), or the configurable code integrity policy that you deploy.
With VBS, even if malware gains access to the kernel, the effects can be severely limited, because the hypervisor can prevent the malware from executing code. The hypervisor, the most privileged level of system software, enforces R/W/X permissions across system memory. Code integrity checks are performed in a secure environment which is resistant to attack from kernel mode software, and page permissions for kernel mode are set and maintained by the hypervisor. Even if there are vulnerabilities that allow memory modification, like a buffer overflow, the modified memory cannot be executed.
**Specialized hardware required?** Yes, VBS requires at least CPU virtualization extensions and SLAT, as described in [Hardware, firmware, and software requirements for Device Guard](requirements-and-deployment-planning-guidelines-for-device-guard.md#hardware-firmware-and-software-requirements-for-device-guard). |
| **DMA-based attacks**, for example, attacks launched from a malicious device that reads secrets from memory, making the enterprise more vulnerable to attack | **Virtualization-based security (VBS) using IOMMUs**: With this type of VBS protection, when the DMA-based attack makes a memory request, input/output memory management units (IOMMUs) will evaluate the request and deny access.
**Specialized hardware required?** Yes, IOMMUs are a hardware feature that supports the hypervisor, and if you choose hardware that includes them, they can help protect against malicious attempts to access memory. |
-| **Exposure to boot kits** or to other forms of malware that runs early in the boot process, or in kernel after startup | **Universal Extensible Firmware Interface (UEFI) Secure Boot**: Secure Boot and related methods protect the boot process and firmware from tampering.
**Specialized hardware required?** With UEFI Secure Boot, the requirements are firmware requirements. For more information, see [Hardware, firmware, and software requirements for Device Guard](requirements-and-deployment-planning-guidelines-for-device-guard.md#hardware-firmware-and-software-requirements-for-device-guard). |
+| **Exposure to boot kits or to a physically present attacker at boot time** | **Universal Extensible Firmware Interface (UEFI) Secure Boot**: Secure Boot and related methods protect the boot process and firmware from tampering. This tampering can come from a physically present attacker or from forms of malware that run early in the boot process or in kernel after startup. UEFI is locked down (Boot order, Boot entries, Secure Boot, Virtualization extensions, IOMMU, Microsoft UEFI CA), so the settings in UEFI cannot be changed to compromise Device Guard security.
**Specialized hardware required?** With UEFI Secure Boot, the requirements are firmware requirements. For more information, see [Hardware, firmware, and software requirements for Device Guard](requirements-and-deployment-planning-guidelines-for-device-guard.md#hardware-firmware-and-software-requirements-for-device-guard). |
In this guide, you learn about the individual features found within Device Guard as well as how to plan for, configure, and deploy them. Device Guard with configurable code integrity is intended for deployment alongside additional threat-mitigating Windows features such as [Credential Guard](credential-guard.md) and [AppLocker](applocker-overview.md).
diff --git a/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md b/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md
index c7e1a14928..5dfb3959f9 100644
--- a/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md
@@ -121,7 +121,7 @@ HKLM\SOFTWARE\Policies\Microsoft\Sense\AllowSampleCollection
Value = 0 - block sample collection
Value = 1 - allow sample collection
```
-5. Change the organizational unit through the Group Policy. See [Configure with Group Policy](additional-configuration-windows-defender-advanced-threat-protection.md#configure-with-group-policy).
+5. Change the organizational unit through the Group Policy. See [Configure endpoints using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md).
6. If these steps do not resolve the issue, contact [winatp@microsoft.com](mailto:winatp@microsoft.com).
> **Note** If the value *AllowSampleCollection* is not available, the client will allow sample collection by default.
diff --git a/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md b/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
index 4778e194e5..0a7f63c71b 100644
--- a/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
@@ -106,7 +106,6 @@ Use the search bar to look for specific alerts or files associated with the mach
You can also filter by:
-- Signed or unsigned files
- Detections mode: displays Windows ATP Alerts and detections
- Behaviors mode: displays "detections" and selected events of interest
- Verbose mode: displays "behaviors" (including "detections"), and all reported events
diff --git a/windows/keep-secure/mandatory-settings-for-wip.md b/windows/keep-secure/mandatory-settings-for-wip.md
new file mode 100644
index 0000000000..56b79bc283
--- /dev/null
+++ b/windows/keep-secure/mandatory-settings-for-wip.md
@@ -0,0 +1,32 @@
+---
+title: Mandatory tasks and settings required to turn on Windows Information Protection (WIP) (Windows 10)
+description: This list provides all of the tasks that are required for the operating system to turn on Windows Information Protection (WIP), formerly known as enterprise data protection (EDP) in your enterprise.
+keywords: Windows Information Protection, WIP, EDP, Enterprise Data Protection, protected apps, protected app list, App Rules, Allowed apps list
+ms.prod: w10
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.pagetype: security
+---
+
+# Mandatory tasks and settings required to turn on Windows Information Protection (WIP)
+**Applies to:**
+
+- Windows 10 Insider Preview
+- Windows 10 Mobile Preview
+
+[Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]
+
+This list provides all of the tasks and settings that are required for the operating system to turn on Windows Information Protection (WIP), formerly known as enterprise data protection (EDP), in your enterprise.
+
+>**Important**
+All sections provided for more info appear in either the [Create a Windows Information Protection (WIP) policy using Microsoft Intune](create-edp-policy-using-intune.md) or [Create a Windows Information Protection (WIP) policy using System Center Configuration Manager](create-edp-policy-using-sccm.md), based on the tool you're using in your enterprise.
+
+
+|Task |Description |
+|------------------------------------|--------------------------|
+|Add at least one app rule in the **App Rules** area in your WIP policy. |You must have at least one app rule specified in the **App Rules** area of your WIP policy. For more info about where this area is and how to add an app rule, see the **Add individual apps to your Protected App list** section of the policy creation topics.|
+|Pick your WIP protection level. |You must choose the level of protection level you want to apply to your WIP-protected content, including Override, Silent, or Block. For more info about where this area is and how to decide on your protection level, see the **Manage the EDP protection level for your enterprise data** section of the policy creation topics.|
+|Specify your corporate identity. |You must specify your corporate identity, usually expressed as your primary Internet domain (for example, contoso.com). For more info about where this area is and what it means, see the **Define your enterprise-managed corporate identity** section of the policy creation topics. |
+|Specify your Enterprise Network Domain Names. |You must specify the DNS suffixes used in your environment. All traffic to the fully-qualified domains appearing in this list will be protected. For more info about where this area is and how to add your suffixes, see the table that appears in the **Choose where apps can access enterprise data** section of the policy creation topics. |
+|Specify your Enterprise IPv4 or IPv6 Ranges. |Specify the addresses for a valid IPv4 or IPv6 value range within your intranet. These addresses, used with your Enterprise Network Domain Names, define your corporate network boundaries. For more info about where this area is and what it means, see the table that appears in the **Define your enterprise-managed corporate identity** section of the policy creation topics. |
+|Include your Data Recovery Agent (DRA) certificate. |This certificate makes sure that any of your WIP-encrypted data can be decrypted, even if the security keys are lost. For more info about where this area is and what it means, see the **Create and verify an Encrypting File System (EFS) DRA certificate for EDP** section of the policy creation topics. |
\ No newline at end of file
diff --git a/windows/keep-secure/microsoft-accounts.md b/windows/keep-secure/microsoft-accounts.md
index 910e6fac1f..6bea7ac9aa 100644
--- a/windows/keep-secure/microsoft-accounts.md
+++ b/windows/keep-secure/microsoft-accounts.md
@@ -98,7 +98,7 @@ Although the Microsoft account was designed to serve consumers, you might find s
- **Integrated social media services**:
- Contact information and status for your users’ friends and associates automatically stay up-to-date from sites such as Hotmail, Outlook, Facebook, Twitter, and LinkedIn. Users can also access and share photos, documents, and other files from sites such as SkyDrive, Facebook, and Flickr.
+ Contact information and status for your users’ friends and associates automatically stay up-to-date from sites such as Hotmail, Outlook, Facebook, Twitter, and LinkedIn. Users can also access and share photos, documents, and other files from sites such as OneDrive, Facebook, and Flickr.
### Managing the Microsoft account in the domain
diff --git a/windows/keep-secure/monitor-onboarding-windows-defender-advanced-threat-protection.md b/windows/keep-secure/monitor-onboarding-windows-defender-advanced-threat-protection.md
deleted file mode 100644
index 8babe1f172..0000000000
--- a/windows/keep-secure/monitor-onboarding-windows-defender-advanced-threat-protection.md
+++ /dev/null
@@ -1,66 +0,0 @@
----
-title: Monitor Windows Defender ATP onboarding
-description: Monitor the onboarding of the Windows Defender ATP service to ensure your endpoints are correctly configured and are sending telemetry reports.
-keywords: monitor onboarding, monitor Windows Defender ATP onboarding, monitor Windows Defender Advanced Threat Protection onboarding
-search.product: eADQiWindows 10XVcnh
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-author: mjcaparas
----
-
-# Monitor Windows Defender Advanced Threat Protection onboarding
-
-**Applies to:**
-
-- Windows 10 Insider Preview Build 14322 or later
-- Windows Defender Advanced Threat Protection (Windows Defender ATP)
-
-[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]
-
-You can monitor the onboarding of the Windows Defender ATP service to ensure your endpoints are correctly configured and are sending telemetry reports.
-
-You might need to monitor the onboarding if the package did not configure the registry correctly, or the reporting client did not start or execute correctly.
-
-Monitoring can be done directly on the portal, or by using System Center Configuration Manager (SCCM).
-
-## Monitor with the portal
-
-1. Go to the [Windows Defender ATP portal](https://securitycenter.windows.com/).
-
-2. Click **Machines view**.
-
-3. Verify that endpoints are appearing.
-
-
-> **Note** It can take several days for endpoints to start showing on the **Machines view**. This includes the time it takes for the policies to be distributed to the endpoint, the time it takes before the user logs on, and the time it takes for the endpoint to start reporting.
-
-## Monitor with System Center Configuration Manager
-
-Monitoring with SCCM consists of two parts:
-
-1. Confirming the configuration package has been correctly deployed and is running (or has successfully run) on the endpoints in your network.
-
-2. Checking that the endpoints are compliant with the Windows Defender ATP service (this ensures the endpoint can complete the onboarding process and can continue to report data to the service).
-
-**To confirm the configuration package has been correctly deployed:**
-
-1. In the SCCM console, click **Monitoring** at the bottom of the navigation pane.
-
-2. Click **Overview** and then **Deployments**.
-
-3. Click on the deployment with the package name.
-
-4. Review the status indicators under **Completion Statistics** and **Content Status**.
-
-If there are failed deployments (endpoints with **Error**, **Requirements Not Met**, or **Failed statuses**), you may need to troubleshoot the endpoints. See the [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) topic for more information.
-
-
-
-## Related topics
-
-- [Configure Windows Defender ATP endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md)
-- [Configure endpoint proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)
-- [Additional Windows Defender ATP configuration settings](additional-configuration-windows-defender-advanced-threat-protection.md)
-- [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md)
diff --git a/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md b/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md
index 668883a264..942dfa02ee 100644
--- a/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md
@@ -21,21 +21,9 @@ author: iaanw
You need to onboard to Windows Defender ATP before you can use the service.
-
-
-
-
## In this section
Topic | Description
:---|:---
[Configure endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md) | You'll need to configure endpoints for it to report to the Windows Defender ATP service. Learn about the tools and methods you can use to configure endpoints in your enterprise.
[Configure proxy and Internet settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)| Enable communication with the Windows Defender ATP cloud service by configuring the proxy and Internet connectivity settings.
-[Additional configuration settings] (additional-configuration-windows-defender-advanced-threat-protection.md) | Learn how to configure settings for sample sharing used in the deep analysis feature.
-[Monitor onboarding](monitor-onboarding-windows-defender-advanced-threat-protection.md) | Learn how you can monitor the onboarding to ensure your endpoints are correctly configured and are sending telemetry reports.
[Troubleshoot onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) | Learn about resolving issues that might arise during onboarding.
diff --git a/windows/keep-secure/overview-create-edp-policy.md b/windows/keep-secure/overview-create-edp-policy.md
index 02e9e28ec7..abd098560f 100644
--- a/windows/keep-secure/overview-create-edp-policy.md
+++ b/windows/keep-secure/overview-create-edp-policy.md
@@ -24,6 +24,7 @@ Microsoft Intune and System Center Configuration Manager Technical Preview versi
|------|------------|
|[Create an enterprise data protection (EDP) policy using Microsoft Intune](create-edp-policy-using-intune.md) |Intune helps you create and deploy your EDP policy, including letting you choose your protected apps, your EDP-protection level, and how to find enterprise data on the network. |
|[Create and deploy an enterprise data protection (EDP) policy using System Center Configuration Manager](create-edp-policy-using-sccm.md) |System Center Configuration Manager Technical Preview version 1605 or later helps you create and deploy your EDP policy, including letting you choose your protected apps, your EDP-protection level, and how to find enterprise data on the network. |
+|[Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate](create-and-verify-an-efs-dra-certificate.md)] |Steps to create, verify, and perform a quick recovery using a Encrypting File System (EFS) Data Recovery Agent (DRA) certificate. |
diff --git a/windows/keep-secure/requirements-and-deployment-planning-guidelines-for-device-guard.md b/windows/keep-secure/requirements-and-deployment-planning-guidelines-for-device-guard.md
index 2c6b76c490..9db41d44f1 100644
--- a/windows/keep-secure/requirements-and-deployment-planning-guidelines-for-device-guard.md
+++ b/windows/keep-secure/requirements-and-deployment-planning-guidelines-for-device-guard.md
@@ -17,7 +17,7 @@ This article describes the following:
- [Hardware, firmware, and software requirements for Device Guard](#hardware-firmware-and-software-requirements-for-device-guard)
- [Device Guard requirements for baseline protections](#device-guard-requirements-for-baseline-protections)
- - [Device Guard requirements for additional protections](#device-guard-requirements-for-additional-protections)
+ - [Device Guard requirements for improved security](#device-guard-requirements-for-improved-security)
- [Device Guard deployment in different scenarios: types of devices](#device-guard-deployment-in-different-scenarios-types-of-devices)
- [Reviewing your applications: application signing and catalog files](#reviewing-your-applications-application-signing-and-catalog-files)
- [Code integrity policy formats and signing](#code-integrity-policy-formats-and-signing)
@@ -32,11 +32,13 @@ For example, hardware that includes CPU virtualization extensions and SLAT will
You can deploy Device Guard in phases, and plan these phases in relation to the computer purchases you plan for your next hardware refresh.
-The following tables provide more information about the hardware, firmware, and software required for deployment of various Device Guard features.
+The following tables provide more information about the hardware, firmware, and software required for deployment of various Device Guard features.
-
+
-> **Note** For new computers running Windows 10, Trusted Platform Module (TPM 2.0) must be enabled by default. This requirement is not restated in the tables that follow.
+> **Notes**
+> - To understand the requirements in the following tables, you will need to be familiar with the main features in Device Guard: configurable code integrity policies, virtualization-based security (VBS), and Universal Extensible Firmware Interface (UEFI) Secure Boot. For information about these features, see [How Device Guard features help protect against threats](introduction-to-device-guard-virtualization-based-security-and-code-integrity-policies.md#how-device-guard-features-help-protect-against-threats).
+> - For new computers running Windows 10, Trusted Platform Module (TPM 2.0) must be enabled by default. This requirement is not restated in the tables that follow.
## Device Guard requirements for baseline protections
@@ -51,17 +53,15 @@ The following tables provide more information about the hardware, firmware, and
-> **Important** The preceding table lists requirements for baseline protections. The following table lists requirements for additional protections. You can use Device Guard with hardware, firmware, and software that support baseline protections, even if they do not support additional protections.
+> **Important** The preceding table lists requirements for baseline protections. The following table lists requirements for improved security. You can use Device Guard with hardware, firmware, and software that support baseline protections, even if they do not support protections for improved security. However, we strongly recommend meeting the requirements for improved security, to significantly strengthen the level of security that Device Guard can provide.
-## Device Guard requirements for additional protections
+## Device Guard requirements for improved security
-The following tables describes additional hardware and firmware requirements, and the additional protections that are available when those requirements are met. We strongly recommend the following additional protections, which help you maximize the benefits that Device Guard can provide.
-
- to take advantage of all the security options Device Guard can provide.
+The following tables describes additional hardware and firmware requirements, and the improved security that is available when those requirements are met.
### 2015 Additional Qualification Requirements for Device Guard (Windows 10, version 1507 and Windows 10, version 1511)
-|Additional Protections - requirement | Description |
+| Protections for Improved Security - requirement | Description |
|---------------------------------------------|----------------------------------------------------|
| Firmware: **Securing Boot Configuration and Management** | **Requirements**:
- BIOS password or stronger authentication must be supported.
- In the BIOS configuration, BIOS authentication must be set.
- There must be support for protected BIOS option to configure list of permitted boot devices (for example, “Boot only from internal hard drive”) and boot device order, overriding BOOTORDER modification made by operating system.
- In the BIOS configuration, BIOS options related to security and boot options (list of permitted boot devices, boot order) must be secured to prevent other operating systems from starting and to prevent changes to the BIOS settings.
**Security benefits**:
- BIOS password or stronger authentication helps ensure that only authenticated Platform BIOS administrators can change BIOS settings. This helps protect against a physically present user with BIOS access.
- Boot order when locked provides protection against the computer being booted into WinRE or another operating system on bootable media. |
diff --git a/windows/keep-secure/service-onboarding-windows-defender-advanced-threat-protection.md b/windows/keep-secure/service-onboarding-windows-defender-advanced-threat-protection.md
deleted file mode 100644
index 790d75a1dd..0000000000
--- a/windows/keep-secure/service-onboarding-windows-defender-advanced-threat-protection.md
+++ /dev/null
@@ -1,121 +0,0 @@
----
-title: Windows Defender ATP service onboarding
-description: Assign users to the Windows Defender ATP service application in Azure Active Directory to grant access to the portal.
-keywords: service onboarding, Windows Defender Advanced Threat Protection service onboarding, manage users,
-search.product: eADQiWindows 10XVcnh
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-author: mjcaparas
----
-
-# Windows Defender ATP service onboarding
-
-**Applies to:**
-
-- Windows 10 Insider Preview Build 14332 or later
-- Azure Active Directory
-- Windows Defender Advanced Threat Protection (Windows Defender ATP)
-
-[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]
-
-You have to assign users to the Windows Defender ATP Service application in Azure Active Directory (AAD) before they can access the portal.
-
-**Manage user access to the Windows Defender ATP portal**:
-
-1. When you first go to the [Windows Defender ATP portal](https://securitycenter.windows.com/) and your directory does not
- have users assigned to the Windows ATP Service application, you will
- be directed to open the [Microsoft Azure Dashboard](https://portal.azure.com) to manage user access.
-
- > **Note** In AAD, a directory is essentially a tenant. See the [Azure AD documentation](https://msdn.microsoft.com/en-us/library/azure/jj573650.aspx) for more information on how tenants work with AAD.
-
-2. Ensure you have logged in to Microsoft Azure with an account that
- has permissions to assign users to an application in AAD. You might
- need to sign out of Microsoft Azure and then sign back in again if
- you used a different account to sign in to the Windows Defender ATP
- portal:
-
- a. On the top menu, click the signed-in user’s name.
-
- b. Click **Sign out**.
-
- 
-
- c. Go the [Microsoft Azure Dashboard](https://portal.azure.com) again where you will be asked to sign in.
-
- d. Sign in with the correct user name and password for an account that has permissions to assign users in AAD.
-
-3. On the **Microsoft Azure Dashboard**, click **Browse** in the navigation pane and then click **Active Directory** to open the [Azure Management Portal](https://manage.windowsazure.com/).
-
- 
-
-4. You might need to open the **Directory** section of the [Azure Management Portal](https://manage.windowsazure.com/) so you can access your directory. There are two ways you can do this:
-
- a. Click the arrow icon above the list of directories to see the full list of directories in the main area of the portal.
-
- 
-
- b. Scroll down in the navigation pane and click **Active Directory**.
-
- 
-
-5. Click the directory that contains the Windows Defender ATP application. In the following example, the directory is
- called **Contoso**.
-
- 
-
- > **Note** You can also access your directory by going straight to the [Azure Management Portal](https://manage.windowsazure.com/), clicking Active Directory and then finding your directory in the list.
-
-6. Click **Applications** from the top menu bar.
-
- 
-
-7. Click the **Windows ATP Service** application. The dashboard for the application is shown.
-
- 
-
- > **Note** The application might have a slightly different name than the one shown here. It might be called **Windows Defender ATP Service**.
-
-8. Click **Users** from the top menu bar. A list of users that are in the directory is displayed.
-
- 
-
- 
-
- > **Note** If you do not normally work with AAD, you might not see any users in the directory, or we might have created a test tenant specifically for a single user’s account. See the [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) section for instructions on adding users to a directory.
-
-9. Select the user you want manage.
-
-10. Click **Assign**.
-
-11. Confirm that you want to enable access for the user from the notification bar. If you click **Yes**, the user is given access to the Windows Defender ATP portal. One or more progress bars will appear that indicates the user is being assigned a role, and you will see confirmation messages. You don’t need to do anything with the messages, they will go away after a short period of time.
-
- 
-
-12. To remove the user's access, click **Remove**.
-
-13. Select the **Disable access to this app for the selected users** checkbox, and then click **Complete** . One or more progress bars will appear, followed by confirmation messages. The messages will disappear after a short period.
-
- 
-
-14. To remove the access for all users, click **Manage access**. If you click **Complete** , you will not see the Windows ATP Service in the list of applications in your directory.
-
- > **Note** If you want to give access to users again, see the Manage access for all users in Azure Active Directory topic in [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md).
-
-15. You can continue assigning roles for other users in your organization now, or you can return to the Windows Defender ATP portal to complete the service onboarding wizard.
-
- > **Note** You need to assign roles for every user in your organization that requires access to the Windows Defender ATP portal. You can assign roles at any time by going to the Azure Management Portal, clicking **Active Directory**, and then finding your directory in the list and following the steps above.
-
-When you have finished assigning roles, return to the [Windows Defender ATP portal](https://securitycenter.windows.com) and refresh the
-page.
-
-Follow the steps in the onboarding wizard to complete the onboarding process.
-
-At the end of the wizard, you can download the Group Policy configuration package which you will use to configure endpoints on your network. You can also download the package from the **Endpoint Management** menu on the portal after you have completed the onboarding wizard.
-
-## Related topics
-- [Configure Windows Defender ATP endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md)
-- [Monitor the Windows Defender ATP onboarding](monitor-onboarding-windows-defender-advanced-threat-protection.md)
-- [Additional Windows Defender ATP configuration settings](additional-configuration-windows-defender-advanced-threat-protection.md)
-- [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md)
diff --git a/windows/keep-secure/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md b/windows/keep-secure/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md
index 5cb5400bb0..6cbed263b3 100644
--- a/windows/keep-secure/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md
@@ -74,7 +74,7 @@ Event ID | Error Type | Resolution steps
10 | Onboarding data couldn't be written to registry | Check the permissions on the registry, specifically ```HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat```. Verify that the script was ran as an administrator.
15 | Failed to start SENSE service |Check the service status (```sc query sense``` command). Make sure it's not in an intermediate state (*'Pending_Stopped'*, *'Pending_Running'*) and try to run the script again (with administrator rights).
30 | The script failed to wait for the service to start running | The service could have taken more time to start or has encountered errors while trying to start. For more information on events and errors related to SENSE, see [Review events and errors on endpoints with Event viewer](event-error-codes-windows-defender-advanced-threat-protection.md).
-35 | The script failed to find needed onboarding status registry value | When the SENSE service starts for the first time, it writes onboarding status to the registry location ```HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status```. The script failed to find it after several seconds. You can manually test it and check if it's there. For more information on events and errors related to SENSE, see [Review events and errors on endpoints with Event viewer].(event-error-codes-windows-defender-advanced-threat-protection.md).
+35 | The script failed to find needed onboarding status registry value | When the SENSE service starts for the first time, it writes onboarding status to the registry location ```HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status```. The script failed to find it after several seconds. You can manually test it and check if it's there. For more information on events and errors related to SENSE, see [Review events and errors on endpoints with Event viewer](event-error-codes-windows-defender-advanced-threat-protection.md).
40 | SENSE service onboarding status is not set to **1** | The SENSE service has failed to onboard properly. For more information on events and errors related to SENSE, see [Review events and errors on endpoints with Event viewer](event-error-codes-windows-defender-advanced-threat-protection.md).
@@ -436,8 +436,6 @@ Log in to the application in the Azure Management Portal again:
-->
## Related topics
-
- [Configure Windows Defender ATP endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md)
- [Configure endpoint proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)
-- [Additional Windows Defender ATP configuration settings](additional-configuration-windows-defender-advanced-threat-protection.md)
-- [Monitor the Windows Defender ATP onboarding](monitor-onboarding-windows-defender-advanced-threat-protection.md)
+
diff --git a/windows/keep-secure/vpn-profile-options.md b/windows/keep-secure/vpn-profile-options.md
index 77c548ec2a..425e451341 100644
--- a/windows/keep-secure/vpn-profile-options.md
+++ b/windows/keep-secure/vpn-profile-options.md
@@ -51,6 +51,13 @@ A VPN profile configured with LockDown secures the device to only allow network
- Only one VPN LockDown profile is allowed on a device.
> **Note:** For inbox VPN, Lockdown VPN is only available for the Internet Key Exchange version 2 (IKEv2) tunnel type.
+## Learn about VPN and the Conditional Access Framework in Azure Active Directory
+
+- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 1)](https://blogs.technet.microsoft.com/tip_of_the_day/2016/03/12/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn/)
+- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 2)](https://blogs.technet.microsoft.com/tip_of_the_day/2016/03/14/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn-part-2/)
+- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 3)](https://blogs.technet.microsoft.com/tip_of_the_day/2016/03/15/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn-part-3/)
+- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 4)](https://blogs.technet.microsoft.com/tip_of_the_day/2016/03/16/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn-part-4/)
+
## Learn more
[VPNv2 configuration service provider (CSP) reference](http://go.microsoft.com/fwlink/p/?LinkId=617588)
diff --git a/windows/keep-secure/windows-10-security-guide.md b/windows/keep-secure/windows-10-security-guide.md
index bb757267bb..17ed75ffc7 100644
--- a/windows/keep-secure/windows-10-security-guide.md
+++ b/windows/keep-secure/windows-10-security-guide.md
@@ -634,7 +634,7 @@ With Protected Processes, Windows 10 prevents untrusted processes from interact
## Secure the Windows desktop
-Windows 10 includes critical improvements to the Windows core and the desktop environment, where attacks and malware most frequently enter. The desktop environment is now more resistant to malware thanks to significant improvements to Windows Defender and SmartScreen Filters. Internet browsing is a safer experience because of Microsoft Edge, a completely new browser. The Windows Store reduces the likelihood that malware will infect devices by ensuring that all applications that enter the Windows Store ecosystem have been thoroughly reviewed before being made available. Universal Windows applications are inherently more secure than typical applications because they are sandboxed. Sandboxing restricts the application’s risk of being compromised or tampered with in a way that would put the system, data, and other applications at risk.
+Windows 10 includes critical improvements to the Windows core and the desktop environment, where attacks and malware most frequently enter. The desktop environment is now more resistant to malware thanks to significant improvements to Windows Defender and SmartScreen Filters. Internet browsing is a safer experience because of Microsoft Edge, a completely new browser. The Windows Store reduces the likelihood that malware will infect devices by ensuring that all applications that enter the Windows Store ecosystem have been thoroughly reviewed before being made available. Universal Windows apps are inherently more secure than typical applications because they are sandboxed. Sandboxing restricts the application’s risk of being compromised or tampered with in a way that would put the system, data, and other applications at risk.
The sections that follow describe Windows 10 improvements to application security in more detail.
**Microsoft Edge and Internet Explorer 11**
diff --git a/windows/manage/TOC.md b/windows/manage/TOC.md
index 2f6b01a357..422b6a7eff 100644
--- a/windows/manage/TOC.md
+++ b/windows/manage/TOC.md
@@ -51,7 +51,7 @@
#### [Distribute apps with a management tool](distribute-apps-with-management-tool.md)
#### [Distribute offline apps](distribute-offline-apps.md)
### [Manage apps](manage-apps-windows-store-for-business-overview.md)
-#### [App inventory managemement for Windows Store for Business](app-inventory-managemement-windows-store-for-business.md)
+#### [App inventory managemement for Windows Store for Business](app-inventory-management-windows-store-for-business.md)
#### [Manage app orders in Windows Store for Business](manage-orders-windows-store-for-business.md)
#### [Manage access to private store](manage-access-to-private-store.md)
#### [Manage private store settings](manage-private-store-settings.md)
diff --git a/windows/manage/acquire-apps-windows-store-for-business.md b/windows/manage/acquire-apps-windows-store-for-business.md
index 5f68e8e296..3840db35c7 100644
--- a/windows/manage/acquire-apps-windows-store-for-business.md
+++ b/windows/manage/acquire-apps-windows-store-for-business.md
@@ -6,6 +6,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Acquire apps in Windows Store for Business
diff --git a/windows/manage/add-unsigned-app-to-code-integrity-policy.md b/windows/manage/add-unsigned-app-to-code-integrity-policy.md
index d453da171a..a0c9e5ac70 100644
--- a/windows/manage/add-unsigned-app-to-code-integrity-policy.md
+++ b/windows/manage/add-unsigned-app-to-code-integrity-policy.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store, security
author: TrudyHa
+localizationpriority: high
---
# Add unsigned app to code integrity policy
diff --git a/windows/manage/app-inventory-managemement-windows-store-for-business.md b/windows/manage/app-inventory-managemement-windows-store-for-business.md
index ca7d24b2a2..1dedc043ff 100644
--- a/windows/manage/app-inventory-managemement-windows-store-for-business.md
+++ b/windows/manage/app-inventory-managemement-windows-store-for-business.md
@@ -2,6 +2,7 @@
title: App inventory management for Windows Store for Business (Windows 10)
description: You can manage all apps that you've acquired on your Inventory page.
ms.assetid: 44211937-801B-4B85-8810-9CA055CDB1B2
+redirect_url: https://technet.microsoft.com/itpro/windows/manage/app-inventory-management-windows-store-for-business
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
@@ -9,224 +10,3 @@ ms.pagetype: store
author: TrudyHa
---
-# App inventory management for Windows Store for Business
-
-
-**Applies to**
-
-- Windows 10
-- Windows 10 Mobile
-
-You can manage all apps that you've acquired on your **Inventory** page.
-
-The **Inventory** page in Windows Store for Business shows all apps in your inventory. This includes all apps that you've acquired from Store for Business, and the line-of-business (LOB) apps that you've accepted into your inventory. After LOB apps are submitted to your organization, you'll see a notification on your **Inventory** page. On the **New line-of-business apps** page, you can accept, or reject the LOB apps. For more information on LOB apps, see [Working with line-of-business apps](working-with-line-of-business-apps.md).
-
-All of these apps are treated the same once they are in your inventory and you can perform app lifecycle tasks for them: distribute apps, add apps to private store, review license details, and reclaim app licenses.
-
-
-
-Store for Business shows this info for each app in your inventory:
-
-- Name
-
-- Access to actions for the app
-
-- Last modified date
-
-- Supported devices
-
-- Private store status
-
-### Find apps in your inventory
-
-There are a couple of ways to find specific apps, or groups of apps in your inventory.
-
-**Search** - Use the Search box to search for an app.
-
-**Refine** - Use **Refine** to scope your list of apps by one or more of these app attributes:
-
-- **License** - Online or offline licenses. For more info, see [Apps in Windows Store for Business](apps-in-windows-store-for-business.md#licensing-model).
-
-- **Platforms** - Lists the devices that apps in your inventory were originally written to support. This list is cumulative for all apps in your inventory.
-
-- **Source** - **Store**, for apps acquired from Store for Business, or LOB, for line-of-business apps.
-
-- **Private store** - **In private store**, or **Not in private store**, depending on whether or not you've added the app to your private store.
-
-### Manage apps in your inventory
-
-Each app in the Store for Business has an online, or an offline license. For more information on Store for Business licensing model, see [Apps in the Windows Store for Business](apps-in-windows-store-for-business.md#licensing-model). There are different actions you can take depending on the app license type. They're summarized in this table.
-
-
-
-
-
-
-The actions in the table are how you distribute apps, and manage app licenses. We'll cover those in the next sections. Working with offline-licensed apps has different steps. For more information on distributing offline-licensed apps, see [Distribute offline apps](distribute-offline-apps.md).
-
-### Distribute apps
-
-For online-licensed apps, there are a couple of ways to distribute apps from your inventory:
-
-- Assign apps to people in your organization.
-
-- Add apps to your private store, and let people in your organization install the app.
-
-If you use a management tool that supports Store for Business, you can distribute apps with your management tool. Once it is configured to work with Store for Business, your managment tool will have access to all apps in your inventory. For more information, see [Distribute apps with a management tool](distribute-apps-with-management-tool.md).
-
-Once an app is in your private store, people in your org can install the app on their devices. For more information, see [Distribute apps using your private store](distribute-apps-from-your-private-store.md).
-
-**To make an app in inventory available in your private store**
-
-1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
-2. Click **Manage**, and then choose **Inventory**.
-3. Click **Refine**, and then choose **Online**. Store for Business will update the list of apps on the **Inventory** page.
-4. From an app in **Inventory**, click the ellipses under **Action**, and then choose **Add to private store**.
-
-The value under Private store for the app will change to pending. It will take approximately twelve hours before the app is available in the private store.
-
-Employees can claim apps that admins added to the private store by doing the following.
-
-**To claim an app from the private store**
-
-1. Sign in to your computer with your Azure Active Directory (AD) credentials, and start the Windows Store app.
-2. Click the private store tab.
-3. Click the app you want to install, and then click **Install**.
-
-Another way to distribute apps is by assigning them to people in your organization.
-
-If you decide that you don't want an app available for employees to install on their own, you can remove it from your private store.
-
-**To remove an app from the private store**
-
-1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
-2. Click **Manage**, and then choose **Inventory**.
-3. Find an app, click the ellipses under **Action**, and then choose **Remove from private store**, and then click **Remove**.
-
-The app will still be in your inventory, but your employees will not have access to the app from your private store.
-
-**To assign an app to an employee**
-
-1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
-2. Click **Manage**, and then choose **Inventory**.
-3. Find an app, click the ellipses under **Action**, and then choose **Assign to people**.
-4. Type the email address for the employee that you're assigning the app to, and click **Confirm**.
-
-Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. Also, in the Windows Store app, they can find the app under **My Library**.
-
-### Manage app licenses
-
-For each app in your inventory, you can view and manage license details. This give you another way to assign apps to people in your organization. It also allows you to reclaim app licenses after they've been assigned to people, or claimed by people in your organization.
-
-**To view license details**
-
-1. Sign in to [Store for Business](http://go.microsoft.com/fwlink/p/?LinkId=691845)
-
-2. Click **Manage**, and then choose **Inventory**.
-
-3. Click the ellipses for an app, and then choose **View license details**.
-
- 
-
- You'll see the names of people in your organization who have installed the app and are using one of the licenses.
-
- 
-
- On **Assigned licenses**, you can do several things:
-
- - Assign the app to other people in your organization.
-
- - Reclaim app licenses.
-
- - View app details.
-
- - Add the app to your private store, if it is not in the private store.
-
- You can assign the app to more people in your organization, or reclaim licenses.
-
- **To assign an app to more people**
-
- - Click **Assign to people**, type the email address for the employee that you're assigning the app to, and click **Assign**.
-
- 
-
- Store for Business updates the list of assigned licenses.
-
- **To reclaim licenses**
-
- - Choose the person you want to reclaim the license from, click **Reclaim licenses**, and then click **Reclaim licenses**.
-
- 
-
- Store for Business updates the list of assigned licenses.
-
-### Download offline-licensed app
-
-Offline licensing is a new feature in Windows 10 and allows apps to be deployed to devices that are not connected to the Internet. This means organizations can deploy apps when users or devices do not have connectivity to the Store.
-
-You can download offline-licensed apps from your inventory. You'll need to download these items:
-
-- App metadata
-
-- App package
-
-- App license
-
-- App framework
-
-For more information about online and offline licenses, see [Apps in the Windows Store for Business](apps-in-windows-store-for-business.md#licensing-model).
-
-For more information about downloading offline-licensed apps, see [Download offline apps](distribute-offline-apps.md).
-
-
-
-
-
-
-
-
-
diff --git a/windows/manage/app-inventory-management-windows-store-for-business.md b/windows/manage/app-inventory-management-windows-store-for-business.md
new file mode 100644
index 0000000000..11ddab7ae7
--- /dev/null
+++ b/windows/manage/app-inventory-management-windows-store-for-business.md
@@ -0,0 +1,223 @@
+---
+title: App inventory management for Windows Store for Business (Windows 10)
+description: You can manage all apps that you've acquired on your Inventory page.
+ms.assetid: 44211937-801B-4B85-8810-9CA055CDB1B2
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: store
+author: TrudyHa
+---
+
+# App inventory management for Windows Store for Business
+
+
+**Applies to**
+
+- Windows 10
+- Windows 10 Mobile
+
+You can manage all apps that you've acquired on your **Inventory** page.
+
+The **Inventory** page in Windows Store for Business shows all apps in your inventory. This includes all apps that you've acquired from Store for Business, and the line-of-business (LOB) apps that you've accepted into your inventory. After LOB apps are submitted to your organization, you'll see a notification on your **Inventory** page. On the **New line-of-business apps** page, you can accept, or reject the LOB apps. For more information on LOB apps, see [Working with line-of-business apps](working-with-line-of-business-apps.md).
+
+All of these apps are treated the same once they are in your inventory and you can perform app lifecycle tasks for them: distribute apps, add apps to private store, review license details, and reclaim app licenses.
+
+
+
+Store for Business shows this info for each app in your inventory:
+
+- Name
+
+- Access to actions for the app
+
+- Last modified date
+
+- Supported devices
+
+- Private store status
+
+### Find apps in your inventory
+
+There are a couple of ways to find specific apps, or groups of apps in your inventory.
+
+**Search** - Use the Search box to search for an app.
+
+**Refine** - Use **Refine** to scope your list of apps by one or more of these app attributes:
+
+- **License** - Online or offline licenses. For more info, see [Apps in Windows Store for Business](apps-in-windows-store-for-business.md#licensing-model).
+
+- **Platforms** - Lists the devices that apps in your inventory were originally written to support. This list is cumulative for all apps in your inventory.
+
+- **Source** - **Store**, for apps acquired from Store for Business, or LOB, for line-of-business apps.
+
+- **Private store** - **In private store**, or **Not in private store**, depending on whether or not you've added the app to your private store.
+
+### Manage apps in your inventory
+
+Each app in the Store for Business has an online, or an offline license. For more information on Store for Business licensing model, see [Apps in the Windows Store for Business](apps-in-windows-store-for-business.md#licensing-model). There are different actions you can take depending on the app license type. They're summarized in this table.
+
+
-
-
-
-Action
-Online-licensed app
-Offline-licensed app
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+The actions in the table are how you distribute apps, and manage app licenses. We'll cover those in the next sections. Working with offline-licensed apps has different steps. For more information on distributing offline-licensed apps, see [Distribute offline apps](distribute-offline-apps.md).
+
+### Distribute apps
+
+For online-licensed apps, there are a couple of ways to distribute apps from your inventory:
+
+- Assign apps to people in your organization.
+
+- Add apps to your private store, and let people in your organization install the app.
+
+If you use a management tool that supports Store for Business, you can distribute apps with your management tool. Once it is configured to work with Store for Business, your managment tool will have access to all apps in your inventory. For more information, see [Distribute apps with a management tool](distribute-apps-with-management-tool.md).
+
+Once an app is in your private store, people in your org can install the app on their devices. For more information, see [Distribute apps using your private store](distribute-apps-from-your-private-store.md).
+
+**To make an app in inventory available in your private store**
+
+1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
+2. Click **Manage**, and then choose **Inventory**.
+3. Click **Refine**, and then choose **Online**. Store for Business will update the list of apps on the **Inventory** page.
+4. From an app in **Inventory**, click the ellipses under **Action**, and then choose **Add to private store**.
+
+The value under Private store for the app will change to pending. It will take approximately twelve hours before the app is available in the private store.
+
+Employees can claim apps that admins added to the private store by doing the following.
+
+**To claim an app from the private store**
+
+1. Sign in to your computer with your Azure Active Directory (AD) credentials, and start the Windows Store app.
+2. Click the private store tab.
+3. Click the app you want to install, and then click **Install**.
+
+Another way to distribute apps is by assigning them to people in your organization.
+
+If you decide that you don't want an app available for employees to install on their own, you can remove it from your private store.
+
+**To remove an app from the private store**
+
+1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
+2. Click **Manage**, and then choose **Inventory**.
+3. Find an app, click the ellipses under **Action**, and then choose **Remove from private store**, and then click **Remove**.
+
+The app will still be in your inventory, but your employees will not have access to the app from your private store.
+
+**To assign an app to an employee**
+
+1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
+2. Click **Manage**, and then choose **Inventory**.
+3. Find an app, click the ellipses under **Action**, and then choose **Assign to people**.
+4. Type the email address for the employee that you're assigning the app to, and click **Confirm**.
+
+Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. Also, in the Windows Store app, they can find the app under **My Library**.
+
+### Manage app licenses
+
+For each app in your inventory, you can view and manage license details. This give you another way to assign apps to people in your organization. It also allows you to reclaim app licenses after they've been assigned to people, or claimed by people in your organization.
+
+**To view license details**
+
+1. Sign in to [Store for Business](http://go.microsoft.com/fwlink/p/?LinkId=691845)
+
+2. Click **Manage**, and then choose **Inventory**.
+
+3. Click the ellipses for an app, and then choose **View license details**.
+
+ 
+
+ You'll see the names of people in your organization who have installed the app and are using one of the licenses.
+
+ 
+
+ On **Assigned licenses**, you can do several things:
+
+ - Assign the app to other people in your organization.
+
+ - Reclaim app licenses.
+
+ - View app details.
+
+ - Add the app to your private store, if it is not in the private store.
+
+ You can assign the app to more people in your organization, or reclaim licenses.
+
+ **To assign an app to more people**
+
+ - Click **Assign to people**, type the email address for the employee that you're assigning the app to, and click **Assign**.
+
+ 
+
+ Store for Business updates the list of assigned licenses.
+
+ **To reclaim licenses**
+
+ - Choose the person you want to reclaim the license from, click **Reclaim licenses**, and then click **Reclaim licenses**.
+
+ 
+
+ Store for Business updates the list of assigned licenses.
+
+### Download offline-licensed app
+
+Offline licensing is a new feature in Windows 10 and allows apps to be deployed to devices that are not connected to the Internet. This means organizations can deploy apps when users or devices do not have connectivity to the Store.
+
+You can download offline-licensed apps from your inventory. You'll need to download these items:
+
+- App metadata
+
+- App package
+
+- App license
+
+- App framework
+
+For more information about online and offline licenses, see [Apps in the Windows Store for Business](apps-in-windows-store-for-business.md#licensing-model).
+
+For more information about downloading offline-licensed apps, see [Download offline apps](distribute-offline-apps.md).
\ No newline at end of file
diff --git a/windows/manage/apps-in-windows-store-for-business.md b/windows/manage/apps-in-windows-store-for-business.md
index dec7d4ca5f..f74b81160c 100644
--- a/windows/manage/apps-in-windows-store-for-business.md
+++ b/windows/manage/apps-in-windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Apps in Windows Store for Business
@@ -50,7 +51,7 @@ Apps that you acquire from the Store for Business only work on Windows 10-based
Some apps are free, and some apps charge a price. Currently, you can pay for apps with a credit card. We'll be adding more payment options over time.
-Some apps which are available to consumers in the Windows Store might not be available to organizations in the Windows Store for Business. App developers can opt-out their apps, and they also need to meet eligibility requirements for Windows Store for Business. For more information, read this info on [Organizational licensing options](https://msdn.microsoft.com/en-us/windows/uwp/publish/organizational-licensing).
+Some apps which are available to consumers in the Windows Store might not be available to organizations in the Windows Store for Business. App developers can opt-out their apps, and they also need to meet eligibility requirements for Windows Store for Business. For more information, read this info on [Organizational licensing options](https://msdn.microsoft.com/windows/uwp/publish/organizational-licensing).
**Note**
+
+
+
+Action
+Online-licensed app
+Offline-licensed app
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
We are still setting up the catalog of apps for Windows Store for Business. If you are searching for an app and it isn’t available, please check again in a couple of days.
diff --git a/windows/manage/assign-apps-to-employees.md b/windows/manage/assign-apps-to-employees.md
index adf354a31f..a329393689 100644
--- a/windows/manage/assign-apps-to-employees.md
+++ b/windows/manage/assign-apps-to-employees.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Assign apps to employees
diff --git a/windows/manage/configure-mdm-provider-windows-store-for-business.md b/windows/manage/configure-mdm-provider-windows-store-for-business.md
index e621a59e02..d4c07de29f 100644
--- a/windows/manage/configure-mdm-provider-windows-store-for-business.md
+++ b/windows/manage/configure-mdm-provider-windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Configure an MDM provider
diff --git a/windows/manage/configure-windows-10-devices-to-stop-data-flow-to-microsoft.md b/windows/manage/configure-windows-10-devices-to-stop-data-flow-to-microsoft.md
index 66f10dbf1e..377c8066cf 100644
--- a/windows/manage/configure-windows-10-devices-to-stop-data-flow-to-microsoft.md
+++ b/windows/manage/configure-windows-10-devices-to-stop-data-flow-to-microsoft.md
@@ -1,6 +1,6 @@
---
title: Configure Windows 10 devices to stop data flow to Microsoft (Windows 10)
-redirect_url: https://technet.microsoft.com/en-us/itpro/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services
+redirect_url: https://technet.microsoft.com/itpro/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services
---
# Configure Windows 10 devices to stop data flow to Microsoft
diff --git a/windows/manage/configure-windows-telemetry-in-your-organization.md b/windows/manage/configure-windows-telemetry-in-your-organization.md
index 1d4f6b116f..db19b958a4 100644
--- a/windows/manage/configure-windows-telemetry-in-your-organization.md
+++ b/windows/manage/configure-windows-telemetry-in-your-organization.md
@@ -6,6 +6,7 @@ ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: security
+localizationpriority: high
author: brianlic-msft
---
@@ -17,34 +18,118 @@ author: brianlic-msft
- Windows 10 Mobile
- Windows Server 2016 Technical Preview
-Use this article to make informed decisions about how you can configure telemetry in your organization. Telemetry is a term that means different things to different people and organizations. For the purpose of this article, we discuss telemetry as system data that is uploaded by the Connected User Experience and Telemetry component. The telemetry data is used to keep Windows devices secure, and to help Microsoft improve the quality of Windows and Microsoft services.
+At Microsoft, we use Windows telemetry to inform our decisions and focus our efforts in providing the most robust, most valuable platform for your business and the people who count on Windows to enable them to be as productive as possible. Telemetry gives users a voice in the operating system’s development. This guide describes the importance of Windows telemetry and how we protect that data. Additionally, it differentiates between telemetry and functional data. It also describes the telemetry levels that Windows supports. Of course, you can choose how much telemetry is shared with Microsoft, and this guide demonstrates how.
->**Note:** This article does not apply to System Center Configuration Manager, System Center Endpoint Protection, or System Center Data Protection Manager because those components use a different telemetry service than Windows and Windows Server.
+To frame a discussion about telemetry, it is important to understand Microsoft’s privacy principles. We earn customer trust every day by focusing on six key privacy principles as described at [privacy.microsoft.com](https://privacy.microsoft.com/). These principles guided the implementation of the Windows telemetry system in the following ways:
-It describes the types of telemetry we gather and the ways you can manage its telemetry. This article also lists some examples of how telemetry can provide you with valuable insights into your enterprise deployments, and how Microsoft uses the data to quickly identify and address issues affecting its customers.
+- **Control.** We offer customers control of the telemetry they share with us by providing easy-to-use management tools.
+- **Transparency.** We provide information about the telemetry that Windows and Windows Server collects so our customers can make informed decisions.
+- **Security.** We encrypt telemetry in transit from your device and protect that data at our secure data centers.
+- **Strong legal protections.** We respect customers’ local privacy laws and fight for legal protection of their privacy as a fundamental human right.
+- **No content-based targeting.** We take steps to avoid and minimize the collection of customer content, such as the content of files, chats, or emails, through the Windows telemetry system. Customer content inadvertently collected is kept confidential and not used for user targeting.
+- **Benefits to you.** We collect Windows telemetry to help provide you with an up-to-date, more secure, reliable and performant product, and to improve Windows for all of our customers.
-We understand that the privacy and security of our customers’ information is important and we have taken a thoughtful and comprehensive approach to customer privacy and the protection of their data with Windows 10, Windows Server 2016 Technical Preview, and System Center 2016.
+This article applies to Windows and Windows Server telemetry only. Other Microsoft or third-party apps, such as System Center Configuration Manager, System Center Endpoint Protection, or System Center Data Protection Manager, might send data to their cloud services in ways that are inconsistent with this guide. Their publishers are responsible for notifying users of their privacy policies, telemetry controls, and so on. This article describes the types of telemetry we may gather, the ways you might manage it in your organization, and some examples of how telemetry can provide you with valuable insights into your enterprise deployments. Microsoft uses the data to quickly identify and address issues affecting its customers.
+
+
+Use this article to make informed decisions about how you might configure telemetry in your organization. Telemetry is a term that means different things to different people and organizations. For the purpose of this article, we discuss telemetry as system data that is uploaded by the Connected User Experience and Telemetry component. The telemetry data is used to help keep Windows devices secure by identifying malware trends and other threats and to help Microsoft improve the quality of Windows and Microsoft services.
## Overview
-In previous versions of Windows and Windows Server, Microsoft used telemetry to check for updated or new Windows Defender signatures, check whether Windows Update installations were successful, gather reliability information through the Reliability Analysis Component (RAC) on Windows Server, and gather reliability information through the Windows Customer Experience Improvement Program (CEIP) on Windows. In Windows 10 and Windows Server 2016 Technical Preview, you can control telemetry streams by using Settings > Privacy, Group Policy, or MDM.
-
-Microsoft is committed to improving customer experiences in a mobile-first and cloud-first world, and it all starts with our customers. Telemetry is one critical way Microsoft is using data to improve our products and services. Telemetry gives every enterprise customer a voice that helps us shape future versions of Windows, Windows Server and System Center, allowing us to respond quickly to your feedback and providing new features and improved quality to our customers.
-
-Our goal is to leverage the aggregated data to drive changes in the product and ecosystem to improve our customer experiences. We are also partnering with enterprises to provide added value from the telemetry information shared by their devices. Some examples include identifying outdated patches and downloading the latest antimalware signatures to help keep their devices secure, identifying application compatibility issues prior to upgrades, and gaining insights into driver reliability issues affecting other customers.
+In previous versions of Windows and Windows Server, Microsoft used telemetry to check for updated or new Windows Defender signatures, check whether Windows Update installations were successful, gather reliability information through the Reliability Analysis Component (RAC), and gather reliability information through the Windows Customer Experience Improvement Program (CEIP) on Windows. In Windows 10 and Windows Server 2016 Technical Preview, you can control telemetry streams by using the Privacy option in Settings, Group Policy, or MDM.
For Windows 10, we invite IT pros to join the [Windows Insider Program](http://insider.windows.com) to give us feedback on what we can do to make Windows work better for your organization.
+## Understanding Windows telemetry
+
+Windows as a Service is a fundamental change in how Microsoft plans, builds, and delivers the operating system. Historically, we released a major Windows version every few years. The effort required to deploy large and infrequent Windows versions was substantial. That effort included updating the infrastructure to support the upgrade. Windows as a Service accelerates the cadence to provide rich updates more frequently, and these updates require substantially less effort to roll out than earlier versions of Windows. Since it provides more value to organizations in a shorter timeframe, delivering Windows as a Service is a top priority for us.
+
+The release cadence of Windows may be fast, so feedback is critical to its success. We rely on telemetry at each stage of the process to inform our decisions and prioritize our efforts.
+
+### What is Windows telemetry?
+Windows telemetry is vital technical data from Windows devices about the device and how Windows and related software are performing. It's used in the following ways:
+
+- Keep Windows up to date
+- Keep Windows secure, reliable, and performant
+- Improve Windows – through the aggregate analysis of the use of Windows
+- Personalize Windows engagement surfaces
+
+Here are some specific examples of Windows telemetry data:
+
+- Type of hardware being used
+- Applications installed and usage details
+- Reliability information on device drivers
+
+### What is NOT telemetry?
+
+Telemetry can sometimes be confused with functional data. Some Windows components and apps connect to Microsoft services directly, but the data they exchange is not telemetry. For example, exchanging a user’s location for local weather or news is not an example of telemetry—it is functional data that the app or service requires to satisfy the user’s request.
+
+There are subtle differences between telemetry and functional data. Windows collects and sends telemetry in the background automatically. You can control how much information is gathered by setting the telemetry level. Microsoft tries to avoid collecting personal information wherever possible (for example, if a crash dump is collected and a document was in memory at the time of the crash). On the other hand, functional data can contain personal information. However, a user action, such as requesting news or asking Cortana a question, usually triggers collection and transmission of functional data.
+
+If you’re an IT pro that wants to manage Windows functional data sent from your organization to Microsoft, see [Manage connections from Windows operating system components to Microsoft services](https://technet.microsoft.com/en-us/itpro/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services).
+
+The following are specific examples of functional data:
+
+- Current location for weather
+- Bing searches
+- Wallpaper and desktop settings synced across multiple devices
+
+### Telemetry gives users a voice
+
+Windows and Windows Server telemetry gives every user a voice in the operating system’s development and ongoing improvement. It helps us understand how Windows 10 and Windows Server 2016 behaves in the real world, focus on user priorities, and make informed decisions that benefit them. For our enterprise customers, representation in the dataset on which we will make future design decisions is a real benefit. The following sections offer real examples of these benefits.
+
+### Drive higher app and driver quality
+
+Our ability to collect telemetry that drives improvements to Windows and Windows Server helps raise the bar for app and device driver quality. Telemetry helps us to quickly identify and fix critical reliability and security issues with apps and device drivers on given configurations. For example, we can identify an app that hangs on devices using a specific version of a video driver, allowing us to work with the app and device driver vendor to quickly fix the issue. The result is less downtime and reduced costs and increased productivity associated with troubleshooting these issues.
+
+A real-world example of how Windows telemetry helps us quickly identify and fix issues is a particular version of a video driver that was crashing on some devices running Windows 10, causing the device to reboot. We detected the problem in our telemetry, and immediately contacted the third-party developer who builds the video driver. Working with the developer, we provided an updated driver to Windows Insiders within 24 hours. Based on telemetry from the Windows Insiders’ devices, we were able to validate the new version of the video driver, and rolled it out to the broad public as an update the next day. Telemetry helped us find, fix, and resolve this problem in just 48 hours, providing a better user experience and reducing costly support calls.
+
+### Improve end-user productivity
+
+Windows telemetry also helps Microsoft better understand how customers use (or do not use) the operating system’s features and related services. The insights we gain from this data helps us prioritize our engineering effort to directly impact our customers’ experiences. Examples are:
+
+- **Start menu.** How do people change the Start menu layout? Do they pin other apps to it? Are there any apps that they frequently unpin? We use this dataset to adjust the default Start menu layout to better reflect people’s expectations when they turn on their device for the first time.
+- **Cortana.** We use telemetry to monitor the scalability of our cloud service, improving search performance.
+- **Application switching.** Research and observations from earlier Windows versions showed that people rarely used Alt+Tab to switch between applications. After discussing this with some users, we learned they loved the feature, saying that it would be highly productive, but they did not know about it previously. Based on this, we created the Task View button in Windows 10 to make this feature more discoverable. Later telemetry showed significantly higher usage of this feature.
+
+**These examples show how the use of telemetry data enables Microsoft to build or enhance features which can help organizations increase employee productivity while lowering help desk calls.**
+
+
## How is telemetry data handled by Microsoft?
### Data collection
-Windows 10 and Windows Server 2016 Technical Preview includes the Connected User Experience and Telemetry component, which uses Event Tracing for Windows (ETW) tracelogging technology to gather and store telemetry events and data. The operating system and some Microsoft management solutions, such as System Center, use the same logging technology.
+Windows 10 and Windows Server 2016 Technical Preview includes the Connected User Experience and Telemetry component, which uses Event Tracing for Windows (ETW) tracelogging technology that gathers and stores telemetry events and data. The operating system and some Microsoft management solutions, such as System Center, use the same logging technology.
1. Operating system features and some management applications are instrumented to publish events and data. Examples of management applications include Virtual Machine Manager (VMM), Server Manager, and Storage Spaces.
2. Events are gathered using public operating system event logging and tracing APIs.
3. You can configure the telemetry level by using an MDM policy, Group Policy, or registry settings.
-4. The Connected User Experience and Telemetry component transmits telemetry data over HTTPS to Microsoft and uses certificate pinning.
+4. The Connected User Experience and Telemetry component transmits the telemetry data.
Info collected at the Enhanced and Full levels of telemetry is typically gathered at a fractional sampling rate, which can be as low as 1% of devices reporting data at those levels.
@@ -56,21 +141,21 @@ All telemetry data is encrypted using SSL and uses certificate pinning during tr
The Microsoft Data Management Service routes data back to our secure cloud storage. Only Microsoft personnel with a valid business justification are permitted access.
-The Connected User Experience and Telemetry component connects to the Microsoft Data Management service at v10.vortex-win.data.microsoft.com.
+The following table defines the endpoints for telemetry services:
-The Connected User Experience and Telemetry component also connects to settings-win.data.microsoft.com to download configuration information.
-
-[Windows Error Reporting](http://msdn.microsoft.com/library/windows/desktop/bb513641.aspx) connects to watson.telemetry.microsoft.com.
-
-[Online Crash Analysis](http://msdn.microsoft.com/library/windows/desktop/ee416349.aspx) connects to oca.telemetry.microsoft.com.
+| Service | Endpoint |
+| - | - |
+| Connected User Experience and Telemetry component | v10.vortex-win.data.microsoft.com
settings-win.data.microsoft.com |
+| [Windows Error Reporting](http://msdn.microsoft.com/library/windows/desktop/bb513641.aspx) | watson.telemetry.microsoft.com |
+| [Online Crash Analysis](http://msdn.microsoft.com/library/windows/desktop/ee416349.aspx) | oca.telemetry.microsoft.com |
### Data use and access
-Data gathered from telemetry is used by Microsoft teams primarily to improve our customer experiences, and for security, health, quality, and performance analysis. The principle of least privileged guides access to telemetry data. Only Microsoft personnel with a valid business need are permitted access to the telemetry data. Microsoft does not share personal data of our customers with third parties, except at the customer’s discretion or for the limited purposes described in the Privacy Statement. We do share business reports with OEMs and third party partners that include aggregated, anonymized telemetry information. Data-sharing decisions are made by an internal team including privacy, legal, and data management.
+The principle of least privileged access guides access to telemetry data. Microsoft does not share personal data of our customers with third parties, except at the customer’s discretion or for the limited purposes described in the [Privacy Statement](https://privacy.microsoft.com/en-us/privacystatement). Microsoft may share business reports with OEMs and third party partners that include aggregated and anonymized telemetry information. Data-sharing decisions are made by an internal team including privacy, legal, and data management.
### Retention
-Microsoft believes in and practices information minimization. We strive to gather only the info we need, and store it for as long as it’s needed to provide a service or for analysis. Much of the info about how Windows and apps are functioning is deleted within 30 days. Other info may be retained longer, such as error reporting data or Store purchase history.
+Microsoft believes in and practices information minimization. We strive to gather only the info we need, and store it for as long as it’s needed to provide a service or for analysis. Much of the info about how Windows and apps are functioning is deleted within 30 days. Other info may be retained longer, such as error reporting data or Windows Store purchase history.
## Telemetry levels
@@ -81,19 +166,19 @@ The telemetry data is categorized into four levels:
- **Security**. Information that’s required to help keep Windows, Windows Server, and System Center secure, including data about the Connected User Experience and Telemetry component settings, the Malicious Software Removal Tool, and Windows Defender.
-- **Basic**. Basic device info, including: quality-related data, app compat, app usage data, and data from the **Security** level.
+- **Basic**. Basic device info, including: quality-related data, app compatibility, app usage data, and data from the **Security** level.
- **Enhanced**. Additional insights, including: how Windows, Windows Server, System Center, and apps are used, how they perform, advanced reliability data, and data from both the **Basic** and the **Security** levels.
- **Full**. All data necessary to identify and help to fix problems, plus data from the **Security**, **Basic**, and **Enhanced** levels.
-The levels are cumulative and are illustrated in the following diagram. These levels apply to all editions of Windows Server 2016 Technical Preview.
+The levels are cumulative and are illustrated in the following diagram. Also, these levels apply to all editions of Windows Server 2016 Technical Preview.
### Security level
-The Security level gathers only the telemetry info that is required to keep Windows devices, Windows Server, and guests secure with the latest security updates. This level is only available on Windows Server 2016, Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, and IoT Core editions.
+The Security level gathers only the telemetry info that is required to keep Windows devices, Windows Server, and guests protected with the latest security updates. This level is only available on Windows Server 2016, Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, and Windos IoT Core editions.
> **Note:** If your organization relies on Windows Update for updates, you shouldn’t use the **Security** level. Because no Windows Update information is gathered at this level, important information about update failures is not sent. Microsoft uses this information to fix the causes of those failures and improve the quality of our updates.
@@ -103,7 +188,7 @@ Windows Server Update Services (WSUS) and System Center Configuration Manager fu
The data gathered at this level includes:
-- **Connected User Experience and Telemetry component settings**. If data has been gathered and is queued to be sent, the Connected User Experience and Telemetry component downloads its settings file from Microsoft’s servers. The data gathered by the client for this request includes OS information, device id (used to identify what specific device is requesting settings) and device class (for example, whether the device is server or desktop).
+- **Connected User Experience and Telemetry component settings**. If general telemetry data has been gathered and is queued, it is sent to Microsoft. Along with this telemetry, the Connected User Experience and Telemetry component may download a configuration settings file from Microsoft’s servers. This file is used to configure the Connected User Experience and Telemetry component itself. The data gathered by the client for this request includes OS information, device id (used to identify what specific device is requesting settings) and device class (for example, whether the device is server or desktop).
- **Malicious Software Removal Tool (MSRT)** The MSRT infection report contains information, including device info and IP address.
@@ -126,11 +211,11 @@ No user content, such as user files or communications, is gathered at the **Secu
### Basic level
-The Basic level gathers a limited set of data that’s critical for understanding the device and its configuration. This level also includes the **Security** level data. This level helps to identify problems that can occur on a particular device hardware or software configuration. For example, it can help determine if crashes are more frequent on devices with a specific amount of memory or that are running a particular driver version. The Connected User Experience and Telemetry component does not gather telemetry data about System Center, but it can transmit telemetry for other non-Windows applications if they have user consent.
+The Basic level gathers a limited set of data that’s critical for understanding the device and its configuration. This level also includes the **Security** level data. This level helps to identify problems that can occur on a particular hardware or software configuration. For example, it can help determine if crashes are more frequent on devices with a specific amount of memory or that are running a particular driver version. The Connected User Experience and Telemetry component does not gather telemetry data about System Center, but it can transmit telemetry for other non-Windows applications if they have user consent.
The data gathered at this level includes:
-- **Basic device data**. Helps provide an understanding about the types of Windows devices and the configurations and types of native and virtualized Windows Server 2016 Technical Preview instances in the ecosystem, including:
+- **Basic device data**. Helps provide an understanding about the types of Windows devices and the configurations and types of native and virtualized Windows Server 2016 Technical Preview in the ecosystem. Examples include:
- Device attributes, such as camera resolution and display type
@@ -156,7 +241,7 @@ The data gathered at this level includes:
- **General app data and app data for Internet Explorer add-ons**. Includes a list of apps that are installed on a native or virtualized instance of the OS and whether these apps function correctly after an upgrade. This app data includes the app name, publisher, version, and basic details about which files have been blocked from usage.
- - **App usage data**. Includes how an app is used, including how long an app is used for, when the app has focus, and when the app is started
+ - **App usage data**. Includes how an app is used, including how long an app is used, when the app has focus, and when the app is started
- **Internet Explorer add-ons**. Includes a list of Internet Explorer add-ons that are installed on a device and whether these apps will work after an upgrade.
@@ -166,13 +251,13 @@ The data gathered at this level includes:
- **Driver data**. Includes specific driver usage that’s meant to help figure out whether apps and devices will function after upgrading to a new version of the operating system. This can help to determine blocking issues and then help Microsoft and our partners apply fixes and improvements.
-- **Store**. Provides information about how the Windows Store performs, including app downloads, installations, and updates. It also includes Windows Store launches, page views, suspend and resumes, and obtaining licenses.
+- **Windows Store**. Provides information about how the Windows Store performs, including app downloads, installations, and updates. It also includes Windows Store launches, page views, suspend and resumes, and obtaining licenses.
### Enhanced level
The Enhanced level gathers data about how Windows and apps are used and how they perform. This level also includes data from both the **Basic** and **Security** levels. This level helps to improve the user experience with the operating system and apps. Data from this level can be abstracted into patterns and trends that can help Microsoft determine future improvements.
-This is the default level, and the minimum level needed to quickly identify and address Windows, Windows Server, and System Center quality issues.
+This is the default level for Windows 10 Enterprise and Windows 10 Education editions, and the minimum level needed to quickly identify and address Windows, Windows Server, and System Center quality issues.
The data gathered at this level includes:
@@ -202,6 +287,15 @@ However, before more data is gathered, Microsoft’s privacy governance team, in
- All crash dump types, including heap dumps and full dumps.
+## Enterprise management
+
+Sharing telemetry data with Microsoft provides many benefits to enterprises, so we do not recommend turning it off. For most enterprise customers, simply adjusting the telemetry level and managing specific components is the best option.
+
+Customers can set the telemetry level in both the user interface and with existing management tools. Users can change the telemetry level in the **Diagnostic and usage data** setting. In the Settings app, it is in **Privacy\Feedback & diagnostics**. They can choose between Basic, Enhanced, and Full. The Security level is not available.
+
+IT pros can use various methods, including Group Policy and Mobile Device Management (MDM), to choose a telemetry level. If you’re using Windows 10 Enterprise, Windows 10 Education, or Windows Server 2016, the Security telemetry level is available when managing the policy. Setting the telemetry level through policy overrides users’ choices. The remainder of this section describes how to do that.
+
+
### Manage your telemetry settings
We do not recommend that you turn off telemetry in your organization as valuable functionality may be impacted, but we recognize that in some scenarios this may be required. Use the steps in this section to do so for Windows, Windows Server, and System Center.
@@ -210,7 +304,7 @@ We do not recommend that you turn off telemetry in your organization as valuable
You can turn on or turn off System Center telemetry gathering. The default is on and the data gathered at this level represents what is gathered by default when System Center telemetry is turned on. However, setting the operating system telemetry level to **Basic** will turn off System Center telemetry, even if the System Center telemetry switch is turned on.
-The lowest telemetry setting level supported through management policies is **Security**. The lowest telemetry setting supported through the Settings UI is **Basic**. The default telemetry setting for Windows Server 2016 Technical Preview is **Enhanced.**
+The lowest telemetry setting level supported through management policies is **Security**. The lowest telemetry setting supported through the Settings UI is **Basic**. The default telemetry setting for Windows Server 2016 Technical Preview is **Enhanced**.
### Configure the operating system telemetry level
@@ -218,14 +312,13 @@ You can configure your operating system telemetry settings using the management
Use the appropriate value in the table below when you configure the management policy.
-| Value | Level | Data gathered |
-|-------|----------|---------------------------------------------------------------------------------------------------------------------------|
-| **0** | Security | Security data only. |
-| **1** | Basic | Security data, and basic system and quality data. |
-| **2** | Enhanced | Security data, basic system and quality data, and enhanced insights and advanced reliability data. |
-| **3** | Full | Security data, basic system and quality data, enhanced insights and advanced reliability data, and full diagnostics data. |
+| Level | Data gathered | Value |
+| - | - | - |
+| Security | Security data only. | **0** |
+| Basic | Security data, and basic system and quality data. | **1** |
+| Enhanced | Security data, basic system and quality data, and enhanced insights and advanced reliability data. | **2** |
+| Full | Security data, basic system and quality data, enhanced insights and advanced reliability data, and full diagnostics data. | **3** |
-
### Use Group Policy to set the telemetry level
@@ -277,19 +370,32 @@ There are a few more settings that you can turn off that may send telemetry info
>**Note:** Microsoft does not intend to gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user's device. If we determine that sensitive information has been inadvertently received, we delete the information.
-
+## Additional resources
-## Examples of how Microsoft uses the telemetry data
+FAQs
+- [Cortana, Search, and privacy](http://windows.microsoft.com/en-us/windows-10/cortana-privacy-faq)
+- [Windows 10 feedback, diagnostics, and privacy](http://windows.microsoft.com/en-us/windows-10/feedback-diagnostics-privacy-faq)
+- [Windows 10 camera and privacy](http://windows.microsoft.com/en-us/windows-10/camera-privacy-faq)
+- [Windows 10 location service and privacy](http://windows.microsoft.com/en-us/windows-10/location-service-privacy)
+- [Microsoft Edge and privacy](http://windows.microsoft.com/en-us/windows-10/edge-privacy-faq)
+- [Windows 10 speech, inking, typing, and privacy](http://windows.microsoft.com/en-us/windows-10/speech-inking-typing-privacy-faq)
+- [Windows Hello and privacy](http://windows.microsoft.com/en-us/windows-10/windows-hello-privacy-faq)
+- [Wi-Fi Sense](http://windows.microsoft.com/en-us/windows-10/wi-fi-sense-faq)
+- [Windows Update Delivery Optimization](http://windows.microsoft.com/en-us/windows-10/windows-update-delivery-optimization-faq)
-### Drive higher application and driver quality in the ecosystem
+Blogs
-Telemetry plays an important role in quickly identifying and fixing critical reliability and security issues in our customers’ deployments and configurations. Insights into the telemetry data we gather helps us to quickly identify crashes or hangs associated with a certain application or driver on a given configuration, like a particular storage type (for example, SCSI) or a memory size. For System Center, job usages and statuses can also help us enhance the job workload and the communication between System Center and its managed products. Microsoft’s ability to get this data from customers and drive improvements into the ecosystem helps raise the bar for the quality of System Center, Windows Server applications, Windows apps, and drivers. Real-time data about Windows installations reduces downtime and the cost associated with troubleshooting unreliable drivers or unstable applications.
+- [Privacy and Windows 10](https://blogs.windows.com/windowsexperience/2015/09/28/privacy-and-windows-10)
-### Reduce your total cost of ownership and downtime
+Privacy Statement
-Telemetry provides a view of which features and services customers use most. For example, the telemetry data provides us with a heat map of the most commonly deployed Windows Server roles, most used Windows features, and which ones are used the least. This helps us make informed decisions on where we should invest our engineering resources to build a leaner operating system. For System Center, understanding the customer environment for management and monitoring will help drive the support compatibilities matrix, such as host and guest OS. This can help you use existing hardware to meet your business needs and reduce your total cost of ownership, as well as reducing downtime associated with security updates.
+- [Microsoft Privacy Statement](https://privacy.microsoft.com/en-us/privacystatement)
-### Build features that address our customers’ needs
+TechNet
-Telemetry also helps us better understand how customers deploy components, use features, and use services to achieve their business goals. Getting insights from that information helps us prioritize our engineering investments in areas that can directly affect our customers’ experiences and workloads. Some examples include customer usage of containers, storage, and networking configurations associated with Windows Server roles like Clustering and Web. Another example could be to find out when is CPU hyper-threading turned off and the resulting impact. We use the insights to drive improvements and intelligence into some of our management and monitoring solutions, to help customers diagnose quality issues, and save money by making fewer help calls to Microsoft.
\ No newline at end of file
+- [Manage connections from Windows operating system components to Microsoft services](https://technet.microsoft.com/en-us/itpro/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services)
+
+Web Pages
+
+- [Privacy at Microsoft](http://privacy.microsoft.com)
diff --git a/windows/manage/device-guard-signing-portal.md b/windows/manage/device-guard-signing-portal.md
index 09c4d67158..e9dabd0581 100644
--- a/windows/manage/device-guard-signing-portal.md
+++ b/windows/manage/device-guard-signing-portal.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store, security
author: TrudyHa
+localizationpriority: high
---
# Device Guard signing
diff --git a/windows/manage/disconnect-your-organization-from-microsoft.md b/windows/manage/disconnect-your-organization-from-microsoft.md
index f1077326eb..8a9777af29 100644
--- a/windows/manage/disconnect-your-organization-from-microsoft.md
+++ b/windows/manage/disconnect-your-organization-from-microsoft.md
@@ -1,4 +1,4 @@
---
title: Configure Windows 10 devices to stop data flow to Microsoft (Windows 10)
-redirect_url: https://technet.microsoft.com/en-us/itpro/windows/manage/configure-windows-10-devices-to-stop-data-flow-to-microsoft
+redirect_url: https://technet.microsoft.com/itpro/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services
---
\ No newline at end of file
diff --git a/windows/manage/distribute-apps-to-your-employees-windows-store-for-business.md b/windows/manage/distribute-apps-to-your-employees-windows-store-for-business.md
index ffdae6061d..8863d87a80 100644
--- a/windows/manage/distribute-apps-to-your-employees-windows-store-for-business.md
+++ b/windows/manage/distribute-apps-to-your-employees-windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Distribute apps to your employees from the Windows Store for Business
diff --git a/windows/manage/distribute-apps-with-management-tool.md b/windows/manage/distribute-apps-with-management-tool.md
index 102b4d6d01..891c3c0ccc 100644
--- a/windows/manage/distribute-apps-with-management-tool.md
+++ b/windows/manage/distribute-apps-with-management-tool.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Distribute apps with a management tool
diff --git a/windows/manage/distribute-offline-apps.md b/windows/manage/distribute-offline-apps.md
index f6493b53b4..c1bc0b3a20 100644
--- a/windows/manage/distribute-offline-apps.md
+++ b/windows/manage/distribute-offline-apps.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Distribute offline apps
diff --git a/windows/manage/find-and-acquire-apps-overview.md b/windows/manage/find-and-acquire-apps-overview.md
index 4b4aab57ea..8faea40ea2 100644
--- a/windows/manage/find-and-acquire-apps-overview.md
+++ b/windows/manage/find-and-acquire-apps-overview.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Find and acquire apps
diff --git a/windows/manage/manage-apps-windows-store-for-business-overview.md b/windows/manage/manage-apps-windows-store-for-business-overview.md
index 6856a7683d..76b2ee98e8 100644
--- a/windows/manage/manage-apps-windows-store-for-business-overview.md
+++ b/windows/manage/manage-apps-windows-store-for-business-overview.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Manage apps in Windows Store for Business
diff --git a/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 4c01926131..adf68698e2 100644
--- a/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/manage/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -6,6 +6,7 @@ keywords: privacy, manage connections to Microsoft
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
+localizationpriority: high
author: brianlic-msft
---
diff --git a/windows/manage/manage-cortana-in-enterprise.md b/windows/manage/manage-cortana-in-enterprise.md
index b44e4c4920..98ed3188ee 100644
--- a/windows/manage/manage-cortana-in-enterprise.md
+++ b/windows/manage/manage-cortana-in-enterprise.md
@@ -50,14 +50,15 @@ Set up and manage Cortana by using the following Group Policy and mobile device
|Group policy |MDM policy |Description |
|-------------|-----------|------------|
-|Computer Configuration\Administrative Templates\Windows Components\Search\Allow Cortana |Experience/AllowCortana |Specifies whether employees can use Cortana.
Employees can still perform searches even with Cortana turned off. |
-|Computer Configuration\Administrative Templates\Control Panel\Regional and Language Options\Allow input personalization |Privacy/AllowInput Personalization |Specifies whether to turn on automatic learning, which allows the collection of speech and handwriting patterns, typing history, contacts, and recent calendar information. It is required for the use of Cortana.
Cortana won’t work if this setting is turned off (disabled). |
-|None |System/AllowLocation |Specifies whether to allow app access to the Location service. |
-|Computer Configuration\Administrative Templates\Windows Components\Search\Don't search the web or display web results |None |Specifies whether search can perform queries on the web and if the web results are displayed in search.
Cortana won’t work if this setting is turned off (disabled). |
-|Computer Configuration\Administrative Templates\Windows Components\Search\Allow search and Cortana to use location |Search/AllowSearchToUse Location |Specifies whether search and Cortana can provide location aware search and Cortana results.
Cortana won’t work if this setting is turned off (disabled). |
-|Computer Configuration\Administrative Templates\Windows Components\Search\Set the SafeSearch setting for Search |Search/SafeSearch Permissions |Specifies what level of safe search (filtering adult content) is required.
This setting only applies to Windows 10 Mobile. |
-|User Configuration\Administrative Templates\Windows Components\File Explorer\Turn off display of recent search entries in the File Explorer search box |None |Specifies whether the search box can suggest recent queries and prevent entries from being stored in the registry for future reference.
Cortana won’t work if this setting is turned off (disabled). |
-|User Configuration\Administrative Templates\Start Menu and Taskbar\Do not search communications |None |Specifies whether the Start menu search box searches communications.
Cortana won’t work if this setting is turned off (disabled). |
+|Computer Configuration\Administrative Templates\Windows Components\Search\AllowCortanaAboveLock |AboveLock/AllowCortanaAboveLock |Specifies whether an employee can interact with Cortana using voice commands when the system is locked.
This setting only applies to Windows 10 for desktop devices. |
+|Computer Configuration\Administrative Templates\Control Panel\Regional and Language Options\Allow input personalization |Privacy/AllowInputPersonalization |Specifies whether an employee can use voice commands with Cortana in the enterprise.
Cortana won’t work if this setting is turned off (disabled).
Cortana still works if this setting is turned off (disabled). |
+|None |System/AllowLocation |Specifies whether to allow app access to the Location service.
Cortana won’t work if this setting is turned off (disabled).
Cortana still works if this setting is turned off (disabled). |
+|None |Accounts/AllowMicrosoftAccountConnection |Specifies whether to allow employees to sign in using a Microsoft account (MSA) from Windows apps.
This setting only applies to Windows 10 Mobile. |
+|User Configuration\Administrative Templates\Windows Components\File Explorer\Turn off display of recent search entries in the File Explorer search box |None |Specifies whether the search box can suggest recent queries and prevent entries from being stored in the registry for future reference. |
+|Computer Configuration\Administrative Templates\Windows Components\Search\Don't search the web or display web results |None |Specifies whether search can perform queries on the web and if the web results are displayed in search.
This setting can’t be managed.
Cortana won't work if this setting is turned off (disabled). |
+|Computer Configuration\Administrative Templates\Windows Components\Search\Allow Cortana |Experience/AllowCortana |Specifies whether employees can use Cortana.
Cortana won’t work if this setting is turned off (disabled). However, employees can still perform local searches even with Cortana turned off. |
**More info:**
- For specific info about how to set, manage, and use each of these MDM policies to configure Cortana in your enterprise, see the [Policy CSP](http://go.microsoft.com/fwlink/p/?LinkId=717380) topic, located in the configuration service provider reference topics. For specific info about how to set, manage, and use each of these Group Policies to configure Cortana in your enterprise, see the [Group Policy TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=717381).
diff --git a/windows/manage/manage-inventory-windows-store-for-business.md b/windows/manage/manage-inventory-windows-store-for-business.md
index 8535d16d65..f8db99379b 100644
--- a/windows/manage/manage-inventory-windows-store-for-business.md
+++ b/windows/manage/manage-inventory-windows-store-for-business.md
@@ -1,70 +1,10 @@
---
title: Manage inventory in Windows Store for Business (Windows 10)
description: When you acquire apps from the Windows Store for Business, we add them to the Inventory for your organization. Once an app is part of your inventory, you can distribute the app, and manage licenses.
-redirect_url: https://technet.microsoft.com/en-us/itpro/windows/manage/app-inventory-management-windows-store-for-business
+redirect_url: https://technet.microsoft.com/itpro/windows/manage/app-inventory-managemement-windows-store-for-business
ms.prod: w10
ms.mktglfcycl: manage
ms.sitesec: library
---
-# Manage inventory in Window Store for Business
-When you acquire apps from the Windows Store for Business, we add them to the inventory for your organization. Once an app is part of your inventory, you can distribute the app, and manage licenses.
-
-## Distribute apps
-You can assign apps to people, or you can make apps available in your private store. Once an app is in your private store, people in your org can install the app on their devices. For more information, see [Distribute apps using your private store](distribute-apps-from-your-private-store.md).
-
-**To make an app in inventory available in your private store**
-
-1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
-2. Click **Manage**, and then choose **Inventory**.
-3. Click **Refine**, and then choose **Online**. Store for Business will update the list of apps on the **Inventory** page.
-4. From an app in **Inventory**, click the ellipses under **Action**, and then choose **Add to private store**.
-
-The value under Private store for the app will change to pending. It will take approximately twelve hours before the app is available in the private store.
-
-Employees can claim apps that admins added to the private store by doing the following.
-
-**To claim an app from the private store**
-
-1. Sign in to your computer with your Azure Active Directory (AD) credentials, and start the Windows Store app.
-2. Click the private store tab.
-3. Click the app you want to install, and then click **Install**.
-
-Another way to distribute apps is by assigning them to people in your organization.
-
-**To assign an app to an employee**
-
-1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
-2. Click **Manage**, and then choose **Inventory**.
-3. Find an app, click the ellipses under **Action**, and then choose **Assign to people**.
-4. Type the email address for the employee that you're assigning the app to, and click **Confirm**.
-
-Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. Also, in the Windows Store app, they can find the app under **My Library**.
-
-## Manage licenses
-For apps in inventory, when you assign an app to an employee, a license for the app is assigned to them. You can manage these licenses, either by assigning them, or reclaiming them so you can assign them to another employee. You can also remove an app from the private store.
-
-**To assign licenses**
-1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
-2. Click **Manage**, and then choose **Inventory**.
-3. Find an app, click the ellipses under **Action**, and then choose **View license details**.
-4. Click **Assign to people**, type the name you are assigning the license to, and then click **Assign**.
-
-Store for Business assigns a license to the person, and adds them to the list of assigned licenses.
-
-**To reclaim licenses**
-1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
-2. Click **Manage**, and then choose **Inventory**.
-3. Find an app, click the ellipses under **Action**, and then choose **View license details**.
-4. Click the name of the person you are reclaiming the license from, and then click **Reclaim licenses**.
-
-Store for Business reclaims the license, and updates the number of avialable licenses. After you reclaim a license, you can assign a license to another employee.
-
-**To remove an app from the private store**
-
-If you decide that you don't want an app available for employees to install on their own, you can remove it from your private store.
-1. Sign in to the [Store for Business](http://businessstore.microsoft.com).
-2. Click **Manage**, and then choose **Inventory**.
-3. Find an app, click the ellipses under **Action**, and then choose **Remove from private store**, and then click **Remove**.
-
-The app will still be in your inventory, but your employees will not have access to the app from your private store.
+
diff --git a/windows/manage/manage-orders-windows-store-for-business.md b/windows/manage/manage-orders-windows-store-for-business.md
index 03d95f9433..9ca7ce1322 100644
--- a/windows/manage/manage-orders-windows-store-for-business.md
+++ b/windows/manage/manage-orders-windows-store-for-business.md
@@ -6,6 +6,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Manage app orders in Windows Store for Business
diff --git a/windows/manage/manage-private-store-settings.md b/windows/manage/manage-private-store-settings.md
index 6132f1e513..e070bd57ea 100644
--- a/windows/manage/manage-private-store-settings.md
+++ b/windows/manage/manage-private-store-settings.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Manage private store settings
diff --git a/windows/manage/manage-settings-windows-store-for-business.md b/windows/manage/manage-settings-windows-store-for-business.md
index 04bd40016e..9949754977 100644
--- a/windows/manage/manage-settings-windows-store-for-business.md
+++ b/windows/manage/manage-settings-windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Manage settings for the Windows Store for Business
diff --git a/windows/manage/manage-users-and-groups-windows-store-for-business.md b/windows/manage/manage-users-and-groups-windows-store-for-business.md
index 42fb25bfa2..e445c7f72b 100644
--- a/windows/manage/manage-users-and-groups-windows-store-for-business.md
+++ b/windows/manage/manage-users-and-groups-windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Manage user accounts in Windows Store for Business
diff --git a/windows/manage/prerequisites-windows-store-for-business.md b/windows/manage/prerequisites-windows-store-for-business.md
index 85f411ba17..8c759e9d5d 100644
--- a/windows/manage/prerequisites-windows-store-for-business.md
+++ b/windows/manage/prerequisites-windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Prerequisites for Windows Store for Business
diff --git a/windows/manage/roles-and-permissions-windows-store-for-business.md b/windows/manage/roles-and-permissions-windows-store-for-business.md
index 92d9f7e5e8..6cdeba16db 100644
--- a/windows/manage/roles-and-permissions-windows-store-for-business.md
+++ b/windows/manage/roles-and-permissions-windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Roles and permissions in Windows Store for Business
diff --git a/windows/manage/sign-code-integrity-policy-with-device-guard-signing.md b/windows/manage/sign-code-integrity-policy-with-device-guard-signing.md
index 71deb2dedb..96a6b5344b 100644
--- a/windows/manage/sign-code-integrity-policy-with-device-guard-signing.md
+++ b/windows/manage/sign-code-integrity-policy-with-device-guard-signing.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store, security
author: TrudyHa
+localizationpriority: high
---
# Sign code integrity policy with Device Guard signing
diff --git a/windows/manage/sign-up-windows-store-for-business-overview.md b/windows/manage/sign-up-windows-store-for-business-overview.md
index 93c2e85ad1..7a391739cc 100644
--- a/windows/manage/sign-up-windows-store-for-business-overview.md
+++ b/windows/manage/sign-up-windows-store-for-business-overview.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Sign up and get started
diff --git a/windows/manage/sign-up-windows-store-for-business.md b/windows/manage/sign-up-windows-store-for-business.md
index 643d42eddf..b64638e1a8 100644
--- a/windows/manage/sign-up-windows-store-for-business.md
+++ b/windows/manage/sign-up-windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Sign up for Windows Store for Business
diff --git a/windows/manage/troubleshoot-windows-store-for-business.md b/windows/manage/troubleshoot-windows-store-for-business.md
index e2653436b7..6be281bae5 100644
--- a/windows/manage/troubleshoot-windows-store-for-business.md
+++ b/windows/manage/troubleshoot-windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Troubleshoot Windows Store for Business
diff --git a/windows/manage/update-windows-store-for-business-account-settings.md b/windows/manage/update-windows-store-for-business-account-settings.md
index 2870bbda8a..38f4bd0b54 100644
--- a/windows/manage/update-windows-store-for-business-account-settings.md
+++ b/windows/manage/update-windows-store-for-business-account-settings.md
@@ -6,6 +6,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Update Windows Store for Business account settings
diff --git a/windows/manage/windows-store-for-business.md b/windows/manage/windows-store-for-business.md
index d3a4044273..67a6d43bab 100644
--- a/windows/manage/windows-store-for-business.md
+++ b/windows/manage/windows-store-for-business.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Windows Store for Business
diff --git a/windows/manage/working-with-line-of-business-apps.md b/windows/manage/working-with-line-of-business-apps.md
index f780a06748..e0d0c284fe 100644
--- a/windows/manage/working-with-line-of-business-apps.md
+++ b/windows/manage/working-with-line-of-business-apps.md
@@ -7,6 +7,7 @@ ms.mktglfcycl: manage
ms.sitesec: library
ms.pagetype: store
author: TrudyHa
+localizationpriority: high
---
# Working with line-of-business apps
@@ -80,7 +81,7 @@ After an app is published and available in the Store, ISVs publish an updated ve
5. Click **Save** to save your changes and start the app submission process.
For more information, see [Organizational licensing options]( http://go.microsoft.com/fwlink/p/?LinkId=708615) and [Distributing LOB apps to enterprises](http://go.microsoft.com/fwlink/p/?LinkId=627543).
-**Note** In order to get the LOB app, the organization must be located in a [supported market](https://technet.microsoft.com/en-us/itpro/windows/whats-new/windows-store-for-business-overview#supported-markets), and you must not have excluded that market when submitting your app.
+**Note** In order to get the LOB app, the organization must be located in a [supported market](https://technet.microsoft.com/itpro/windows/whats-new/windows-store-for-business-overview#supported-markets), and you must not have excluded that market when submitting your app.
### Add app to inventory (admin)
diff --git a/windows/plan/act-community-ratings-and-process.md b/windows/plan/act-community-ratings-and-process.md
index 6d28ac6493..e9c34a2026 100644
--- a/windows/plan/act-community-ratings-and-process.md
+++ b/windows/plan/act-community-ratings-and-process.md
@@ -1,48 +1,5 @@
---
title: ACT Community Ratings and Process (Windows 10)
description: The Application Compatibility Toolkit (ACT) Community uses the Microsoft® Compatibility Exchange to share compatibility ratings between all registered ACT Community members.
-ms.assetid: be6c8c71-785b-4adf-a375-64ca7d24e26c
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.sitesec: library
-ms.pagetype: appcompat
-author: TrudyHa
----
-
-# ACT Community Ratings and Process
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Application Compatibility Toolkit (ACT) Community uses the Microsoft® Compatibility Exchange to share compatibility ratings between all registered ACT Community members.
-
-When you access the Microsoft Compatibility Exchange as a registered ACT Community member, you can upload your compatibility data to the community and download issues from other ACT Community members. For information about how compatibility ratings are entered, see [Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md).
-
-ACT takes your information and combines it with all of the information provided by the other ACT Community users and shows the average rating as a color gradient from one to five bars.
-
-
-
-## Process for Synchronizing Compatibility Ratings
-
-
-The following diagram shows the process for synchronizing compatibility ratings with the ACT Community.
-
-You have the option to exclude applications from being shared with the Microsoft Compatibility Exchange. However, you will not get compatibility ratings from the ACT Community for any application that you exclude. For more information, see [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md).
-
-
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-database-configuration.md b/windows/plan/act-database-configuration.md
index dc8103e03e..7c07865d8a 100644
--- a/windows/plan/act-database-configuration.md
+++ b/windows/plan/act-database-configuration.md
@@ -1,85 +1,5 @@
---
title: ACT Database Configuration (Windows 10)
description: The Application Compatibility Toolkit (ACT) uses a Microsoft® SQL Server® database for storing and sharing compatibility issue data.
-ms.assetid: 032bbfe0-86fa-48ff-b638-b9d6a908c45e
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# ACT Database Configuration
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Application Compatibility Toolkit (ACT) uses a Microsoft® SQL Server® database for storing and sharing compatibility issue data. If you do not use Microsoft SQL Server, you can download and install Microsoft SQL Server Express. For information about creating Microsoft SQL Server databases, see [Administering the Database Engine](http://go.microsoft.com/fwlink/p/?LinkId=64169).
-
-## ACT Database Creation
-
-
-You can create the ACT database by using one of the following methods:
-
-- Run Application Compatibility Manager (ACM), and then use the ACT Configuration Wizard to create a new database.
-
- -or-
-
-- Run the CreateDB.sql file, located at %SYSTEMDRIVE%\\ProgramData\\Microsoft\\Application Compatibility Toolkit\\CreateDB.sql.
-
-### ACT Database Permissions
-
-You must assign the following database roles to the following accounts.
-
-- To the user and local service accounts that will run the ACT Log Processing Service (LPS), assign the db\_datareader, db\_datawriter, and db\_owner database roles.
-
-- To the user account that will run Application Compatibility Manager (ACM), assign the db\_datareader and db\_datawriter database roles.
-
-Alternatively, grant the following explicit permissions to each user that will run the ACT LPS or ACM.
-
-- SELECT
-
-- INSERT
-
-- UPDATE
-
-- DELETE
-
-- EXECUTE
-
-### ACT Database Recommendations
-
-We also recommend that you make the following changes to the database as part of your deployment planning:
-
-- **Create a larger database, including a larger log file–size setting, and then set the growth increments appropriately**. If you create a database with the default setting for data storage, the data portion of the database will have an initial size of 1 megabyte (MB), and a growth increment of 1 MB. If you create a database with the default setting for log file storage, the log file portion of the database will have an initial size of 1 MB and a growth increment of 10 percent. We recommend that you maintain a data-to-log file ratio of 5:1 or 4:1. For example, if your data portion is 5 gigabytes (GB), your log file portion should be 1 GB.
-
-- **Change the recovery model of your database**. The default recovery model is **Full**, but we recommend that you change the recovery model to **Simple** to improve performance and reduce disk space requirements.
-
-- **Store the data portion and log file portion of your ACT database on separate hard drives**. Unless otherwise specified by your SQL Administrator, the default is for the data and log files to be stored on the same hard drive. We recommend separating the data from the log files to reduce disk I/O contention.
-
-## Related topics
-
-
-[ACT Tools, Packages, and Services](act-tools-packages-and-services.md)
-
-[ACT Deployment Options](act-deployment-options.md)
-
-[ACT Database Migration](act-database-migration.md)
-
-[ACT LPS Share Permissions](act-lps-share-permissions.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-database-migration.md b/windows/plan/act-database-migration.md
index 4b4009c05e..e8b5e9b74f 100644
--- a/windows/plan/act-database-migration.md
+++ b/windows/plan/act-database-migration.md
@@ -1,68 +1,5 @@
---
title: ACT Database Migration (Windows 10)
description: The schema for an ACT database can change when ACT is updated or when a new version of ACT is released.
-ms.assetid: b13369b4-1fb7-4889-b0b8-6d0ab61aac3d
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# ACT Database Migration
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The schema for an ACT database can change when ACT is updated or when a new version of ACT is released. If the schema for an ACT database does not match the current schema, you can migrate the compatibility data to a new database. You can then use the current version of ACT to open the new database.
-
-To create the new database, you must have database-creation permissions on the instance of SQL Server.
-
-## Migrating Compatibility Data from an ACT Database
-
-
-You can migrate compatibility data from an ACT database to a new database by using one of the following methods:
-
-- Run Application Compatibility Manager (ACM), and then use the ACT Configuration Wizard to open the database. The wizard guides you through migrating the compatibility data to a new database.
-
-- Run the MigrateDB.sql file, located at %SYSTEMDRIVE%\\ProgramData\\Microsoft\\Application Compatibility Toolkit\\MigrateDB.sql.. The following table shows the location of the MigrateDB.sql file.
-
-## Database Migration from ACT 5.6
-
-
-When you migrate compatibility data from an ACT 5.6 database to a new database, the following information is excluded from the migration:
-
-- Issues that were reported by ACT 5.6 data-collection packages (DCPs).
-
-- Solutions that correspond to issues reported by ACT 5.6 DCPs.
-
-- Lists of file names that ACT 5.6 associated with each application.
-
-You cannot migrate any compatibility data from ACT databases that were created on a version of ACT before ACT 5.6.
-
-## Related topics
-
-
-[ACT Tools, Packages, and Services](act-tools-packages-and-services.md)
-
-[ACT Deployment Options](act-deployment-options.md)
-
-[ACT Database Configuration](act-database-configuration.md)
-
-[ACT LPS Share Permissions](act-lps-share-permissions.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-deployment-options.md b/windows/plan/act-deployment-options.md
index 32bb1e10f0..a550b72152 100644
--- a/windows/plan/act-deployment-options.md
+++ b/windows/plan/act-deployment-options.md
@@ -1,61 +1,5 @@
---
title: ACT Deployment Options (Windows 10)
description: While planning your deployment of the Application Compatibility Toolkit (ACT), consider which computers you want running the various tools, packages, and services for ACT.
-ms.assetid: 90d56dd8-8d57-44e8-bf7a-29aabede45ba
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# ACT Deployment Options
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-While planning your deployment of the Application Compatibility Toolkit (ACT), consider which computers you want running the various tools, packages, and services for ACT.
-
-The following diagram shows supported deployment options for an ACT installation. The options listed first are the most highly recommended.
-
-
-
-## Collecting Data Across Domains
-
-
-If you plan to deploy inventory-collector packages to computers running Windows XP, where some of the computers are on a different domain than the ACT LPS share, do one of the following:
-
-- Set up a separate ACT LPS share on each domain and configure the inventory-collector package to upload log files to the ACT LPS share on the same domain.
-
-- Set up a single ACT LPS share on one computer. On the computer that hosts the share, use Group Policy to allow connections from anonymous users.
-
-These steps are not necessary if the computers where you deploy inventory-collector packages are running Windows Vista, Windows 7, Windows 8, Windows 8.1, or Windows 10.
-
-If you choose to have distributed logging with a subsequent step of moving log files to your central share, move the files to the central share before processing the files. You can move the files manually or use a technology like Distributed File-System Replication (DFSR).
-
-## Related topics
-
-
-[ACT Tools, Packages, and Services](act-tools-packages-and-services.md)
-
-[ACT Database Configuration](act-database-configuration.md)
-
-[ACT Database Migration](act-database-migration.md)
-
-[ACT LPS Share Permissions](act-lps-share-permissions.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-glossary.md b/windows/plan/act-glossary.md
index 87b42aab6e..17f66a70be 100644
--- a/windows/plan/act-glossary.md
+++ b/windows/plan/act-glossary.md
@@ -1,118 +1,5 @@
---
title: ACT Glossary (Windows 10)
description: The following table lists terms and definitions used by the Application Compatibility Toolkit (ACT).
-ms.assetid: 984d1cce-c1ac-4aa8-839a-a23e15da6f32
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# ACT Glossary
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The following table lists terms and definitions used by the Application Compatibility Toolkit (ACT).
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-lps-share-permissions.md b/windows/plan/act-lps-share-permissions.md
index f2496dc915..37a6534881 100644
--- a/windows/plan/act-lps-share-permissions.md
+++ b/windows/plan/act-lps-share-permissions.md
@@ -1,76 +1,5 @@
---
title: ACT LPS Share Permissions (Windows 10)
description: To upload log files to the ACT Log Processing Service (LPS) share, certain permissions must be set at the share level and folder level.
-ms.assetid: 51f6ddf7-f424-4abe-a0e0-71fe616f9e84
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# ACT LPS Share Permissions
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-To upload log files to the ACT Log Processing Service (LPS) share, certain permissions must be set at the share level and folder level.
-
-## Share-Level Permissions
-
-
-The **Everyone** group must have **Change** and **Read** permissions to the ACT LPS share.
-
-**To set the share-level permissions**
-
-1. Browse to the ACT LPS share, right-click the folder, and select **Properties**.
-
-2. Click the **Sharing** tab, share the folder, and then click **Permissions**.
-
-3. Add the **Everyone** group if it is not already listed, and then select the **Change** and **Read** check boxes in the **Allow** column.
-
-## Folder-Level Permissions (NTFS Only)
-
-
-The **Everyone** group must have **Write** access to the ACT LPS share.
-
-The ACT Log Processing Service account must have **List Folder Contents**, **Read**, and **Write** permissions.
-
-- If the ACT Log Processing Service account is **Local System Account**, apply the permissions to the *<domain>*\\*<computer>*$ account.
-
-- If the ACT Log Processing Service is a user account, apply the permissions to the specific user.
-
-**To set the folder-level permissions**
-
-1. In Windows Explorer, right-click the folder for the ACT LPS share, and then click **Properties**.
-
-2. Click the **Security** tab, add the account that runs the ACT Log Processing Service, and then select the **List Folder Contents**, **Read**, and **Write** check boxes in the **Allow** column.
-
-3. Add the **Everyone** group if it is not already listed, and then select the **Write** check box in the **Allow** column.
-
-## Related topics
-
-
-[ACT Tools, Packages, and Services](act-tools-packages-and-services.md)
-
-[ACT Deployment Options](act-deployment-options.md)
-
-[ACT Database Configuration](act-database-configuration.md)
-
-[ACT Database Migration](act-database-migration.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-operatingsystem-application-report.md b/windows/plan/act-operatingsystem-application-report.md
index 3c0f49d348..62da93a40d 100644
--- a/windows/plan/act-operatingsystem-application-report.md
+++ b/windows/plan/act-operatingsystem-application-report.md
@@ -1,80 +1,5 @@
---
title: OperatingSystem - Application Report (Windows 10)
description: This section describes the compatibility reports in Application Compatibility Manager (ACM) and how you can work with the reports.
-ms.assetid: 9721485b-6092-4974-8cfe-c84472237a57
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# <OperatingSystem> - Application Report
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section describes the compatibility reports in Application Compatibility Manager (ACM) and how you can work with the reports.
-
-The **<OperatingSystem> - Application Report** screen shows the following information for the applications from which you have collected data:
-
-- The application name, application vendor, and application version.
-
-- Your organization’s compatibility rating for the application.
-
-- Compatibility ratings from users in your organization who are using a runtime analysis package to test the application.
-
-- Whether the information for the application is included in the synchronization process with the Microsoft Compatibility Exchange.
-
-- Compatibility information for the application from the application vendor.
-
-- Compatibility ratings from the ACT Community, if you are a member of the ACT Community. To join the ACT Community, see [Settings Dialog Box - Preferences Tab](act-settings-dialog-box-preferences-tab.md).
-
-- The count of active issues for the application.
-
-- The count of computers in your organization on which the application is installed.
-
-**To open the <OperatingSystem> - Application Report screen**
-
-1. In ACM, on the **Quick Reports** pane, click **Analyze**.
-
-2. In the **Quick Reports** pane, under an operating system heading, click **Applications**.
-
-## Using the <OperatingSystem> - Application Report Screen
-
-
-On the **<OperatingSystem> - Application Report** screen, you can perform the following actions:
-
-- Export the report data to a spreadsheet, or import a report. For more information, see [Saving, Opening, and Exporting Reports](saving-opening-and-exporting-reports.md).
-
-- Choose whether to synchronize data for each application with the Microsoft Compatibility Exchange. For more information, see [Selecting the Send and Receive Status for an Application](selecting-the-send-and-receive-status-for-an-application.md).
-
-- Synchronize your compatibility issues by using the Microsoft Compatibility Exchange. For more information, see [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md).
-
-- Filter the report by using the query builder. For more information, see [Filtering Your Compatibility Data](filtering-your-compatibility-data.md).
-
-- Select your compatibility rating for an application. For more information, see [Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md).
-
-- Select your deployment status for an application. For more information, see [Selecting Your Deployment Status](selecting-your-deployment-status.md).
-
-- Assign categories and subcategories to an application. For more information, see [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md).
-
-- Specify the importance of an application to your organization. For more information, see [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md).
-
-- Double-click an application name to view the associated dialog box. For more information, see [<Application> Dialog Box](application-dialog-box.md).
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-operatingsystem-computer-report.md b/windows/plan/act-operatingsystem-computer-report.md
index 3547b28c17..bf508ee97a 100644
--- a/windows/plan/act-operatingsystem-computer-report.md
+++ b/windows/plan/act-operatingsystem-computer-report.md
@@ -1,62 +1,5 @@
---
title: OperatingSystem - Computer Report (Windows 10)
-ms.assetid: ed0a56fc-9f2a-4df0-8cef-3a09d6616de8
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# <OperatingSystem> - Computer Report
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The **<OperatingSystem> - Computer Report** screen shows the following information for each computer in your organization:
-
-- The computer name, domain, and operating system.
-
-- The count of applications and devices installed on the computer.
-
-- The count of installed applications and devices that have issues.
-
-**To open the <OperatingSystem> - Computer Report screen**
-
-1. In Application Compatibility Manager (ACM), on the **Quick Reports** pane, click **Analyze**.
-
-2. In the **Quick Reports** pane, under an operating system heading, click **Computers**.
-
-## Using the <OperatingSystem> - Computer Report Screen
-
-
-On the **<OperatingSystem> - Computer Report** screen, you can perform the following actions:
-
-- Export the report data to a spreadsheet, or import a report. For more information, see [Saving, Opening, and Exporting Reports](saving-opening-and-exporting-reports.md).
-
-- Synchronize your compatibility issues by using the Microsoft Compatibility Exchange. For more information, see [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md).
-
-- Filter the report by using the query builder. For more information, see [Filtering Your Compatibility Data](filtering-your-compatibility-data.md).
-
-- Assign categories and subcategories to a computer. For more information, see [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md).
-
-- Specify the importance of a computer to your organization. For more information, see [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md).
-
-- Double-click a computer name to view its associated dialog box. For more information, see [<Computer> Dialog Box](computer-dialog-box.md).
-
-
-
-
-
-
-
-
-
+description: This section describes the compatibility reports in Application Compatibility Manager (ACM) and how you can work with the reports.
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-operatingsystem-device-report.md b/windows/plan/act-operatingsystem-device-report.md
index 67e74536c6..6668aa3041 100644
--- a/windows/plan/act-operatingsystem-device-report.md
+++ b/windows/plan/act-operatingsystem-device-report.md
@@ -1,64 +1,5 @@
---
title: OperatingSystem - Device Report (Windows 10)
-ms.assetid: 8b5a936f-a92e-46a7-ac44-6edace262355
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# <OperatingSystem> - Device Report
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The **<OperatingSystem> - Device Report** screen shows the following information for each device installed in your organization:
-
-- The model and manufacturer of the device.
-
-- The class of device, as reported by the device.
-
-- An evaluation from the device manufacturer of whether the device works on a 32-bit operating system or a 64-bit operating system.
-
-- The count of computers on which the device is installed.
-
-**To open the <OperatingSystem> - Device Report screen**
-
-1. In Application Compatibility Manager (ACM), on the **Quick Reports** pane, click **Analyze**.
-
-2. In the **Quick Reports** pane, under an operating system heading, click **Devices**.
-
-## Using the <OperatingSystem> - Device Report Screen
-
-
-On the **<OperatingSystem> - Device Report** screen, you can:
-
-- Export the report data to a spreadsheet, or import a report. For more information, see [Saving, Opening, and Exporting Reports](saving-opening-and-exporting-reports.md).
-
-- Synchronize your compatibility issues by using the Microsoft Compatibility Exchange. For more information, see [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md).
-
-- Filter the report by using the query builder. For more information, see [Filtering Your Compatibility Data](filtering-your-compatibility-data.md).
-
-- Assign categories and subcategories to a device. For more information, see [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md).
-
-- Specify the importance of a device to your organization. For more information, see [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md).
-
-- Double-click a device name to view its associated dialog box. For more information, see [<Device> Dialog Box](device-dialog-box.md).
-
-
-
-
-
-
-
-
-
+description: This section describes the compatibility reports in Application Compatibility Manager (ACM) and how you can work with the reports.
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-product-and-documentation-resources.md b/windows/plan/act-product-and-documentation-resources.md
index 02677af71d..2c3290db5b 100644
--- a/windows/plan/act-product-and-documentation-resources.md
+++ b/windows/plan/act-product-and-documentation-resources.md
@@ -1,62 +1,8 @@
---
title: ACT Product and Documentation Resources (Windows 10)
description: The following sections provide links to resources and reference material for the Application Compatibility Toolkit (ACT).
-ms.assetid: c7954b5a-164d-4548-af58-cd3a1de5cc43
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
---
-
-# ACT Product and Documentation Resources
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The following sections provide links to resources and reference material for the Application Compatibility Toolkit (ACT).
-
-## Information Related to the Application Compatibility Toolkit
-
-
-- [Microsoft SQL Server](http://go.microsoft.com/fwlink/p/?LinkId=184584). Use Microsoft SQL Server to take full advantage of ACT features. Visit the SQL Server home page for product information, technical resources, and support.
-
-- [Microsoft SQL Server Express Edition](http://go.microsoft.com/fwlink/p/?LinkId=690325). If you are not already running SQL Server, download a free version of SQL Server Express and its management tools.
-
-- [Microsoft System Center Configuration Manager](http://go.microsoft.com/fwlink/p/?LinkId=690326). Visit the System Center Configuration Manager home page for product information, technical resources, and support.
-
-- [Microsoft Application Verifier](http://go.microsoft.com/fwlink/p/?LinkId=52529). Application Verifier is required by the Standard User Analyzer tool.
-
-## Information About Application Compatibility
-
-
-- [Application Compatibility home page](http://go.microsoft.com/fwlink/p/?LinkId=184586). Go here for general application compatibility information, including videos, key resources, advice, and technical guidance.
-
-- [Windows Developer Center home page](http://go.microsoft.com/fwlink/p/?LinkId=184587). Find information about the Windows SDK, including how to develop your application, how to get help with compatibility issues, and other development-related content.
-
-## Information About Windows Deployment
-
-
-- [Microsoft Deployment Toolkit](http://go.microsoft.com/fwlink/p/?LinkId=618117). Download the latest version of the Microsoft Deployment Toolkit (MDT) to assist with image creation and automated installation, reduce deployment time, standardize desktop and server images, limit service disruptions, reduce post-deployment help desk costs, and improve security and ongoing configuration management.
-
-- [Windows website](http://go.microsoft.com/fwlink/p/?LinkId=731). Visit the Windows home page for product information, technical resources, and support.
-
-## Related topics
-
-
-[Troubleshooting ACT](troubleshooting-act.md)
-
-[Using ACT](using-act.md)
-
-[Software Requirements for ACT](software-requirements-for-act.md)
-
diff --git a/windows/plan/act-settings-dialog-box-preferences-tab.md b/windows/plan/act-settings-dialog-box-preferences-tab.md
index 6af88e476e..eaa5fec362 100644
--- a/windows/plan/act-settings-dialog-box-preferences-tab.md
+++ b/windows/plan/act-settings-dialog-box-preferences-tab.md
@@ -1,65 +1,5 @@
---
title: Settings Dialog Box - Preferences Tab (Windows 10)
description: To display the Settings dialog box, in Application Compatibility Manager (ACM), on the Tools menu, click Settings.
-ms.assetid: deae2100-4110-4d72-b5ee-7c167f80bfa4
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Settings Dialog Box - Preferences Tab
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-To display the **Settings** dialog box, in Application Compatibility Manager (ACM), on the **Tools** menu, click **Settings**.
-
-In the **Settings** dialog box, on the **Preferences** tab, use the following controls to join or leave the ACT Community, send ACT usage data to Microsoft, or be notified when there are updates available for ACT.
-
-**Yes, I want to join the ACT Community**
-If this check box is selected, you are a member of the ACT Community and can share application compatibility data with other ACT users.
-
-If this check box is cleared, you still receive compatibility data from the Microsoft compatibility database, but not from other ACT users.
-
-For more information about the ACT Community, see [ACT Community Ratings and Process](act-community-ratings-and-process.md).
-
-**Send ACT usage data to Microsoft**
-If this check box is selected, the following ACT usage data is sent to Microsoft:
-
-- The version of SQL Server being used by the ACT database.
-
-- The count of 32-bit or 64-bit computers in your organization.
-
-- The count of computers running a Windows operating system.
-
-- The operating systems you intend to deploy into your organization.
-
-- The count of computers to which you deployed data-collection packages.
-
-If this check box is cleared, your ACT usage data is not sent to Microsoft.
-
-**Notify me when a newer version of ACT is available (recommended)**
-If this check box is selected, ACM notifies you when an update is available for ACT.
-
-## Related topics
-
-
-[Settings Dialog Box - Settings Tab](act-settings-dialog-box-settings-tab.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-settings-dialog-box-settings-tab.md b/windows/plan/act-settings-dialog-box-settings-tab.md
index 0f1b179b3c..30e7000dd2 100644
--- a/windows/plan/act-settings-dialog-box-settings-tab.md
+++ b/windows/plan/act-settings-dialog-box-settings-tab.md
@@ -1,66 +1,5 @@
---
title: Settings Dialog Box - Settings Tab (Windows 10)
description: To display the Settings dialog box, in Application Compatibility Manager (ACM), on the Tools menu, click Settings.
-ms.assetid: aeec1647-cf91-4f8b-9f6d-dbf4b898d901
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Settings Dialog Box - Settings Tab
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-To display the **Settings** dialog box, in Application Compatibility Manager (ACM), on the **Tools** menu, click **Settings**.
-
-In the **Settings** dialog box, on the **Settings** tab, use the following controls to modify the settings for your ACT database and ACT Log Processing Service.
-
-**SQL Server**
-Lists the database server name for the SQL Server database server that contains your ACT database.
-
-Click **Browse** to search for available database servers. A **Select Server** dialog box appears from which you can select the database server that contains your ACT database.
-
-**Database**
-Lists the database name of your ACT database.
-
-**Change**
-Opens the user interface where you can create, open, or migrate an ACT database.
-
-**This computer is configured as a Log Processing Service**
-If selected, indicates that this computer is used for the ACT Log Processing Service. Clear this check box to use a different computer to process the logs.
-
-If there is no designated ACT Log Processing Service, log processing defaults to the local computer.
-
-**Log Processing Service Account**
-Specifies the account information, including the account type and account credentials, to be used to start the ACT Log Processing Service.
-
-The account must have read and write access to the ACT database. For information about setting up database permissions for the ACT Log Processing Service, see [Troubleshooting ACT Database Issues](troubleshooting-act-database-issues.md).
-
-**Log Share**
-Specifies the absolute path to the ACT Log Processing Service share where log files are processed. Click **Browse** to search for a location. The **Share as** box automatically updates to show the directory name.
-
-For information about ensuring that all computers can access the share, see [Troubleshooting the ACT Log Processing Service](troubleshooting-the-act-log-processing-service.md).
-
-## Related topics
-
-
-[Settings Dialog Box - Preferences Tab](act-settings-dialog-box-preferences-tab.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-technical-reference.md b/windows/plan/act-technical-reference.md
index c05f03fc92..29e311a2f5 100644
--- a/windows/plan/act-technical-reference.md
+++ b/windows/plan/act-technical-reference.md
@@ -13,77 +13,37 @@ author: TrudyHa
**Applies to**
+- Windows 10, version 1607
+
+We've replaced the majority of functionality included in the Application Compatibility Toolkit (ACT) with Upgrade Analytics, a solution in the Microsoft Operations Management Suite. Upgrade Analytics gives enterprises the tools to plan and manage the upgrade process end to end, allowing them to adopt new Windows releases more quickly. With new Windows versions being released multiple times a year, ensuring application and driver compatibility on an ongoing basis is key to adopting new Windows versions as they are released.
+
+Microsoft developed Upgrade Analytics in response to demand from enterprise customers looking for additional direction and details about upgrading to Windows 10. Upgrade Analytics was built taking into account multiple channels of customer feedback, testing, and Microsoft’s experience upgrading millions of devices to Windows 10.
+
+With Windows telemetry enabled, Upgrade Analytics collects system, application, and driver data for analysis. We then identify compatibility issues that can block an upgrade and suggest fixes when they are known to Microsoft.
+
+Use Upgrade Analytics to get:
+- A visual workflow that guides you from pilot to production
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
+- Detailed computer and application inventory
-The Microsoft® Application Compatibility Toolkit (ACT) helps you determine whether the applications, devices, and computers in your organization are compatible with versions of the Windows® operating system.
+- Powerful computer level search and drill-downs
-By using ACT, you can obtain compatibility information from Microsoft and software vendors, identify compatibility issues within your own organization, and share compatibility ratings with other ACT users. The tools in ACT help you analyze and mitigate compatibility issues before you deploy a version of Windows to your organization.
+- Guidance and insights into application and driver compatibility issues, with suggested fixes
-ACT is available in the [Windows Assessment and Deployment Kit (ADK) for Windows 10](http://go.microsoft.com/fwlink/p/?LinkId=526740).
+- Data driven application rationalization tools
+
+- Application usage information, allowing targeted validation; workflow to track validation progress and decisions
+
+- Data export to commonly used software deployment tools, including System Center Configuration Manager
+
+The Upgrade Analytics workflow steps you through the discovery and rationalization process until you have a list of computers that are ready to be upgraded. For more information about Upgrade Analytics, see [Manage Windows upgrades with Upgrade Analytics](https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics)
+
+At the same time, we've kept the Standard User Analyzer tool, which helps you test your apps and to monitor API calls for potential compatibility issues, and the Compatiblility Administrator, which helps you to resolve potential compatibility issues.
## In this section
-
-
-
-
-
-Term
-Definition
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+|Topic |Description |
+|------|------------|
+|[Standard User Analyzer (SUA) User's Guide](sua-users-guide.md) |The Standard User Analyzer (SUA) helps you test your applications and monitor API calls to detect compatibility issues related to the User Account Control (UAC) feature in Windows. |
+|[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md) |The Compatibility Administrator tool helps you resolve potential application-compatibility issues before deploying a new version of Windows to your organization. |
+|[Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md) |You can fix some compatibility issues that are due to the changes made between Windows operating system versions. These issues can include User Account Control (UAC) restrictions. |
\ No newline at end of file
diff --git a/windows/plan/act-toolbar-icons-in-acm.md b/windows/plan/act-toolbar-icons-in-acm.md
index 9a0d2b3e79..bd6b97dcde 100644
--- a/windows/plan/act-toolbar-icons-in-acm.md
+++ b/windows/plan/act-toolbar-icons-in-acm.md
@@ -1,233 +1,5 @@
---
title: Toolbar Icons in ACM (Windows 10)
description: The following table shows icons that appear on toolbars and navigational elements in Application Compatibility Manager (ACM).
-ms.assetid: 44872da1-c7ad-41b9-8323-d3c3f49b2706
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Toolbar Icons in ACM
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The following table shows icons that appear on toolbars and navigational elements in Application Compatibility Manager (ACM).
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Ratings Icons in ACM](ratings-icons-in-acm.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-tools-packages-and-services.md b/windows/plan/act-tools-packages-and-services.md
index bf9c2bf728..7e20751a4a 100644
--- a/windows/plan/act-tools-packages-and-services.md
+++ b/windows/plan/act-tools-packages-and-services.md
@@ -1,60 +1,5 @@
---
title: ACT Tools, Packages, and Services (Windows 10)
description: The Application Compatibility Toolkit is included with the Windows ADK. Download the Windows ADK.
-ms.assetid: f5a16548-7d7b-4be9-835e-c06158dd0b89
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# ACT Tools, Packages, and Services
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Application Compatibility Toolkit is included with the Windows ADK. [Download the Windows ADK.](http://go.microsoft.com/fwlink/p/?LinkId=526740)
-
-ACT includes the following:
-
-- **Application Compatibility Manager (ACM):** A tool that you can use to create your data-collection packages and analyze the collected inventory and compatibility data.
-
-- **Inventory-collector package:** A data-collection package that can be deployed to computers to gather inventory data that will be uploaded to the ACT database.
-
-- **Runtime-analysis package:** A data-collection package that can be deployed to computers in a test environment for compatibility testing on the new operating system.
-
-- **ACT Log Processing Service (LPS):** A service that is used to process the ACT log files uploaded from the computers where your data-collection packages have been installed. The service adds the information to your ACT database.
-
-- **ACT LPS share:** A file share that is accessed by the ACT LPS, to store the log files that will be processed and added to the ACT database.
-
-- **ACT database:** A Microsoft® SQL Server database that stores the collected inventory and compatibility data. You can use ACM to view the information stored in the ACT database.
-
-- **Microsoft Compatibility Exchange:** A web service that propagates application-compatibility issues.
-
-## Related topics
-
-
-[ACT Deployment Options](act-deployment-options.md)
-
-[ACT Database Configuration](act-database-configuration.md)
-
-[ACT Database Migration](act-database-migration.md)
-
-[ACT LPS Share Permissions](act-lps-share-permissions.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/act-user-interface-reference.md b/windows/plan/act-user-interface-reference.md
index ff28470715..affbef996f 100644
--- a/windows/plan/act-user-interface-reference.md
+++ b/windows/plan/act-user-interface-reference.md
@@ -1,74 +1,5 @@
---
title: ACT User Interface Reference (Windows 10)
description: This section contains information about the user interface for Application Compatibility Manager (ACM), which is a tool in the Application Compatibility Toolkit (ACT).
-ms.assetid: 303d3dd7-2cc1-4f5f-b032-b7e288b04893
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# ACT User Interface Reference
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section contains information about the user interface for Application Compatibility Manager (ACM), which is a tool in the Application Compatibility Toolkit (ACT).
-
-## In this section
-
-
-
-
-
-
-Icon
-Description
-Location
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Using ACT](using-act.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/activating-and-closing-windows-in-acm.md b/windows/plan/activating-and-closing-windows-in-acm.md
index dfa085659e..4640049e22 100644
--- a/windows/plan/activating-and-closing-windows-in-acm.md
+++ b/windows/plan/activating-and-closing-windows-in-acm.md
@@ -1,47 +1,8 @@
---
title: Activating and Closing Windows in ACM (Windows 10)
description: The Windows dialog box shows the windows that are open in Application Compatibility Manager (ACM).
-ms.assetid: 747bf356-d861-4ce7-933e-fa4ecfac7be5
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
---
-
-# Activating and Closing Windows in ACM
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The **Windows** dialog box shows the windows that are open in Application Compatibility Manager (ACM).
-
-**To view a list of the open windows in ACM**
-
-- On the **Window** menu, click **Windows**.
-
-**To show an open window in ACM**
-
-- In the **Windows** dialog box, click the window name from the list of open windows, and then click **Activate**.
-
- The selected window appears on top of any others on your screen.
-
-**To close one or more windows in ACM**
-
-- In the **Windows** dialog box, click one or more window names from the list of open windows, and then click **Close Window(s)**.
-
-## Related topics
-
-
-[Managing Your Data-Collection Packages](managing-your-data-collection-packages.md)
-
diff --git a/windows/plan/adding-or-editing-a-solution.md b/windows/plan/adding-or-editing-a-solution.md
index f16e5237b2..b5a52a45c2 100644
--- a/windows/plan/adding-or-editing-a-solution.md
+++ b/windows/plan/adding-or-editing-a-solution.md
@@ -1,105 +1,5 @@
---
title: Adding or Editing a Solution (Windows 10)
description: If you find your own solutions to compatibility issues, you can enter the solutions in Application Compatibility Manager (ACM). You can use the Microsoft Compatibility Exchange to upload solutions to Microsoft Corporation.
-ms.assetid: 86cb8804-d577-4af6-b96f-5e0409784a23
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Adding or Editing a Solution
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-If you find your own solutions to compatibility issues, you can enter the solutions in Application Compatibility Manager (ACM). You can use the Microsoft Compatibility Exchange to upload solutions to Microsoft Corporation.
-
-## Adding Solutions for Compatibility Issues with Your Applications and Websites
-
-
-You can view or add solutions only for applications or websites.
-
-**Note**
-The following examples use the **<Application\_Name>** dialog box. The procedures for websites are similar.
-
-
-
-**To add a solution**
-
-1. On the **<Operating\_System> - Application Report** screen, double-click the name of the application to display the **<Application\_Name>** dialog box.
-
-2. Click the **Issues** tab.
-
-3. On the **Actions** menu, click **Add Solution**.
-
-4. Enter the information from the following table, and then click **Save**.
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-**To edit an existing solution**
-
-1. On the **<Operating\_System> - Application Report** screen, double-click the name of the application to display the <Application\_Name> dialog box.
-
-2. Click the **Issues** tab.
-
-3. Double-click the issue that includes the solution that you want to modify.
-
-4. Click the **Solutions** tab.
-
-5. Double-click the solution to edit.
-
-6. Modify the information about the solution, and then click **Save**.
-
- **Note**
- You can only modify your own solutions. You cannot modify solutions entered by other users.
-
-
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/adding-or-editing-an-issue.md b/windows/plan/adding-or-editing-an-issue.md
index 75e4e67390..08d2098675 100644
--- a/windows/plan/adding-or-editing-an-issue.md
+++ b/windows/plan/adding-or-editing-an-issue.md
@@ -1,115 +1,5 @@
---
title: Adding or Editing an Issue (Windows 10)
description: In Application Compatibility Manager (ACM), you can enter information about the compatibility issues that you discover.
-ms.assetid: 8a9fff79-9f88-4ce2-a4e6-b9382f28143d
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Adding or Editing an Issue
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-In Application Compatibility Manager (ACM), you can enter information about the compatibility issues that you discover.
-
-You can use the Microsoft Compatibility Exchange to share compatibility information with others. For information about the Microsoft Compatibility Exchange, see [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md).
-
-## Adding Issues for Your Applications and Websites
-
-
-You can view or add issues only for applications or websites.
-
-**Note**
-The following examples use the **<Application\_Name>** dialog box. The procedures are similar for websites.
-
-
-
-**To add an issue**
-
-1. On the **<Operating\_System> - Application Report** screen, double-click the name of the application to display the **<Application\_Name>** dialog box.
-
-2. On the **Actions** menu, click **Add Issue**.
-
-3. Enter the information from the following table, and then click **Save**.
-
-
-
-
-
- Field
- Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-**To edit an existing issue**
-
-1. On the **<Operating\_System> - Application Report** screen, double-click the name of the application that includes the issue you want to modify.
-
-2. In the **<Application\_Name>** dialog box, click the **Issues** tab, and then double-click the specific issue to be edited.
-
-3. Modify the issue information, and then click **Save**.
-
- **Note**
- You can modify your own issues. You cannot modify issues entered by another user.
-
-
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/analyzing-your-compatibility-data.md b/windows/plan/analyzing-your-compatibility-data.md
index 30f6a43c24..2d69b55931 100644
--- a/windows/plan/analyzing-your-compatibility-data.md
+++ b/windows/plan/analyzing-your-compatibility-data.md
@@ -1,80 +1,5 @@
---
title: Analyzing Your Compatibility Data (Windows 10)
description: This section provides information about viewing and working with your compatibility data in Application Compatibility Manager (ACM).
-ms.assetid: b98f3d74-fe22-41a2-afe8-2eb2799933a1
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Analyzing Your Compatibility Data
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section provides information about viewing and working with your compatibility data in Application Compatibility Manager (ACM).
-
-## In this section
-
-
-
-
-
-
- Field
- Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Taking Inventory of Your Organization](taking-inventory-of-your-organization.md)
-
-[Testing Compatibility on the Target Platform](testing-compatibility-on-the-target-platform.md)
-
-[Managing Your Data-Collection Packages](managing-your-data-collection-packages.md)
-
-[Fixing Compatibility Issues](fixing-compatibility-issues.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/application-dialog-box.md b/windows/plan/application-dialog-box.md
index c8d9515fa6..7615d0949e 100644
--- a/windows/plan/application-dialog-box.md
+++ b/windows/plan/application-dialog-box.md
@@ -1,126 +1,5 @@
---
title: Application Dialog Box (Windows 10)
description: In Application Compatibility Manager (ACM), the Application dialog box shows information about the selected application.
-ms.assetid: a43e85a6-3cd4-4235-bc4d-01e4d097db7e
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# <Application> Dialog Box
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-In Application Compatibility Manager (ACM), the *<Application>* dialog box shows information about the selected application.
-
-**To open the <Application> dialog box**
-
-1. In ACM, in the **Quick Reports** pane, click **Analyze**.
-
-2. Under an operating system heading, click **Applications**.
-
-3. Double-click the name of an application.
-
-## Tabs in the <Application> dialog box
-
-
-The following table shows the information available in the *<Application>* dialog box.
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Using the <Application> Dialog Box
-
-
-In the **<Application>** dialog box, you can perform the following actions:
-
-- Select your compatibility rating for the application. For more information, see [Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md).
-
-- Select your deployment status for the application. For more information, see [Selecting Your Deployment Status](selecting-your-deployment-status.md).
-
-- Assign categories and subcategories to the application. For more information, see [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md).
-
-- Specify the importance of the application to your organization. For more information, see [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md).
-
-- Choose whether to synchronize data for the application with the Microsoft Compatibility Exchange. For more information, see [Selecting the Send and Receive Status for an Application](selecting-the-send-and-receive-status-for-an-application.md).
-
-- Add, edit, or resolve an issue for the selected application, and add or edit solutions. For more information, see [Creating and Editing Issues and Solutions](creating-and-editing-issues-and-solutions.md).
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/available-data-types-and-operators-in-compatibility-administrator.md b/windows/plan/available-data-types-and-operators-in-compatibility-administrator.md
index 8076d0787c..a83be4fbc1 100644
--- a/windows/plan/available-data-types-and-operators-in-compatibility-administrator.md
+++ b/windows/plan/available-data-types-and-operators-in-compatibility-administrator.md
@@ -222,8 +222,6 @@ The following table shows the operators that you can use for querying your custo
## Related topics
-
-
[Using the Compatibility Administrator Tool](using-the-compatibility-administrator-tool.md)
diff --git a/windows/plan/best-practice-recommendations-for-windows-to-go.md b/windows/plan/best-practice-recommendations-for-windows-to-go.md
index c9cc2ac741..33789da365 100644
--- a/windows/plan/best-practice-recommendations-for-windows-to-go.md
+++ b/windows/plan/best-practice-recommendations-for-windows-to-go.md
@@ -5,7 +5,7 @@ ms.assetid: 05e6e0ab-94ed-4c0c-a195-0abd006f0a86
keywords: best practices, USB, device, boot
ms.prod: w10
ms.mktglfcycl: plan
-pagetype: mobility
+ms.pagetype: mobility
ms.sitesec: library
author: mtniehaus
---
diff --git a/windows/plan/categorizing-your-compatibility-data.md b/windows/plan/categorizing-your-compatibility-data.md
index f00d576eee..e77b9ca34e 100644
--- a/windows/plan/categorizing-your-compatibility-data.md
+++ b/windows/plan/categorizing-your-compatibility-data.md
@@ -1,90 +1,5 @@
---
title: Categorizing Your Compatibility Data (Windows 10)
-ms.assetid: 6420f012-316f-4ef0-bfbb-14baaa664e6e
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Categorizing Your Compatibility Data
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-To customize and filter your compatibility reports, you can create categories and subcategories to assign to your applications, computers, devices, and websites. By default, Microsoft provides the following categories:
-
-- **Software Vendor**. In this category, you can, for example, create a subcategory for each vendor. You can then use this category to generate reports by software vendor, which can be helpful when having discussions with a specific vendor or evaluating the vendor’s performance relative to your compatibility requirements.
-
-- **Test Complexity**. You can use this category to help with planning and assigning test resources. You can, for example, create subcategories like Critical and Nice-to-Have.
-
-Categories are extensible, multiple-selection string values, so you can use them for almost anything. For example, you can create a category for signoff from multiple owners so that software can be authorized only when all categories have been selected, indicating that each group has signed off.
-
-As another example, you can create a category for unit of deployment. You can use subcategories such as Division and Region. You can use this category to track the software needs of a specific deployment unit. This way, you can see when the software required by the unit has been tested, approved, and is ready for deployment to the unit.
-
-**Note**
-The following examples use the **<Operating\_System> - Application Report** screen. You can alternatively use the **<Application\_Name>** dialog box. You can also complete these procedures in the reports for computers, devices, and websites.
-
-
-
-## Creating, Renaming, or Deleting Categories and Subcategories
-
-
-You can manage your categories and subcategories from both the report screen and report-details screen.
-
-**To create, rename, or delete a category or subcategory**
-
-1. On the **<Operating\_System> - Application Report** screen, click any application name.
-
-2. On the **Actions** menu, click **Assign Categories**.
-
-3. Click **Category List**.
-
-4. In the **Categories** or **Subcategories** area, do any or all of the following:
-
- - Add a category or subcategory, by clicking **Add**. Type the name of your new category or subcategory, and then click outside the active text area.
-
- You must create at least one subcategory before a category will appear in the **Assign Categories** dialog box.
-
- - Rename a category or subcategory, by selecting the item and then clicking **Rename**. Type the new name, and then click outside the active text area.
-
- - Delete a category or subcategory, by selecting the item and then clicking **Remove**.
-
-5. After you have finished adding, renaming, and deleting categories and subcategories, click **OK** to close the **Category List** dialog box.
-
-## Assigning Data to a Category and Subcategory
-
-
-You can assign categories and subcategories from both the report screen and report-details screen.
-
-**To assign and unassign categories and subcategories**
-
-1. On the **<Operating\_System> - Application Report** screen, click the application name.
-
-2. On the **Actions** menu, click **Assign Categories**.
-
-3. To assign a category, select the check box next to the applicable category or subcategory.
-
- To unassign a category, clear the check box.
-
-4. Click **OK**.
-
- You can use the query builder to filter based on this information.
-
-
-
-
-
-
-
-
-
+description: Steps to customize and filter your compatibility reports through categories and subcategories.
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/change-history-for-plan-for-windows-10-deployment.md b/windows/plan/change-history-for-plan-for-windows-10-deployment.md
index 215b92dbfb..a5aa2b6a47 100644
--- a/windows/plan/change-history-for-plan-for-windows-10-deployment.md
+++ b/windows/plan/change-history-for-plan-for-windows-10-deployment.md
@@ -24,6 +24,7 @@ The topics in this library have been updated for Windows 10, version 1607 (also
| New or changed topic | Description |
|--------------------------------------------------------------------------------------------------------------------------------------------------|-------------|
+|[Application Compatibility Toolkit (ACT) Technical Reference](act-technical-reference.md) (multiple topics) |Redirected deprecated content to the [Upgrade Analytics](../deploy/manage-windows-upgrades-with-upgrade-analytics.md) content. Only Standard User Analyzer and Compatibility Administrator continue to be supported.|
| [Windows 10 servicing overview](windows-10-servicing-options.md) | Content on this page was summarized. Detailed content about servicing branches was moved to the [Windows 10 servicing options](../manage/introduction-to-windows-10-servicing.md) page. |
diff --git a/windows/plan/common-compatibility-issues.md b/windows/plan/common-compatibility-issues.md
index 4e96594b85..0883298316 100644
--- a/windows/plan/common-compatibility-issues.md
+++ b/windows/plan/common-compatibility-issues.md
@@ -1,58 +1,6 @@
---
title: Common Compatibility Issues (Windows 10)
ms.assetid: f5ad621d-bda2-45b5-ae85-bc92970f602f
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Common Compatibility Issues
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-Compatibility issues tend to occur with the following technologies:
-
-- **User Account Control (UAC)**: Adds security to Windows by limiting administrator-level access to the computer, restricting most users to running as Standard Users. UAC limits the context in which a process executes to minimize the ability of the user to inadvertently expose the computer to viruses or other malware. UAC affects any application installer or update that requires Administrator permissions to run, performs Administrator checks or actions, or attempts to write to a non-virtualized registry location.
-
-- **Windows Resource Protection (WRP)**: Enables applications to function properly even if an application attempts to write to protected system files or registry locations. WRP creates a temporary work area and redirects write actions for the application session. WRP affects any application installation that attempts to replace, modify, or delete protected operating system files or registry keys. Attempts typically fail and return an Access Denied error.
-
-- **Internet Explorer Protected Mode**: Helps to defend against elevation-of-privilege attacks by restricting the ability to write to any local-computer-zone resources other than temporary Internet files. This mode affects any website or web application that attempts to modify user files or registry keys or that attempts to open a new window in another domain.
-
-- **Deprecation**: Any application that uses .dll files, executable (.exe) files, COM objects, registry keys, APIs, or other files that have been deprecated from previous versions of Windows may lose functionality or fail to start.
-
-- **Graphical Identification and Authentication (GINA) DLL**: Prior to the release of Windows Vista, independent software vendors (ISVs) were able to modify authentication by installing a GINA DLL. The GINA DLL performed the user identification and authentication.
-
- The current authentication model does not require the GINA DLL and ignores all previous GINA DLLs. This change affects any application or hardware component that attempts to log on by using customized logon applications, including biometric devices (fingerprint readers), customized user interfaces, and virtual private network (VPN) solutions for remote users with customized logon user interfaces.
-
-- **Session 0**: Prior to the release of Windows Vista, the first user who logged on to a computer ran in Session 0, which is the same session that is used for system services. The current model requires all users to run in Session 1 or later so that no user runs in the same session as the system services. Applications will fail to start if they depend on *interactive services*. An interactive service is any service that attempts to send a window message, attempts to locate a window or additional service, or attempts to run any user processes that open the same named object, unless it is a globally named object.
-
-- **Windows Filtering Platform (WFP)**: WFP is an API that enables developers to create code that interacts with the filtering that occurs at several layers in the networking stack and throughout the operating system. If you are using a previous version of the WFP API in your environment, you might experience failures when running network-scanning, antivirus, or firewall applications.
-
-- **Operating System Version Changes**: The operating system version number changes with each operating system release. The **GetVersion** function returns the version number when queried by an application. This change affects any application or application installer that specifically checks for the operating system version and might prevent the installation from occurring or the application from running.
-
-- **Windows 64-bit**: 64-bit versions of Windows use the Windows on Windows 64 (WOW64) emulator. This emulator enables the 64-bit operating system to run 32-bit applications. The use of this emulator might cause an application or a component that uses 16-bit executables or installers, or 32-bit kernel drivers, to fail to start or to function incorrectly.
-
-## Related topics
-
-
-[Using Compatibility Monitor to Send Feedback](using-compatibility-monitor-to-send-feedback.md)
-
-
-
-
-
-
-
-
-
+description: List of common compatibility issues, based on the type of technology.
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/compatibility-fix-database-management-strategies-and-deployment.md b/windows/plan/compatibility-fix-database-management-strategies-and-deployment.md
index f608310bd6..fe4aede4bb 100644
--- a/windows/plan/compatibility-fix-database-management-strategies-and-deployment.md
+++ b/windows/plan/compatibility-fix-database-management-strategies-and-deployment.md
@@ -161,15 +161,4 @@ End Function
Most of your testing of application-compatibility issues will happen prior to the deployment of a new Windows operating system into your environment. As such, a common approach is to include the custom compatibility-fix database, which includes all of your known issues, in your corporate image. Then, as you update your compatibility-fix database, you can provide the updates by using one of the two mechanisms described in the "Deploying Your Custom Compatibility Fix Databases" section earlier in this topic.
## Related topics
-
-
-[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
-
-
-
-
-
-
-
-
-
+[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
\ No newline at end of file
diff --git a/windows/plan/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md b/windows/plan/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md
index 688cf0a0d5..9e9c9f6ada 100644
--- a/windows/plan/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md
+++ b/windows/plan/compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md
@@ -1009,15 +1009,4 @@ The following table lists the known compatibility modes.
-
-
-
-
-
-
-
-
-
-
-
-
+
\ No newline at end of file
diff --git a/windows/plan/compatibility-monitor-users-guide.md b/windows/plan/compatibility-monitor-users-guide.md
index 9a72ed30d3..a183923ba1 100644
--- a/windows/plan/compatibility-monitor-users-guide.md
+++ b/windows/plan/compatibility-monitor-users-guide.md
@@ -1,72 +1,5 @@
---
title: Compatibility Monitor User's Guide (Windows 10)
description: Compatibility Monitor is a tool in the runtime analysis package that you can use to monitor applications for compatibility issues. You can also use the Compatibility Monitor tool to submit compatibility feedback.
-ms.assetid: 67d6eff0-1576-44bd-99b4-a3ffa5e205ac
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Compatibility Monitor User's Guide
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-Compatibility Monitor is a tool in the runtime analysis package that you can use to monitor applications for compatibility issues. You can also use the Compatibility Monitor tool to submit compatibility feedback.
-
-## In this section
-
-
-
-
-
-
-Tab
-Information
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Deciding Which Applications to Test](deciding-which-applications-to-test.md)
-
-[Creating an Enterprise Environment for Compatibility Testing](creating-an-enterprise-environment-for-compatibility-testing.md)
-
-[Creating a Runtime-Analysis Package](creating-a-runtime-analysis-package.md)
-
-[Deploying a Runtime-Analysis Package](deploying-a-runtime-analysis-package.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/computer-dialog-box.md b/windows/plan/computer-dialog-box.md
index b191d79a79..89054bac9a 100644
--- a/windows/plan/computer-dialog-box.md
+++ b/windows/plan/computer-dialog-box.md
@@ -1,109 +1,5 @@
---
title: Computer Dialog Box (Windows 10)
description: In Application Compatibility Manager (ACM), the Computer dialog box shows information about the selected computer.
-ms.assetid: f89cbb28-adcd-41cd-9a54-402bc4aaffd9
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# <Computer> Dialog Box
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-In Application Compatibility Manager (ACM), the *<Computer>* dialog box shows information about the selected computer.
-
-**To open the <Computer> dialog box**
-
-1. In ACM, in the **Quick Reports** pane, click **Analyze**.
-
-2. Under an operating system heading, click **Computers**.
-
-3. Double-click the name of a computer.
-
-## Tabs in the <Computer> dialog box
-
-
-The following table shows the information available in the *<Computer>* dialog box.
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-## Using the <Computer> Dialog Box
-
-
-In the *<Computer>* dialog box, you can perform the following actions:
-
-- Assign categories and subcategories to the computer. For more information, see [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md).
-
-- Specify the importance of the computer to your organization. For more information, see [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md).
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/configuring-act.md b/windows/plan/configuring-act.md
index f5803ddd81..372e1dcaf1 100644
--- a/windows/plan/configuring-act.md
+++ b/windows/plan/configuring-act.md
@@ -1,90 +1,5 @@
---
title: Configuring ACT (Windows 10)
description: This section provides information about setting up the Application Compatibility Toolkit (ACT) in your organization.
-ms.assetid: aacbe35e-ea40-47ac-bebf-ed2660c8fd86
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Configuring ACT
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section provides information about setting up the Application Compatibility Toolkit (ACT) in your organization.
-
-## In this section
-
-
-
-
-
-
-Tab
-Information
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Welcome to ACT](welcome-to-act.md)
-
-[Using ACT](using-act.md)
-
-[Troubleshooting ACT](troubleshooting-act.md)
-
-[ACT User Interface Reference](act-user-interface-reference.md)
-
-[ACT Product and Documentation Resources](act-product-and-documentation-resources.md)
-
-[ACT Glossary](act-glossary.md)
-
-[Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/creating-a-custom-compatibility-fix-in-compatibility-administrator.md b/windows/plan/creating-a-custom-compatibility-fix-in-compatibility-administrator.md
index a88189a7a2..90b404e888 100644
--- a/windows/plan/creating-a-custom-compatibility-fix-in-compatibility-administrator.md
+++ b/windows/plan/creating-a-custom-compatibility-fix-in-compatibility-administrator.md
@@ -69,8 +69,6 @@ If you are unable to find a preloaded compatibility fix for your application, yo
By default, Compatibility Administrator selects the basic matching criteria for your application. As a best practice, use a limited set of matching information to represent your application, because it reduces the size of the database. However, make sure you have enough information to correctly identify your application.
## Related topics
-
-
[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/plan/creating-a-custom-compatibility-mode-in-compatibility-administrator.md b/windows/plan/creating-a-custom-compatibility-mode-in-compatibility-administrator.md
index ac5091d0bb..789f3199ca 100644
--- a/windows/plan/creating-a-custom-compatibility-mode-in-compatibility-administrator.md
+++ b/windows/plan/creating-a-custom-compatibility-mode-in-compatibility-administrator.md
@@ -74,8 +74,6 @@ A compatibility mode includes a set of compatibility fixes and must be deployed
The compatibility mode is added to your custom database.
## Related topics
-
-
[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/plan/creating-a-runtime-analysis-package.md b/windows/plan/creating-a-runtime-analysis-package.md
index 04411a5fa7..e6b56c752b 100644
--- a/windows/plan/creating-a-runtime-analysis-package.md
+++ b/windows/plan/creating-a-runtime-analysis-package.md
@@ -1,59 +1,8 @@
---
title: Creating a Runtime-Analysis Package (Windows 10)
description: In Application Compatibility Manager (ACM), you can create runtime-analysis packages, which you can then deploy to computers for compatibility testing in your test environment.
-ms.assetid: 3c703ebe-46b3-4dcd-b355-b28344bc159b
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
---
-
-# Creating a Runtime-Analysis Package
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-In Application Compatibility Manager (ACM), you can create runtime-analysis packages, which you can then deploy to computers for compatibility testing in your test environment.
-
-**To create a runtime-analysis package**
-
-1. In ACM, click **Collect** to open the Collect screen.
-
-2. On the **File** menu, click **New**.
-
-3. Click **Runtime application testing**.
-
-4. Provide the information that is requested for the package, and then click **Create**.
-
-5. Navigate to the location where you want to save the Windows installer (.msi) file for the package.
-
- This .msi file is the file that you can use to install the runtime-analysis package on each computer in your test environment.
-
-6. Type a file name for the .msi file, and then click **Save**.
-
-7. Click **Finish**.
-
-## Related topics
-
-
-[Deciding Which Applications to Test](deciding-which-applications-to-test.md)
-
-[Creating an Enterprise Environment for Compatibility Testing](creating-an-enterprise-environment-for-compatibility-testing.md)
-
-[Deploying a Runtime-Analysis Package](deploying-a-runtime-analysis-package.md)
-
-[Compatibility Monitor User's Guide](compatibility-monitor-users-guide.md)
-
-
-
diff --git a/windows/plan/creating-an-apphelp-message-in-compatibility-administrator.md b/windows/plan/creating-an-apphelp-message-in-compatibility-administrator.md
index 5b48ebdbb8..f63dd95d8f 100644
--- a/windows/plan/creating-an-apphelp-message-in-compatibility-administrator.md
+++ b/windows/plan/creating-an-apphelp-message-in-compatibility-administrator.md
@@ -89,15 +89,4 @@ The following issues might occur with computers running Windows 2000:
- Copying an AppHelp entry for a system database or a custom-compatibility fix from a system database might cause Compatibility Administrator to hide the descriptive text.
## Related topics
-
-
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-
-
-
-
-
-
-
-
-
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
\ No newline at end of file
diff --git a/windows/plan/creating-an-enterprise-environment-for-compatibility-testing.md b/windows/plan/creating-an-enterprise-environment-for-compatibility-testing.md
index 840fa87695..2953ad9c9f 100644
--- a/windows/plan/creating-an-enterprise-environment-for-compatibility-testing.md
+++ b/windows/plan/creating-an-enterprise-environment-for-compatibility-testing.md
@@ -1,115 +1,5 @@
---
title: Creating an Enterprise Environment for Compatibility Testing (Windows 10)
description: The goal of the test environment is to model the operating system that you want to deploy and assess compatibility before deploying the operating system to your production environment.
-ms.assetid: cbf6d8b6-7ebc-4faa-bbbd-e02653ed4adb
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Creating an Enterprise Environment for Compatibility Testing
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The goal of the test environment is to model the operating system that you want to deploy and assess compatibility before deploying the operating system to your production environment. Your test environment is composed of computers on which the new operating system is installed. Your test environment can be a long-term investment. Consider retaining the test environment after deployment to assist in future deployment projects.
-
-## Modeling the Production Environment
-
-
-We recommend the following practices for setting up your test environment:
-
-- Physically separate your test environment from your production environment. Physical separation helps ensure that activity in the test environment does not affect the production environment.
-
-- On the computers in your test environment, install the new operating system.
-
-- Perform all of your tests by using accounts that have similar permissions to the accounts in your production environment. This approach helps to ensure that you can determine potential security issues.
-
-## Configuring the Test Environment for Automated Testing
-
-
-Typically, tests are run more than once, which requires being able to revert your test environment to a previous state. We recommend the following practices to ensure consistency in testing and consistency in restoring the state of your test environment:
-
-- Use disk-imaging software to create physical disk images.
-
-- Use software virtualization features to reverse changes to virtualized hard disks.
-
-## Determining When Virtualization Is Appropriate
-
-
-The following table shows some of the advantages and disadvantages of virtualization.
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Testing Methodology
-
-
-When testing an application in a new operating system, we recommend the following methods:
-
-- Retain the default security-feature selections.
-
-- Use test automation tools to run your test cases in a consistent, reproducible way.
-
-- Use your application in the same way that you use it in your production environment.
-
-- Use the Compatibility Monitor tool in the runtime-analysis package to gather compatibility feedback.
-
-- Send and receive compatibility data to obtain data and solutions through the Microsoft Compatibility Exchange.
-
-- When testing a website or a web application, include both intranet and extranet sites, prioritizing the list based on how critical the site or the application is to your organization.
-
-## Related topics
-
-
-[Deciding Which Applications to Test](deciding-which-applications-to-test.md)
-
-[Creating a Runtime-Analysis Package](creating-a-runtime-analysis-package.md)
-
-[Deploying a Runtime-Analysis Package](deploying-a-runtime-analysis-package.md)
-
-[Compatibility Monitor User's Guide](compatibility-monitor-users-guide.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/creating-an-inventory-collector-package.md b/windows/plan/creating-an-inventory-collector-package.md
index c174e746e0..c52e8f3965 100644
--- a/windows/plan/creating-an-inventory-collector-package.md
+++ b/windows/plan/creating-an-inventory-collector-package.md
@@ -1,58 +1,5 @@
---
title: Creating an Inventory-Collector Package (Windows 10)
description: You can use Application Compatibility Manager (ACM) to create an inventory-collector package.
-ms.assetid: 61d041d6-e308-47b3-921b-709d72926d6d
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Creating an Inventory-Collector Package
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can use Application Compatibility Manager (ACM) to create an inventory-collector package. You can then deploy the inventory-collector package to other computers to gather inventory data. The package uploads inventory data to the Application Compatibility Toolkit (ACT) database.
-
-**To create an inventory-collector package**
-
-1. In ACM, click **Collect** to open the **Collect** screen.
-
-2. On the **File** menu, click **New**.
-
-3. Click **Application inventory**.
-
-4. Provide the information that is requested for the package, and then click **Create**.
-
-5. Browse to the location where you want to save the Windows® Installer (.msi) file for the package.
-
- You can use this .msi file to install the inventory-collector package on each computer for which you want to gather inventory data.
-
-6. Type a file name for the .msi file, and then click **Save**.
-
-7. Click **Finish**.
-
-## Related topics
-
-
-[Identifying Computers for Inventory Collection](identifying-computers-for-inventory-collection.md)
-
-[Deploying an Inventory-Collector Package](deploying-an-inventory-collector-package.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/creating-and-editing-issues-and-solutions.md b/windows/plan/creating-and-editing-issues-and-solutions.md
index 0ce76a3f2f..e1897a0122 100644
--- a/windows/plan/creating-and-editing-issues-and-solutions.md
+++ b/windows/plan/creating-and-editing-issues-and-solutions.md
@@ -1,65 +1,5 @@
---
title: Creating and Editing Issues and Solutions (Windows 10)
description: This section provides step-by-step instructions for adding and editing application compatibility issues and solutions. Your issue and solution data can be uploaded to Microsoft through the Microsoft® Compatibility Exchange.
-ms.assetid: b64fe4e0-24bd-4bbd-9645-80ae5644e774
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Creating and Editing Issues and Solutions
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section provides step-by-step instructions for adding and editing application compatibility issues and solutions. Your issue and solution data can be uploaded to Microsoft through the Microsoft® Compatibility Exchange.
-
-## In this section
-
-
-
-
-
-
-Advantages
-Disadvantages
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/customizing-your-report-views.md b/windows/plan/customizing-your-report-views.md
index a68961a2e6..1c69e77305 100644
--- a/windows/plan/customizing-your-report-views.md
+++ b/windows/plan/customizing-your-report-views.md
@@ -1,149 +1,5 @@
---
title: Customizing Your Report Views (Windows 10)
description: You can customize how you view your report data in Application Compatibility Manager (ACM).
-ms.assetid: ba8da888-6749-43b4-8efb-4f26c7954721
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Customizing Your Report Views
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can customize how you view your report data in Application Compatibility Manager (ACM).
-
-## Modifying the <Operating\_System> Reports View
-
-
-You can choose which operating systems ACM shows in the compatibility reports. For operating systems that you exclude from the reports, the data continues to be collected but ACM does not display it.
-
-If you are using ACM on multiple computers that access the same ACT database, when you remove an operating system from your reports, all of the computers running ACM no longer show the operating system.
-
-**To add or remove an operating system from the Quick Reports pane**
-
-1. On the **Analyze** screen, at the bottom of the **Quick Reports** pane, click **Customize this view**.
-
-2. In the **Deployment Reports** area, select the check boxes for the operating systems you want to show in your reports, and then click **OK**.
-
-3. Select the architectures, **32-bit**, **64-bit**, or **Both**, for which you want to see compatibility ratings in the report screens.
-
-## Adding and Removing Columns from the Report Views
-
-
-You can add and remove columns from most of the report screens. In the report dialog boxes, you cannot add or remove columns, but you can reorder the columns.
-
-**To add or remove a column**
-
-1. On the selected report screen, right-click the column headings, and then click **Column Options**.
-
-2. Select the check box next to any column that you want to add, and clear the check box next to any column that you want to remove.
-
-3. If you want, reorder the columns by using the **Move Up** and **Move Down** buttons.
-
-4. Click **OK**.
-
-### Columns by Screen
-
-The following table shows the columns that are available for each screen.
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/data-sent-through-the-microsoft-compatibility-exchange.md b/windows/plan/data-sent-through-the-microsoft-compatibility-exchange.md
index 8bb30d37a8..97e2f14378 100644
--- a/windows/plan/data-sent-through-the-microsoft-compatibility-exchange.md
+++ b/windows/plan/data-sent-through-the-microsoft-compatibility-exchange.md
@@ -1,239 +1,5 @@
---
title: Data Sent Through the Microsoft Compatibility Exchange (Windows 10)
description: The Microsoft Compatibility Exchange propagates data of various types between Microsoft Corporation, independent software vendors (ISVs) and the Application Compatibility Toolkit (ACT) Community.
-ms.assetid: 3ec61e33-9db8-4367-99d5-e05c2f50e144
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Data Sent Through the Microsoft Compatibility Exchange
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Microsoft Compatibility Exchange propagates data of various types between Microsoft Corporation, independent software vendors (ISVs) and the Application Compatibility Toolkit (ACT) Community.
-
-## Data Sent to Microsoft
-
-
-During synchronization, the Microsoft Compatibility Exchange sends the following information to Microsoft Corporation:
-
-- **Application information and properties**. This data includes the application name, the vendor, the version number, the language, and the deployment type.
-
-The data-synchronization process does not send your list of URLs visited as part of the information exchange.
-
-## Data Sent to the ACT Community
-
-
-The Microsoft Compatibility Exchange sends the following information to the ACT Community for each application that you decide to share with the ACT Community:
-
-- **Application information and properties**. This data includes the application name, the vendor, the version number, the language, and the deployment type.
-
-- **Miscellaneous data**. This data includes:
-
- - The database GUID that identifies the organization that is the source of the data.
-
- - The issue data.
-
- - The issue ID.
-
- - The platform and destination operating system.
-
- - The severity.
-
- - The cause.
-
- - The symptom.
-
- - The solution data.
-
- - The solution type.
-
- - The issue and solution provider.
-
- - The issue and solution subprovider.
-
- - The issue and solution published date.
-
- - Your risk assessment.
-
-The data-synchronization process does not send your list of URLs visited as part of the information exchange.
-
-## Data Matching
-
-
-After you send your data, the Microsoft Compatibility Exchange matches your application properties against the known issues listed in the Application Profile database. The Microsoft Compatibility Exchange downloads any issues and corresponding solutions that match your application set and then stores the information in your ACT database.
-
-## Data Sent From Microsoft and ISVs
-
-
-For each application that matches an application in the Application Profile database, the Microsoft Compatibility Exchange returns the following information, provided by authoritative sources including Microsoft Corporation and independent software vendors (ISVs).
-
-
-
-
-
-Screen
-Default columns
-Additional columns
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Data Sent From the ACT Community
-
-
-For each application that matches an application in the Application Profile database, the Microsoft Compatibility Exchange returns the following ACT Community information, which you receive only if you are a member of the ACT Community:
-
-
-
-
-
-Data
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Selecting the Send and Receive Status for an Application](selecting-the-send-and-receive-status-for-an-application.md)
-
-[Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/deciding-whether-to-fix-an-application-or-deploy-a-workaround.md b/windows/plan/deciding-whether-to-fix-an-application-or-deploy-a-workaround.md
index 0bf24136b1..d4d3319cbc 100644
--- a/windows/plan/deciding-whether-to-fix-an-application-or-deploy-a-workaround.md
+++ b/windows/plan/deciding-whether-to-fix-an-application-or-deploy-a-workaround.md
@@ -1,54 +1,5 @@
---
title: Deciding Whether to Fix an Application or Deploy a Workaround (Windows 10)
description: You can fix a compatibility issue by changing the code for the application or by deploying a workaround.
-ms.assetid: e495d0c8-bfba-4537-bccd-64c4b52206f1
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Deciding Whether to Fix an Application or Deploy a Workaround
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can fix a compatibility issue by changing the code for the application or by deploying a workaround.
-
-## Fixing an Application
-
-
-Fixing an application by changing the code is often the recommended way to address a compatibility issue. Although applying a fix to the code might involve higher initial costs or additional development time, it can limit long-term maintenance or operational costs. After you change the code, all users can use the application without encountering the issue.
-
-If you do not have access to the code, or if you do not have the time and resources to apply a fix, an alternative approach is to deploy a workaround.
-
-## Deploying a Workaround
-
-
-A workaround involves applying alternative registry settings to address a compatibility issue. Deploying a workaround might be quicker and easier than changing the code, but you can incur long-term maintenance or operational costs. For example, you must make sure that new users have the correct set of features enabled or disabled on their computers. Using a workaround might also make your application or systems less secure. However, the overall security enhancement associated with deploying the newer version of Windows® may more than offset this reduction in security.
-
-Consider changing registry settings as a short-term solution while you develop the long-term solution of changing the code.
-
-## Related topics
-
-
-[SUA User's Guide](sua-users-guide.md)
-
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/deciding-which-applications-to-test.md b/windows/plan/deciding-which-applications-to-test.md
index a0d4d06986..4b548c65f6 100644
--- a/windows/plan/deciding-which-applications-to-test.md
+++ b/windows/plan/deciding-which-applications-to-test.md
@@ -1,54 +1,5 @@
---
title: Deciding Which Applications to Test (Windows 10)
description: Before starting your compatibility testing on the version of Windows that you want to deploy, you can use the Application Compatibility Toolkit (ACT) to identify which applications should be the focus of your testing.
-ms.assetid: d7c1c28f-b7b4-43ac-bf87-2910a2b603bf
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Deciding Which Applications to Test
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-Before starting your compatibility testing on the version of Windows that you want to deploy, you can use the Application Compatibility Toolkit (ACT) to identify which applications should be the focus of your testing.
-
-**To choose the applications to include in compatibility testing**
-
-1. Gather your application and device inventory. For more information, see [Taking Inventory of Your Organization](taking-inventory-of-your-organization.md).
-
-2. Use the Microsoft Compatibility Exchange to get the latest compatibility ratings. For more information, see [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md).
-
-3. Organize and group your applications, and determine which applications need to be tested. For more information, see [Organizing Your Compatibility Data](organizing-your-compatibility-data.md).
-
- After completing these steps, you can then start creating and deploying your runtime-analysis packages to the test environment for your compatibility testing.
-
-## Related topics
-
-
-[Creating an Enterprise Environment for Compatibility Testing](creating-an-enterprise-environment-for-compatibility-testing.md)
-
-[Creating a Runtime-Analysis Package](creating-a-runtime-analysis-package.md)
-
-[Deploying a Runtime-Analysis Package](deploying-a-runtime-analysis-package.md)
-
-[Compatibility Monitor User's Guide](compatibility-monitor-users-guide.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/deleting-a-data-collection-package.md b/windows/plan/deleting-a-data-collection-package.md
index 002a431377..c5401542c9 100644
--- a/windows/plan/deleting-a-data-collection-package.md
+++ b/windows/plan/deleting-a-data-collection-package.md
@@ -1,52 +1,5 @@
---
title: Deleting a Data-Collection Package (Windows 10)
description: In Application Compatibility Manager (ACM), you can delete any of your existing data-collection packages from the database.
-ms.assetid: 1b397d7a-7216-4078-93d9-47c7becbf73e
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Deleting a Data-Collection Package
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-In Application Compatibility Manager (ACM), you can delete any of your existing data-collection packages from the database.
-
-You cannot undo the deletion of a data-collection package. If you mistakenly delete a data-collection package, you must create a new package to replace the deleted package.
-
-**To delete a data-collection package**
-
-1. In ACM, click **Collect** to open the Collect screen.
-
-2. Select the data-collection package that you want to delete, and then press the DELETE key.
-
-3. In the confirmation box, click **Yes**.
-
-## Related topics
-
-
-[Log File Locations for Data-Collection Packages](log-file-locations-for-data-collection-packages.md)
-
-[Exporting a Data-Collection Package](exporting-a-data-collection-package.md)
-
-[Labeling Data in ACM](labeling-data-in-acm.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/deploy-windows-10-in-a-school.md b/windows/plan/deploy-windows-10-in-a-school.md
index dd53f66282..590e3606e6 100644
--- a/windows/plan/deploy-windows-10-in-a-school.md
+++ b/windows/plan/deploy-windows-10-in-a-school.md
@@ -142,7 +142,7 @@ You can use MDT to deploy 32-bit or 64-bit versions of Windows 10. Install the 6
>**Note:** If you install the 32-bit version of MDT, you can install only 32-bit versions of Windows 10. Ensure that you download and install the 64-bit version of MDT so that you can install 64-bit and 32 bit versions of the operating system.
-For more information about installing MDT on the admin device, see [Installing a New Instance of MDT](https://technet.microsoft.com/en-us/library/dn759415.aspx#InstallingaNewInstanceofMDT).
+For more information about installing MDT on the admin device, see [Installing a New Instance of MDT](https://technet.microsoft.com//library/dn759415.aspx#InstallingaNewInstanceofMDT).
Now, you’re ready to create the MDT deployment share and populate it with the operating system, apps, and device drivers you want to deploy to your devices.
@@ -336,7 +336,7 @@ Now that you have an Office 365 subscription, you need to determine how you will
In this method, you have an on-premises AD DS domain. As shown in Figure 4, the Azure AD Connector tool automatically synchronizes AD DS with Azure AD. When you add or change any user accounts in AD DS, the Azure AD Connector tool automatically updates Azure AD.
->**Note:** Azure AD Connect also supports synchronization from any Lightweight Directory Access Protocol version 3 (LDAPv3)–compliant directory by using the information provided in [Generic LDAP Connector for FIM 2010 R2 Technical Reference](https://technet.microsoft.com/en-us/library/dn510997.aspx?f=255&MSPPError=-2147217396).
+>**Note:** Azure AD Connect also supports synchronization from any Lightweight Directory Access Protocol version 3 (LDAPv3)–compliant directory by using the information provided in [Generic LDAP Connector for FIM 2010 R2 Technical Reference](https://technet.microsoft.com//library/dn510997.aspx?f=255&MSPPError=-2147217396).
@@ -385,7 +385,7 @@ You can deploy the Azure AD Connect tool by using one of the following methods:
*Figure 7. Azure AD Connect in Azure*
-This guide describes how to run Azure AD Connect on premises. For information about running Azure AD Connect in Azure, see [Deploy Office 365 Directory Synchronization (DirSync) in Microsoft Azure](https://technet.microsoft.com/en-us/library/dn635310.aspx).
+This guide describes how to run Azure AD Connect on premises. For information about running Azure AD Connect in Azure, see [Deploy Office 365 Directory Synchronization (DirSync) in Microsoft Azure](https://technet.microsoft.com//library/dn635310.aspx).
### Deploy Azure AD Connect on premises
@@ -436,8 +436,8 @@ Several methods are available to bulk-import user accounts into AD DS domains. T
|Method | Description and reason to select this method |
|-------| ---------------------------------------------|
-|Ldifde.exe |This command-line tool allows you to import and export objects (such as user accounts) from AD DS. Select this method if you aren’t comfortable with Microsoft Visual Basic Scripting Edition (VBScript), Windows PowerShell, or other scripting languages. For more information about using Ldifde.exe, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com/en-us/library/bb727091.aspx), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/en-us/kb/555636), [Import or Export Directory Objects Using Ldifde](https://technet.microsoft.com/library/cc816781.aspx), and [LDIFDE](https://technet.microsoft.com/library/cc755456.aspx).|
-|VBScript | This scripting language uses the Active Directory Services Interfaces (ADSI) Component Object Model interface to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with VBScript. For more information about using VBScript and ADSI, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com/en-us/library/bb727091.aspx) and [ADSI Scriptomatic](https://technet.microsoft.com/en-us/scriptcenter/dd939958.aspx).|
+|Ldifde.exe |This command-line tool allows you to import and export objects (such as user accounts) from AD DS. Select this method if you aren’t comfortable with Microsoft Visual Basic Scripting Edition (VBScript), Windows PowerShell, or other scripting languages. For more information about using Ldifde.exe, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com//library/bb727091.aspx), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/en-us/kb/555636), [Import or Export Directory Objects Using Ldifde](https://technet.microsoft.com/library/cc816781.aspx), and [LDIFDE](https://technet.microsoft.com/library/cc755456.aspx).|
+|VBScript | This scripting language uses the Active Directory Services Interfaces (ADSI) Component Object Model interface to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with VBScript. For more information about using VBScript and ADSI, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](https://technet.microsoft.com//library/bb727091.aspx) and [ADSI Scriptomatic](https://technet.microsoft.com//scriptcenter/dd939958.aspx).|
|Windows PowerShell| This scripting language natively supports cmdlets to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with Window PowerShell scripting. For more information about using Windows PowerShell, see [Import Bulk Users to Active Directory](https://blogs.technet.microsoft.com/bettertogether/2011/01/09/import-bulk-users-to-active-directory/) and [PowerShell: Bulk create AD Users from CSV file](http://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx).|
-
-
-
-Data
-Description
-
-
-
-
-
-
-
-
1. Import operating systems
-Import the operating systems that you selected in the [Select operating systems](#select-the-operating-systems) section into the deployment share. For more information about how to import operating systems, see [Import an Operating System into the Deployment Workbench](https://technet.microsoft.com/en-us/library/dn759415.aspx#ImportanOperatingSystemintotheDeploymentWorkbench).
+Import the operating systems that you selected in the [Select operating systems](#select-the-operating-systems) section into the deployment share. For more information about how to import operating systems, see [Import an Operating System into the Deployment Workbench](https://technet.microsoft.com//library/dn759415.aspx#ImportanOperatingSystemintotheDeploymentWorkbench).
@@ -724,8 +724,8 @@ If you have Intune, you can deploy Windows Store apps after you deploy Windows 1
In addition, you must prepare your environment for sideloading (deploying) Windows Store apps. For more information about how to:2. Import device drives
Device drivers allow Windows 10 to know a device’s hardware resources and connected hardware accessories. Without the proper device drivers, certain features may be unavailable. For example, without the proper audio driver, a device cannot play sounds; without the proper camera driver, the device cannot take photos or use video chat.
-Import device drivers for each device in your institution. For more information about how to import device drivers, see [Import Device Drivers into the Deployment Workbench](https://technet.microsoft.com/en-us/library/dn759415.aspx#ImportDeviceDriversintotheDeploymentWorkbench).
+Import device drivers for each device in your institution. For more information about how to import device drivers, see [Import Device Drivers into the Deployment Workbench](https://technet.microsoft.com//library/dn759415.aspx#ImportDeviceDriversintotheDeploymentWorkbench).
-
@@ -737,11 +737,11 @@ In addition, you must prepare your environment for sideloading (deploying) Windo
You need to create an MDT application for each Windows desktop app you want to deploy. You can obtain the Windows desktop apps from any source, but ensure that you have sufficient licenses for them.
@@ -757,7 +757,7 @@ For more information about how to create an MDT application for Window desktop a
-To help reduce the effort needed to deploy Microsoft Office 2016 desktop apps, use the Office Deployment Tool, as described in [Deploy Click-to-Run for Office 365 products by using the Office Deployment Tool](https://technet.microsoft.com/en-us/library/jj219423.aspx?f=255&MSPPError=-2147217396).
+To help reduce the effort needed to deploy Microsoft Office 2016 desktop apps, use the Office Deployment Tool, as described in [Deploy Click-to-Run for Office 365 products by using the Office Deployment Tool](https://technet.microsoft.com//library/jj219423.aspx?f=255&MSPPError=-2147217396).
If you have Intune, you can deploy Windows desktop apps after you deploy Windows 10, as described in the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section. This method provides granular deployment of Windows desktop apps, and you can use it for ongoing management of the apps. This is the preferred method for deploying and managing Windows desktop apps.
**Note:** You can also deploy Windows desktop apps after you deploy Windows 10, as described in the [Deploy apps by using Intune](#deploy-apps-by-using-intune) section.
-For more information about how to create an MDT application for Window desktop apps, see [Create a New Application in the Deployment Workbench](https://technet.microsoft.com/en-us/library/dn759415.aspx#CreateaNewApplicationintheDeploymentWorkbench).
+For more information about how to create an MDT application for Window desktop apps, see [Create a New Application in the Deployment Workbench](https://technet.microsoft.com//library/dn759415.aspx#CreateaNewApplicationintheDeploymentWorkbench).
Updating a deployment share generates the MDT boot images you use to initiate the Windows 10 deployment process. You can configure the process to create 32 bit and 64 bit versions of the .iso and .wim files you can use to create bootable media or in Windows Deployment Services.
+For more information about how to update a deployment share, see [Update a Deployment Share in the Deployment Workbench](https://technet.microsoft.com//library/dn759415.aspx#UpdateaDeploymentShareintheDeploymentWorkbench).
@@ -782,9 +782,9 @@ You can use Windows Deployment Services in conjunction with MDT to automatically
- [Windows Deployment Services overview](https://technet.microsoft.com/library/hh831764.aspx)
- The Windows Deployment Services Help file, included in Windows Deployment Services
- - [Windows Deployment Services Getting Started Guide for Windows Server 2012](https://technet.microsoft.com/en-us/library/jj648426.aspx)
+ - [Windows Deployment Services Getting Started Guide for Windows Server 2012](https://technet.microsoft.com//library/jj648426.aspx)
-2. Add LTI boot images (Windows PE images) to Windows Deployment Services.
-For more information about how to update a deployment share, see [Update a Deployment Share in the Deployment Workbench](https://technet.microsoft.com/en-us/library/dn759415.aspx#UpdateaDeploymentShareintheDeploymentWorkbench).Use of Microsoft accounts
You want faculty and students to use only Azure AD accounts for institution-owned devices. For these devices, do not use Microsoft accounts or associate a Microsoft account with the Azure AD accounts.
@@ -905,7 +905,7 @@ Microsoft has several recommended settings for educational institutions. Table 1
**Note:** Personal devices typically use Microsoft accounts. Faculty and students can associate their Microsoft account with their Azure AD account on these devices.
-**Group Policy.** Configure the [Accounts: Block Microsoft accounts](https://technet.microsoft.com/en-us/library/jj966262.aspx?f=255&MSPPError=-2147217396) Group Policy setting to use the Users can’t add Microsoft accounts setting option.
+**Group Policy.** Configure the [Accounts: Block Microsoft accounts](https://technet.microsoft.com//library/jj966262.aspx?f=255&MSPPError=-2147217396) Group Policy setting to use the Users can’t add Microsoft accounts setting option.
**Intune.** Enable or disable the camera by using the **Allow Microsoft account**, **Allow adding non-Microsoft accounts manually**, and **Allow settings synchronization for Microsoft accounts** policy settings under the **Accounts and Synchronization** section of a **Windows 10 General Configuration** policy.
@@ -913,7 +913,7 @@ Microsoft has several recommended settings for educational institutions. Table 1
Restrict local administrator accounts on the devices
Ensure that only authorized users are local administrators on institution-owned devices. Typically, you don’t want students to be administrators on instruction-owned devices. Explicitly specify the users who will be local administrators on a group of devices.
-**Group Policy**. Create a **Local Group** Group Policy preference to limit the local administrators group membership. Select the **Delete all member users** and **Delete all member groups** check boxes to remove any existing members. For more information about how to configure Local Group preferences, see [Configure a Local Group Item](https://technet.microsoft.com/en-us/library/cc732525.aspx).
+**Group Policy**. Create a **Local Group** Group Policy preference to limit the local administrators group membership. Select the **Delete all member users** and **Delete all member groups** check boxes to remove any existing members. For more information about how to configure Local Group preferences, see [Configure a Local Group Item](https://technet.microsoft.com//library/cc732525.aspx).
**Intune**. Not available.
@@ -921,7 +921,7 @@ Microsoft has several recommended settings for educational institutions. Table 1
Restrict the local administrator accounts on the devices
Ensure that only authorized users are local administrators on institution-owned devices. Typically, you don’t want students to be administrators on instruction-owned devices. Explicitly specify the users who will be local administrators on a group of devices.
-**Group Policy**. Create a **Local Group** Group Policy preference to limit the local administrators group membership. Select the **Delete all member users** and **Delete all member groups** check boxes to remove any existing members. For more information about how to configure Local Group preferences, see [Configure a Local Group Item](https://technet.microsoft.com/en-us/library/cc732525.aspx).
+**Group Policy**. Create a **Local Group** Group Policy preference to limit the local administrators group membership. Select the **Delete all member users** and **Delete all member groups** check boxes to remove any existing members. For more information about how to configure Local Group preferences, see [Configure a Local Group Item](https://technet.microsoft.com//library/cc732525.aspx).
**Intune**. Not available.
@@ -929,7 +929,7 @@ Microsoft has several recommended settings for educational institutions. Table 1
Manage the built-in administrator account created during device deployment
When you use MDT to deploy Windows 10, the MDT deployment process automatically creates a local Administrator account with the password you specified. As a security best practice, rename the built-in Administrator account and optionally disable it.
-**Group Policy**. Rename the built-in Administrator account by using the **Accounts: Rename administrator account** Group Policy setting. For more information about how to rename the built-in Administrator account, see [To rename the Administrator account using the Group Policy Management Console](https://technet.microsoft.com/en-us/library/cc747484.aspx). You will specify the new name for the Administrator account. You can disable the built-in Administrator account by using the **Accounts: Administrator account status** Group Policy setting. For more information about how to disable the built-in Administrator account, see [Accounts: Administrator account status](https://technet.microsoft.com/en-us/library/jj852165.aspx).
+**Group Policy**. Rename the built-in Administrator account by using the **Accounts: Rename administrator account** Group Policy setting. For more information about how to rename the built-in Administrator account, see [To rename the Administrator account using the Group Policy Management Console](https://technet.microsoft.com//library/cc747484.aspx). You will specify the new name for the Administrator account. You can disable the built-in Administrator account by using the **Accounts: Administrator account status** Group Policy setting. For more information about how to disable the built-in Administrator account, see [Accounts: Administrator account status](https://technet.microsoft.com//library/jj852165.aspx).
**Intune**. Not available.
@@ -953,7 +953,7 @@ Microsoft has several recommended settings for educational institutions. Table 1
Control Windows Store access
You can control access to Windows Store and whether existing Windows Store apps receive updates. You can only disable the Windows Store app in Windows 10 Education and Windows 10 Enterprise.
-**Group Policy**. You can disable the Windows Store app by using the **Turn off the Store Application** Group Policy setting. You can prevent Windows Store apps from receiving updates by using the **Turn off Automatic Download and Install of updates** Group Policy setting. For more information about configuring these settings, see [Can I use Group Policy to control the Windows Store in my enterprise environment?](https://technet.microsoft.com/en-us/library/hh832040.aspx#BKMK_UseGP).
+**Group Policy**. You can disable the Windows Store app by using the **Turn off the Store Application** Group Policy setting. You can prevent Windows Store apps from receiving updates by using the **Turn off Automatic Download and Install of updates** Group Policy setting. For more information about configuring these settings, see [Can I use Group Policy to control the Windows Store in my enterprise environment?](https://technet.microsoft.com//library/hh832040.aspx#BKMK_UseGP).
**Intune**. You can enable or disable the camera by using the **Allow application store** policy setting in the **Apps** section of a **Windows 10 General Configuration** policy.
@@ -989,13 +989,13 @@ Microsoft has several recommended settings for educational institutions. Table 1
Now, you’re ready to configure settings by using Group Policy. The steps in this section assume that you have an AD DS infrastructure. You will configure the Group Policy settings you select in the [Select Microsoft-recommended settings](#select-microsoft-recommended-settings) section.
-For more information about Group Policy, see [Group Policy Planning and Deployment Guide](https://technet.microsoft.com/en-us/library/cc754948.aspx).
+For more information about Group Policy, see [Group Policy Planning and Deployment Guide](https://technet.microsoft.com//library/cc754948.aspx).
#### To configure Group Policy settings
-1. Create a Group Policy object (GPO) that will contain the Group Policy settings by completing the steps in [Create a new Group Policy object](https://technet.microsoft.com/en-us/library/cc738830.aspx).
-2. Configure the settings in the GPO by completing the steps in [Edit a Group Policy object](https://technet.microsoft.com/en-us/library/cc739902.aspx).
-3. Link the GPO to the appropriate AD DS site, domain, or organizational unit by completing the steps in [Link a Group Policy object to a site, domain, or organizational unit](https://technet.microsoft.com/en-us/library/cc738954(v=ws.10).aspx).
+1. Create a Group Policy object (GPO) that will contain the Group Policy settings by completing the steps in [Create a new Group Policy object](https://technet.microsoft.com//library/cc738830.aspx).
+2. Configure the settings in the GPO by completing the steps in [Edit a Group Policy object](https://technet.microsoft.com//library/cc739902.aspx).
+3. Link the GPO to the appropriate AD DS site, domain, or organizational unit by completing the steps in [Link a Group Policy object to a site, domain, or organizational unit](https://technet.microsoft.com//library/cc738954(v=ws.10).aspx).
### Configure settings by using Intune
@@ -1006,9 +1006,9 @@ For more information about Intune, see [Documentation for Microsoft Intune](http
#### To configure Intune settings
1. Add Intune to your Office 365 subscription by completing the steps in [Get started with a paid subscription to Microsoft Intune](https://docs.microsoft.com/en-us/intune/get-started/start-with-a-paid-subscription-to-microsoft-intune).
-2. Enroll devices with Intune by completing the steps in [Get ready to enroll devices in Microsoft Intune](https://technet.microsoft.com/en-us/library/dn646962.aspx).
-3. Configure the settings in Intune Windows 10 policies by completing the steps in [Manage settings and features on your devices with Microsoft Intune policies](https://technet.microsoft.com/en-us/library/dn646984.aspx).
-4. Manage Windows 10 devices by completing the steps in [Manage Windows PCs with Microsoft Intune](https://technet.microsoft.com/en-us/library/dn646959.aspx).
+2. Enroll devices with Intune by completing the steps in [Get ready to enroll devices in Microsoft Intune](https://technet.microsoft.com//library/dn646962.aspx).
+3. Configure the settings in Intune Windows 10 policies by completing the steps in [Manage settings and features on your devices with Microsoft Intune policies](https://technet.microsoft.com//library/dn646984.aspx).
+4. Manage Windows 10 devices by completing the steps in [Manage Windows PCs with Microsoft Intune](https://technet.microsoft.com//library/dn646959.aspx).
### Deploy apps by using Intune
@@ -1041,14 +1041,14 @@ Prior to deployment of Windows 10, ensure that you complete the tasks listed in
Use the Deployment Wizard to deploy Windows 10. The LTI deployment process is almost fully automated: You provide only minimal information to the Deployment Wizard at the beginning of the process. After the wizard collects the necessary information, the remainder of the process is fully automated.
->**Note:** To fully automate the LTI deployment process, complete the steps in the “Fully Automated LTI Deployment Scenario” section in the [Microsoft Deployment Toolkit Samples Guide](https://technet.microsoft.com/en-us/library/dn781089.aspx).
+>**Note:** To fully automate the LTI deployment process, complete the steps in the “Fully Automated LTI Deployment Scenario” section in the [Microsoft Deployment Toolkit Samples Guide](https://technet.microsoft.com//library/dn781089.aspx).
In most instances, deployments occur without incident. Only in rare occasions do deployments experience problems.
#### To deploy Windows 10
1. **Initiate the LTI deployment process**. Initiate the LTI deployment process booting over the network (PXE boot) or from local media. You selected the method for initiating the LTI deployment process in the [Select a method to initiate deployment](#select-a-method-to-initiate-deployment) section earlier in this guide.
-2. **Complete the Deployment Wizard**. For more information about how to complete the Deployment Wizard, see the “Running the Deployment Wizard” topic in [Using the Microsoft Deployment Toolkit](https://technet.microsoft.com/en-us/library/dn759415.aspx#Running%20the%20Deployment%20Wizard).
+2. **Complete the Deployment Wizard**. For more information about how to complete the Deployment Wizard, see the “Running the Deployment Wizard” topic in [Using the Microsoft Deployment Toolkit](https://technet.microsoft.com//library/dn759415.aspx#Running%20the%20Deployment%20Wizard).
### Set up printers
diff --git a/windows/plan/deploying-a-runtime-analysis-package.md b/windows/plan/deploying-a-runtime-analysis-package.md
index bf01c5258c..38f478a9b9 100644
--- a/windows/plan/deploying-a-runtime-analysis-package.md
+++ b/windows/plan/deploying-a-runtime-analysis-package.md
@@ -1,48 +1,5 @@
---
title: Deploying a Runtime-Analysis Package (Windows 10)
description: When you deploy a runtime-analysis package, you are deploying it to your test environment for compatibility testing.
-ms.assetid: 304bf0be-0e7c-4c5f-baac-bed7f8bef509
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Deploying a Runtime-Analysis Package
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-When you deploy a runtime-analysis package, you are deploying it to your test environment for compatibility testing.
-
-For information about creating the test environment, see [Creating an Enterprise Environment for Compatibility Testing](creating-an-enterprise-environment-for-compatibility-testing.md).
-
-To deploy a runtime-analysis package, you can use the same deployment methods that you might use to deploy an inventory-collector package. For information about deployment methods, see [Deploying an Inventory-Collector Package](deploying-an-inventory-collector-package.md).
-
-## Related topics
-
-
-[Deciding Which Applications to Test](deciding-which-applications-to-test.md)
-
-[Creating an Enterprise Environment for Compatibility Testing](creating-an-enterprise-environment-for-compatibility-testing.md)
-
-[Creating a Runtime-Analysis Package](creating-a-runtime-analysis-package.md)
-
-[Compatibility Monitor User's Guide](compatibility-monitor-users-guide.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/deploying-an-inventory-collector-package.md b/windows/plan/deploying-an-inventory-collector-package.md
index 406a2823fd..784ecd61b4 100644
--- a/windows/plan/deploying-an-inventory-collector-package.md
+++ b/windows/plan/deploying-an-inventory-collector-package.md
@@ -1,142 +1,5 @@
---
title: Deploying an Inventory-Collector Package (Windows 10)
-ms.assetid: 8726ff71-0d17-4449-bdb7-66957ae51c62
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.sitesec: library
-author: TrudyHa
----
-
-# Deploying an Inventory-Collector Package
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can use the following methods to deploy an inventory-collector package to the destination computers:
-
-- **Group Policy Software Installation.** This is a feature of Active Directory Domain Services in Windows Server. All computers to which you deploy the package must be part of the Active Directory forest.
-
-- **Logon script.** You can use Windows Script Host to create a logon script. Installing by using a logon script requires administrator credentials on the local computer.
-
-- **Microsoft® System Center Configuration Manager.** For information about how to use System Center Configuration Manager, see the product documentation.
-
-- **Manual distribution.** You can use a file server on the network as a software distribution point, or you can distribute removable media. User installation of an inventory-collector package requires administrator credentials on the local computer.
-
-**To deploy an inventory-collector package by using Group Policy Software Installation**
-
-1. Ensure that the computers to which you want to deploy the inventory-collector package are members of the Active Directory forest.
-
-2. Create a Group Policy Object (GPO) for publishing the inventory-collector package.
-
-3. Assign the GPO to the organizational units (OUs) that contain the set of computers.
-
-4. Create and publish a new software installation package by using Group Policy Software Installation.
-
- For information about the Group Policy Software Installation process, see [Best practices for Group Policy Software Installation](http://go.microsoft.com/fwlink/p/?LinkId=87996).
-
-**To assign a logon script for installing an inventory-collector package to an organizational unit**
-
-1. Create the logon script. The following script is an example.
-
- ``` syntax
- Set ws = WScript.CreateObject("WScript.Shell")
- ws.Run("\\servername\collector\package_name.exe")
- ```
-
- To keep the installation from running repeatedly, your script must create a marker.
-
- For more information about logon scripts, see [Assign a Logon Script to a User in the Active Directory](http://go.microsoft.com/fwlink/p/?LinkId=87997).
-
-2. Save your script in the SYSVOL\\Scripts folder.
-
-3. Open the Active Directory Users and Computers console by clicking **Start**, clicking **All Programs**, clicking **Administrative Tools**, and then clicking **Active Directory Users and Computers**.
-
-4. Right-click the OU to which you intend to assign the logon script, click **Properties**, and then click the **Group Policy** tab.
-
-5. Click **New** to add a new GPO, or select an existing GPO and then click **Edit**.
-
-6. In the left pane, expand the **User Configuration** object, expand the **Windows Setting** object, and then click **Scripts (Logon/Logoff)**.
-
-7. In the right pane, double-click the **Logon** script.
-
-8. Click **Add**.
-
-9. Click **Browse**, browse to the \\\\*<domain>*\\Sysvol\\Scripts folder, select your script, and then click **Open**.
-
-10. Click **OK** to close the **Logon Properties** dialog box.
-
-11. Close the Group Policy Management console and the Active Directory Users and Computers console.
-
-12. On a computer that is a member of the domain and a part of the OU, log on as an OU user.
-
-13. Open a **Command Prompt** window, and then type `GPUPDATE /force` to force the update of the Group Policy setting.
-
-14. At the command prompt, type `RSOP.msc` to verify your Group Policy assignment.
-
-15. In the left pane, expand the **Computer Configuration** object, expand the **Windows Setting** object, and then click **Security Settings**.
-
-16. Expand **Account Policies**, click **Password Policy**, and verify the assigned Group Policy setting.
-
-17. Close the Resultant Set of Policy console and the **Command Prompt** window.
-
-**To deploy an inventory-collector package by using System Center Configuration Manager**
-
-1. Verify that the computers to which you want to deploy the package are included in your Configuration Manager inventory.
-
-2. Create a Configuration Manager computer collection that includes the computers.
-
-3. Create a shared folder that contains the source image of the inventory-collector package.
-
-4. Create a Configuration Manager package that is based on the source image from the shared folder.
-
- For more information, see [How to Create a Package](http://go.microsoft.com/fwlink/p/?LinkId=131355).
-
-5. Specify the Configuration Manager software distribution points.
-
-6. Create a Configuration Manager program that includes the required commands and command-line options to deploy the inventory-collector package.
-
- For more information, see [How to Create a Program](http://go.microsoft.com/fwlink/p/?LinkId=131356).
-
-7. Create a Configuration Manager advertisement that instructs Configuration Manager clients to run the program that you specified in the previous step.
-
- For more information, see [How to Create an Advertisement](http://go.microsoft.com/fwlink/p/?LinkId=131357).
-
-**To deploy an inventory-collector package from a network share**
-
-1. Store your package (.msi) file in a shared folder on the network.
-
-2. Notify the users of the computers that require the inventory-collector package to run the .msi file. For example, you might send an email message that includes a hyperlink to the shared folder.
-
-**To deploy an inventory-collector package to offline computers**
-
-1. In your inventory-collector package, specify a local output path for the log file.
-
-2. Burn your.msi file to removable media.
-
-3. Send the removable media to users of the offline computers.
-
-4. Instruct the users to run the .msi file and then return the generated log file. For example, the users might send the log file in an email message or place the file on a network share.
-
-## Related topics
-
-
-[Identifying Computers for Inventory Collection](identifying-computers-for-inventory-collection.md)
-
-[Creating an Inventory-Collector Package](creating-an-inventory-collector-package.md)
-
-
-
-
-
-
-
-
-
+description: How to deploy an inventory-collector package to your destination computers.
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/device-dialog-box.md b/windows/plan/device-dialog-box.md
index 7cd1c0d3ec..5d32e55b8f 100644
--- a/windows/plan/device-dialog-box.md
+++ b/windows/plan/device-dialog-box.md
@@ -1,90 +1,5 @@
---
title: Device Dialog Box (Windows 10)
description: In Application Compatibility Manager (ACM), the Device dialog box shows information about the selected device.
-ms.assetid: 5bd7cfda-31ea-4967-8b64-6c0425092f4e
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# <Device> Dialog Box
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-In Application Compatibility Manager (ACM), the *<Device>* dialog box shows information about the selected device.
-
-**To open the <Device> dialog box**
-
-1. In ACM, in the **Quick Reports** pane, click **Analyze**.
-
-2. Under an operating system heading, click **Devices**.
-
-3. Double-click the name of a device.
-
-## Tabs in the <Device> dialog box
-
-
-The following table shows the information available in the *<Device>* dialog box.
-
-Use of audio recording
Audio recording (by using the Sound Recorder app) can be a source of disclosure or privacy issues in an education environment. Depending on your institution’s policies, you may want to disable the Sound Recorder app on your devices.
-**Group Policy**. You can disable the Sound Recorder app by using the **Do not allow Sound Recorder to run** Group Policy setting. You can disable other audio recording apps by using AppLocker policies. Create AppLocker policies by using the information in [Editing an AppLocker Policy](https://technet.microsoft.com/en-us/library/ee791894(v=ws.10).aspx) and [Create Your AppLocker Policies](https://technet.microsoft.com/en-us/library/ee791899.aspx).
+**Group Policy**. You can disable the Sound Recorder app by using the **Do not allow Sound Recorder to run** Group Policy setting. You can disable other audio recording apps by using AppLocker policies. Create AppLocker policies by using the information in [Editing an AppLocker Policy](https://technet.microsoft.com//library/ee791894(v=ws.10).aspx) and [Create Your AppLocker Policies](https://technet.microsoft.com//library/ee791899.aspx).
**Intune**. You can enable or disable the camera by using the **Allow voice recording** policy setting in the **Features** section of a **Windows 10 General Configuration** policy.
-
-
-
-
-## Using the <Device> Dialog Box
-
-
-In the *<Device>* dialog box, you can perform the following actions:
-
-- Assign categories and subcategories to the device. For more information, see [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md).
-
-- Specify the importance of the device to your organization. For more information, see [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md).
-
-
-
-
-
-
-
-
-
+description: This section describes the compatibility reports in Application Compatibility Manager (ACM) and how you can work with the reports.
+---
\ No newline at end of file
diff --git a/windows/plan/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md b/windows/plan/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md
index 85c5e0ba27..7bcd802f03 100644
--- a/windows/plan/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md
+++ b/windows/plan/enabling-and-disabling-compatibility-fixes-in-compatibility-administrator.md
@@ -60,15 +60,4 @@ You can enable your disabled compatibility fixes at any time.
2. On the **Database** menu, click **Enable Entry**.
## Related topics
-
-
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-
-
-
-
-
-
-
-
-
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
\ No newline at end of file
diff --git a/windows/plan/example-filter-queries.md b/windows/plan/example-filter-queries.md
index 7b7732863d..8494d2a4b1 100644
--- a/windows/plan/example-filter-queries.md
+++ b/windows/plan/example-filter-queries.md
@@ -1,79 +1,5 @@
---
title: Example Filter Queries (Windows 10)
description: You can filter your compatibility-issue data or reports by selecting specific restriction criteria.
-ms.assetid: eae59380-56cc-4d57-bd2c-11a0e3c689c9
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Example Filter Queries
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can filter your compatibility-issue data or reports by selecting specific restriction criteria.
-
-## Example Queries
-
-
-The following sections show example queries created by using the Query Builder.
-
-### All Applications with Issues
-
-The following example query returns all applications that have one or more known issues.
-
-
-
-### All Applications with Solutions for Known Issues
-
-The following example query returns all applications that have solutions for their known issues.
-
-
-
-### All Applications with Specific Solution Types
-
-The following example query returns all applications that have a solution type of Application Update or Application Configuration.
-
-
-
-### All Applications with No Known Issues
-
-The following example query returns all applications that have no known issues.
-
-
-
-### All Applications with No Active Issues
-
-The following example query returns all applications that have no active issues.
-
-
-
-### All Applications Appearing in a Specific Category and Subcategory
-
-The following example query returns all applications that have a category of Department and a subcategory of either Human Resources or Finance.
-
-
-
-## Related topics
-
-
-[Filtering Your Compatibility Data](filtering-your-compatibility-data.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/exporting-a-data-collection-package.md b/windows/plan/exporting-a-data-collection-package.md
index 5baee693f6..e3b5a9ce64 100644
--- a/windows/plan/exporting-a-data-collection-package.md
+++ b/windows/plan/exporting-a-data-collection-package.md
@@ -1,54 +1,5 @@
---
title: Exporting a Data-Collection Package (Windows 10)
description: In Application Compatibility Manager (ACM), you can export a data-collection package as a Windows installer (.msi) file. You can then use the .msi file to install the data-collection package on the computers from which you want to gather data.
-ms.assetid: 98fe19e4-9533-4ffc-a275-8b3776ee93ed
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Exporting a Data-Collection Package
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-In Application Compatibility Manager (ACM), you can export a data-collection package as a Windows installer (.msi) file. You can then use the .msi file to install the data-collection package on the computers from which you want to gather data.
-
-You can export only one data-collection package at a time.
-
-**To export a data-collection package**
-
-1. In ACM, click **Collect** to open the Collect screen.
-
-2. Select the data-collection package that you want to export.
-
-3. On the **File** menu, click **Export**.
-
-4. Navigate to the folder where you want to store the Windows installer (.msi) file for the data-collection package, and then click **Save**.
-
-## Related topics
-
-
-[Log File Locations for Data-Collection Packages](log-file-locations-for-data-collection-packages.md)
-
-[Deleting a Data-Collection Package](deleting-a-data-collection-package.md)
-
-[Labeling Data in ACM](labeling-data-in-acm.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/filtering-your-compatibility-data.md b/windows/plan/filtering-your-compatibility-data.md
index fcc724c2d5..83040f196c 100644
--- a/windows/plan/filtering-your-compatibility-data.md
+++ b/windows/plan/filtering-your-compatibility-data.md
@@ -1,115 +1,5 @@
---
title: Filtering Your Compatibility Data (Windows 10)
description: You can use Query Builder to filter your compatibility-issue data or reports by selecting specific restriction criteria.
-ms.assetid: b64267b5-83c0-4b4d-a075-0975d3a359c8
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Filtering Your Compatibility Data
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can use Query Builder to filter your compatibility-issue data or reports by selecting specific restriction criteria.
-
-The following table shows the columns in Query Builder.
-
-
-
-
-
-Tab
-Information
-
-
-
-
-
-
-
-
-
-
-
-
-## Creating Basic Queries
-
-
-You can insert as many query clauses as you want to create a customized view of your compatibility data.
-
-**Note**
-The following examples use the **<Operating\_System> - Application Report** screen. The process is the same for other report types.
-
-
-
-**To create a basic query**
-
-1. On the **<Operating\_System> - Application Report** screen, click **Toggle Filter**.
-
-2. In the Query Builder, enter your filter criteria, pressing the Tab key to add clauses.
-
- To delete a clause, right-click the row, and then click **Delete Clause**.
-
-3. Click **Refresh**.
-
- Your filtered results appear. To close the Query Builder, click **Toggle Filter** again.
-
-## Querying on Objects
-
-
-You can query your compatibility data based on its relationship with other objects. For example, in the applications report, you can query for applications that have corresponding issues. Fields that have a (+) suffix in Query Builder are collections of objects.
-
-**To query for a collection of objects**
-
-1. In Query Builder, in the **Field** column, click any field that contains a plus sign (+) as suffix.
-
-2. In the **Operator** column, select **Exists**, **Not Exists**, or **All Have**.
-
- Query Builder creates a group clause, which is shown by a bracket that spans the rows that are included in the group.
-
-3. Move your cursor to the next row in the group clause, and then in the **Field** column, select a field.
-
-4. In the **Operator** column, select an operator.
-
-5. In the **Value** column, enter a value, and then click **Refresh**.
-
-## Related topics
-
-
-[Example Filter Queries](example-filter-queries.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/fixing-compatibility-issues.md b/windows/plan/fixing-compatibility-issues.md
index b7f338d5ac..50f8032d64 100644
--- a/windows/plan/fixing-compatibility-issues.md
+++ b/windows/plan/fixing-compatibility-issues.md
@@ -1,78 +1,5 @@
---
title: Fixing Compatibility Issues (Windows 10)
description: This section provides step-by-step instructions and describes development tools that you can use to help fix your compatibility issues.
-ms.assetid: 30ba8d14-a41a-41b3-9019-e8658d6974de
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Fixing Compatibility Issues
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section provides step-by-step instructions and describes development tools that you can use to help fix your compatibility issues.
-
-## In this section
-
-
-
-
-
-
-Column
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Taking Inventory of Your Organization](taking-inventory-of-your-organization.md)
-
-[Testing Compatibility on the Target Platform](testing-compatibility-on-the-target-platform.md)
-
-[Managing Your Data-Collection Packages](managing-your-data-collection-packages.md)
-
-[Analyzing Your Compatibility Data](analyzing-your-compatibility-data.md)
-
-[Troubleshooting ACT](troubleshooting-act.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/identifying-computers-for-inventory-collection.md b/windows/plan/identifying-computers-for-inventory-collection.md
index a7378b9820..524304a7cf 100644
--- a/windows/plan/identifying-computers-for-inventory-collection.md
+++ b/windows/plan/identifying-computers-for-inventory-collection.md
@@ -1,104 +1,5 @@
---
title: Identifying Computers for Inventory Collection (Windows 10)
-ms.assetid: f5bf2d89-fff2-4960-a153-dc1146b442fb
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.sitesec: library
-author: TrudyHa
----
-
-# Identifying Computers for Inventory Collection
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-An inventory-collector package gathers inventory data from the computers on which it is installed. This data includes the following:
-
-- **System inventory.** Information about the client computer. This information includes the memory capacity, the processor speed, and the processor architecture.
-
-- **Device inventory.** Information about the devices that are installed on the client computer. This information includes the model, the manufacturer, and the device class.
-
-- **Software inventory.** An inventory of the applications that are installed on the computer. This information includes system technologies such as Windows® Installer.
-
-To generate a complete inventory and obtain a comprehensive view of your organization, inventory all computers. However, remember that deploying inventory-collector packages to all computers in your organization will require the additional work of analyzing and reducing a larger list of applications. If you do not have the resources to deploy to all computers or you cannot process a larger list of applications, consider deploying inventory-collector packages to representative subsets of computers instead.
-
-If you decide to deploy inventory-collector packages to representative subsets of computers in your organization, consider the following:
-
-- [Managed and Unmanaged Environments](#bmk-managedunmanaged)
-
-- [Role-Based Applications](#bmk-rolebasedapplications)
-
-- [Software Distribution](#bmk-softwaredistribution)
-
-- [Geographic Distribution](#bmk-geographicdistribution)
-
-- [Computer Types](#bmk-computertypes)
-
-## Managed and Unmanaged Environments
-
-
-In your organization, you may have managed environments and unmanaged environments.
-
-In a managed environment, IT administrators strictly control and manage the installation and use of applications. In this environment, you can discover the full inventory by deploying inventory-collector packages to a limited subset of computers.
-
-In an unmanaged environment, users have administrator permissions and can install applications at their own discretion. To obtain the full inventory, you must deploy your inventory-collector packages to more computers.
-
-## Role-Based Applications
-
-
-Your organization may use role-based applications that relate to job function. For example, accountants may use finance-related applications. Reviewing application use together with job function helps you better identify which subsets of computers need inventory-collector packages.
-
-## Software Distribution
-
-
-You can distribute applications in various ways within an organization. For example, you can use Group Policy, Microsoft® IntelliMirror®, Microsoft System Center Configuration Manager, or a customized distribution method. Reviewing the policies for your software distribution system helps you better identify which subsets of computers need inventory-collector packages.
-
-## Geographic Distribution
-
-
-While you plan for inventory collection, consider the geographic distribution of your organization, and consider application use within each region. Be sure to account for divisional applications, localized applications, and applications that are specific to the geographic location and export restrictions. Consult with technical and business leaders from each region to understand the differences and determine which subsets of computers need inventory-collector packages.
-
-## Computer Types
-
-
-Computer types can be an important factor in the deployment of inventory-collector packages. The following sections describe common computer types.
-
-### Mobile Computers
-
-Mobile users are frequently offline, occasionally synchronizing with the corporate network through a LAN or VPN connection. The user must be online for the inventory-collector package to be downloaded and installed, and must be online again for the logged data to be uploaded.
-
-### Multiuser Computers
-
-Multiuser computers are typically in university computer labs, libraries, and organizations that enable job sharing. These computers include a core set of applications that are always available, in addition to many applications that can be installed and removed as necessary. Because these computers typically have a core set of applications, you can identify a narrow subset of computers to receive the inventory-collector package.
-
-### AppStations and TaskStations
-
-AppStations that run vertical applications are typically for marketing, claims and loan processing, and customer service. TaskStations are typically dedicated to running a single application in a location such as a manufacturing floor (as an entry terminal) or a call center. Because AppStations and TaskStations do not typically enable users to add or remove applications, you can identify a narrow subset of computers to receive the inventory-collector package.
-
-### Kiosks
-
-Kiosks are generally in public areas. These computers run unattended. They also generally run a single application by using a single-use account and automatic logon. Because these computers typically run a single application, you can identify a narrow subset of computers to receive the inventory-collector package.
-
-## Related topics
-
-
-[Creating an Inventory-Collector Package](creating-an-inventory-collector-package.md)
-
-[Deploying an Inventory-Collector Package](deploying-an-inventory-collector-package.md)
-
-
-
-
-
-
-
-
-
+description: To generate a complete inventory and obtain a comprehensive view of your organization, inventory all computers. However, remember that deploying inventory-collector packages to all computers in your organization will require the additional work of analyzing and reducing a larger list of applications. If you do not have the resources to deploy to all computers or you cannot process a larger list of applications, consider deploying inventory-collector packages to representative subsets of computers instead.
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md b/windows/plan/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md
index c55deebb84..bd057029b9 100644
--- a/windows/plan/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md
+++ b/windows/plan/installing-and-uninstalling-custom-compatibility-databases-in-compatibility-administrator.md
@@ -59,15 +59,4 @@ When a custom database is no longer necessary, either because the applications a
2. On the **File** menu, click **Uninstall**.
## Related topics
-
-
-[Using the Compatibility Administrator Tool](using-the-compatibility-administrator-tool.md)
-
-
-
-
-
-
-
-
-
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
\ No newline at end of file
diff --git a/windows/plan/internet-explorer-web-site-report.md b/windows/plan/internet-explorer-web-site-report.md
index da0098b6c3..f30fc92bd6 100644
--- a/windows/plan/internet-explorer-web-site-report.md
+++ b/windows/plan/internet-explorer-web-site-report.md
@@ -1,68 +1,5 @@
---
title: Internet Explorer - Web Site Report (Windows 10)
-ms.assetid: f072033d-9d42-47ed-8fb0-dbdc28442910
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Internet Explorer - Web Site Report
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The **Internet Explorer - Web Site Report** screen shows the following information for each of the websites visited in your organization:
-
-- The website URL.
-
-- Your organization's compatibility rating for the website.
-
-- The count of issues for the website.
-
-- The count of resolved issues for the website.
-
-**To open the Internet Explorer - Web Site Report screen**
-
-1. In Application Compatibility Manager (ACM), on the **Quick Reports** pane, click **Analyze**.
-
-2. In the **Quick Reports** pane, under the **Internet Explorer** heading, click **Web Sites**.
-
-## Using the Internet Explorer - Web Site Report Screen
-
-
-On the **Internet Explorer - Web Site Report** screen, you can:
-
-- Export the report data to a spreadsheet, or import a report. For more information, see [Saving, Opening, and Exporting Reports](saving-opening-and-exporting-reports.md).
-
-- Synchronize your compatibility issues by using the Microsoft Compatibility Exchange. For more information, see [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md).
-
-- Filter the report by using the query builder. For more information, see [Filtering Your Compatibility Data](filtering-your-compatibility-data.md).
-
-- Specify your compatibility rating for a website. For more information, see [Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md).
-
-- Select your deployment status for a website. For more information, see [Selecting Your Deployment Status](selecting-your-deployment-status.md).
-
-- Assign categories and subcategories to a website. For more information, see [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md).
-
-- Specify the importance of a website to your organization. For more information, see [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md).
-
-- Double-click a website name to view its associated dialog box. For more information, see [<WebsiteURL> Dialog Box](websiteurl-dialog-box.md).
-
-
-
-
-
-
-
-
-
+description: The Internet Explorer - Web Site Report screen shows the URL, your organization's compatibility rating, issue count, and resolved issue count, for each of the websites visited in your organization.
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/labeling-data-in-acm.md b/windows/plan/labeling-data-in-acm.md
index 1e0ae71639..92f7448f84 100644
--- a/windows/plan/labeling-data-in-acm.md
+++ b/windows/plan/labeling-data-in-acm.md
@@ -1,54 +1,5 @@
---
title: Labeling Data in ACM (Windows 10)
description: Application data and its associated compatibility issues can vary within an organization.
-ms.assetid: d099c747-e68a-4cad-a639-9f33efab35b3
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Labeling Data in ACM
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-Application data and its associated compatibility issues can vary within an organization. For example, the applications used by a Human Resources (HR) department might differ from the applications used by a Sales department. Even for applications that are used across an organization, different compatibility issues might be found for each business group because of the unique application use by each business group.
-
-Your data-collection packages can add a *label* to your inventoried applications. To filter by business group when analyzing reports, you can create a different data-collection package for each business group and have each package assign a unique label. For example, you can create a data-collection package for your Sales department with a **Sales** label. During reports analysis, you can filter your results so that only the data with the **Sales** label is visible.
-
-You can specify a label when you create a data-collection package. You cannot change the label for an existing data-collection package.
-
-**To specify the label for a new data-collection package**
-
-1. In Application Compatibility Manager (ACM), on the **Go** menu, click **Collect**.
-
-2. On the **Collect** screen, click **File** from the toolbar, and then click **New** to start creating a new data-collection package.
-
-3. In the wizard, enter the label that you want to be applied by the data-collection package.
-
-## Related topics
-
-
-[Log File Locations for Data-Collection Packages](log-file-locations-for-data-collection-packages.md)
-
-[Exporting a Data-Collection Package](exporting-a-data-collection-package.md)
-
-[Deleting a Data-Collection Package](deleting-a-data-collection-package.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/log-file-locations-for-data-collection-packages.md b/windows/plan/log-file-locations-for-data-collection-packages.md
index 99ea5bc63f..5fa3b6c466 100644
--- a/windows/plan/log-file-locations-for-data-collection-packages.md
+++ b/windows/plan/log-file-locations-for-data-collection-packages.md
@@ -1,54 +1,5 @@
---
title: Log File Locations for Data-Collection Packages (Windows 10)
-ms.assetid: dcc395e7-2d9c-4935-abab-33c5934ce24a
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Log File Locations for Data-Collection Packages
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-When you create a data-collection package in Application Compatibility Manager (ACM), you can select an output location for your log files. You have the following options:
-
-- Specify an ACT Log Processing Service (LPS) share. The data-collection package automatically writes the log files to the specified ACT LPS share.
-
- If the ACT LPS share is unavailable when the upload time interval is reached, the data-collection package will make two more attempts.
-
- For inventory collector packages, after the third attempt, the inventory collector package no longer attempts to upload data.
-
- For runtime-analysis packages, if the problem persists, the runtime-analysis package will store the log file in %SYSTEMDRIVE%\\Users\\All Users\\Microsoft\\Application Compatibility Toolkit\\LogProcessor\\Failed. The runtime-analysis package will attempt to upload the files again at the next upload interval.
-
-- Select **Local (%ACTAppData%\\DataCollector\\Output)**. If you use this option, the data-collection package creates log files on the local system and the computer administrator must manually copy the files to the ACT LPS share location. Consider this option for mobile users who are not always connected to the network. The log files are located in %SYSTEMDRIVE%\\Users\\All Users\\Microsoft\\Application Compatibility Toolkit\\DataCollector\\Output.
-
-- Type an alternate network share location. If you use this option, verify that the data-collection package can write to the alternate location. You might consider this option if your organization is geographically diverse. For example, administrators can create data-collection packages and file shares individually for each geographic location. Administrators at a central location must then move the log files to a central location and map the files to the ACT LPS share for processing and entry into the ACT database.
-
-## Related topics
-
-
-[Exporting a Data-Collection Package](exporting-a-data-collection-package.md)
-
-[Deleting a Data-Collection Package](deleting-a-data-collection-package.md)
-
-[Labeling Data in ACM](labeling-data-in-acm.md)
-
-
-
-
-
-
-
-
-
+description: Selecting the output for your data-collection package log files.
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/managing-application-compatibility-fixes-and-custom-fix-databases.md b/windows/plan/managing-application-compatibility-fixes-and-custom-fix-databases.md
index 7c8a961d1d..a654054608 100644
--- a/windows/plan/managing-application-compatibility-fixes-and-custom-fix-databases.md
+++ b/windows/plan/managing-application-compatibility-fixes-and-custom-fix-databases.md
@@ -56,17 +56,6 @@ This section provides information about managing your application-compatibility
## Related topics
-
-
[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-[Using the Compatibility Administrator Tool](using-the-compatibility-administrator-tool.md)
-
-
-
-
-
-
-
-
-
+[Using the Compatibility Administrator Tool](using-the-compatibility-administrator-tool.md)
\ No newline at end of file
diff --git a/windows/plan/managing-your-data-collection-packages.md b/windows/plan/managing-your-data-collection-packages.md
index 46eaa26130..03cbe4849d 100644
--- a/windows/plan/managing-your-data-collection-packages.md
+++ b/windows/plan/managing-your-data-collection-packages.md
@@ -1,80 +1,5 @@
---
title: Managing Your Data-Collection Packages (Windows 10)
description: This section provides information about using Application Compatibility Manager (ACM) to manage your data-collection packages.
-ms.assetid: 369ae82f-c8ca-42ec-85df-1b760a74e70a
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Managing Your Data-Collection Packages
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section provides information about using Application Compatibility Manager (ACM) to manage your data-collection packages. Data-collection packages include inventory-collector packages and runtime-analysis packages. The following procedures apply to both package types.
-
-## In this section
-
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Taking Inventory of Your Organization](taking-inventory-of-your-organization.md)
-
-[Testing Compatibility on the Target Platform](testing-compatibility-on-the-target-platform.md)
-
-[Analyzing Your Compatibility Data](analyzing-your-compatibility-data.md)
-
-[Fixing Compatibility Issues](fixing-compatibility-issues.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/organizational-tasks-for-each-report-type.md b/windows/plan/organizational-tasks-for-each-report-type.md
index e572f3b042..61498e165d 100644
--- a/windows/plan/organizational-tasks-for-each-report-type.md
+++ b/windows/plan/organizational-tasks-for-each-report-type.md
@@ -1,96 +1,5 @@
---
title: Organizational Tasks for Each Report Type (Windows 10)
description: The following table shows which tasks can be performed for each report type.
-ms.assetid: 7463fab1-ba6e-4a9a-9112-0b69a18fe353
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Organizational Tasks for Each Report Type
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The following table shows which tasks can be performed for each report type.
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/organizing-your-compatibility-data.md b/windows/plan/organizing-your-compatibility-data.md
index 54bc38d151..30d2918977 100644
--- a/windows/plan/organizing-your-compatibility-data.md
+++ b/windows/plan/organizing-your-compatibility-data.md
@@ -1,90 +1,5 @@
---
title: Organizing Your Compatibility Data (Windows 10)
description: This section provides step-by-step instructions for organizing your compatibility data in Application Compatibility Manager (ACM).
-ms.assetid: e91ae444-5d85-4b5f-b655-a765ecc78b1e
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Organizing Your Compatibility Data
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section provides step-by-step instructions for organizing your compatibility data in Application Compatibility Manager (ACM).
-
-## In this section
-
-
-
-
-
-
-Report
-[Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md)
-[Selecting Your Deployment Status](selecting-your-deployment-status.md)
-[Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md)
-[Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md)
-[Selecting the Send and Receive Status for an Application](selecting-the-send-and-receive-status-for-an-application.md)
-[Creating and Editing Issues and Solutions](creating-and-editing-issues-and-solutions.md)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Viewing Your Compatibility Reports](viewing-your-compatibility-reports.md)
-
-[Filtering Your Compatibility Data](filtering-your-compatibility-data.md)
-
-[Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/prioritizing-your-compatibility-data.md b/windows/plan/prioritizing-your-compatibility-data.md
index 3d55e9d1f3..7304d6dbb9 100644
--- a/windows/plan/prioritizing-your-compatibility-data.md
+++ b/windows/plan/prioritizing-your-compatibility-data.md
@@ -1,103 +1,5 @@
---
title: Prioritizing Your Compatibility Data (Windows 10)
-ms.assetid: 103e125a-bd2b-4019-9d6a-2e1d50c380b1
-description:
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Prioritizing Your Compatibility Data
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can prioritize your applications, websites, computers, and devices to help customize and filter your compatibility reports. The priority levels are:
-
-- **Priority 1 - Business Critical**. The highest priority level, applied to an item that is so important to your organization that a compatibility issue with the item would keep you from deploying a new operating system.
-
-- **Priority 2 - Important**. Items that your organization regularly uses but can function without.
-
-- **Priority 3 - Nice to Have**. Lower-priority items that you want to show in your compatibility reports that do not belong in either of the previous two categories.
-
-- **Priority 4 - Unimportant**. Items that are irrelevant to the daily functions of your organization.
-
-- **Unspecified**. The default priority level, applied to items that have not yet been reviewed for deployment.
-
-## Prioritizing Your Applications, Computers, Devices, and Websites
-
-
-The following example uses the **<Operating\_System> - Application Report** screen. You can alternatively use the **<Application\_Name>** dialog box. The procedure is the same on the reports for computers, devices, and websites.
-
-**To change the priority**
-
-1. On the **<Operating\_System> - Application Report** screen, click the name of the application.
-
-2. On the **Actions** menu, click **Set Priority**.
-
-3. Click a priority, and then click **OK**.
-
-**To filter your data by priority**
-
-1. On the **<Operating\_System> - Application Report** screen, click **Toggle Filter**.
-
-2. Enter your filter criteria, pressing the Tab key to add clauses.
-
- Consider the following example, which shows a query that filters for all applications that have a priority level of **Business Critical** or **Important**.
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- To delete a clause, right-click the row, and then click **Delete Clause**.
-
-3. Click **Refresh**.
-
- Your filtered results appear.
-
-
-
-
-
-
-
-
-
+description: Prioritizing your apps, websites, computers, and devices to help customize and filter your compatibilty reports.
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/ratings-icons-in-acm.md b/windows/plan/ratings-icons-in-acm.md
index e8f095c0ac..c1f0184338 100644
--- a/windows/plan/ratings-icons-in-acm.md
+++ b/windows/plan/ratings-icons-in-acm.md
@@ -1,111 +1,5 @@
---
title: Ratings Icons in ACM (Windows 10)
description: Compatibility ratings can originate from Microsoft, the application vendor, your organization, and from the Application Compatibility Toolkit (ACT) community.
-ms.assetid: 0165499e-cb47-4d76-98a6-b871d23e4e83
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Ratings Icons in ACM
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-Compatibility ratings can originate from Microsoft, the application vendor, your organization, and from the Application Compatibility Toolkit (ACT) community.
-
-For information about specifying your own ratings, see [Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md). For information about community ratings, see [ACT Community Ratings and Process](act-community-ratings-and-process.md).
-
-## Icons
-
-
-The following table shows icons that appear on the report screens and dialog boxes for **Company Assessment** and **Vendor Assessment**.
-
-
-
-
-
- And/Or
- Field
- Operator
- Value
-
-
-
-
-
-
-
-
-
-
-## User Ratings and ACT Community Ratings
-
-
-Ratings are displayed graphically in the **User Ratings** column and the **Community Assessment** column. The rating color and bar count depend on how the users or community rated the item. There are three possible ratings:
-
-- **Works**. Applications with this rating receive five green bars.
-
-- **Works with minor issues or has solutions**. Applications with this rating receive three light-green bars.
-
-- **Does not work**. Applications with this rating receive a single red bar.
-
-The color gradient from one to five bars shows the average rating.
-
-
-
-## Related topics
-
-
-[Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md)
-
-[Analyzing Your Compatibility Data](analyzing-your-compatibility-data.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/resolving-an-issue.md b/windows/plan/resolving-an-issue.md
index 4d5557c944..e6a5b97651 100644
--- a/windows/plan/resolving-an-issue.md
+++ b/windows/plan/resolving-an-issue.md
@@ -1,62 +1,5 @@
---
title: Resolving an Issue (Windows 10)
description: You can use Application Compatibility Manager (ACM) to flag issues as resolved. Resolving an issue changes the status of the issue from a red x to a green check mark on your report and report detail screens.
-ms.assetid: 96195122-185d-4f6a-8e84-79c3d069e933
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Resolving an Issue
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can use Application Compatibility Manager (ACM) to flag issues as resolved. Resolving an issue changes the status of the issue from a red **x** to a green check mark on your report and report detail screens.
-
-Resolving an issue is not required. However, if you do not resolve the issue, the issue remains active in your ACT database and provides inaccurate reports.
-
-## Resolving Issues for Your Applications and Websites
-
-
-This procedure describes how to resolve an existing issue that is documented in ACM. For information about adding an issue, see [Adding or Editing an Issue](adding-or-editing-an-issue.md).
-
-**Note**
-The following example uses the **<Application\_Name>** dialog box. The procedure is similar for websites.
-
-
-
-**To resolve issues**
-
-1. On the **<Operating\_System> - Application Report** screen, double-click the name of the application to display the **<Application\_Name>** dialog box.
-
-2. Click the **Issues** tab.
-
-3. Double-click the specific issue to resolve.
-
-4. On the **Actions** menu, click **Resolve**, and then close the **<Application\_Name> - <Issue\_Title>** dialog box.
-
- The issue appears with a green check mark in the report details screen.
-
- **Note**
- If you have not entered a solution but have resolved the issue, Microsoft recommends that you enter a solution with **Other** solution type and add text that describes why you resolved the issue without a solution. For information about entering solutions, see [Adding or Editing a Solution](adding-or-editing-a-solution.md).
-
-
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/saving-opening-and-exporting-reports.md b/windows/plan/saving-opening-and-exporting-reports.md
index 67d940bd0d..65bfc93fba 100644
--- a/windows/plan/saving-opening-and-exporting-reports.md
+++ b/windows/plan/saving-opening-and-exporting-reports.md
@@ -1,78 +1,5 @@
---
title: Saving, Opening, and Exporting Reports (Windows 10)
description: You can perform several common reporting tasks from the Analyze screen, including saving a compatibility report, opening a saved compatibility report (.adq) file, and exporting your report data to a spreadsheet (.xls) file.
-ms.assetid: 8be72a6c-63ab-4451-ad79-815e2ac18aa2
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Saving, Opening, and Exporting Reports
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can perform several common reporting tasks from the **Analyze** screen, including saving a compatibility report, opening a saved compatibility report (.adq) file, and exporting your report data to a spreadsheet (.xls) file.
-
-## Saving Your Compatibility Report
-
-
-You can save your compatibility report data, including any custom filters created by the query builder tool. You can import this report data back into Application Compatibility Manager (ACM) at a later time.
-
-**To save a report**
-
-1. In the **Quick Reports** pane, click **Analyze**.
-
-2. Expand the node for the target operating system for which you want to see compatibility reports, and then click a node for a report type.
-
-3. On the **File** menu, click **Save As**.
-
-4. Browse to the folder where you want to save your report, and then click **Save**.
-
-## Opening an Existing Compatibility Report
-
-
-In ACM, you can open, or import, a compatibility report (.adq) file.
-
-**To open a report**
-
-1. In the **Quick Reports** pane, click **Analyze**.
-
-2. Expand the node for the target operating system for which you want to see compatibility reports, and then click a node for a report type.
-
-3. On the **File** menu, click **Open Report**.
-
-4. Browse to the folder where you saved your report, and then click **Open**.
-
-## Exporting Compatibility Report Data
-
-
-You can export your compatibility report data to an Microsoft® Excel® spreadsheet (.xls) file.
-
-**To export report data**
-
-1. In the **Quick Reports** pane, click **Analyze**.
-
-2. Expand the node for the target operating system for which you want to see compatibility reports, and then click a node for a report type.
-
-3. On the **File** menu, click **Export Report**.
-
-4. Browse to the folder where you want to store the spreadsheet file, and then click **Save**.
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/searching-for-fixed-applications-in-compatibility-administrator.md b/windows/plan/searching-for-fixed-applications-in-compatibility-administrator.md
index 99b2f4a61f..2488fe4e38 100644
--- a/windows/plan/searching-for-fixed-applications-in-compatibility-administrator.md
+++ b/windows/plan/searching-for-fixed-applications-in-compatibility-administrator.md
@@ -62,8 +62,6 @@ You can export your search results to a text (.txt) file for later review or arc
2. Browse to the location where you want to store your search result file, and then click **Save**.
## Related topics
-
-
[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/plan/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md b/windows/plan/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md
index 25906a1746..34260942d9 100644
--- a/windows/plan/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md
+++ b/windows/plan/searching-for-installed-compatibility-fixes-with-the-query-tool-in-compatibility-administrator.md
@@ -166,8 +166,6 @@ You can export any of your search results into a tab-delimited text (.txt) file
2. Browse to the location where you intend to store the search results file, and then click **Save**.
## Related topics
-
-
[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/plan/selecting-the-send-and-receive-status-for-an-application.md b/windows/plan/selecting-the-send-and-receive-status-for-an-application.md
index 782d3c1651..3674f73b68 100644
--- a/windows/plan/selecting-the-send-and-receive-status-for-an-application.md
+++ b/windows/plan/selecting-the-send-and-receive-status-for-an-application.md
@@ -1,98 +1,5 @@
---
title: Selecting the Send and Receive Status for an Application (Windows 10)
description: For each application listed in Application Compatibility Manager (ACM), you can select whether to send and receive specific application data through the Microsoft Compatibility Exchange.
-ms.assetid: ae139093-27cf-4ad8-882d-e0509e78d33a
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Selecting the Send and Receive Status for an Application
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-For each application listed in Application Compatibility Manager (ACM), you can select whether to send and receive specific application data through the Microsoft Compatibility Exchange
-
-. For information about how to send and receive data, see [Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md).
-
-## Selecting the Send and Receive Status for an Application
-
-
-**Note**
-The following example uses the **<Operating\_System> - Application Report** screen. You can alternatively use the **<Application\_Name>** dialog box.
-
-
-
-**To change the send and receive status for an application**
-
-1. On the **<Operating\_System> - Application Report** screen, click the application name for which you want to select the send and receive status.
-
-2. On the **Actions** menu, click **Set Send and Receive Status**.
-
-3. Select one of the following:
-
- - **Do not send to Microsoft**
-
- - **Send to Microsoft** (default)
-
-4. Click **OK**.
-
-**To filter based on send and receive status**
-
-1. On the **<Operating\_System> - Application Report** screen, click **Toggle Filter**.
-
-2. In the **Query Builder**, enter your filter criteria, pressing the Tab key to add clauses.
-
- To delete a clause, right-click the row, and then click **Delete Clause**.
-
- The following example shows a query that filters for applications with a send and receive status of **Do not send to Microsoft**.
-
-
-
-
-
-Icon
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-3. Click **Refresh**.
-
- Your filtered results appear.
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/selecting-your-compatibility-rating.md b/windows/plan/selecting-your-compatibility-rating.md
index b7042d456d..e0b0defc6d 100644
--- a/windows/plan/selecting-your-compatibility-rating.md
+++ b/windows/plan/selecting-your-compatibility-rating.md
@@ -1,108 +1,5 @@
---
title: Selecting Your Compatibility Rating (Windows 10)
description: You can rate the compatibility of your applications, installation packages, or websites, based on whether they run successfully on a 32-bit or 64-bit operating system.
-ms.assetid: 959da499-8fd6-4f32-8771-a0580dd8e0d3
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Selecting Your Compatibility Rating
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-You can rate the compatibility of your applications, installation packages, or websites, based on whether they run successfully on a 32-bit or 64-bit operating system. Your rating applies to your entire organization and is based on your own testing results and organizational requirements.
-
-Possible ratings include:
-
-- **Works**. During your organization's testing phase, there were no issues with the application, installation package, or website.
-
-- **Works with minor issues or has solutions**. During your organization's testing phase, there were no Severity 1 or Severity 2 issues with the application, installation package, or website. For information about severity levels, see [Adding or Editing an Issue](adding-or-editing-an-issue.md).
-
-- **Does not work**. During your organization's testing phase, the application, installation package, or website experienced a Severity 1 or Severity 2 issue.
-
-- **No data**. You have no compatibility data to provide.
-
-## Selecting a Compatibility Rating
-
-
-You can select your compatibility rating from the report screen or from the associated dialog box that shows report details. As an example, the following procedures use the **<Operating\_System> - Application Report** screen. You can alternatively use the **<Application\_Name>** dialog box. The procedure is the same on the report for websites.
-
-**To select your compatibility rating**
-
-1. On the **<Operating\_System> - Application Report** screen, click the application name.
-
-2. On the **Actions** menu, click **Set Assessment**.
-
-3. Choose your ratings. Select separate ratings for 32-bit operating systems and 64-bit operating systems, and then click **OK**.
-
- If your organization does not use a 32-bit operating system, or does not use a 64-bit operating system, you can hide the option in the **Customize Report Views** dialog box. If you hide the option, the associated column no longer appears in the **Set Assessment** dialog box.
-
-## Filtering By Your Compatibility Ratings
-
-
-You can filter your applications, installation packages, or website data by your compatibility ratings.
-
-**To filter based on your compatibility ratings**
-
-1. On the **<Operating\_System> - Application Report** screen, click **Toggle Filter**.
-
-2. In the **Query Builder**, enter your filter criteria, pressing the Tab key to add additional clauses.
-
- For example, the following query will show applications with a rating of **Works** or a rating of **Works with minor issues or has solutions**.
-
-
-
-
-
- And/Or
- Field
- Operator
- Value
-
-
-
-
-
-
-
-
- To delete a clause, right-click the row, and then click **Delete Clause**.
-
-3. Click **Refresh**.
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/selecting-your-deployment-status.md b/windows/plan/selecting-your-deployment-status.md
index 8cc4a070bc..61fdf90369 100644
--- a/windows/plan/selecting-your-deployment-status.md
+++ b/windows/plan/selecting-your-deployment-status.md
@@ -1,117 +1,5 @@
---
title: Selecting Your Deployment Status (Windows 10)
description: In Application Compatibility Manager (ACM), you can track the deployment status of your applications and websites.
-ms.assetid: 7735d256-77eb-4498-93aa-c838ee6e00fc
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Selecting Your Deployment Status
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-In Application Compatibility Manager (ACM), you can track the deployment status of your applications and websites.
-
-## Selecting Your Deployment Status
-
-
-You can change the deployment status from both the report screen and the associated report dialog box.
-
-**Note**
-The following examples use the **<Operating\_System> - Application Report** screen. You can alternatively use the **<Application\_Name>** dialog box. The procedure is the same for setting deployment status on the report for websites.
-
-
-
-**To change the deployment status of an application**
-
-1. On the **<Operating\_System> - Application Report** screen, click the application name.
-
-2. On the **Actions** menu, click **Set Deployment Status**.
-
-3. Select one of the following options:
-
- - **Not Reviewed** (default)
-
- - **Testing**
-
- - **Mitigating**
-
- - **Ready to Deploy**
-
- - **Will Not Deploy**
-
-4. Click **OK**.
-
-## Filtering By Deployment Status
-
-
-You can filter your applications and websites by your deployment status.
-
-**To filter based on deployment status**
-
-1. On the **<Operating\_System> - Application Report** screen, click **Toggle Filter**.
-
- The **Query Builder** appears with a blank row.
-
-2. In the **Query Builder**, enter your filter criteria, pressing the Tab key to add clauses.
-
- For example, the following query filters for applications with a deployment status of **Mitigating** or **Ready to Deploy**.
-
-
-
-
-
- And/Or
- Field
- Operator
- Value
-
-
-
-
-
-
-
-
-
-
- To delete a clause, right-click the row, and then click **Delete Clause**.
-
-3. Click **Refresh**.
-
- Your filtered results appear.
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/sending-and-receiving-compatibility-data.md b/windows/plan/sending-and-receiving-compatibility-data.md
index 5a694085b2..fe2e0356a0 100644
--- a/windows/plan/sending-and-receiving-compatibility-data.md
+++ b/windows/plan/sending-and-receiving-compatibility-data.md
@@ -1,69 +1,5 @@
---
title: Sending and Receiving Compatibility Data (Windows 10)
description: The Microsoft® Compatibility Exchange is a web service that propagates application compatibility issues between various data sources, for example Microsoft Corporation, independent software vendors (ISVs) and the ACT Community.
-ms.assetid: b86d2431-1caa-4f95-baf9-52ff6af546cd
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Sending and Receiving Compatibility Data
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Microsoft® Compatibility Exchange is a web service that propagates application compatibility issues between various data sources, for example Microsoft Corporation, independent software vendors (ISVs) and the ACT Community. This process involves checking for updated compatibility information from Microsoft over the Internet. You can send and receive data to keep Application Compatibility Manager (ACM) updated with the latest compatibility information.
-
-The synchronization process includes only the changes made since the last synchronization. During the synchronization process, a dialog box displaying the synchronization status appears. You can continue to work during this process. If no new issues have occurred since your last synchronization, the Microsoft Compatibility Exchange uploads your issue information and notifies you that no updates exist.
-
-The synchronization process uses the Microsoft Compatibility Exchange to:
-
-- Download new information from Microsoft and ISVs, except for the applications for which you choose not to send application data to Microsoft.
-
-- Upload your compatibility issues to Microsoft.
-
-- Upload and download compatibility information from the ACT Community, if you are a member of the ACT Community and agree to share your data. For information about configuring your membership in the ACT Community, see [Settings Dialog Box - Preferences Tab](act-settings-dialog-box-preferences-tab.md).
-
-For information about which data is sent and received through the Microsoft Compatibility exchange, see [Data Sent Through the Microsoft Compatibility Exchange](data-sent-through-the-microsoft-compatibility-exchange.md).
-
-## Reviewing and Synchronizing Your Data
-
-
-Prior to sending your application data to Microsoft, you can review your application list and view the exact data being sent as a text (.txt) file. After you are done reviewing the information, you can synchronize your data with Microsoft.
-
-**To review and synchronize your data**
-
-1. On the **Analyze** screen, click **Send and Receive**.
-
-2. Click **Review the data before sending**.
-
- The **Send and Receive Data** dialog box shows all of the application data that is to be sent to Microsoft during the synchronization process. To avoid sending application data for specific applications, see [Selecting the Send and Receive Status for an Application](selecting-the-send-and-receive-status-for-an-application.md).
-
-3. Optionally, click **Review all data**, save the resulting .txt file locally, and then review the exact XML data that will be sent to Microsoft.
-
-4. After you finish reviewing the application list and XML data, click **Send**.
-
-## Related topics
-
-
-[Data Sent Through the Microsoft Compatibility Exchange](data-sent-through-the-microsoft-compatibility-exchange.md)
-
-[ACT Community Ratings and Process](act-community-ratings-and-process.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/settings-for-acm.md b/windows/plan/settings-for-acm.md
index 6abb406ec3..fe209d179d 100644
--- a/windows/plan/settings-for-acm.md
+++ b/windows/plan/settings-for-acm.md
@@ -1,70 +1,5 @@
---
title: Settings for ACM (Windows 10)
description: This section provides information about settings that you can configure in Application Compatibility Manager (ACM).
-ms.assetid: e0126284-4348-4708-8976-a1e404f35971
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Settings for ACM
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section provides information about settings that you can configure in Application Compatibility Manager (ACM).
-
-## In this section
-
-
-
-
-
-
- And/Or
- Field
- Operator
- Value
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Configuring ACT](configuring-act.md)
-
-[ACT Database Configuration](act-database-configuration.md)
-
-[Troubleshooting ACT](troubleshooting-act.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/software-requirements-for-act.md b/windows/plan/software-requirements-for-act.md
index 3564e2d753..d631eef7aa 100644
--- a/windows/plan/software-requirements-for-act.md
+++ b/windows/plan/software-requirements-for-act.md
@@ -1,86 +1,5 @@
---
title: Software Requirements for ACT (Windows 10)
description: The Application Compatibility Toolkit (ACT) has the following software requirements.
-ms.assetid: 9bbc21d4-f2ac-4a91-8add-017b1eacdeee
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Software Requirements for ACT
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Application Compatibility Toolkit (ACT) has the following software requirements.
-
-## Operating Systems
-
-
-ACT can be installed on the following operating systems:
-
-- Windows 10
-
-- Windows 8.1
-
-- Windows 8
-
-- Windows 7
-
-- Windows Server 2012
-
-- Windows Server 2008 R2
-
-You can deploy inventory collector packages to all of the operating systems where you can install ACT. In addition, you can also deploy inventory collector packages to Windows Server 2008, Windows Vista, and Windows XP.
-
-**Note**
-As of Update 2, there is a known issue where the inventory collector package fails on Windows Vista.
-
-
-
-## Database Components
-
-
-ACT requires one of the following database components:
-
-- Microsoft® SQL Server® 2012
-
-- Microsoft® SQL Server® 2008 R2
-
-- SQL Server 2008
-
-- SQL Server 2005
-
-- SQL Server 2008 Express
-
-- SQL Server 2005 Express Edition
-
-## .NET Framework
-
-
-ACT requires .NET Framework 4.
-
-## Related topics
-
-
-[What's New in Act 6.1](whats-new-in-act-60.md)
-
-[Software Requirements for RAP](software-requirements-for-rap.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/software-requirements-for-rap.md b/windows/plan/software-requirements-for-rap.md
index 07311438e4..b9914238fc 100644
--- a/windows/plan/software-requirements-for-rap.md
+++ b/windows/plan/software-requirements-for-rap.md
@@ -1,70 +1,5 @@
---
title: Software Requirements for RAP (Windows 10)
description: The runtime-analysis package (RAP) has the following software requirements.
-ms.assetid: 0163ce70-f5ba-400c-bdd5-a25511aac91f
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Software Requirements for RAP
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The runtime-analysis package (RAP) has the following software requirements.
-
-## Compatibility Monitor Supported Operating Systems
-
-
-The Microsoft Compatibility Monitor tool is included in the runtime-analysis package. You can use the Compatibility Monitor on the following operating systems:
-
-- Windows 10
-
-- Windows 8.1
-
-- Windows 8
-
-- Windows 7
-
-## SUA Tool and Compatibility Administrator Supported Operating Systems
-
-
-The Standard User Analyzer (SUA) tool and wizard and the Compatibility Administrator tool are included in the runtime-analysis package. You can use the tools on the following operating systems:
-
-- Windows 10
-
-- Windows 8.1
-
-- Windows 8
-
-- Windows 7
-
-- Windows Server 2012
-
-- Windows Server 2008 R2
-
-## Related topics
-
-
-[What's New in Act 6.1](whats-new-in-act-60.md)
-
-[Software Requirements for ACT](software-requirements-for-act.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/sua-users-guide.md b/windows/plan/sua-users-guide.md
index e0f2921b80..fff7a5757e 100644
--- a/windows/plan/sua-users-guide.md
+++ b/windows/plan/sua-users-guide.md
@@ -54,16 +54,6 @@ You can use SUA in either of the following ways:
-
-
-
-## Related topics
-
-
-[Deciding Whether to Fix an Application or Deploy a Workaround](deciding-whether-to-fix-an-application-or-deploy-a-workaround.md)
-
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-
diff --git a/windows/plan/taking-inventory-of-your-organization.md b/windows/plan/taking-inventory-of-your-organization.md
index 07b40d240a..d199af1ab6 100644
--- a/windows/plan/taking-inventory-of-your-organization.md
+++ b/windows/plan/taking-inventory-of-your-organization.md
@@ -1,76 +1,5 @@
---
title: Taking Inventory of Your Organization (Windows 10)
description: This section provides information about how to use the Application Compatibility Toolkit (ACT) to identify applications and devices that are installed in your organization.
-ms.assetid: d52f138d-c6b2-4ab1-bb38-5b036311a51d
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Taking Inventory of Your Organization
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section provides information about how to use the Application Compatibility Toolkit (ACT) to identify applications and devices that are installed in your organization.
-
-## In this section
-
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Testing Compatibility on the Target Platform](testing-compatibility-on-the-target-platform.md)
-
-[Managing Your Data-Collection Packages](managing-your-data-collection-packages.md)
-
-[Analyzing Your Compatibility Data](analyzing-your-compatibility-data.md)
-
-[Fixing Compatibility Issues](fixing-compatibility-issues.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/testing-compatibility-on-the-target-platform.md b/windows/plan/testing-compatibility-on-the-target-platform.md
index 621a8bfeb2..9ba06e8cb3 100644
--- a/windows/plan/testing-compatibility-on-the-target-platform.md
+++ b/windows/plan/testing-compatibility-on-the-target-platform.md
@@ -1,84 +1,5 @@
---
title: Testing Compatibility on the Target Platform (Windows 10)
description: This section provides information about setting up a test environment for compatibility testing, and about creating and deploying runtime-analysis packages to the test environment.
-ms.assetid: 8f3e9d58-37c2-41ea-a216-32712baf6cf4
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Testing Compatibility on the Target Platform
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section provides information about setting up a test environment for compatibility testing, and about creating and deploying runtime-analysis packages to the test environment.
-
-## In this section
-
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Taking Inventory of Your Organization](taking-inventory-of-your-organization.md)
-
-[Managing Your Data-Collection Packages](managing-your-data-collection-packages.md)
-
-[Analyzing Your Compatibility Data](analyzing-your-compatibility-data.md)
-
-[Fixing Compatibility Issues](fixing-compatibility-issues.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/testing-your-application-mitigation-packages.md b/windows/plan/testing-your-application-mitigation-packages.md
index 669904c1e6..5fc970623c 100644
--- a/windows/plan/testing-your-application-mitigation-packages.md
+++ b/windows/plan/testing-your-application-mitigation-packages.md
@@ -84,15 +84,4 @@ At this point, you probably cannot resolve any unresolved application compatibil
If your developers have insufficient resources to resolve the application compatibility issues, outsource the mitigation effort to another organization within your company.
## Related topics
-
-
-[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
-
-
-
-
-
-
-
-
-
+[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
\ No newline at end of file
diff --git a/windows/plan/troubleshooting-act-database-issues.md b/windows/plan/troubleshooting-act-database-issues.md
index ba1e7c4f7a..e0fb05fd2a 100644
--- a/windows/plan/troubleshooting-act-database-issues.md
+++ b/windows/plan/troubleshooting-act-database-issues.md
@@ -1,157 +1,5 @@
---
title: Troubleshooting ACT Database Issues (Windows 10)
description: The following solutions may help you resolve issues that are related to your Microsoft® SQL Server® database for the Application Compatibility Toolkit (ACT).
-ms.assetid: c36ab5d8-cc82-4681-808d-3d491551b75e
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Troubleshooting ACT Database Issues
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The following solutions may help you resolve issues that are related to your Microsoft® SQL Server® database for the Application Compatibility Toolkit (ACT).
-
-For information about how to set up the database, see [ACT Database Configuration](act-database-configuration.md).
-
-## Connecting to a SQL Server Database
-
-
-When you attempt to connect to a SQL Server database, you may receive the following error message:
-
-The SQL Server you entered either does not exist or you do not have the required credentials for access.
-
-This error message indicates that the connection to the database is not valid. To investigate this error, do the following:
-
-1. Verify that the SQL Server database to which you are connecting is a valid database.
-
-2. Verify that you have read and write permissions to the database. If you do not have read and write permissions, contact your SQL Server administrator. For more information, see [Adding a Member to a SQL Server Database Role](http://go.microsoft.com/fwlink/p/?LinkId=64170).
-
-If you have read and write permissions to the database but cannot connect to it, you may be able to change the settings for your instance of SQL Server to resolve the issue. Namely, you can enable TCP/IP and firewall exceptions.
-
-**To enable TCP/IP and firewall exceptions for your instance of SQL Server**
-
-1. In a **Command Prompt** window, type the following command to stop your instance of SQL Server.
-
- ``` syntax
- net stop
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Using ACT](using-act.md)
-
-[ACT Product and Documentation Resources](act-product-and-documentation-resources.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/troubleshooting-the-act-configuration-wizard.md b/windows/plan/troubleshooting-the-act-configuration-wizard.md
index 709b60fb6d..08200ff49f 100644
--- a/windows/plan/troubleshooting-the-act-configuration-wizard.md
+++ b/windows/plan/troubleshooting-the-act-configuration-wizard.md
@@ -1,76 +1,5 @@
---
title: Troubleshooting the ACT Configuration Wizard (Windows 10)
description: When you start Application Compatibility Manager (ACM) for the first time, the Application Compatibility Toolkit (ACT) Configuration Wizard appears.
-ms.assetid: f4f489c7-50b7-4b07-8b03-79777e1aaefd
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Troubleshooting the ACT Configuration Wizard
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-When you start Application Compatibility Manager (ACM) for the first time, the Application Compatibility Toolkit (ACT) Configuration Wizard appears. The wizard helps you configure your ACT database, your shared folder for ACT log files, and your ACT Log Processing Service account.
-
-## Selecting a Configuration for ACM
-
-
-The **Enterprise configuration** option enables all ACT functionality. You must be an administrator on the local computer to select this option.
-
-The **View and manage reports only** option enables you to use ACM to create data-collection packages and analyze your data. You cannot access the ACT Log Processing Service. This option assumes that another computer in your organization is processing the logs and loading the compatibility data into the ACT database.
-
-## Configuring ACT Database Settings
-
-
-To configure ACT database settings in the ACT Configuration Wizard, you must have read and write permissions to the ACT database. For more information, see [ACT Database Configuration](act-database-configuration.md). If you do not have the appropriate permissions, contact your Microsoft® SQL Server® administrator. For more information, see [Troubleshooting ACT Database Issues](troubleshooting-act-database-issues.md).
-
-## Configuring the ACT Log Processing Service
-
-
-If you use the Local System account to run the ACT Log Processing Service, your user account must be an Administrator account. Your computer account *<domain>*\\*<computer>*$ must have read and write permissions to the ACT database.
-
-Your user account must also have **Log on as a service** permissions. For more information, see [Troubleshooting the ACT Log Processing Service](troubleshooting-the-act-log-processing-service.md).
-
-## Configuring the Share for the ACT Log Processing Service
-
-
-For information about how to configure the share for the ACT Log Processing Service, see [ACT LPS Share Permissions](act-lps-share-permissions.md).
-
-## Changing Settings After You Finish the ACT Configuration Wizard
-
-
-In the **Settings** dialog box in ACM, you can change some of the settings that you see in the ACT Configuration Wizard. You can also change other settings that are not available in the wizard. For more information, see [Settings for ACM](settings-for-acm.md).
-
-## Restarting the ACT Configuration Wizard
-
-
-If you cancel the configuration process before you reach the final page of the ACT Configuration Wizard, your settings are deleted and the wizard restarts the next time that you start ACM.
-
-## Related topics
-
-
-[Configuring ACT](configuring-act.md)
-
-[Using ACT](using-act.md)
-
-[Troubleshooting ACT](troubleshooting-act.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/troubleshooting-the-act-log-processing-service.md b/windows/plan/troubleshooting-the-act-log-processing-service.md
index 0fff19e588..5f338b3141 100644
--- a/windows/plan/troubleshooting-the-act-log-processing-service.md
+++ b/windows/plan/troubleshooting-the-act-log-processing-service.md
@@ -1,103 +1,5 @@
---
title: Troubleshooting the ACT Log Processing Service (Windows 10)
description: The following solutions may help you resolve issues that are related to the Application Compatibility Toolkit (ACT) Log Processing Service.
-ms.assetid: cb6f90c2-9f7d-4a34-a91e-8ed55b8c256d
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Troubleshooting the ACT Log Processing Service
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The following solutions may help you resolve issues that are related to the Application Compatibility Toolkit (ACT) Log Processing Service.
-
-For information about how to set up permissions for the service, see [ACT LPS Share Permissions](act-lps-share-permissions.md).
-
-## Reviewing Files in ACT Log File Format
-
-
-When you are reviewing log files for ACT, be aware that the log files are in Unicode format.
-
-## Uploading Files to the ACT Log Processing Service Share After Setting Permissions
-
-
-If you cannot upload files to the ACT Log Processing Service share, you must first verify that the account permissions are set correctly for the share. For more information, see [ACT LPS Share Permissions](act-lps-share-permissions.md).
-
-If the computers from which you are collecting data and the ACT Log Processing Service share are on different domains, or if the computers are not domain members, you must take additional steps. For the **Anonymous** group, provide explicit write permissions to the ACT Log Processing Service share. Alternatively, you can provide similar permissions to the **Authenticated users** group if you do not want to enable anonymous access. For more information, see [Everyone Group Does Not Include Anonymous Security Identifier](http://go.microsoft.com/fwlink/p/?LinkId=79830).
-
-If you are collecting data from computers that are running Microsoft® Windows® 2000 and you are uploading your collected data to a different domain, you must also explicitly enable null session access for the ACT Log Processing Service share.
-
-## Working Around Windows Firewall on the Computer That Hosts the ACT Log Processing Service Share
-
-
-If your organization has configured Windows Firewall on the computer that hosts your ACT Log Processing Service share, log files will not be copied to your share. To work around this issue, you can use one of the following methods:
-
-- Before you set up the ACT Log Processing Service share, turn off Windows Firewall on the computer that will host the share.
-
-- Continue to use Windows Firewall, but enable the **File Sharing** option.
-
-## Viewing and Assigning "Log on as a service" Permissions
-
-
-Starting the ACT Log Processing Service requires either a Local System account or a user account. For a user account to start the ACT Log Processing Service and complete the ACT Configuration Wizard, the *<domain>*\\*<user>* account must have **Log on as a service** permissions. By default, these permissions are assigned to built-in computer accounts, such as the Local System account.
-
-**To add rights to a user account for logging on as a service**
-
-1. In Control Panel, double-click **Administrative Tools**, and then double-click **Local Security Policy**.
-
-2. Expand the **Local Policies** folder, and then click **User Rights Assignment**.
-
-3. Double-click the **Log on as a service** policy.
-
-4. Verify that your *<domain>*\\*<user>* account appears. If it does not appear, click **Add User or Group**.
-
-5. Add your user account information, click **OK**, and then click **OK** again.
-
-## Starting the ACT Log Processing Service
-
-
-If the ACT Log Processing Service does not start and log files are not being processed, the reason may be one of the following:
-
-- **A conflict exists between ACT and the Microsoft® SQL Server® database.** If both ACT and the SQL Server database are on the same computer, the ACT Log Processing Service might have started before the SQL Server service.
-
-- **The ACT Log Processing Service does not have the correct permissions to the ACT database.** To investigate, see [Troubleshooting ACT Database Issues](troubleshooting-act-database-issues.md).
-
-- **The account type is incorrect for the account that is running the ACT Log Processing Service.** The ACT Log Processing Service account must be an Administrator account.
-
-**To manually restart the ACT Log Processing Service**
-
-1. In Control Panel, double-click **Administrative Tools**, and then double-click **Services**.
-
-2. Right-click **ACT Log Processing Service**, and then click **Restart**.
-
-3. In the event log, verify that no issues occurred when the service restarted.
-
-## Related topics
-
-
-[Troubleshooting ACT Database Issues](troubleshooting-act-database-issues.md)
-
-[Configuring ACT](configuring-act.md)
-
-[Software Requirements for ACT](software-requirements-for-act.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/understanding-and-using-compatibility-fixes.md b/windows/plan/understanding-and-using-compatibility-fixes.md
index 6c73a5645b..6ab830868c 100644
--- a/windows/plan/understanding-and-using-compatibility-fixes.md
+++ b/windows/plan/understanding-and-using-compatibility-fixes.md
@@ -93,15 +93,4 @@ Compatibility fixes are shipped as part of the Windows operating system and are
You can apply the compatibility fixes to any of your applications. However, Microsoft does not provide the tools to use the Compatibility Fix infrastructure to create your own custom fixes.
## Related topics
-
-
-[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
-
-
-
-
-
-
-
-
-
+[Managing Application-Compatibility Fixes and Custom Fix Databases](managing-application-compatibility-fixes-and-custom-fix-databases.md)
\ No newline at end of file
diff --git a/windows/plan/using-act.md b/windows/plan/using-act.md
index 3793af0dd1..3e3ffff7d2 100644
--- a/windows/plan/using-act.md
+++ b/windows/plan/using-act.md
@@ -1,90 +1,5 @@
---
title: Using ACT (Windows 10)
description: This section describes how to use the Application Compatibility Toolkit (ACT) in your organization.
-ms.assetid: e6a68f44-7503-450d-a000-a04fbb93a146
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Using ACT
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section describes how to use the Application Compatibility Toolkit (ACT) in your organization.
-
-## In this section
-
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Welcome to ACT](welcome-to-act.md)
-
-[Configuring ACT](configuring-act.md)
-
-[Troubleshooting ACT](troubleshooting-act.md)
-
-[ACT User Interface Reference](act-user-interface-reference.md)
-
-[ACT Product and Documentation Resources](act-product-and-documentation-resources.md)
-
-[ACT Glossary](act-glossary.md)
-
-[Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/using-compatibility-monitor-to-send-feedback.md b/windows/plan/using-compatibility-monitor-to-send-feedback.md
index 9a86a64d25..c5e20c52ba 100644
--- a/windows/plan/using-compatibility-monitor-to-send-feedback.md
+++ b/windows/plan/using-compatibility-monitor-to-send-feedback.md
@@ -1,84 +1,5 @@
---
title: Using Compatibility Monitor to Send Feedback (Windows 10)
description: The Microsoft Compatibility Monitor tool is installed as part of the runtime-analysis package.
-ms.assetid: dc59193e-7ff4-4950-8c20-e90c246e469d
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Using Compatibility Monitor to Send Feedback
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Microsoft Compatibility Monitor tool is installed as part of the runtime-analysis package. From the computers in your test environment, you can use Compatibility Monitor to submit compatibility information to the Application Compatibility Toolkit (ACT) database for your organization.
-
-**To automatically monitor applications on your computer for compatibility issues**
-
-1. Start the Compatibility Monitor tool.
-
-2. In Compatibility Monitor, click **Start Monitoring**.
-
-3. Leave Compatibility Monitor running, and use the applications that you want to test for compatibility issues.
-
- Compatibility information is automatically detected during monitoring, and is silently submitted to the ACT database at regular intervals.
-
-4. After you finish testing applications, click **Stop Monitoring** to stop the automatic monitoring and submission of compatibility information.
-
-**To submit your compatibility rating for an application**
-
-1. Start the Compatibility Monitor tool.
-
-2. In Compatibility Monitor, click **Give Compatibility Feedback**.
-
- You can enter and submit compatibility ratings whether monitoring is on or off. The process of submitting your compatibility feedback is entirely independent of the monitoring process.
-
-3. Find your application in the list, and then select your compatibility rating for the application.
-
- You can select ratings for one or more applications.
-
-4. Click **Submit** to submit your compatibility ratings to the ACT database.
-
- A copy of your ratings is kept on your computer so that you can review and modify the ratings later.
-
-**To submit a description of a compatibility issue for an application**
-
-1. Start the Compatibility Monitor tool.
-
-2. In Compatibility Monitor, click **Give Compatibility Feedback**.
-
-3. Find your application in the list, and then click the **Add Details** link.
-
-4. In the **Title** box, enter a title for the compatibility issue. The title is typically a phrase that briefly describes the issue. Check with others in your organization to verify your organization’s preferred style for issue titles.
-
-5. In the **Description** box, enter a description of the compatibility issue.
-
-6. Optionally, attach a screen shot or a step-by-step recording of the compatibility issue.
-
-7. Click **Submit** to submit your compatibility issue to the ACT database.
-
- After submitting your compatibility issue, you cannot edit it later. To submit further compatibility issues, you will need to submit a new issue.
-
-## Related topics
-
-
-[Common Compatibility Issues](common-compatibility-issues.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/using-the-sdbinstexe-command-line-tool.md b/windows/plan/using-the-sdbinstexe-command-line-tool.md
index fdd93bf2f3..301917b901 100644
--- a/windows/plan/using-the-sdbinstexe-command-line-tool.md
+++ b/windows/plan/using-the-sdbinstexe-command-line-tool.md
@@ -79,18 +79,5 @@ The following table describes the available command-line options.
-
-
## Related topics
-
-
-[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
-
-
-
-
-
-
-
-
-
+[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
\ No newline at end of file
diff --git a/windows/plan/using-the-sua-tool.md b/windows/plan/using-the-sua-tool.md
index c758d2f32d..df93b0550b 100644
--- a/windows/plan/using-the-sua-tool.md
+++ b/windows/plan/using-the-sua-tool.md
@@ -69,8 +69,6 @@ The following flowchart shows the process of using the SUA tool.
The SUA tool generates a custom compatibility-fix database and automatically applies it to the local computer, so that you can test the fixes to see whether they worked.
## Related topics
-
-
[Tabs on the SUA Tool Interface](tabs-on-the-sua-tool-interface.md)
[Showing Messages Generated by the SUA Tool](showing-messages-generated-by-the-sua-tool.md)
diff --git a/windows/plan/using-the-sua-wizard.md b/windows/plan/using-the-sua-wizard.md
index a8f3b3ce03..17703c2eb7 100644
--- a/windows/plan/using-the-sua-wizard.md
+++ b/windows/plan/using-the-sua-wizard.md
@@ -73,8 +73,6 @@ The following flowchart shows the process of using the SUA Wizard.
If the remedies do not fix the issue with the application, click **No** again, and the wizard may offer additional remedies. If the additional remedies do not fix the issue, the wizard informs you that there are no more remedies available. For information about how to run the SUA tool for additional investigation, see [Using the SUA Tool](using-the-sua-tool.md).
## Related topics
-
-
[SUA User's Guide](sua-users-guide.md)
diff --git a/windows/plan/viewing-the-events-screen-in-compatibility-administrator.md b/windows/plan/viewing-the-events-screen-in-compatibility-administrator.md
index 8c89db2a64..34186e3746 100644
--- a/windows/plan/viewing-the-events-screen-in-compatibility-administrator.md
+++ b/windows/plan/viewing-the-events-screen-in-compatibility-administrator.md
@@ -40,8 +40,6 @@ Compatibility Administrator enables you to copy your compatibility fixes from on
If you open the **Events** screen and then perform the copy operation, you can see a description of the action, along with the time stamp, which enables you to view your fix information without confusion.
## Related topics
-
-
[Creating a Custom Compatibility Mode in Compatibility Administrator](creating-a-custom-compatibility-mode-in-compatibility-administrator.md)
[Compatibility Administrator User's Guide](compatibility-administrator-users-guide.md)
diff --git a/windows/plan/viewing-your-compatibility-reports.md b/windows/plan/viewing-your-compatibility-reports.md
index c0f5ffaae9..57ba7d07a9 100644
--- a/windows/plan/viewing-your-compatibility-reports.md
+++ b/windows/plan/viewing-your-compatibility-reports.md
@@ -1,86 +1,5 @@
---
title: Viewing Your Compatibility Reports (Windows 10)
description: This section describes the compatibility reports in Application Compatibility Manager (ACM) and how you can work with the reports.
-ms.assetid: a28bbfbe-5f05-4a1e-9397-0a3ceb585871
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Viewing Your Compatibility Reports
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-This section describes the compatibility reports in Application Compatibility Manager (ACM) and how you can work with the reports.
-
-## In this section
-
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Organizing Your Compatibility Data](organizing-your-compatibility-data.md)
-
-[Filtering Your Compatibility Data](filtering-your-compatibility-data.md)
-
-[Sending and Receiving Compatibility Data](sending-and-receiving-compatibility-data.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/websiteurl-dialog-box.md b/windows/plan/websiteurl-dialog-box.md
index f9f44433db..e07214a067 100644
--- a/windows/plan/websiteurl-dialog-box.md
+++ b/windows/plan/websiteurl-dialog-box.md
@@ -1,56 +1,5 @@
---
title: WebsiteURL Dialog Box (Windows 10)
description: In Application Compatibility Manager (ACM), the websiteURL dialog box shows information about the selected website.
-ms.assetid: 0dad26e1-4bba-4fef-b160-3fa1f4325da8
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# <WebsiteURL> Dialog Box
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-In Application Compatibility Manager (ACM), the *<websiteURL>* dialog box shows information about the selected website.
-
-**To open the <WebsiteURL> Dialog Box**
-
-1. In ACM, in the **Quick Reports** pane, click **Analyze**.
-
-2. Under the **Internet Explorer** heading, click **Web Sites**.
-
-3. Double-click the URL for a website.
-
-## Using the <WebsiteURL> Dialog Box
-
-
-In the *<websiteURL>* dialog box, you can perform the following actions:
-
-- Select your compatibility rating for the website. For more information, see [Selecting Your Compatibility Rating](selecting-your-compatibility-rating.md).
-
-- Select your deployment status for the website. For more information, see [Selecting Your Deployment Status](selecting-your-deployment-status.md).
-
-- Assign categories and subcategories to the website. For more information, see [Categorizing Your Compatibility Data](categorizing-your-compatibility-data.md).
-
-- Specify the importance of the website to your organization. For more information, see [Prioritizing Your Compatibility Data](prioritizing-your-compatibility-data.md).
-
-- Add or edit an issue for the selected website, and add or edit a solution. For more information, see [Creating and Editing Issues and Solutions](creating-and-editing-issues-and-solutions.md).
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/welcome-to-act.md b/windows/plan/welcome-to-act.md
index c6755be21e..b4ef6d3088 100644
--- a/windows/plan/welcome-to-act.md
+++ b/windows/plan/welcome-to-act.md
@@ -1,82 +1,5 @@
---
title: Welcome to ACT (Windows 10)
description: The Application Compatibility Toolkit (ACT) helps you determine whether the applications, devices, and computers in your organization are compatible with versions of the Windows® operating system.
-ms.assetid: 3963db88-83d2-4b9a-872e-31c275d1a321
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# Welcome to ACT
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-The Application Compatibility Toolkit (ACT) helps you determine whether the applications, devices, and computers in your organization are compatible with versions of the Windows® operating system. With ACT, you can obtain compatibility information from Microsoft and software vendors, identify compatibility issues within your own organization, and share compatibility ratings with other ACT users. The tools in ACT help you analyze and mitigate compatibility issues before deploying a version of Windows to your organization.
-
-## In this section
-
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-## Related topics
-
-
-[Configuring ACT](configuring-act.md)
-
-[Using ACT](using-act.md)
-
-[Troubleshooting ACT](troubleshooting-act.md)
-
-[ACT User Interface Reference](act-user-interface-reference.md)
-
-[ACT Product and Documentation Resources](act-product-and-documentation-resources.md)
-
-[ACT Glossary](act-glossary.md)
-
-[Compatibility Fixes for Windows 10, Windows 8, Windows 7, and Windows Vista](compatibility-fixes-for-windows-8-windows-7-and-windows-vista.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
diff --git a/windows/plan/whats-new-in-act-60.md b/windows/plan/whats-new-in-act-60.md
index b516ef3eae..89d6afdf1c 100644
--- a/windows/plan/whats-new-in-act-60.md
+++ b/windows/plan/whats-new-in-act-60.md
@@ -1,84 +1,5 @@
---
title: What's New in ACT 6.1 (Windows 10)
description: Two major updates have been released since ACT 6.1.
-ms.assetid: f12e137d-0b55-4f7d-88e0-149302655d9b
-ms.prod: w10
-ms.mktglfcycl: plan
-ms.pagetype: appcompat
-ms.sitesec: library
-author: TrudyHa
----
-
-# What's New in ACT 6.1
-
-
-**Applies to**
-
-- Windows 10
-- Windows 8.1
-- Windows 8
-- Windows 7
-- Windows Server 2012
-- Windows Server 2008 R2
-
-Two major updates have been released since ACT 6.1. They are ACT 6.1 Update and ACT 6.1 Update 2. The following table lists changes made in the Application Compatibility Toolkit (ACT), which is included in the Windows Assessment and Deployment Kit (ADK) download.
-
-
-
-
-
-Topic
-Description
-
-
-
-
-
-
-
-
-
-
-
-
-**Note**
-The version numbers for ACT 6.1 Update and Update 2 are identical, so you will need to look at the product ID of ACT to tell them apart. To find the product ID, open ACT, go to **Help** > **About**, and compare the product ID to the following list.
-
-- **ACT 6.1 Update**: B264FCCB-3F1F-828F-CCF8-EDB93E860970
-
-- **ACT 6.1 Update 2**: B2BC4686-29A9-9E9D-F2E4-7E20659EECE7
-
-If you run into any of the bugs fixed in Update 2, you likely have ACT 6.1 Update or older. Please download the latest version in the Windows ADK.
-
-
-
-## Related topics
-
-
-[Software Requirements for ACT](software-requirements-for-act.md)
-
-[Software Requirements for RAP](software-requirements-for-rap.md)
-
-
-
-
-
-
-
-
-
+redirect_url: https://technet.microsoft.com/itpro/windows/deploy/manage-windows-upgrades-with-upgrade-analytics
+---
\ No newline at end of file
-
-Version
-Changes
-
-
-ACT 6.1 Update
-
-
-
-
-ACT 6.1 Update 2
-
-